Believe it or not—even MORE internet porn
12 Jun 2012 05:19 PM
In December of 2011, we blogged about the approval of the .xxx TLD (top-level domain) and discussed issues related to how these sites are categorized and how legitimate companies could avoid having their reputation damaged through an .xxx registration.
Under the banner "The Evolution of Online Responsibility," ICM Registry, the company behind .xxx, is now trying to establish .sex, .porn, and .adult to expand its online offerings. A company spokesman says it is prepared to battle for other sex-related TLDs in order to protect its turf, citing the firm's security and trademark protection practices, as well as its zero-tolerance policy toward child sex abuse.
The company's position is that .xxx is "designed specifically for the global adult entertainment industry as a trusted brand, globally recognized and extolling responsible and safe behavior," because "the website operators is [sic] operating under self regulatory, published guidelines and policies." In addition, they argue that using TLDs exclusively for "adult entertainment" - including the three proposed new TLDs - helps ensure that users who don't wish to see such material can avoid it.
This is part of a major expansion in TLDs. Despite a number of glitches in the process, ICANN has reportedly received more than 1,900 proposals for new domain names and will reveal the list in a press conference on June 13.
It's important to note that online pornography will not be limited ONLY to these TLDs.
Today, you can keep up with the ICANN announcement by following the ICANN Reveal Day.
Websense is following the evolution of TLDs in order to ensure coverage for our customers, and our security solutions are protecting them with ACE, our Advanced Classification Engine.
Widespread malware abuses unsecured Geolocation Service of Adult Website
03 May 2012 07:26 PM
While researching outbound malware communications to improve detections for our products, we recently made an interesting discovery. Thousands of samples running in our malware lab reached out to the URL promos.fling.com/geo/txt/city.php. At first we suspected this to be a command and control (C&C) server of botnet malware. However,
Websense® categorization of the main Web page of the domain fling.com returned Adult, and visiting the page certainly confirmed this:
So how is this unsecured geolocation service used by the malware? Using the network tool Wireshark to look at the malware network traffic contacting this service, we can see that more information is disclosed:
Looking at the geolocation service abused by the malware we can make the connection that the 'CA' part (country code for Canada) in this user-agent is used to disclose the geolocation of the infected machine to the botnet server. This information can be used by the botmaster for statistics or to give different commands to infected machines in certain countries.
As of the time of writing this blog post, a total of 4,775 samples that ran in our malware lab show connections to the adult geolocation service in question. Websense customers are protected against known variants of this malware; we also have real-time coverage in place for the traffic between the malware and the C&C servers.
Let's be adult about it. xxx
06 Dec 2011 03:31 PM
On 12/6/2011 at 11 am EST, more than 100,000 Web sites are expected to go live with the new .xxx domain.
XXX was approved as a "top-level domain" address last year by ICANN, and was set up to make it easier to identify adult sites. However, it has also had some unintended consequences.
For example, if you own Acme Explosives and have operated acmeexplosives.com for years, you might want to register acmeexplosives.xxx too (just to make sure no one else registers it for a porn site, possibly besmirching your reputation with the demolition crowd). You could leave it as a null site, or you could redirect your new .XXX site to your standard .COM site.
Therein lies the rub: Websense will automatically categorize all .XXX sites as “Sex”. But if you are Acme, you might prefer to have people redirected to your commercial site, rather than having them run into a block page. Have no fear. If you have registered a .XXX page that redirects to a non-adult site and would prefer to have it categorized to something that reflects the true content, just send your request to firstname.lastname@example.org or use the online submission tool.
Websense customers automatically protected
A database download has been pushed out to all Websense customers, timed to take effect before the .XXX top-level domain goes live. Any product, from filtering to TRITON Enterprise, will have this domain categorized in their database as "Sex." We may have some folks out there using old, unsupported versions of Websense that may be in for a surprise, but it shouldn't affect any current customers.