Porn Sites as Malware Distributors

Library, School, Church and Hotel Network Security

Want to avoid viruses, botnets and trojans in workplace computers?  A key strategy is to prevent users from surfing to adult web pages.   According to Chris Overton, VP at Cyberpartol:   “Pornography sites are one of the major distributors of viruses and other malware.   To quote from the CyberSharks book we’re about to release, ‘Websites offering adult content are the single most significant security threat for Internet users, comprising 31 percent of dangerous websites.  Adult and XXX sites account for the largest percentage of web sites from which viruses are spread.  (Web of Trust, 2008)’  This means that companies can go a long way toward protecting their networks from malware simply by blocking pornographic sites.  SiteSURV can provide this protection.”

–Ben Wright, advisor to Cyberpatrol

Advertisements

Web Filtering for Hotels, Libraries, Schools

Service for Blocking Porn and Viruses

SiteSURV is Cyberpatrol’s Internet filtering service for small-to-medium organizations, like businesses.  Using a technology called SiteCAT, it filters web sites by inspecting (also known as crawling or spidering) their content and categorizing them according to their apparent purpose.  Categories include malware, pornography, drugs and so on.  User organizations can choose to filter selected categories.

I asked Cyberpatrol VP Chris Overton to discuss how SiteSURV stacks up for user organizations in terms of efficiency, effectiveness and resource requirements.  Chris said:

“Since SiteSURV is a completely in-the-cloud product, it takes up no system resources on the computers it’s protecting.  The only caveat to this is that customers with a dynamic external IP must run our Dynamic IP tool on a single computer behind their access point.

“As far as bandwidth, all the filtering decisions happen at our SiteSURV server, so we’re not using any more of the user’s bandwidth than they’d already be using to browse the web.

“The setup for SiteSURV is very simple, but our online configuration portal gives users the ability to tailor their protection to their needs.  Users that want a set-and-forget product can leave the default settings in place.  Users that want more control can adjust the filtering to their specific needs.

“Filtering the web is hard work because the web is so big and ever-changing.  Our SiteCAT technology holds many advantages over its competitors.  Notably, the categorization results from one user get applied to other users.  For example, if one user of our system tries to browse to a site that SiteCAT has never seen or analyzed, the SiteCAT crawler immediately starts analysis of that site.  The results support all users of our SiteCAT system.  This means that we’re able to find new sites somewhat faster than other systems that rely purely on spidering the web.”

–Ben Wright, advisor to Cyberpatrol

Stop Adult-Oriented Advertisements

Internet Porn on Child’s Computer

How do you block pornographic ads from a family PC?

Our family maintains a personal computer for common usage in the den of our home.  Each user has his or her own Windows account.  My wife and young daughter were on the web together, using the daughter’s account, working on a homework project.  They were searching on Google for the answers to simple science questions.  Suddenly a small area opened in their browser, presenting a pornographic ad.  My daughter was disturbed, and of course my wife was angry.  My wife pressed ahead to complete the homework project, and did not keep a record of the incident.

My subsequent investigation has not revealed for certain how this offense happened.  Maybe a form of spyware has invaded the machine.  Or maybe Google sent the girls to a dangerous site.

At any rate, I installed Cyberpatrol, and set it to block sexually-oriented material from my daughter’s windows account.  I set Cyberpatrol to monitor (keep a log of) the sites that it blocked.

Then I logged into my daughter’s account, opened the web browser, and revisited many of the sites listed in the browser’s History menu.

I could see in the History menu the sites my wife and daughter had been visiting at time in question.  When I clicked on the URL for one of the sites, Cyberpatrol presented me this image, indicating it had blocked the site.

browser-block

That suggests strong suspicions about the site. . . . Read the rest of this entry »

Digital Evidence of Pornography in Hostile Workplace Lawsuits

Internet Files Can Corroborate Sexual Harassment Claims

A new privacy feature in Microsoft’s Internet Explorer 8 may foster more viewing of pornography in the workplace.  It should heighten the incentive for employers to actively block Web porn sites.

Internet Explorer is the most popular web browser.  Forthcoming version 8 includes a so-called InPrivate mode, where browsing history is not retained and temporary Internet files are deleted upon completion of the browser session.  With the advent of InPrivate mode, some employees may be lulled into a false sense of seclusion at their desks and may succumb to temptation to peek at porn.

Legally speaking, pornography is very dangerous in the workplace, as it can be evidence of a hostile work environment.  Although InPrivate mode may make access to that evidence – in the form of retained files on a PC hard drive — more difficult, the digital evidence may still be recoverable.  Forensics experts have demonstrated that they can (with effort) still reconstruct browsing history when InPrivate mode is engaged.

Further, evidence of World Wide Web pornography on the job need not come just from digital records.  It can come from, say, Employee #1 testifying that he/she witnessed pornography on the monitor of Employee #2.

Some observers are recommending that employers to disable InPrivate mode.  But disabling is difficult, and it addresses the problem only indirectly.  The more direct and complete approach is to use software to block access to adult sites.

–Ben Wright

At the SANS Institute, Mr. Wright teaches IT administrators how to stay out of jail.

Guest Internet Access and Hostile Work Environment

Abuse by Patrons of Library, Church or Internet Café?

E-pornography is dangerous for any organization that provides others with openly-visible access to the Internet.  The organization’s employees might claim hostile work environment.  Just as employees can complain about the viewing habits of co-workers, they might complain about the habits of guests and patrons.

Guests and students at libraries, schools and churches (places with shared computers) can indeed endanger those organizations by accessing objectionable material.  For example, librarians at the Minneapolis Public Library complained that their rights were violated when patrons used library computers to view porn.  The Equal Employment Opportunity Commission agreed.   Then, after the employees sued in court, the Library settled, reportedly agreeing to pay employees $435,000 and agreeing to take steps, including possibly technical filters, to reduce the potential that librarians would be exposed to porn on account of activities by patrons.

Can’t an organization protect itself Read the rest of this entry »

Internet Pornography in the Workplace

Employer Liability

In the workplace, electronic pornography is legal poison. In a “hostile environment” lawsuit against a business, the existence of porn on work computers or in work e-mail systems can be highly prejudicial. Even though the business objected to porn and enforced an explicit policy against it, its presence can reflect horribly on the business as a case goes to the courtroom.

In Williams v. City of Chicago e-pornography backed the police department into an indefensible position. After a female police officer complained about pornography in department computers, the department took action in accordance with its policy against pornography and hostile work environment. Still, officer Williams sued, and the court said the case should go to a jury for decision. The basic question for the jury would be whether the porn in department computers was so pervasive that it injured officer Williams.

Wow. How can the police department withstand a jury trial focused on the amount of pornography on the department’s computers? Such a public trial would be highly embarrassing, even if the department eventually won the case! The local media would have a field day. At this point, the city has strong incentive to settle with Ms. Williams and pay her a lot of money.

Behold the city’s unenviable position. Even after it settles, its problem remains. The continued presence of Internet pornography can prejudice the city in future cases brought by future employee-plaintiffs, just as it did in Ms. Williams’ case.

This police department has good reason to use technical measures – filters and blocks – to mitigate its problem.

Update: Administrators can now use the free Threat Detector service to discover which unauthorized places employees have been visiting.

–Benjamin Wright

Mr. Wright is an advisor to CyberPatrol, thought leader in employee Internet safety.

The formal citation to Williams v. City of Chicago is (US Dist Ct, N.D. Illinois, E Div 03C2994, Jul 13, 2004).