Top smut site stops Flashing, adopts HTML5

When even the pornographers think you've got a problem, you've really got a problem


Security sentient smut site Pornhub has decommissioned Flash and will swap to HTML5 in a bid to modernise and protect its estimated 60 million daily visitors.

The site is famed for among other things offering a bug bounty to researchers who disclose security holes in the site upping payments and hiring staff to better compete with industry standards.

Pornhub will now switch to the new industry standard HTML5 which sports better load times, power consumption, and avoids the battery of vulnerabilities that make Adobe Flash one of the exploit kit market's favourite p0wn platforms.

The porn broker announced the switch on its dedicated subreddit.

Pornhub's part of a colossal web conglomerate called MindGeek that operates several other adult sites, runs an affiliate marketing network, has over 1,000 people on the payroll and millions of paying customers. It's not difficult to see why an organisation of that scale would be keen to drop a buggy, proprietary plugin and instead adopt a standard.

The change comes after Adobe plugged a whopping 36 vulnerabilities in Flash including one exploited in the wild.

The smut-streamer's decision brings the site in line with browsers such as Chrome and Firefox which have moved to sound the death knell of Flash. Most online assets support both HTML5 and Flash while the latter is decommissioned.

Firefox users will have Flash blocked unless they upgrade to the latest version of the browser. ®


Other stories you might like

  • Inside the RSAC expo: Buzzword bingo and the bear in the room
    We mingle with the vendors so you don't have to

    RSA Conference Your humble vulture never liked conference expos – even before finding myself on the show floor during a global pandemic. Expo halls are a necessary evil that are predominatly visited to find gifts to bring home to the kids. 

    Do organizations really choose security vendors based on a booth? The whole expo hall idea seems like an outdated business model – for the vendors, anyway. Although the same argument could be made for conferences in general.

    For the most part, all of the executives and security researchers set up shop offsite – either in swanky hotels and shared office space (for the big-wigs) or at charming outdoor chess tables in Yerba Buena Gardens. Many of them said they avoided the expo altogether.

    Continue reading
  • CISA and friends raise alarm on critical flaws in industrial equipment, infrastructure
    Nearly 60 holes found affecting 'more than 30,000' machines worldwide

    Updated Fifty-six vulnerabilities – some deemed critical – have been found in industrial operational technology (OT) systems from ten global manufacturers including Honeywell, Ericsson, Motorola, and Siemens, putting more than 30,000 devices worldwide at risk, according to private security researchers. 

    Some of these vulnerabilities received CVSS severity scores as high as 9.8 out of 10. That is particularly bad, considering these devices are used in critical infrastructure across the oil and gas, chemical, nuclear, power generation and distribution, manufacturing, water treatment and distribution, mining and building and automation industries. 

    The most serious security flaws include remote code execution (RCE) and firmware vulnerabilities. If exploited, these holes could potentially allow miscreants to shut down electrical and water systems, disrupt the food supply, change the ratio of ingredients to result in toxic mixtures, and … OK, you get the idea.

    Continue reading
  • Adobe apologizes for repeated outages of its Creative Cloud video collaboration service
    Frame.io admits it was 'slow to scale as demand rose

    Adobe-owned cloudy video workflow outfit Frame.io has apologized and promised to do better after a series of lengthy outages to its service, which became part of Adobe's flagship Creative Cloud in 2021.

    Frame.io bills itself as "The fastest, easiest, and most secure way to automatically get footage from cameras to collaborators – anywhere in the world" because its "Camera to Cloud" approach "eliminates the delay between production and post" by uploading audio and video "from the set to Frame.io between each take." In theory, that means all the creatives involved in filmed projects don't have to wait before getting to work.

    In theory. Customers say that's not the current Frame.io experience. Downdetector's listing for the site records plenty of complaints about outages and tweets like the one below are not hard to find.

    Continue reading

Biting the hand that feeds IT © 1998–2022