Unlike the recent Brazzers porn site hack, however, sloppy practices are being blamed for the YouPorn incident, with debug data about users seemingly being stored in a public fashion since 2007.

Because what people think about first and foremost when visiting a porn site is absolutely rock-solid security.

The breached data contains clearly identifiable email addresses that lead to individuals and institutions, such as two instances of someone using a Messiah College email--Messiah is an explicitly Christian institution that promotes "character and Christian faith" in students "in preparation for lives of service." Another series of logins appear to track back to a former student athlete at Alvernia University, which educates students "in the Franciscan tradition." Adults are free to visit legal porn sites, but the institutions in question might have an issue with their names being anywhere near the user database.

On a much more serious note, Naked Security points out that the hacked data can lead to what amounts to identity theft: "if your YouPorn password is now known, hackers might try that same password against your email address, your PayPal account, your Amazon account, and all many of other online resources."

via Pastebin

The New York Times has an interesting article today about how Pastebin.com, a site that lets you store text for a set period of time without registering your identity, was used by Occupy Wall Street, particularly in its "anarchic" early days. You know, before it set up a media tent and started publishing its own Wall Street journal.

What the Times doesn't mention, however, is how Pastebin, which was first set up to store snippets of code, subsequently became a haunt for IRC, with hacker groups like Anonymous and LulzSec following. In fact, when someone purporting to be an Anon threatened a "Day of Vengeance" as part of Occupy Wall Street back in September, the "press release" was found on Pastebin. In a recent TechCrunch post announcing that Pastebin had surpassed 8 million active pastes, the site's original, London-based founder Paul Dixon wrote in the comments, "I started pastebin.com in 2002 but sold it to its present owner in 2010 after it became too much of a time drain dealing with the posts which had piqued the interest of law enforcement agencies! I'm glad I did, as I don't think I'd have enjoyed dealing the Lulzsec exposure."

Betabeat has seen protesters employ anonymous, time-sensitive means of communication before, like using Vibe instead of Twitter. But the type of information posted on Pastebin is more in-depth and in the eyes of law enforcement perhaps more incendiary:

"There, you can search for the personal information of the police officials who have used force against the Wall Street protesters; or what purports to be e-mail addresses of bank executives; or guides on how to spot an agent provocateur or undercover officer in your midst; or lists of other Occupy movements around the country and the world."

Pastebin's new owner, Jeroen Vader, a 27-year-old Dutch serial entrepreneur, says the majority of the posts are still just snippets of code:

"He has a very tolerant view of what can appear on Pastebin. He is quick to say that with thousands of news 'pastes' in a day, he cannot be expected to check what goes up, but he says he responds if people ask for personal information about themselves — d0x, tech-speak for 'documents' — to be taken down.

Mr. Vader says his instinct is to be inclusionary. 'Usually we always remove DOX items, but this one got a lot of exposure and we usually don’t remove very popular items unless we get a direct removal request from the authorities, which hasn’t happened with the item in question,' he wrote in an e-mail."

Used in verb form, of course, "dox" also means harassing individuals by putting their personal information online for everyone to see.