Two especially interesting pieces of information were gleaned from this hack:
- Verified Parler members were verified with scanned pictures of their state Identification Cards or Driver's Licenses. These were kept on the main Parler servers along with everything else. After the hackers discovered this, it also explains how so many people were put on "no fly" lists and/or arrested so quickly after the January 6th protest: federal authorities had access to this information, as well.
- A great deal of Parler members uploaded video and pictures on the 6th, then deleted the evidence when they realized it may be incriminating (of themselves or other people). Unfortunately, Parler didn't actually delete the media, but instead kept it and flagged it as "deleted." This kept the media on Parler's servers, which, again, gave it the ability to be seen by authorities and hackers alike.
There's a term in computer security called a honeypot. A "fake" network or server is built that is made to look enticing to hackers. Instead, it is full of tracking software and can be used to see what people are doing on it.
With Parler's focus on "free speech," lax security, a lousy verification system, and total lack of user privacy or confidentiality, they may have inadvertently made themselves the largest honeypot operation of the 21st century.
What can we learn form this? The same thing we have learned for the entirety of the existence of the internet: Only put online things that you would want everyone to see, forever. You never know who will discover your posts on some random online forum from two decades ago that showed you were into some super-kinky stuff. It could be your boss, it could be your kids, it could be the NSA agent who has been tasked to monitor your activity.
Just keep it to yourself.
Unless you're planning sedition. Livestream the heck out of that.
RANDOM ARTICLES from DIVVYO