French ISP Offers to Block File-Sharing, Exposes Users to Attack

June 15, 2010 -

In response to the implementation of France’s “Hadopi” or three-strikes law, which targets illegal file sharers, a French ISP began offering its customers a service that would block file-sharing on their connections, but the software came with its own problems.

Orange was the ISP offering the service, for the small price of two Euros per month, and it was intended to allow users to “control the activity of computers connected to your internet line” by blocking access to an unknown series of blacklisted sites and addresses.

Unfortunately though, according to Torrent Freak, the Windows-only software, as detailed by a techie named Bluetouff, communicated with a public server that still had the default username and password of admin/admin. Oops.

Torrent Freak that it was:

... informed that people have accessed the server and have discovered that it’s possible to send malware to anyone using the software which makes a bit of a joke out of Orange when it claims: “The software runs in the background to ensure your safety without disrupting the important tasks that you perform”

Also, in an additional twist, the former French Minister of Culture, Christine Albanel, is now employed at orange as Executive of Communication.


Comments

Re: French ISP Offers to Block File-Sharing, Exposes Users ...

How do people pull off stupid stuff like this? When I load Windows server applications I dont even use the local service account as the service account, I make a unique user for the services just so this kind of stupidity can not leveraged by a malicious user.

Sorry but this is security 101 stuff. The person who loaded this software needs to be terminated.

Re: French ISP Offers to Block File-Sharing, Exposes Users ...

 I am not following how this would make a differnce in this case.  It sounds like the sever application itself had the default username and password, so creating a unique user on the server would have no impact on the hole.

On the client side, I doubt most users are going to build a jail for a service that their ISP probably tells them to install via 'double click setup and never worry again'.

Re: French ISP Offers to Block File-Sharing, Exposes Users ...

he said that he creates a customized account and uses that as the administrator in place of the default account, essentially replacing it.

 
Forgot your password?
Username :
Password :

Shout box

You're not permitted to post shouts.
Matthew Wilsonhttps://twitter.com/NintendoAmerica/status/581579256704081920 for those who did not see it zelda wont be at e3 ether.03/28/2015 - 2:22pm
ZippyDSMleeGot my keyboard working now now trying to sort and customize my stuff back to where I had it.03/28/2015 - 2:03pm
InfophileSony's customer service has always been crap, but up till now it's been manageable crap. A few cases of people having to pay for being hacked at worst, the Other OS removal... This one is going to be much worse for them.03/28/2015 - 1:34pm
WymorenceWhen did Sony start doing the ransomware stuff...? other than the old BMG rootkit stuff that is.03/28/2015 - 12:45pm
ZippyDSMleeother keyboards work but my keyboard will not work on it works on all the laptops tho...03/27/2015 - 11:22pm
ZippyDSMleeComp crashed acouple days ago and ate my keybaord drivers worse yet it's mislabel the drivers or hardware ID or soemthing and can not install the right drivers even manually it gives errors... going to try another restore point....03/27/2015 - 11:18pm
PHX Corphttp://ps4daily.com/2015/03/ps4-update-bricks-gamers-console-sony-wants-150-to-fix-it/ New PS4 update bricks gamers’ console, Sony wants $150 to fix it03/27/2015 - 11:11pm
MaskedPixelantehttp://www.newsarama.com/23947-axel-alonso-says-x-men-will-have-new-world-post-secret-wars.html Marvel gives 20th Century Fox the finger, takes their ball and segregates the mutant population in their own universe. According to rumors at least.03/27/2015 - 10:21pm
Papa MidnightSure thing!03/27/2015 - 9:00pm
Andrew EisenPM - Thanks, I've updated the story.03/27/2015 - 8:59pm
Papa Midnighthttp://arstechnica.com/tech-policy/2015/03/13-year-old-minecraft-player-confesses-to-swatting-police-say/03/27/2015 - 8:38pm
Andrew EisenThat would mean either Nintendo's next home console will be out by next year or the next Zelda game is suffering a two year delay. Both extraordinarily unlikely.03/27/2015 - 8:34pm
Matthew Wilsonsome people are thinking we might have a Twilight Princess situation on our hands, what do you guys think?03/27/2015 - 8:01pm
MechaCrashMiyamoto once said "a delayed game is eventually good, a bad game is bad forever." While this can be taken to excess, it is good that Nintendo remembers it.03/27/2015 - 7:44pm
MaskedPixelanteYay for it not being a buggy mess like AC Unity. Boo that it got delayed til November 2016.03/27/2015 - 7:07pm
Andrew EisenAgreed. Considering we've seen nothing of the game (and those who did see it last E3, said it was super duper early) I would be quite surprised to see it this year.03/27/2015 - 5:28pm
Matthew WilsonI am sure star fox is 2016 too.03/27/2015 - 5:14pm
ZippyDSMleeThe primary reasons I would get a Nintendo system is Zelda and Metroid, Metroid prime collection was beyond words awesome even if 3 was the weakest one. I played TWP on the emulator I have Skyward Sword but like TWP I been putting it off…. LOL03/27/2015 - 5:14pm
Daniel LewisI actually thought star fox would be the game to be delayed,hopefully that isn't as well!03/27/2015 - 5:13pm
Daniel Lewiswoah post shared at the same time matthew,you just beat me!03/27/2015 - 5:11pm
 

Be Heard - Contact Your Politician