Searches for virtual private networking (VPN) software briefly spiked in Texas this week after Pornhub suspended service in the state over a law forcing adult websites to verify the age or identities of their users.

The four-fold rise in Google searches for tools that can circumvent the state-level blocking suggests the law may already be having unintended side effects, days after a federal appeals court upheld the legislation and said it could remain in effect.

Visitors with Texas IP addresses who visit Pornhub’s website are now presented with a full-page message calling the Texas law “ineffective, haphazard, and dangerous.”

“The apparent spike in VPN searches in Texas shows that these types of age verification laws aren’t just unconstitutional, they’re also silly and ineffective,” Greer said. “Just like millions of people in countries like China, Russia and Turkey evade their government’s draconian online censorship regimes using simple tools like VPNs, now we see Texans doing the same to get around their own state government’s invasive rules.”

    • TexasDrunk@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      8 months ago

      Let’s pretend you knew that Greg Abbott’s personal email was greg.no.leg@assholes.com (it’s not as far as I know). You send him an official looking email from IT@texas.state.support.net (or whatever domain you’re willing to register, it just has to look relatively legit) telling him that his computer has been compromised by porn companies and that he needs to install a “cleaner” along with a link. He clicks the link and downloads something called “Cleaner.exe”. When he runs it, the program hoovers up all of his browsing history on that system and emails it back to you along with a snapshot of his emails or some other identifying information proving it’s him.

      You could also install a keylogger that way and get into whatever he’s allowed in. In addition you could install a remote client, connect to it while he’s not using it, and gain access to any system he has access to.

      Even better, you don’t necessarily have to do it to him. He has an administrative assistant, there are other office folks, and if he takes his computer home you could even get his wife or daughter (if she still lives at home, I really don’t know) and grab his data that way. It only takes one person.

      You may also be able to get information from his family’s Facebook pages to better phish them.

      Obviously I’ve left a few things out that make it seem more legit and given fake addresses, but with a few logical leaps someone could do that to all the top folks in Texas. It happens to companies all the time. There was an oil company where the CEO regularly got phished. So everyone in the company had to take extra training, except he exempted himself because his time was worth too much. Someone in the IT department leaked who was the cause of all the extra training. There was much wailing and gnashing of teeth. That company is no longer in business.