French ISP Offers to Block File-Sharing, Exposes Users to Attack

June 15, 2010 -

In response to the implementation of France’s “Hadopi” or three-strikes law, which targets illegal file sharers, a French ISP began offering its customers a service that would block file-sharing on their connections, but the software came with its own problems.

Orange was the ISP offering the service, for the small price of two Euros per month, and it was intended to allow users to “control the activity of computers connected to your internet line” by blocking access to an unknown series of blacklisted sites and addresses.

Unfortunately though, according to Torrent Freak, the Windows-only software, as detailed by a techie named Bluetouff, communicated with a public server that still had the default username and password of admin/admin. Oops.

Torrent Freak that it was:

... informed that people have accessed the server and have discovered that it’s possible to send malware to anyone using the software which makes a bit of a joke out of Orange when it claims: “The software runs in the background to ensure your safety without disrupting the important tasks that you perform”

Also, in an additional twist, the former French Minister of Culture, Christine Albanel, is now employed at orange as Executive of Communication.


Comments

Re: French ISP Offers to Block File-Sharing, Exposes Users ...

How do people pull off stupid stuff like this? When I load Windows server applications I dont even use the local service account as the service account, I make a unique user for the services just so this kind of stupidity can not leveraged by a malicious user.

Sorry but this is security 101 stuff. The person who loaded this software needs to be terminated.

Re: French ISP Offers to Block File-Sharing, Exposes Users ...

 I am not following how this would make a differnce in this case.  It sounds like the sever application itself had the default username and password, so creating a unique user on the server would have no impact on the hole.

On the client side, I doubt most users are going to build a jail for a service that their ISP probably tells them to install via 'double click setup and never worry again'.

Re: French ISP Offers to Block File-Sharing, Exposes Users ...

he said that he creates a customized account and uses that as the administrator in place of the default account, essentially replacing it.

 
Forgot your password?
Username :
Password :

Poll

Will limiting Steam services to accounts that have spent at least $5 eliminate spammers?:

Shout box

You're not permitted to post shouts.
MattsworknameOff topic, but, who heres playing Bloodborne, and if so, is it mercillesly murdering you every chance it gets?04/25/2015 - 7:35am
Matthew WilsonI think its a good article, and devs can take some lessons from life is strange.04/24/2015 - 10:24pm
Andrew EisenI tinyURL'd it. The world is safe!04/24/2015 - 10:23pm
Matthew Wilson@AE my bad there is nothing I can do about that.04/24/2015 - 10:21pm
Andrew EisenLooks like the spoiler is right there in the URL.04/24/2015 - 10:20pm
Matthew Wilsonhttp://tinyurl.com/ok9pf6b a interesting opinion piece on the life is strange episode 2, and a dark event that happens in it. full warning major spoilers.04/24/2015 - 10:11pm
Matthew Wilson@mech no just she, nor her co workers have not. she never said it is not real.04/24/2015 - 8:58pm
MechaCrashWas she saying "I haven't experienced it," or "I haven't experienced it therefore it does not exist"?04/24/2015 - 8:31pm
ZippyDSMleeoy the skyrim paid mod thing is going over well. My 2 lints, I would not mind if Skyrim had a full SDK and not a crappy lil editor....04/24/2015 - 6:46pm
Andrew EisenWell, that is indeed crappy and nonsensical.04/24/2015 - 3:45pm
Matthew Wilsonshe got attacked for saying that she personaly has not experienced the harassment some other female devs have, and she got acused of defending GG and ignoring harassment. she ended up getting dog piled because of it.04/24/2015 - 3:43pm
Andrew EisenFine but do you recall ANY details at all?04/24/2015 - 3:38pm
Matthew Wilsonit was several weeks ago now, and I will admit to not saving it.04/24/2015 - 3:36pm
Andrew EisenAttacked HOW and by WHOM for not writing off WHO as evil? Do you have a link or anything?04/24/2015 - 3:31pm
Matthew Wilsonthat is the whole point she was not attacked for saying anything. she was attacked for being willing to debate in the first place, and not just write them off as evil.04/24/2015 - 3:28pm
Andrew EisenI know there's not a lot of room in the Shout box but goodness you're being vague.04/24/2015 - 3:26pm
Andrew EisenGreat, but that STILL doesn't tell me what she said, why she was attacked (or what the attack was) or what "standard line" she's following. Details, man. Details!04/24/2015 - 3:25pm
Andrew EisenOr what the heck Nina White (someone else I've never heard of) is actually referring to.04/24/2015 - 3:24pm
Matthew Wilson@AE she is a game dev. she used to do stuff with hormanix and now works with https://outact.net/#!/?page_id=2 she will often engage and debate both side.04/24/2015 - 3:23pm
Andrew Eisen...following.04/24/2015 - 3:23pm
 

Be Heard - Contact Your Politician