Jump to content
Fantasy Football - Footballguys Forums

70 Tb of Parler data scraped before service went down


Recommended Posts

Short version:  Security researchers got admin access and downloaded 70Tb of Parler content before it went down.  This also included content people had deleted after Jan 6, since it gets flagged as deleted but remains behind the scene visible to admin accounts. 

 

https://cybernews.com/news/70tb-of-parler-users-messages-videos-and-posts-leaked-by-security-researchers/

Quote

Parler, a social network used to plan the storming of the U.S. Capitol last week, has been hit by a massive data scrape. Security researchers collected swaths of user data before the network went dark Monday morning after Amazon, Google, and Apple booted the platform. 

The scrape includes user profile data, user information, and which users had administration rights for specific groups within the social network. Twitter user @donk_enby, who first announced about the scrape, claims that over a million video URLs, some deleted and private, were taken. 

...

Security researchers claim that the scrapped posts are linked to accounts that posted them, and some of the video and image data have geolocation information. That is said also to include data from Parler’s “Verified Citizens,” users of the network who verified their identity by uploading photographs of government-issued IDs, such as a driver’s license. 

 

 

A more technical description of how it happened:

https://i.imgur.com/R1GndBl.png

https://i.imgur.com/q1i2l7G.png

 

Edited by GregR
  • Thanks 1
Link to post
Share on other sites
5 minutes ago, Osaurus said:

Interesting read and a "what not to do" for online security.

Its almost like standing up an app like Parler takes a bit of planning and work - and when you skip both, things might not work they way you thought.

  • Like 2
  • Thanks 1
Link to post
Share on other sites
2 minutes ago, Dinsy Ejotuz said:

Not a techie, but is this down to some uber-state-level hacker?  Or just crappy coding/security on the part of Parler?

The latter imo

Link to post
Share on other sites
3 minutes ago, Dinsy Ejotuz said:

Not a techie, but is this down to some uber-state-level hacker?  Or just crappy coding/security on the part of Parler?

Shockingly bad.

  • Like 3
Link to post
Share on other sites

Have been trying to understand this hack and, well, I just don't.

Except that if some spook group designed an app to trap info on right-wing extremists it would probably have a lot of the same features bugs that Parler did.

Edited by Dinsy Ejotuz
Link to post
Share on other sites
4 minutes ago, Dinsy Ejotuz said:

Have been trying to understand this hack and, well, I just don't.

Except that if some spook group designed an app to trap info on right-wing extremists it would probably have a lot of the same [s]features[/s] bugs that Parler did.

 

I mean, maybe

  • Like 1
Link to post
Share on other sites

The claims here seem dubious.  Yes, I get that Parler was shoddily coded.  That's not exactly news.  But...  when I see stuff like this:

https://www.independent.co.uk/life-style/gadgets-and-tech/parler-capitol-hill-personal-data-b1785343.html?utm_source=reddit.com

Quote

“Bad news. Left extremists have captured and archived over 70TB of data from Parler servers. This includes posts, personal information, locations, videos, images etc. The intent is a mass dox and a list to hold patriots ‘accountable’. It is too late to scrub your data, and its already archived. There is nothing you can do to prevent what’s already happened. All you can do is prepare for the fallout”, a message purportedly from the North Central Florida Patriots Telegram chat shared with The Independent read.

I wonder if this isn't just more conspiracy theory rhetoric designed to inflame the same people.

  • Like 1
  • Love 1
Link to post
Share on other sites
59 minutes ago, Dinsy Ejotuz said:

Not a techie, but is this down to some uber-state-level hacker?  Or just crappy coding/security on the part of Parler?

Just started looking at this and seeing if there is useful info out there....I'd confidently assume the bold for now.

Link to post
Share on other sites
Just now, Apple Jack said:

What kind of personal info are these people putting up on social media platforms?

I think one of the allegations was individuals had submitted photos of Driver's Licenses in an effort to become "verified" (or something similar).

I don't know that to be true - but that would not completely shock me.

  • Like 1
Link to post
Share on other sites
4 minutes ago, Apple Jack said:

What kind of personal info are these people putting up on social media platforms?

I don't know the ins and outs but it sounds like Twitter and Facebook will remove location data from your pictures, while Parler doesn't do that.

Link to post
Share on other sites
2 hours ago, SWC said:

how much data is in a tablespoon is that a lot or what take that to the bank brohans 

Twitter creates 12Tb of data a day. They have 321 million users but I don't know what amount are active daily.

Parler had like, 4 million active users.  So we're probably talking about weeks worth of data at the least.

 

 

  • Thanks 1
Link to post
Share on other sites

so in the end this could lead to a lot of really vile things people posted on line coming directly home to roost for them right man if there was ever a more cautionary tale about not being an internet tough guy i cant think of it take that to the bank brohans 

Link to post
Share on other sites
49 minutes ago, Sinn Fein said:

I think one of the allegations was individuals had submitted photos of Driver's Licenses in an effort to become "verified" (or something similar).

I don't know that to be true - but that would not completely shock me.

Yes, that is (was) the process for getting your "verified" tag on Parler. I have no idea why anyone would have been willing to do that. I'm guessing a lot of the worst accounts on the service didn't do this.

Link to post
Share on other sites

I've been poking about trying to further confirm the veracity of it.  From what they've posted, if it's not real they put some effort into the faking of it to look real. Gizmodo reported someone legitimate in cybersecurity has used their work before. So it seems likely to be legit.  The site they uploaded the data to was overloaded when I tried to take a look.

Edited by GregR
Link to post
Share on other sites

I was reading this thread when I started geting a forum not available message.  I though they had gotten me too there for a minute or 2 . 🤔

Edited by da_budman
  • Thinking 1
Link to post
Share on other sites
48 minutes ago, OrtonToOlsen said:

Stuff that was "deleted" was still available to admin accounts.

Nice to know Parler had the same standards as :e:

 

 

I am an application manager and this is an extremely common practice. All of my applications use soft deletes. Some of the reasons are to track how the users use the application, to help users out when they delete something and then later determine that they should not have deleted that data, and 2 of my applications are integrated with an Oracle ERP system which you do not want the user to delete ERP data.

 

I cannot find a good article but the below article is alright at explaining soft delete verse hard delete.

 

https://becomebetterprogrammer.com/blogs/soft-delete-vs-hard-delete

 

Edited by MTskibum
  • Like 5
  • Thanks 2
Link to post
Share on other sites
12 minutes ago, MTskibum said:

 

I am an application manager and this is an extremely common practice. All of my applications use soft deletes. Some of the reasons are to track how the users use the application, to help users out when they delete something and then later determine that they should not have deleted that data, and 2 of my applications are integrated with an Oracle ERP system which you do not want the user to delete ERP data.

 

I cannot find a good article but the below article is alright at explaining soft delete verse hard delete.

 

https://becomebetterprogrammer.com/blogs/soft-delete-vs-hard-delete

 

Oh I'm sure there'is a reasonable explanation and that's it's standard.  It's just hilarious that these fine folks thought they were wishing their posts/data into the cornfield.

Link to post
Share on other sites
6 hours ago, expo86 said:
6 hours ago, Sinn Fein said:

I think one of the allegations was individuals had submitted photos of Driver's Licenses in an effort to become "verified" (or something similar).

I don't know that to be true - but that would not completely shock me.

Yes, that is (was) the process for getting your "verified" tag on Parler. I have no idea why anyone would have been willing to do that. I'm guessing a lot of the worst accounts on the service didn't do this.

This

Though people still think the Prince of Persia has left them 700,000,000,00,000,0000,000,000.00 dollars in their will.

Edited by JAA
Link to post
Share on other sites
7 hours ago, BladeRunner said:

I see someone has been handed down the talking points.

How would you describe what took place at the Capitol? 

How do you think that compares to events in Seattle, which lead to the creation of the Capitol Hill Autonomous Zone (CHAZ)?

What constitutes an insurrection, in your opinion?

Link to post
Share on other sites
6 hours ago, Terminalxylem said:

How would you describe what took place at the Capitol? 

How do you think that compares to events in Seattle, which lead to the creation of the Capitol Hill Autonomous Zone (CHAZ)?

What constitutes an insurrection, in your opinion?

I would call it a mostly peaceful protest.

The same thing happened in all of those other cities with antifa and BLM And they were called mostly peaceful protests.  BLM and antifa literally tried to burn down federal buildings.  

I would say what happened at the Capitol and what happened with BLM antifa is no different.

Did you call them insurrections when be BLM and antifa were doing it?

 

Edited by BladeRunner
Link to post
Share on other sites
12 minutes ago, BladeRunner said:

I would call it a mostly peaceful protest.

The same thing happened in all of those other cities with antifa and BLM And they were called mostly peaceful protests.  BLM and antifa literally tried to burn down federal buildings.  

I would say what happened at the Capitol and what happened with BLM antifa is no different.

Did you call them insurrections when be BLM and antifa were doing it?

 

Was the VP and most of congress in the federal buildings as antifa tried to burn them down?

Link to post
Share on other sites
34 minutes ago, BladeRunner said:

I would call it a mostly peaceful protest.

The same thing happened in all of those other cities with antifa and BLM And they were called mostly peaceful protests.  BLM and antifa literally tried to burn down federal buildings.  

I would say what happened at the Capitol and what happened with BLM antifa is no different.

Did you call them insurrections when be BLM and antifa were doing it?

 

Trump rallies, for the most part, have included peaceful protesting. This was different, both in intent and execution. Although the majority of the mob wasn’t violent, enough people were injured and deaths occurred, and I think it could’ve been much worse, had the rioters stumbled into an office with people like Nancy Pelosi, Mike Pence or their staff.

Some of BLM’s protests have caused damage, injuries and deaths. Others were arguably insurrectionist, including the creation of CHAZ.

But there are very important distinctions between anything BLM has done, and what happened at the Capitol:

1. The grievances of the MAGA crowd are fictitious, with no credible evidence the election was “stolen.” 
2. The Capitol insurrection was incited by the POTUS.

3. The US Capitol is the seat of democracy for the whole country, if not the entire free world.

Comparing BLM protests to what happened last week really overlooks the motivations of the protestors and the magnitude of their actions. More importantly, such comparisons do nothing to address the discord which culminated in the creation of both movements. Any violent protest is bad IMO, but a violent protest to overthrow the federal government and destroy the foundation of democracy is much worse than one based on racial injustice.

 

  • Like 2
  • Thanks 1
Link to post
Share on other sites
1 hour ago, BroadwayG said:

Was the VP and most of congress in the federal buildings as antifa tried to burn them down?

How often are we going to move the goalposts?  Does it matter if they are regular federal employees or does it only count if it's members of Congress?

Link to post
Share on other sites
4 minutes ago, BladeRunner said:

How often are we going to move the goalposts?  Does it matter if they are regular federal employees or does it only count if it's members of Congress?

I personally think an assault on the VP carries a bit more weight than a local postal carrier, but that's just my opinion. I'm clear on yours as well. Have a great Tuesday.

Link to post
Share on other sites
1 minute ago, BroadwayG said:

I personally think an assault on the VP carries a bit more weight than a local postal carrier, but that's just my opinion. I'm clear on yours as well. Have a great Tuesday.

Thanks for the response, but I feel that regular people are just as important as members of Congress.

Link to post
Share on other sites
1 minute ago, JAA said:

People who break the law must be held accountable.

Do we really need to keep repeating this?

Nope.  I agree with you 1000%.  I just wish the left was consistent on that. 

As I've said repeatedly, what happened on Wednesday was terrible and should never happen.  I'm totally for bringing those responsible to justice - as I was for BLM/Antifa.

Link to post
Share on other sites
30 minutes ago, BladeRunner said:
33 minutes ago, JAA said:

People who break the law must be held accountable.

Do we really need to keep repeating this?

Nope.  I agree with you 1000%.  I just wish the left was consistent on that. 

As I've said repeatedly, what happened on Wednesday was terrible and should never happen.  I'm totally for bringing those responsible to justice - as I was for BLM/Antifa.

Is your expectation that everyone on the "left" is consistent?

Is it also your expectation that everyone on the "right" is consistent?

How about we stop labeling "left" and "right" and judge individual representatives on their actions?

Edited by JAA
Link to post
Share on other sites
42 minutes ago, BladeRunner said:

How often are we going to move the goalposts?  Does it matter if they are regular federal employees or does it only count if it's members of Congress?

For sedition, Congress. That's the point entirely.

Link to post
Share on other sites

If I try to kill the President, I will be charged with attempted murder.  I will also be charged with a myriad of other crimes against the country.  That's regardless of what kind of lawyer I get.  If I try to kill some doofus walking down the street, a good enough lawyer is going to get me charged with significantly less.  Hell, in some places like my state, I'd probably get off scott free via "stand your ground".  This notion that the "who" doesn't matter is completely rejected by our system of justice and the written law....of course the "who" matters.

  • Thanks 1
Link to post
Share on other sites
24 minutes ago, JAA said:

Is your expectation that everyone on the "left" is consistent?

Is it also your expectation that everyone on the "right" is consistent?

How about we stop labeling "left" and "right" and judge individual representatives on their actions?

Sure!  Let's go back to BLM/Antifa and track them down while we're at it!  :thumbup:

Link to post
Share on other sites
1 minute ago, The Commish said:

If I try to kill the President, I will be charged with attempted murder.  I will also be charged with a myriad of other crimes against the country.  That's regardless of what kind of lawyer I get.  If I try to kill some doofus walking down the street, a good enough lawyer is going to get me charged with significantly less.  Hell, in some places like my state, I'd probably get off scott free via "stand your ground".  This notion that the "who" doesn't matter is completely rejected by our system of justice and the written law....of course the "who" matters.

Yeah, seems like you're stretching here.

If I try to kill someone I could still be charged with attempted murder.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...