Tech Specs Leaked For French Spyware 212
An anonymous reader writes "With the 'three strikes' law now in effect in France, the organization tasked with implementing it, Hadopi, has been working on technology specs for making the process work — and those specs have now leaked. It appears to involve client-side monitoring and controlling software, that would try to watch what you were doing online, and even warn you before you used any P2P protocol (must make Skype phone calls fun). It's hard to believe people will accept this kind of thing being installed on their computers, so I can't wait to see how Hadopi moves forward with it. It also appears to violate EU rules on privacy."
Not to worry (Score:5, Insightful)
Re:Not to worry (Score:5, Insightful)
Just wait until the blackhats get ahold of this and change the phone home site from the standard to the blackhat's servers. Voila, instant botnet that is illegal for a French citizen to remove. I'm sure the guys on Elbonia are just drooling over that they can do once they can poison an ISP's DNS to get command/control access to the machines.
Re: (Score:3, Insightful)
Re: (Score:3, Interesting)
Perfect way to frame someone too... just fake "OMG, this guy is P2P-ing copyrighted stuff" a few times, and now the roomie or whomever owns that computer is banned from any access to the Internet.
I'm sure someone will make an easy to use app or website to visit on a mark's computer just to trip this software.
Re: (Score:3, Insightful)
The internet seems to be going down the shitter now that all the politicians kids are using it and those in power have started thinking internet==facebook.
So what's the next communication medium that the government has so little understanding of that they don't even think about regulating it?
Darknets are halfway there but they'll probably be outlawed in a few years.
Re:Not to worry (Score:5, Funny)
Liberté, égalité, fraternité, and pervasivé monitoré.
Re: (Score:2)
Liberté, égalité, fraternité, sodomisé!
FTFY
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Interesting)
Does the public get to monitor their government? (Score:2)
Woot (Score:5, Funny)
Re:Woot (Score:5, Insightful)
Re: (Score:2)
I'm (sadly) sure that they're working on it...
Not so sure they need to have client-side stuff, tho', deep packet inspection techniques seem to have evolved enough for people to see what you're downloading; torrenting a distro, OK, a film not.
Wonder if they can automate this (identifying 'illegal' content)? Otherwise would seem to be difficult to massively deploy...
Re: (Score:2)
> Wonder if they can automate this (identifying 'illegal' content)?
Of course. Anything not identified by an authorized publisher as legal is illegal.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Insightful)
Oh, nice! Can I have the Linux version?
No, Linux is now illegal because it can't be monitored by this software.
Re: (Score:3, Funny)
This is for France... but of course they will insist on using Wine.
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
Preferably open sourced.
Re: (Score:2)
Oh, nice! Can I have the Linux version?
Who knows, it might run on Wine.
Re: (Score:2)
I'm sure you meant there won't be a Linux version meaning Linux will be made illegal or Linux will become the most popular OS because you are free. I give it less than 6 months before they are talking DPI instead.
Hey, the specs actually bring up free software. :P (Score:5, Interesting)
Page 15, under "key objectives": "integration in any environment, including free software".
I'm curious to see how they intend to make that work out. :P
Re: (Score:3, Informative)
> I'm curious to see how they intend to make that work out.
By making it not incompatible with Firefox.
Good luck with that (Score:5, Insightful)
What are they going to do? Fucking outlaw Mac OS X, Linux and all the other non-Microsoft operating systems?
Funny fact: in french it's called système d'exploitation. Maybe that's why they want such software. To exploit you and your computer.
Of course they will, they're *French* (Score:3, Interesting)
France is the only country on the planet that has actual SCUBA Police to wander around underwater and make sure you have your "Diving License".
http://www.scubaboard.com/forums/basic-scuba-discussions/300289-scuba-police.html [scubaboard.com]
Re: (Score:3, Informative)
France was also the country where scuba diving took off first in the general public (it used to be strictly military). The patent for the demand regulator was from Cousteau (ze one ;) & Gagnan, the World Underwater Federation (http://www.cmas.org/) has a French acronym because it was founded by the same gang that made scuba diving popular in France.
And at the time, the equipment was nowhere near as good as today. And the experience was lacking, or limited to very fit young military guys... so not immedi
Re: (Score:2, Funny)
Maybe this is just a clever, french way to kill off Windows usage in France.
how many people will pirate windows just to run th (Score:2)
how many people will pirate windows just to run this?
Re: (Score:2)
What are they going to do? Fucking outlaw Mac OS X, Linux and all the other non-Microsoft operating systems?
Yes, probably. Why wouldn't they?
Re: (Score:3, Interesting)
What are they going to do? Fucking outlaw Mac OS X, Linux and all the other non-Microsoft operating systems?
They wouldn't outlaw them, just buraucratize it and wash their hands. "You can run Linux, MacOS, any OS you want, you just have to run this software on it. It is win32 software. You are free to choose your own OS but must resolve technical problems arising from these choices. " Polite, diplomatic, bureaucratic way of saying "fuck you".
Microsoft doesn't do that? (Score:2)
Re: (Score:2)
From what I've read Windows *may* have backdoors for NSA, etc.That's different from monitoring in the sense here, in that Windows doesn't appear to phone home, it just allows NSA &c to break in when they need to. Assuming that functionality is really present. Given that FBI doesn't seem to have access (you'd think it would turn up in court records and discovery) presumably the backdoor is for very rarefied purposes.
Re: (Score:2)
So how does that set NSA apart from anybody else?
Re: (Score:2)
NSA has the key to the backdoor and we don't. Or maybe I'm not getting your question.
Re: (Score:2)
Another less subtle try: So NSA can break into Windows at will. How does this set them apart from everybody else?
Re: (Score:2)
Ha ha ha. I needed the extra nudge. I guess what I'm saying in that light is that MS isn't going to someday patch that hole.
Odd. If it's law, should be done at the ISP (Score:2)
Re: (Score:2)
> I don't see why they don't just put in some sort of sniffer at ISP switches.
I'm sure they already have that, but it's reserved for more important uses.
Re: (Score:2)
> I don't see why they don't just put in some sort of sniffer at ISP switches.
I'm sure they already have that, but it's reserved for more important uses.
Could be. The ISP filters remain as a lesser-used, real-crime and spy snooping, while the clientside "snooping" serves mostly as a false-door for criminals to believe they can foil and be anon, also satisfies the anti-p2p industry people.
nods (Score:2)
I have no problem with French Spyware (Score:3, Funny)
Skype calls (Score:2)
Yes, I'm sure the software magically divines whether or not an arbitrary communication channel is being used for a peer-to-peer or client-server protocol. Maybe it uses an oracle to determine what protocol is being used on the channel and consults Wikipedia automatically to determine whether or not it's peer-to-peer.
Or just maybe the software detects a collection of known protocols, and Skype calls would only generate a warning if Skype was intentionally targeted by the software. In this case, you're just e
They'll be prying my pristine Linux install... (Score:2, Funny)
Re: (Score:3, Informative)
Not to worry, once you install anything else, it won't be a pristine Linux install anyway.
pristine/pristn/Adjective
1. In its original condition; unspoiled.
2. Clean and fresh as if new; spotless.
So how Naive are the French? (Score:3, Insightful)
Re: (Score:3, Informative)
Re: (Score:2)
client-side enforcement is stupid (Score:5, Insightful)
Like having your mom in the room (Score:3, Funny)
what were they thinking? (Score:2)
Why did they develop a solution that has to be installed on the part of the infrastructure they have the least control of and that has the biggest diversity?
How will they roll this out? Forced install? For every OS? Including the OS on my media box with its crappy bittorrent client? And since the software physically runs inside the homes of people, that could open up a ton of legal troubles. What's so hard about making a law that forces ISP's to install monitoring software?
Somehow I'm happy that this seems
Re: (Score:2)
> What's so hard about making a law that forces ISP's to install monitoring software?
I expect that is what they are going to do: make a law that forces ISPs to install monitoring software on their customer's machines.
Actually no (Score:4, Informative)
This as yet non-existent, and obviously impossible piece of software will merely be the only way to disculpate oneself from accusations illegal warezing. Since it obviously reverses the burden of proof, it's unlikely to stand up to legal scrutiny whem it reaches a high court.
Note that, not only are the technical specs moronic, but they also are self defeating. For instance they want a FLOSS compatible version. Well, guess what, my Linux kernel license allows me to change it so that it will hide whatever I want from a given process. This is typically done by rootkits that hide their processes/files/modules from the rest of the system, but it should be quite easy to implement for the good guys.
In any case, as had been pointed out during the debates in parliament, you just need to do your downloading on a separate box, and not tell anyone about it. Sarkonazy's lapdog's response? "people onlh have one computer" - I shit. You. Not.
I keep a very expensive bottle of Champagne at all times in my fridge, just in case something humiliating and/or painful happens to the diminutive fascist son of a bitch. And if the fucker dies before the next election, I swear I'm ordering 12 case of Dom Pe to give away in the street.
The power and influence of the copyright industry (Score:2)
Wow. This is just sensational. It seems unworkable and may even result in some interesting legal responses from users and businesses when that software is blamed for system instability and data loss. My guess is that this software won't be required until after the first or second strike... yeah, I can't read the full referenced links... one is slashdotted already and the other is scant on details. Otherwise, I would guess that if they hope for any of this to work, they would make a tiny router/bridge bo
Re: (Score:3, Interesting)
You assume it's the copyright industry. For years, any form of encryption was illegal in France and that had much more to do with government paranoia than anything else.
Heck, at one point my employer had a VPN tunnel to a subsidiary in France and I established beyond any doubt that the encrypted (no I am not losing my mind, I asked a respected colleague) traffic was being eavesdropped as a very select subset of this traffic was not making it across the tunnel - yet made it quite happily across another tun
Well, I live here (Score:2)
And I sure as hell won't allow them to install any of that stuff here.
What are they going to do if I refuse? Throw me in jail? Fine me? We'll see how far this "land of the human rights" will take this farce.
To quote Mass Hysteria "Liberté, égalité, fraternité. Trois mensonges dans une phrase, ça fait quand même un peu pitié."
Re:Well, I live here (Score:4, Informative)
And I sure as hell won't allow them to install any of that stuff here.
What are they going to do if I refuse? Throw me in jail? Fine me? "
No, just disable your internet connection until you do. What's the problem?
hypothetical situation (Score:2)
I get a phone from the Netherlands, where there are no problems with downloads. I connect to the internet through this phone, while in France (I assume it costs a lot, but whatever). What laws am I supposed to obey?
Re: (Score:2)
I get a phone from the Netherlands, where there are no problems with downloads. I connect to the internet through this phone, while in France (I assume it costs a lot, but whatever). What laws am I supposed to obey?
Well, the government could compel the cell provider to block internet connections for roaming clients.
thermodynamics (Score:2)
the law is a ass (Score:2)
or does it count as strike two because they thought they could get away with it and got caught,
or does it constitute strike three because they thought they could get away with it, got caught, and were dumb enough to think such a lame idea would work?
Client side? Good luck. (Score:2)
So, the whole thing depends on forcing everybody to install spyware on their machine which will monitor their activity and report on it?
From a security stand point,it's obviously going to be doing much of the same stuff as malware; and from getting people to actually install this, I just can't see this working at all, who is going to voluntarily install this crap?
What happen when someone refuses to install this, or, the operating system they run does support it? Will they outlaw Linux? This is why you can
Better oil them guillotines up! (Score:2)
Like in the days of yore, you French had better consider using this against the politicians again before they trap you worse than last time. You did good last time. Time to put the fear of the people back in your leaders, they have apparently forgotten their lesson.
Re: (Score:2)
The citizens didn't use it against the politicians. The politicians used it against each other.
Sarkozy is the pawn of the media elite in France (Score:2)
So much for liberté... we still have egalité and fraternité (until further notice)
Re: (Score:3, Insightful)
> So much for liberté... we still have egalité and fraternité (until further notice)
Unless you are Roma.
Modem/routeurs deathtrap in France (Score:4, Informative)
Deplyoment? (Score:2)
Re: (Score:2)
As far as I remember, having the software installed was supposed to exonerate you from charges in case you were accused of piracy. Apparently someone since told them about 'kill -9' because last I heard they'd given up on the client-side software as proof of innocence idea. I have no idea were those specs come from, if they discreetly revived the project or if that's an old set of specs that has since been abandoned.
the law is a ass (Score:2)
or does this count as strike two because they thought they could get away with it and got caught,
or does it count as strike three because they thought they could nget away with it, got caught, and were lame enough to think that it would work?
any issues RTFA? (Score:2)
Chinese (Score:2)
Looks like Green Dam found another source of funding!
Removing the software is easy (Score:4, Funny)
Windows only in France? (Score:2)
Will this run on an iPhone or will they have to jailbreak it for me to run it?
Just do away with the Internet already! (Score:2)
You know, with all of this filtering and monitoring and restricting going on that those in charge seem to want, I've got a better idea: Just outlaw and unplug the entire freaking Internet. That's the way things seem to be going anyway.
[Ploinks cable from the wall]
NO CARRIER
Re: (Score:2)
And how long (Score:2)
Joking aside, why not just make a federal sysadmin to block users from doing anything useful with their computers?
Google Cache Link (Score:2)
http://webcache.googleusercontent.com/search?q=cache:http://www.iptegrity.com/index.php%3Foption%3Dcom_content%26task%3Dview%26id%3D552%26Itemid%3D9&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a [googleusercontent.com]
awesome (Score:2)
Spoof this thing so that it only reports what you want it to report, and you'll have deniability in case they ever come after you for something. If it goes to court the prosecution will look like clueless idiots as they try to reconcile mismatched data.
We Joke, but... (Score:4, Insightful)
You know we around /. like to joke about things like encryption and the year of the linux desktop, but the more intrusive governments get, the more I see the internet as a whole routing around this damage and increasing both the use of *nix based systems and encryption. Imagine facebook levels of popularity but with encryption, privacy, and control as primary factors of computing for the masses. Because, in the end, its either that or we might as well just start walking around naked because we have "nothing to hide".
Re: (Score:3, Interesting)
Imagine facebook levels of popularity but with encryption, privacy, and control as primary factors of computing for the masses.
As I understand it, this is essentially what the Diaspora project [joindiaspora.com] is trying to do. Hopefully they'll succeed. (And maybe smooth out some of those concerns that the name is inappropriate.)
Encryption is not the answer (Score:2)
Re: (Score:2, Insightful)
If encryption approached "Facebook levels of popularity" it would be far too late for most governments to outlaw it.
Re: (Score:3, Informative)
If encryption approached "Facebook levels of popularity", governments who want to monitor your traffic will simply make encryption illegal.
At one point, encryption used to be illegal in France: http://www.theregister.co.uk/1999/01/15/france_to_end_severe_encryption/ [theregister.co.uk]
Re: (Score:2)
If the government forces you to install a rootkit as a requirement for internet access all the encryption in the world won't help you.
Re: (Score:2)
Because, in the end, its either that or we might as well just start walking around naked because we have "nothing to hide".
Oh gosh, why do you always have to give me the hard choices?
ISPs? (Score:2)
What happens if you don't install it? (Score:2)
To point out the obvious flaw here:
If it's client side how are they going to get it installed? Keep it installed?
Even if they mandate that all computers sold must have it preinstalled it won't matter. It's trivial to remove.; just reinstall the OS. What about people who build their own? People who buy in other countries? People who run other operating systems?
This is just nonsensical. It can't possibly work. I can't believe no one pointed out that the emperor has no clothes.
We make fun, but (Score:2)
There are two outcomes (long term) that I see for the internet and computing for the masses. Those are, wither we basically give up all control, and walk around figuratively naked, or we, the geeks, must actively start promoting things such as encryption and OSS (*nix) as a standard for even non geeks. Imagine facebook level popularity of encryption, privacy, and control of computing systems. The catch is that as the geeks started the internet, politicians like to think they own it (or their portions of it)
What? (Score:2)
Uh, I thought they'd given up on that idea when it turned out to be absurdly impractical? (Their idea was that you could opt to install some magic software, whose purpose would be to 'prove' your innocence if wrongly accused of piracy. How that was supposed to work out was never clarified.)
Did they change their minds again? Just how old are the specs in question? Anyone?
LiveCD? (Score:2)
Should work REAL well with LiveCD OSes.
French politics knowledge (Score:2)
The major issue is that the politics have no idea what this is about, what they're talking about and have no will to figure it out.
The people behind the 3 strikes law stated publicly that they don't know what P2P is and that they don't care, they can "still do their work properly without knowing".
They also said that "when you have openoffice, you have a firewall" and a few other things of the same level.
The problem is that they push such stuff blindly trusting the lobbies and a few powerful people (who know
Actually reichwingers are pissed off (Score:4, Interesting)
In the first elections after the damn law was passed (regionales), they got disastrous results for the below 30 demo. Sarkonazy met with UMP MPs to discuss the bad results, and according to insiders they were freaked out and complained that his pet project had cost them the young vote for good. In an unpublished poll they found out that they had lost something close to half the young voters. Now those are not the most reliable voters, but Naboléon's core demographics of Alzheimer patients, racist deranged grannies and Vichy nostalgists has one redeeming quality: they're more likely to be rotting in hell than to be getting a hard on at the fucker's newest racist gimmick while dropping their bulletin in the ballot box.
For reference, in the 2007 election, the son of a bitch got 53% of the votes; but his opponent got 53% of the below 65 demo, he just got 65% of the geriatrics! Thankfully, many of those scumbags will have expired next time.
Sounds like Green Dam (Score:2)
Simulate the spyware (Score:2)
Re: (Score:2)
Re: (Score:2)
Jeez. Sounds like a certain operating system I know.
No-one ever got fired for choosing Hadopi. Well, not yet anyway.
Re: (Score:2)