One of the most popular adult sites on the Internet has made one of the most egregious user securities possible, leaving millions of users credentials exposed on a public-facing Web server.
Worse, according to this blog, even though YouPorn has taken the server down, the Streisand effect has taken hold in spades, with data from the service posted in places like Pastebin so that other freeloaders can pick up a free login.
Anders Nilsson of Eurosecure ESET Sweden says the breach emerged on Swedish chat sites, and speculates that it was caused by a careless programmer leaving a server in a debug logging state since 2007 meaning that all new account credentials were captured and stored in an unliked directory that was, however, indexed by Google.
As Sophos Graham Cluley notes, the implication of this exposure its not unfair to call it rank stupidity probably reaches all the way into peoples employment and marriages.
You can imagine how employers and marital partners may be less than impressed to find you are registered for a website like YouPorn. And their discovery of your porn penchant is only a search and a click away, he writes.
YouPorns official blog still fails to mention its egregious exposure of user credentials, preferring instead to promote a T-shirt design competition.
0 comments:
Post a Comment