XXX porn web domain names now up for grabs

The controversy-hounded pornography domain names ending in .xxx are now up for general sale, with 100,000 having already been snatched up in a previous, restricted sale, according to the BBC.

According to reports published Friday, a group of large porn website operators has sued ICANN and the ICM registry – the company that’s launching and profiting off the .xxx domain—on anti-monopoly grounds. ICANN, a non-profit, oversees management of the top-level domain name space.

The suit, brought by players including YouPorn, PornHub, Brazzers, Xtube, Playboy.com, and Digital Playground, was filed in the US District Court of California on Nov. 16.

At this point, appending dot-xxx to a domain is optional. But many, including human rights groups, fear that the domain will be used to corral adult entertainment into a red-light district – particularly countries with less-than-relaxed attitudes toward porn.

The problems with .xxx are manifold. Beyond issues of profiteering from a new domain whose necessity is questionable, issues of free speech loom large.

Back in 2004, when this porn-regulation domain campaign began, CNET’s Declan McCullagh nicely summed up the free-speech issues:

As soon as .xxx launches, conservatives in Congress will begin to clamor for laws to make the domain mandatory for sex-related Web sites. That may not be a big deal for hard-core pornmeisters who prefer that virtual street address, but what about sex education sites that include explicit graphics and don't wish to be blocked by filtering software? And where should Salon.com - which features images of topless women - or Playboy.com - which publishes important interviews with U.S. presidents - end up?

As far as profiteering goes, we’re already seeing colleges that have secured their .xxx domain names just to avoid the horror show of reputation-wrecking versions of their schools’ sites popping up in search results.

ZDNet’s Violet Blue deems the .xxx business plan, if that’s what it is, “brilliant—if evil.” Her further musing:

Just think of how much would be made if someone could bluster ICANN into approving .PEDO.

Of course, the issue most pressing to those in the security world is what a ripe bunch of melons the audience for such a domain represents – imminently prone to click-giddiness, imminently squeezable for profits, imminently infect-able for all manner of sexually transmitted malware.

Back in June, McAfee secured the rights to perform free daily security scans on every website at a .xxx address.

According to The Register, that $8 million deal secured the ability for porn surfers to install a version of McAfee’s free SiteAdvisor plug-in, which will attempt to verify the security of a .xxx site before the user decides to visit, make a purchase or grab a download.

Porn webmasters are also getting a McAfee SECURE “trust mark” for their shopping carts that McAfee claims can improve conversions.

All well and good. Or is it?

As we well know by now, SSL, the internet’s foundation for trust, is broken.

Naked Security’s Mark Stockley reported in September about researchers’ BEAST proof-of-concept code.

BEAST, short for Browser Exploit Against SSL/TLS, is a piece of JavaScript that works with a network sniffer to decrypt encrypted cookies used by a targeted website to grant access to restricted user accounts.

For its part, WikiLeaks at the end of November cancelled rollout of a more secure whistleblower system, blaming criminal groups and intelligence agencies for “severely and irreversibly” compromising online security via SSL penetration.

Beyond SSL being broken, security products can’t necessarily be trusted to filter out porn. Just today, The Telegraph reported that the “HomeSafe” security product provided by Britain’s third-largest broadband provider as a way of blocking porn and malware for over a week has failed to restrict access to Pornhub.

What’s the takeaway?

As Sophos’s Graham Cluley notes, we just can’t rely on certificates or security products like HomeSafe to take the place of good, up-to-date anti-virus protection on our computers.

I wish the porn industry all the luck in the world fighting the .xxx gang and any attempts to straddle the adult industry with what seems like a regulated extortion racket.

In the meantime, don’t trust a seal of approval on a website. Don’t trust your kids will be protected by third-party software.

Do keep your anti-virus up to date, and do enjoy, and defend, your rights to read adult material, if you’re lucky enough to live in a country where such materials aren’t already blocked.