“The street finds its own uses for things.”
-William Gibson, Burning Chrome
Last year, my wife, my co-author, and I launched a new podcast,
The Skeptical Pervert. We talk about sex...and more specifically, we talk about sex through a lens of empiricism and rationality.
The Skeptical Pervert's website runs WordPress. Now, I've
been around the block a few times when it comes to web security, and I know WordPress tends to be a rather appetizing target for miscreants, so I run hardened WordPress installs, with security plugins, firewalls that are trained on common WordPress attack vectors, and other mitigations I don't talk about openly.
I run quite a few WordPress installs. My blogs on
franklinveaux.com and
morethantwo.com run WordPress. So does the Passionate Pantheon blog, where Eunice and I
discuss the philosophy of sex in a far-future, post-scarcity society. In addition, I host WordPress blogs for friends, and no, I won’t tell you who they are, for reasons that will soon become clear.
I automatically log hack attacks, including failed login attempts, known WordPress exploits, and malicious scans. I run software that emails me daily and weekly statistics on attacks against all the WordPress sites I own or host. I also subscribe to WordPress-specific infosec mailing lists, so I am aware of the general threat background.
Because WordPress is such a common target-it’s the Microsoft Windows of the self-hosted blog world, with everything that implies-any WordPress site will get a certain low level of constant probes and hack attempts. It's just part of the background noise of the Internet. (If you run WordPress and you’re not religiously on top of security updates, by the way, you've already been pwn3d. I can pretty much guarantee it.)
The fact that I host WordPress sites not connected with me to the outside world gives me a good general baseline reading of this background noise, that I can use to compare to hack attacks against sites that are publicly connected with me.
And the results...well.
In all the years I've been on the Web-and I started running my own Web sites in the mid-1990s-I have never seen anything even remotely close to the constant, nonstop barrage of attacks against the Skeptical Pervert site. Joreth and Eunice are probably quite sick of my frequent updates: “Well, the firewall shows over a thousand brute-force hack attempts against the Skeptical Pervert site so far today and it isn’t even noon yet” (seriously, that’s a thing that happened recently).
Here's a graph showing what I mean. This graph covers one week, from June 13, 2022 to June 20, 2022. The “baseline” in the graph is an average of several WordPress sites I host that aren't in any way connected to me in the eyes of the Internet at large-I don't run them, I don't put content on them, my name isn’t on them, I merely host them.
Note that the attacks don’t scale with traffic; the More Than Two blog has the most traffic, followed by franklinveaux.com, then the Passionate Pantheon blog, then the Skeptical Pervert.
So what to make of this?
The Skeptical Pervert has been targeted to an extraordinary degree.
Now, I don’t know who’s attacking the site, or why, so this is speculation. It’s hard to escape the idea, though, that when a site and podcast explicitly about sex, co-hosted by two women of color, talking about non-traditional sexual relationships is targeted, at least part of the answer might simply be the same old, same old tired sex-negative misogyny and racism we see...well, everywhere, pretty much.
It’s easy to blame conservative traditionalists, but Eunice reminded me there’s another factor at work as well. The Skeptical Pervert approaches sexuality from a rational, evidence-based, skeptical lens. In the United States, there’s a stubborn streak of misogyny amongst the dudebros of the skeptics community. A podcast with two women that looks at sex from a highly female-focused, feminist point of view taking on the mantle of skepticism? It’s possible there are dudebros who will perceive that as an encroachment into their space.
In short, I don’t think this is about me. I think this is about women talking openly about real-world non-traditional sex, and getting the same pushback that women always get when they dare to do that.
If the podcast were just me, or me with obviously male co-hosts, I don’t think the level of Web attacks would be anywhere near the same.
The street finds its own uses for things. In the hands of people threatened by or frightened of non-traditional voices, the Internet has become a safe, anonymous tool of harassment.