Parler has been hacked and user data has been downloaded. The following thread contains information from /u/BlueMountainDace on Reddit:

"so a group of developers latched onto the Press Release that Twilio put out at midnight last night. In that Press Release, Twilio
accidentally revealed which services Parler was using. Turns out it was all of the security authentications that were used to register a user. This allowed anyone to create a user, and not have to verify an email address, and immediately have a logged-on account.

Well,
because of that access, it gave them access to the behind the login box API that is used to deliver content -- ALL CONTENT (parleys, video, images, user profiles, user information, etc) --. But what it also did was revealed which USERS had "Administration" rights,
"Moderation" rights.

Well, then what happened, those user accounts that had Administration rights to the entire platform... The hackers, internet warriors, call it what you will, was able to use the forgot password link to change the password. Why? Because Twilio was no
longer authenticating emails. This meant, they'd get directly to the reset password screen of that Administration user.

This group of Internet Warriors then used that account, to create a handful of other ADMINISTRATION accounts, and then created a script that ended up
creating MILLIONS of fake administration accounts.

Now that they had a way of creating admin accounts without interruption, they created a Docker Image (basically a virtual machine) called a Warrior, that anyone could download, and when fired up, would immediately start
collecting data off of Parlre, in a coordinated fashion.

Consider it like SETI (Search for Extra-Terrestrial Intelligence) that people used to load up as screen savers when their computers were not being used. Same concept, crowdsourcing.

All of this data, the videos,
the images, the posts, the metadata (including the GEO location of all images and videos, and the connections to the accounts that posted it, has been (since midnight) being uploaded to various cloud drives and storage arrays for the purposes of Archiving this
information, for later retrieval by law enforcement, by the public, by Open Source Intelligence communities.

And the kicker.. is this: all of this information was thought to be secure and private by individuals who were making the posts. A significant number of those
individuals went through the process of being a "Verified Citizen" on Parler. What does that mean?

It means they uploaded a picture of the front and back of their REAL State Driver's License........ Let that sink in for a second.

I am positive the FBI has been actively
soaking in this information along with the Internet Warriors, but this is how they are going to officially track down.

And it's how the FBI, DHS, and FAA have been able to immediately and exhaustively create no-fly lists. Every verified attendee of the Capitol riot where
they can find a real name has been placed on No-Fly Lists.

It might seem like a small geeky glitch or hack.. but in the age of Information warfare... this is the silver bullet for the people who used Parler as a place to organize their efforts.

Also, a lot of posts were
deleted by Parler members after the riots on the 6th. Turned out... Parler didn't actually delete anything.. just set a bit as deleted.

Guess what has access to all "deleted" content?

Administrator accounts."

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Derek Ross

Derek Ross Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @derekmross

11 Jan
Virtual #CES How-To:
Since CES 2021 this year is virtual, there's a lot of you that are going to be missing out on the true physical experience. I have compiled a short guide for you to play along at home.
1) WALKING: While you watch the streams, read your emails, and watch product launches, you're going to want to walk in place at your desk. Make sure you walk a lot. I mean walk during the entire thing. If you aren't on the verge of developing shin splints, you're doing it wrong.
2) TALK: You need to be talking. Talk to yourself. Talk about the products that are on screen. Fire up your favorite voice chat application and discuss with your peers. If you're voice isn't getting hoarse, you're doing it wrong.
Read 7 tweets
8 Jan
Oh shit. Donald Trump has been banned. Thank you @jack. Image
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!