https://www.alpha.facebook.com/groups/majordomo/permalink/10161497935914522/
https://twitter.com/DrEricDing/status/1348645289930989568
A group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.
Well, because of that access, it gave them access to the behind the login box API that is used to deliver content -- ALL CONTENT (parleys, video, images, user profiles, user information, etc) --. But what it also did was revealed which USERS had "Administration" rights, "Moderation" rights.
Well, then what happened, those user accounts that had Administration rights to the entire platform... The hackers, internet warriors, call it what you will, was able to use the forgot password link to change the password. Why? Because Twilio was no longer authenticating emails. This meant, they'd get directly to the reset password screen of that Administration user.
This group of Internet Warriors then used that account, to create a handful of other ADMINISTRATION accounts, and then created a script that ended up creating MILLIONS of fake administration accounts.
Now that they had a way of creating admin accounts without interruption, they created a Docker Image (basically a virtual machine) called a Warrior, that anyone could download, and when fired up, would immediately start collecting data off of Parler, in a coordinated fashion.
Consider it like SETI (Search for Extra-Terrestrial Intelligence) that people used to load up as screen savers when their computers were not being used. Same concept, crowdsourcing.
All of this data, the videos, the images, the posts, the metadata (including the GEO location of all images and videos, and the connections to the accounts that posted it, has been (since midnight) being uploaded to various cloud drives and storage arrays for the purposes of Archiving this information, for later retrieval by law enforcement, by the public, by Open Source Intelligence communities.
And the kicker.. is this: all of this information was thought to be secure and private by individuals who were making the posts. A significant number of those individuals went through the process of being a "Verified Citizen" on Parler. What does that mean?
It means they uploaded a picture of the front and back of their REAL State Driver's License........ Let that sink in for a second.
I am positive the FBI has been actively soaking in this information along with the Internet Warriors, but this is how they are going to officially track down. And it's how the FBI, DHS, and FAA have been able to immediately and exhaustively create no-fly lists. Every verified attendee of the Capitol riot where they can find a real name has been placed on No-Fly Lists.
It might seem like a small geeky glitch or hack.. but in the age of Information warfare... this is the silver bullet for the people who used Parler as a place to organize their efforts. Also, a lot of posts were deleted by Parler members after the riots on the 6th. Turned out... Parler didn't actually delete anything.. just set a bit as deleted.
Guess what has access to all "deleted" content?
Administrator accounts.
I remember it asked for my DL if I wanted to be “verified” but I declined. Never asked for my SSN, so when CMZ brought that up it threw me off.
At the most, they have my PH# and email but who doesn’t these days? There are numerous websites where I am a registered user that have the same info. I for one am not concerned, never posted anything, just browsed.
I never was asked for my DL either. Everyone and their brothers has my phone # and we're all pretty much on mylife. The mylife site needs to be taken down, pronto.
Edit, if you want to see how much of your life is public just go to mylife and look up your name OR, I believe, just your address.
Parler started asking for SSNs later on, loek a few months after it initially went online. When CMZ tweeted that, I checked, and he was right.
I had initially opened one up when IPOT was talking about migrating there from YT when he was first demonetized. It wasn't asking for it at the beginning, but it was for the duration after the initial 1st Wave got set up. I think the heads at Parler knew about all this back then and just waited for the idiots to show up en masse.
Holy balls thats insane
Same. Wtf is the post talking about.
Then dont ask to be verified simple really.
These sound exactly like the voat guys who went on a rampage because some people preferred Parler to Gab. They were spreading the same dis info. Honestly makes me wonder about Gab. I have been on Gab since it started but moved to Parler because of all the racism and non Q people. I still visit Gab but spend most of my time blocking nazis.
Yet, too many didn't take the advice of one of the WORLD'S BEST Network Security coders/analysts. It's a little sad, but a while lot maddening
Blue check mark validation is for participation trophy losers, needing to be recognized as special for even the most mundane of things
It's not nonsense. It just not what you want to hear. We were warned by smarter people than us that it wasn't secure
By your bleating today, I'm going to assume you put it all out there on Parler. God speed fren
Never had to give out my number nor drivers license.
Remember you used to go to a forum, register some stupid username and use a throwaway email address?
Why do we give our names and other identifying information to these places?
codemonkeyz was right
I think some people misunderstand the driver's license part. It seems you only needed to do it to become a "verified citizen" of Parler, whatever that is. Maybe that's why many of us never did it. Doesn't mean this article is false. I heard all along it had massive security issues and warned people about putting all their secrets out there.
Sometimes that is the only way to truly redpill people - learn from mistakes it is an opportunity!
We were warned about Parler. We were told to stick w Gab. Code Monkey Z posted that awhile back.
I ‘member. And instead of addressing the vulnerability, they went after CodeMonkeyZ.
Everyone appreciates that Parler is anti-big-tech, but what is wrong with criticizing their clearly unwise moves?
And now? And now the result of Parler’s choices gave the personal ID of tens of thousands of patriots to antifa.
I don’t hate Parler, and I’m rooting (no pun intended) for Parler, but if you’re downvoting this ?guy who is reminding us of facts, you are cancel culture.
How are you accessing your profile? I can't even get the site to open. Just the 'can't reach this page' splash.
Ah, ok. Thank you.
That's probably all cached locally then.
Absolutely agree. The second I saw it would be linked to personal info I was out.
I didn't like Parler. So hard to use. I like the people who set it up, but it was junk. Gab is way way better if it could only handle the traffic.
People were morons for giving out a phone number, let alone a driver's license
I just give them fake shit. Bonus points for giving them a 555 number.
And guess who has access to ALL of what you just said, even those nefarious asshats grabbing private info: that's right, our boys and girls at NSA. They catalogue everything. And if they have it, it's a more than fair bet POTUS has all that info, too.
Which is probably why he never really got around to opening a Parler acct up. One thing I also noticed, his kids and wife didn't open accts up there, either. They chose Gab as their fall back.
But, my suggestion is to stay on Twitter, FB, Insta, YT, etc. That's where the digital battlefield is for us. Create multiple alt accts with different names, leave clues as to who you really are without actually naming yourself. I managed to survive the Social Media Purge by staying small, but also by being very careful with verbiage. It's the threats of violence, hangings, etc, along with certain keywords/phrases these sites seem to have locked on to to justify purging anyone with dissenting views. The sad part is, most of y'all did exactly what [they] wanted by leaving Twitter/FB and flocking to Parler. It couldn't have been more clear months ago where this all was headed and that Parler would be the "keystone" to hammer us the most after Twitter/FB. I mean, we ALL KNEW those two sites were gonna ban hammer us. Once Parler became the "suggested" go to by all kinds of questionable characters, it was only a small leap of logic to consider that it was a honey pot trap designed to bag as many of us as possible.
No way the heads at Parler weren't aware of this. No way did they just let it happen. This was and has been planned for at least 6 mths. Most of this issue was written into their code. And it only took a few asshats with an elementary understanding of coding or "hacking" to get it done.
Y'all should see Twitter/FB/Insta right now. The Leftists are celebrating this Parler "hack," not as a "hack," but as a stupid move on our part for the fact that a shit ton of us not only went there when told to by other asshats, but that people doxxed themselves. Talk about a bone headed screw up. There wasn't even an argument against what they're saying...until now.
In retrospect, when Voat was shut down, I believe this was a reason why. To keep Voat out of the limelight once the internet gate keeper's ban hammers start swinging. If it was, shame on PutItOut for not explaining things better. We could've got the word out more effectively if we had known or figured it out sooner.
I tried to warn as many as I could about Parler. Too bad most of didn't clue in on it, though.
Go ahead and make a Gab acct, too if you want. But it'll be taken down soon, too. Wherever we flock to as a replacement, we're gonna be hunted down and doxxed. [They] will also find a way to shut Gab down eventually.
In the future, be very, extra special careful about what sites you go to, and read the damned Terms BEFORE you decide to open any accts. In my opinion, we deserve this little spanking, if for nothing more than to finally drive it home to us and the Normies that we're hated and will be hunted until there's none of us left...unless we quit being stupid and start fighting back smarter.
We won't win this by playing [their] game using [their] rules. And that's just what was attempted with Parler. I hope y'all learnt a valuable lesson here. Make sure you don't effing forget it, either. Next time, we won't be so lucky.
Op and then you looked your post up on your Apple IPhone and just like that they got your info.
Snowden confirmed this years ago
I wouldn’t worry about it at this point.
I hope this is not true. It will complicate my transportation. Is there a way to check if you are on a no fly list?
Keep ignoring reality https://twitter.com/DrEricDing/status/1348645289930989568
Once again, the NPC's cheering this on like some kind of justice is being served against those people who dared to walk through the capitol building.
Genetic fallacy.
I don't know if Parler was a honeypot. I do know that it was a shit site with questionable beginnings. I signed up for it and followed people just to give support but didn't post anything.
By the time Parler was online, Gab had already been banned from app stores and financially deplatformed. For Parler to have built their system on Amazon's cloud services was retarded and I thought so from the start.
If they were moving politically they should have defended Gab instead of starting Parler. But they wanted to rub shoulders with the polite crowd.
I will defend Parler like I defended Gab because an attack on Parler is an attack on free speech, but the Parler guys were dumber than a box of rocks in the way they went about things. This is in addition to their stupid UI and abhorrent verification system.
I have no fear of expressing my right to Free Speech. I also have never posted anything posing as a threat of harm or danger to anyone place or thing. Self discipline goes a long way in adulthood.
Like the deep state techies don’t already have all our info and thoughts. I’m not worried about my phone and DL.
All of this shit was getting logged by NSA and probably 10 other intelligence agencies anyway. NOTHING is secret anymore. Credit Cards, Amazon Account, Netflix, Uber... it's ALL THERE... for anybody with the skill and tools to collect.
So, when the fuck is somebody going to build a peer to peer system that at least makes it more difficult to track everything we do? Why the fuck do we need to rely on AWS Servers for everything? Just like the SETI screensaver, let's create a social network or even an OS that uses all the unused processing power of allt he phones, tablets, computers, laptops. gameboxes, etc...
Isn't that what all the file sharing apps do? Seems like an obvious next step.
Who handed over their drivers license?
I created an account, and read their terms of service (initially thought it was a honey pot trap designed for us) but conveniently forgot my password to it, and then saw what was going on months ago. Haven't been on it and never posted a thing, didn't look at posts under my login credentials.
I'm gonna put this out there now:
NONE OF THE SITES WE GO TO ARE SAFE ANY LONGER. The ISP's are gate keepers. The host servers are the ISP's gate keepers. Congress and the Fed bureaucracy are their gate keepers, and their handlers, the global banking cartels are their gate keepers. The MSM is the ULTIMATE gate keeper, since they're the ones driving this narrative of Conservative Hate and all other narratives and public perception and are OPENLY in bed with all of the above.
Parler is only the beginning. By the time POTUS actually does use the Presidential Emergency Broadcast Message System, there won't be any sites like Parler and Gab left to go to. I expect all the .wins to go that route, too. Prepare yourselves for this eventuality.
We've only just begun
This is the problem with utilizing services (other peoples software) to build your applications. Yes, it makes things cheaper and faster as you don't have to build from scratch with your own developer team but what a risk you take.
Also, never give personally identifiable information; use burner emails and burner phone numbers.
I never gave my info. So didn't give all away. It's not working anymore that was fast!! Boycott Amazon!!!
Yeah, true especially if you've been hyperbolic in sharing your feelings.
Besides a wall of text I need to see proof.
I checked your links and it just shows someone crawled / scraped videos on the Parler server. This is pretty standard stuff and not challenging to do.
Most of the other claims here sound like bullshit from an IT standpoint and I dont believe it without some proof.
source : am in IT, work on web sites, work with APIs, scraping, etc
codemonkey made that same call, and correctly too, not long after parler launched. You cant build an organisation that you know will come under sustained attack merely for existing upon a treacherous foundation.
Imagine if office space was leased on the same basis of this bullshit 'cloud' computing that has infinite authority to cast out clients immediately with no warnings, recourse, or even comms, regardless of harm inflicted on the business. One day you head into work and find all your furnishings tossed out in the street, a crowd stealing the nicest things, the doors locked against you, and all your colleagues wandering around in a state of shock? Utterly criminal conduct.
And this from the assholes who were allowed to keep their business open when all their competitors were forced to shut, with state force being used to attack and fine them if they dared resist. A normally functioning society would sue fuckers like this & the state governments that functioned as their collaborator for hundreds of billions of dollars in damages, and win.
Bezos isnt a businessman in as much as he is a thief.
Drivers license?
What is different about Gab really? or anything else. We should really be looking a lot more closely at distributed systems. The only way to take them down is to take down the entire net assuming they are widely used.
Clearly people are still too arrogant and complacent.
Hence, Parler wasn't a mistake but a much needed lesson.
Never gave dr license or anything more than I've given here: email address
gab has always been the best option. never required phone number; got banned from apple and google a long time ago.
I didn’t have to provide a pic of driver’s license front or back