Security risks may be the price of free online pornography according to a new study (PDF).
The research comes from Dr Gilbert Wondracek and colleagues at the International Secure System Lab. They carried out what they believe to be the first major study of security, rather than economy, of porn sites.
As I wouldn’t dream of being judgmental, I’ll assume that it will indeed come as news to GeeksAreSexy readers that many free pornographic sites are made up of sample content from pay sites and make most of their money from affiliate links.
You will all, of course, also be surprised to discover that many of the sites use tricks such as making it difficult for people to leave pages, or using bogus links which appear to link to an image or video but actually redirect users to other affiliate sites.
And those of you who have inadvertently stumbled across such sites will of course have kept your critical thinking capabilities switched on to know such activity has to be expected given that translating traffic into money is what allows such sites to appear free of charge in the first place.
So what about the hard figures? Well, the researchers analyzed 269,000 sites, hosted on 35,000 domains (which is a pretty clear sign that porn is a commercial operation rather than the work of hobbyists.) They report that a third of sites used some form of misleading behavior, while 3.23% of them were flat-out infected with some form of virus or other malware.
The researchers then created two free porn sites themselves and spent $160 on traffic brokers to attract visitors. The researchers then analyzed details of the 49,000 people who came and found that around 20,000 were using (in the words of the BBC) “a computer and browser combination that was vulnerable to at least one known exploit.” This was based on seven vulnerabilities related to plug-ins involving Flash, Adobe’s PDF reader and Microsoft Office.
Given that worldwide figures suggest 60%+ of people are using Windows XP, and more than one in six people are still using the nine-year-old Internet Explorer 6, it’s probably more shocking that almost 60% of those who visited the porn sites were apparently impervious to infection.
That raises the possibility that the type of people who visit porn sites (young men according to every stereotype) are also the ones more likely to be net-savvy enough to use more secure operating systems and browsers.