An adult website that specializes in hentai porn left a database unsecured that exposed the details of about 1.2 million users.
It was vpnMentor's researchers who discovered the issue with Luscious.net. While the breach is now closed, hackers could have accessed users' personal email addresses, their usernames, blog posts, followers, uploads, likes, and locations.
While around 20% of luscious accounts use fake emails, that still leaves a large number of genuine addresses exposed. Some users included their legal names as part of their emails, which makes them prime targets for criminals.
The database had been exposed since at least August 4 until it was closed on August 19. While there is no evidence of it being accessed by hackers, users should beware of phishing attempts, or extortion.. As a security measure, members are being
advised to change their Luscious usernames and associated email address.
Pornhub is pulling out all the stops for its prestigious Pornhub Awards ceremony set for 11th October. The event will be hosted by superstar Asa Akira and will feature a musical performance by Bad Bunny.
As the world's leading adult entertainment site we are proud to be working with the most artistic and libidinous talent in the industry. The Pornhub Awards will highlight their talents and the winners will be decided by actual data from
We have more than 10M videos and over 120M daily visitors who will be the ones determining our winners. We made history last year with our first ever awards show and this year's 2nd Annual Pornhub Awards has even more to look forward to!
This year's Second Annual Pornhub Awards will be held on Friday October 11, 2019 at the magnificent Orpheum Theatre in Downtown Los Angeles. The 2019 Pornhub Awards will be unique, fun and will undeniably go down as the sexiest and most
trendsetting awards show in recent history. This kind of event is truly unprecedented and is sure to make a huge mark in both mainstream and adult media!
Yes I won't read this message. and yes you can do what the fuck you like with my porn browsing data
Yes please do, I waiver all my GDPR rights
Yes I won't read this message. and yes, feel free to blackmail me
Yes you can do anything you like 'to make my viewing experience better'
Yes, no need to ask, I'll tick anything
With callous disregard for the safety of porn users, negligent lawmakers devised an age verification scheme with no effective protection of porn users' identity and porn browsing history.
The Government considered that GDPR requirements, where internet users are trainer to blindly tick a box to give consent to the internet companies doing what the fuck they like with your data. Now internet users are well conditioned like Pavlov's
dog to tick the hundreds of tick boxes they are presented with daily. And of course nobody ever reads what they are consenting to, life's too short.
After a while the government realised that the total lack of data protection for porn users may actually prevent their scheme form getting off the ground, as porn users simply would refuse to get age verified. This would result in bankrupt AV
companies and perverse disinsentives for porn websites. Those that implement AV would then experience a devastating drop off in traffic and those that refuse age verification would be advantaged.
So the government commissioned a voluntary kitemark scheme for AV companies to try and demonstrate to auditors that they keep porn identity and browsing history safely. But really the government couldn't let go of its own surveillance
requirements to keep the browsing history of porn users. Eventually some AV companies won the right to have a scheme that did not log people's browsing history, but most still do maintain a log (justified as 'fraud protection' in the BBFC
kitemark scheme description).
well Now it appears that those that try to avoid the dangers of AV via VPNs may be not s safe as they would hope. The Henry Jackson Society has been researching the VPN industry and has found that 30% of VPNs are owned by Chinese companies that
have direct data paths to the Chinese government.
Surely this will have extreme security issues as privately porn using people could then be set up for blackmail or pressure from the Chinese authorities.
The government needs to put an end to the current AV scheme and go back to the drawing board. It needs to try again, this time with absolute legal requirements to immediately delete porn users identity data and to totally ban the retention of
Anyway, the Henry Jackson Society explains its latest revelations:
Chinese spies could exploit Government's new porn laws to gather compromising material on businessmen, civil servants and public figures, say think tanks.
They say Chinese firms have quietly cornered the market in technology that enables people to access porn sites without having to register their personal details with age verification firms or buy an age ID card in a newsagent.
The new law require those accessing porn sites to prove they are 18 but the checks and registration can be by-passed by signing up to a Virtual Private Network (VPNs). These anonymise the location of a computer by routing its traffic through a
server based at remote locations.
It has now emerged through an investigation by security experts that many of the VPNs are secretly controlled by Chinese owned firms -- as many as 30% of the networks worldwide.
It means that a VPN users' viewing habits and data can not only be legally requested by the Chinese Government under its lax privacy laws but the VPNs could themselves also be state-controlled, according to the Adam Smith Institute and Henry
Sam Armstrong, spokesman for the Henry Jackson Society, said:
A list of billions of late-night website visits of civil servants, diplomats, and politicians could -- in the wrong hands -- amount to the largest-ever kompromat file compiled on British individuals.
Those in sensitive jobs are precisely the types of individuals who would seek to use a VPN to circumvent the trip to the newsagent to buy a porn pass.
Yet, the opaque ownership of these VPNs by Chinese firms means there is a real likelihood any browsing going through them could fall into the hands of Chinese intelligence.
The Open Rights Group comments on the government censorship plans:
Online Harms: Blocking websites doesn't work -- use a rights-based approach instead
Blocking websites isn't working. It's not keeping children safe and it's stopping vulnerable people from accessing information they need. It's not the right approach to take on Online Harms.
This is the finding from our
recent research into website blocking by mobile and broadband Internet providers. And yet, as part of its Internet regulation agenda, the UK Government wants to roll out even more blocking.
The Government's Online Harms White Paper is focused on making online companies fulfil a "duty of care" to protect users from "harmful content" -- two terms that remain troublingly ill-defined.
The paper proposes giving a regulator various punitive measures to use against companies that fail to fulfil this duty, including powers to block websites.
If this scheme comes into effect, it could lead to widespread automated blocking of legal content for people in the UK.
Mobile and broadband Internet providers have been blocking websites with parental control filters for five years. But through our
Blocked project -- which detects incorrect website blocking -- we know that systems are still blocking far too many sites and far too many types of sites by mistake.
Thanks to website blocking, vulnerable people and under-18s are losing access to crucial information and support from websites including counselling, charity, school, and sexual health websites. Small businesses are losing customers. And website
owners often don't know this is happening.
We've seen with parental control filters that blocking websites doesn't have the intended outcomes. It restricts access to legal, useful, and sometimes crucial information. It also does nothing to prevent people who are
determined to get access to material on blocked websites, who often use VPNs to get around the filters. Other solutions like filters applied by a parent to a child's account on a device are more appropriate.
Unfortunately, instead of noting these problems inherent to website blocking by Internet providers and rolling back, the Government is pressing ahead with website blocking in other areas.
Blocking by Internet providers may not work for long. We are seeing a technical shift towards encrypted website address requests that will make this kind of website blocking by Internet providers much more difficult.
When I type a human-friendly web address such as openrightsgroup.org into a web browser and hit enter, my computer asks a Domain Name System (DNS) for that website's computer-friendly IP address - which will look something like 188.8.131.52
. My web browser can then use that computer-friendly address to load the website.
At the moment, most DNS requests are unencrypted. This allows mobile and broadband Internet providers to see which website I want to visit. If a website is on a blocklist, the system won't return the actual IP address to my computer. Instead, it
will tell me that that site is blocked, or will tell my computer that the site doesn't exist. That stops me visiting the website and makes the block effective.
Increasingly, though, DNS requests are being encrypted. This provides much greater security for ordinary Internet users. It also makes website blocking by Internet providers incredibly difficult. Encrypted DNS is becoming widely available through
Google's Android devices, on Mozilla's Firefox web browser and through Cloudflare's mobile application for Android and iOS. Other encrypted DNS services are also available.
Blocking websites may be the Government's preferred tool to deal with social problems on the Internet but it doesn't work, both in policy terms and increasingly at a technical level as well.
The Government must accept that website blocking by mobile and broadband Internet providers is not the answer. They should concentrate instead on a rights-based approach to Internet regulation and on educational and social approaches that address
the roots of complex societal issues.
Offsite Article: CyberLegal response to the Online Harms Consultation