At last week’s Workshop on the Economics of Information Security — an annual conference held at Harvard — new research (PDF) was presented showing the link between pornography and malicious online practices. When the study’s researchers surveyed adult websites, they found that many were aimed at “manipulating and misleading a visitor to perform actions that result in an economic profit” for the Web site. Free sites used these tactics 34 percent of the time, while paid sites used them 11 percent of the time. What types of tactics are we talking about? According to the study, methods include:
- Javascript catchers that hijack the user’s browser, making it difficult to leave a site.
- Blind and hidden links that prevent an address from being displayed in a web browser’s status bar. This can be used to mask malicious activities, like cross site scripting or cross site request forgery attempts.
- Redirection scripts that redirect users to different websites. This occurs on a server, so there’s no way for a user to know it might happen until they click.
- Malware that triggers malicious behavior including “code execution, registry changes, or executable downloads.”
In addition to misleading activity, the level of malware found on adult Web sites was surprising to the researchers too; almost 3.5 percent of adult websites had this type of behavior, compared with previous studies that found less than one percent as malicious. Spyware and Trojan downloads were the most popular types of malware.
The good news is, it’s simple to block adult content and pornography with OpenDNS. In a couple of steps, you can nip the issue in the bud by blocking content you know causes issues on your computer and network. To block adult content, navigate to the Settings page and select the network you wish to manage. You’ll then see a Choose Your Filtering Level option under Content Filtering. To block all adult content, make sure to block the following five categories: Adult themes, Nudity, Sexuality, Pornography, and Tasteless.
Since we already block malware for all OpenDNS users (Enterprise users get more comprehensive coverage), blocking pornography is just one more step you can take to protect users on your network from coming in contact with malicious tactics online.
Geremia
Wow, I never knew that “42.7% of all Internet users view” porn and that “the Internet porn industry yields more revenue [97 billion USD in 2006] than the top technology companies Microsoft, Google, Amazon, eBay, Yahoo!, and Apple combined.”
Keep up the good work, OpenDNS, for filtering out all this filth!
posted on June 15th, 2010 at 12:13 pm
Mike
I think you missed a very important part of the paper which might have lead to the sensationalist headline. I’ll quote it for you here:
“Whenever iframes were used as infection vectors, we extracted the hosting location of the injected code, finding the malicious code to be mostly (98.2%) not stored on the adult web sites themselves. We believe this is a clear indication that the web sites that distribute the malware were originally exploited themselves, and are not intentionally serving malware. This was also confirmed by results from Wepawet, which automatically attributed several exploits to
the “LuckySploit” malware campaign.”
All that has been shown here is that adult sites are infected with malware by malicious third parties at the same rate as non-adult sites.
posted on June 15th, 2010 at 2:31 pm
Bhaskarjyoti Bhagowati
Thanks to Opendns for it’s content filtering. I’ve blocked the p2p file sharing to prevent users to view the torrents sites. But the users use to download the torrent file from outside of our organization and open it with utorrent or bit torrent. This doesnot prevent the downloads. How to prevent the users from downloading via torrents? Please advice.
Thanks and Regards
posted on June 16th, 2010 at 2:19 am
J
I’ve, ahem, known hackers, and plenty specifically use porn sites to hide exploit code because they’re never caught, and the second you censor the site, people presume “moral majority” and “puritanical” motives and accuse you of hating the First Amendment.
posted on June 19th, 2010 at 7:17 pm
Shan
Thanks to opendns. I am a new home-internet owner, and I feel so worry that internet will attract my other brothers (and me too) to open such porn sites.
posted on June 30th, 2010 at 4:58 pm