I had always known, albeit intuitively, that registering to porn websites was a dumb idea.
Time has proved me right.
<https://www.wnycstudios.org/podcasts/otm/segments/what-can-w...> (audio and transcript).
Based on Paul Ford's blog entry: "Fairly Random Thoughts on Ashley Madison & the Swiftly Moving Line" <https://medium.com/message/fairly-random-thoughts-on-ashley-...>.
Getting compromised is more of a matter or time than ability. Someone's going to fuck up at some point.
There is no reason to think that more reputable activist providers like Mullvad or AirVPN would if a party like PIA already doesn't.
I'd steer clear of NordVPN though. They have lots of controversy in their history and they are very financially motivated, considering the deluge of YouTube sponsorship and ads they pay for each year. Still don't think they would lie about no logs but why risk it.
Did they also testify under oath there is no lawful intercept API or anything similar? That does not require logs. In fact when the feds would set up phone call intercepts on telco switches we would intentionally disable logs and put the mainframes into "test mode". And that is even before people start playing legal word games like calling lawful intercept "debugging" or something else. Lavabit [1] found out what happens if lawful intercept is not available.
Just me personally, I would always assume a service I do not entirely control and operate is doing what it can to comply with lawful intercept requirements and they are likely playing word games to not drive away their members and I would not blame them. I am just the properly paranoid type in part due to a good upbringing by a properly paranoid person.
So if any calls looks like "https://example.invalid/api?confirmemail=user@example.invali..." would cause a leak of the email. I have seen multiple companies and websites do this (either with email or username) when signing up or after first login, and I would strongly guess that most of not all of them uses some kind of analytics for that request that leaked data.
Web developers are supposed to scrub their sites so that doesn't happen, but then the main arguments in favor of using third-party analytics is the convenience of enabling it globally with minimum effort and then getting pretty graphs for free. There are occasionally HN posts about self-hosting analytics and the common response is that its too hard and too much work.
3rd party user tracking can slurp up a lot of unexpected data, and no one ever wants to disclose problems when a vendor loses things like this. MixPanel has a long history of problems/
They may need to retain certain information for laws, but they aren't obligated by law to also share that information with their analytics partners.
I had an inkling! They've been on a roll this past year or so.
>This data includes a PornHub Premium member's email address, activity type, location, video URL, video name, keywords associated with the video, and the time the event occurred.
Well, that's pretty fucking wild! Email address & time and location sent to a 3rd party, nice! Absolutely no reason for that, of course. Especially considering these are paying customers!
I guess somewhat notably is Mixpanel denying that it's coming from their November breach. They have less incentive to lie in this case, given that they've already admitted to being breached, and (presumably) their systems & logs have been gone over with a fine-toothed comb to identify all affected parties:
>"The data was last accessed by a legitimate employee account at Pornhub’s parent company in 2023. If this data is in the hands of an unauthorized party, we do not believe that is the result of a security incident at Mixpanel."