How Online Porn is the Ultimate Privacy Nightmare

[Batu69]

Is there anything porn can’t do? Other than ruining the sexual wellbeing of multiple generations, contributing to extreme warping of body images, and now somewhat commonly used as a disturbing revenge tactic against ex-partners, you mean?

 

Well, it can even be used as a handy tool in the hackers’ array, and not just for the reasons you might think. Let’s take a look at where and why porn might a bigger vulnerability in your life than you think.

Pornographic Database Ransom

Most people closely guard their porn use. It isn’t something people regularly broadcast, and your viewing habits are certainly not something you’d want online in an easily itemized database. Perhaps that database would have columns listing the type of porn — teen, gay, MILF, etc. — and the number of times you’d watched a video of that nature.

 

Regardless of how a tool of that ilk might provide an engaging user experience, there are genuine issues with a colossal database of this type. In the UK, authorities recently banned the creation and distribution of pornography containing a number of things, all seemingly focused on a male-centric view of pornography. However, if the authorities discover we have been enjoying one of these banned forms, we’ll get a reprimand. Do it again, and we might get a fine.

 

There are many billions of individuals living under vastly more oppressive rule than we have in the UK. A person living in a country that wrongly penalizes homosexuality may watch some gay pornographic material. If their viewing habits were exposed, there is a potential that the individual could be sought out and punished, or worse. Not only do they live in fear of exposing their sexuality, they must closely guard any other indicators that might disclose their secret.

Possibility?

While there is a definite possibility that a hacker could in theory attack and liberate information linking pornographic search data to specific IP addresses, Cooper Quintin, staff technologist at the Electronic Frontier Foundation, believes something different would happen:

“The far more likely scenario is just that a porn company gets hacked and credit-card data is stolen. If this were the case I think that an attacker would be more likely to sell the credit-card information than release it online ‘for the lulz'”

“I think a bigger concern is data brokers using your IP address to correlate data about what porn sites you visit with tracking profiles that they already have, even when browsing in ‘incognito mode.'”

Quintin’s final point brings us nicely onto ours.

Not-So-Incognito

These days, the majority of popular adult-content sites are largely malware free. There may be occasions where things slip through the net and we know that malvertising is an extremely popular threat delivery system in 2016. Even so, your chances of picking up something really bad on YouPorn or XVideos is slim.

However, something else is afoot.

 

Software engineer Bret Thomas believes Online Porn Could Be The Next Big Privacy Scandal. He leads his theory with a shocking premise:

“If you are watching/viewing porn online in 2015, even in Incognito mode, you should expect that at some point your porn viewing history will be publicly released and attached to your name“

According to the Wall Street Journal, some 30 million Americans regularly watch porn. That’s quite a few. I’m sure those 30 million regular viewers do so using incognito mode to keep their search histories and consciences clear. We all love incognito mode, but even if your search and session history aren’t being stored locally for your family to find, they’re being stored elsewhere.

 

The internet is a tangled-web of pervasive trackers and browser fingerprinting used to build individual user profiles. These profiles follow us around the web, and provide advertisers with personalized information designed to serve better suited ads that we might actually click. At the very least, advertisers hope we head to a site of our own accord.

 

Thomas elaborates further on the technical considerations:

• Browser footprints: Web browsers leave an essentially unique footprint every time you visit a web page, even in incognito mode (and even without supercookies). This is well established; many web tools such as Panopticlick will confirm that you give a website lots of information about your computer every time you visit.
• Global identifiers: Linking your browser footprint on one website to your footprint on another website — or to a previous footprint on the same website — is straightforward. You should think of your browser footprint as a persistent global identifier, and this is particularly true if you don’t take any measures to hide your IP address (eg. a VPN). The EFF has an excellent technical overview of how this works.
• User tracking: Tracking web users is super valuable, so almost every traditional website that you visit saves enough data to link your user account to your browser fingerprint, either directly or via third parties. The Economist ran an overview of user tracking in September. (Though, interestingly, there is no mention of adult websites.)
• Hacking is ubiquitous: We hear about data breaches that involve tangible harm — Target, Anthem, TurboTax — but not the (likely great majority) of cases when hackers don’t want additional exposure. Or, paraphrasing the FBI director: There are two types of companies… those that know they’ve been hacked… and those that don’t know they’ve been hacked.

It's a federal crime to open someone else's physical mail but it's totally OK for a webmail application to load fifteen third party trackers

— Matthew Hall (@bittermang) August 17, 2016

Third Party Requests

When you click on a link on a “regular” website, a number of things happen. The website you’re browsing receives the “first-party request” and hopefully delivers a webpage that you want to see. At the same time, you’re also sending third-party requests to the numerous advertising trackers linked to the site — think Google, Nielsen, Skimlinks etc. — so they can power their advertising with increasingly accurate links.

 

Porn sites are no different. 88% of the top 500 porn sites have third-party trackers installed on them. Aside from the standard Google Analytics plugin that most sites use to understand their metrics and demographics, you still send requests to web-tracking company AddThis, and another industry specific company, Pornvertising.

 

This is on top of the already accessible information you provide each site, such as your IP address, your location, your system hardware, which browser you’re using — even down to if your device is in hand, or sitting on a table.

 

The porn advertisers might not advertise their latest line of novelty dildos too you, but they can build accurate and detailed advertising profiles that can be easily shared with other companies.

Titillating Tantalizing Truth

Pornhub released a statement to Motherboard’s Brian Merchant, refuting Thomas’s assertions, calling them “not only completely false, but also dangerously misleading.” They also pointed out the absurd notion that they would actually physically store each and every user search requests. Receiving well over 300 million individual search requests a day, Pornhub estimate “storing all of that would require 3,600 terabytes,” not to mention the incredible amount of time it would take to actually sort through a database of that size.

“Pornhub’s raw server logs contain only the IP and the user agent for a very limited time, never a browser footprint”

As well as this, porn sites don’t actually care to keep what you’re viewing. They want to keep you on their site for as long as possible. They also want you to keep coming back, again, and again. Agitating their users through overly invasive tracking and permanent search history maintenance isn’t going to appeal to their potential and current users.

 

No, it is the advertising trackers that maintain the potentially devastatingly accurate picture of your browsing habits, through the good, bad, and repeated tub-girl viewings.

Has It Always Been This Way?

Pornographic sites have long been a primary source of potential computing issues. The September 1997 edition of The Atlantic reported on “an examination of the case brings to light some of the perils of our nascent electronic world — a world in which everything from “sites” to telephone calls to countries themselves is sometimes only virtual.”

 

The then relatively common Moldovan internet porn scam was reaching out from the depths of the Balkans and installing Trojan horse viruses via an infected viewer application. Remember, this is 1997. Users attempting to look at pictures of scantily clad ladies were required to “update” the viewer application, which in turn, downloaded and executed an unseen Trojan. 

“In the case involving Moldova, while the downloaded program was providing access to the pornographic photos, a hidden regiment of subcommands was ransacking the user’s computer. First the program ordered the volume on the computer’s speakers turned off, to prevent the usual telephonic sounds a modem makes. Then it hung up the line to which the modem was connected and dialed a number in Moldova. That call was answered by a computer that reconnected the user to the adult site. The promised photos — or at least one of them — finally appeared on the screen. The viewer had no idea that while he was looking at pictures he was paying for a transatlantic phone call.”

Does anyone else remember the Moldavian porn scam from the dialup days? #ashleymadsion reminds me of that. http://t.co/ipFw7p4I2p

— (((haroldfeld))) (@haroldfeld) August 27, 2015

The internet you’re using is likely broadband. Depending on your age, you may have never actually used a dial-up modem; a truly glorious time to be alive. Internet users in countries without such advanced infrastructure can still be easily affected by scams like this. As those users are operating in countries without such an established Internet culture, knowledge of common scams and virus delivery methods can be understandably lacking.

Lock Everything Down

I end many articles questioning privacy, online tracking, and internet security with the words and suggestions you’re about to read.

The internet isn’t free, in more than one sense. We are the commodity. And the internet has evolved to facilitate a model that allows us to access the majority of information without much of a charge. Unless you take the requisite steps to protect your data, to protect your privacy, to protect your internet security, your actions will be tracked.

 

You should also consider where you head to access your adult content. The major sites are literally some of the biggest in the entire world. At the time of writing, XVideos was ranked #52 in the entire world; Pornhub is #61, meaning these sites command millions of users. Equally, there are many millions of porn sites that will be absolutely riddled with all kinds of malware and malicious trackers. It is easy to steer clear of the latter by using those popular sites.

 

No one can dictate your favorite forms of pornography. But we can advise on the safer places to view it. You might just save yourself some extremely unwanted attention in years to come.

 

Article source

[Ballistic Gelatin]

You know, I was doing just fine with my blow-up doll until the Internet (and my current girlfriend) came along. 

[haxzion]

Why people think that porn is a "girlfriend" replacement? You do know you can have both right?

 

Oh btw when you watch porn make sure to use the most advanced OS ever made "W10" this way you can be sure that all your personal data is safe and secured and nothing goes out there. 

[pc71520]

Porn sites can literally screw your P.C.

[Holmes]

You can visit porn sites and be ok as long as your do what I have done my friend michael has gotten a few scares popups that say hes infected when hes not if you really want to view porn sites and not worry about getting affected use adblock plus a hosts file and noscript ghostery.  As for windows ten collecting personal data that is not proven (it collects alot of shit I have not read one article on this forum that has said someone got the encrypted information being sent to microsoft and decrypted it and ended up finding personal information in it.  That doesnt mean they can continue collecting all this data I want control over what is sent and how much is sent damnit I have a feeling I may get my wish maybe maybe not Im not going to make assumptions based on nothing I want information that is true not false (if they are indeed collecting personal shit then I am going to abhor microsoft my personal information is none of there fucking business).  I have tested my adblock plus hosts file noscript and ghostery on many porn sites and have been ok.

[SnakeMasteR]

Porn is more some sort of inspiration, it's never about the story because it's very thin on it's own and has barely a bad ending. ?

[straycat19]

I got my porn free when I was in high school, long before porn sites were ever a gleam in anyone's eye and years before the first personal computer.  There was a guy that lived in the penthouse of a local hotel who would meet women and have them come up to his room where he would take photos of them.  He would bring the film to the photo department of the store I worked in at the time and the guy that ran the department would always have two copies made, one for him and one for the guy.  It wasn't difficult to have him have a third copy made, at store expense, of course.  I use to share them with my friends, it was better than reading playboy.

[Holmes]

Thats disparaging degrading demeaning towards that woman you debased her Im sure if she knew what the plans were with the photos she wouldnt have offered to let you take the photos.