Far-Right Social Media Network Parler Dropped by Tech Giants as Hackers Archive Data Against Capitol Hill Rioters
On Monday morning, Parler, a far-right social media network was dropped by Google, Apple, and Amazon, following reports of Parler inciting violence and encouraging members to take part in the U.S capitol raid. Parler had previously come under fire due to racist and violent content and legitimizing hateful rhetoric. Amazon’s move leaves Parler without a host, and its users scrambling to find a new forum.
Parler: The Far-Right Social Media Platform
Parler rose to prominence after many President Trump supporters and far-right activists decided to desert mainstream social media. This move was prompted by President Trump’s 2020 Election loss and the subsequent flagging of his tweets, in favor of Parler’s more relaxed moderation. The conservative twitter alternative touts itself as a “free speech platform”.
On January 8, the day Trump was banned from Twitter, Parler became the top downloaded app on the Apple Store. On the same day, Google suspended the app, followed by Apple on January 9. Amazon then removed Parler from its web hosting service, Amazon Web Services, which effectively took down the site.
According to CNN, AWS reasoned that “We’ve seen a steady increase in this violent content on your website, all of which violates our terms. It’s clear that Parler does not have an effective process to comply with the AWS terms of service.”
This decision was met with backlash from Parler’s user base. In his parting message, Parler founder John Matze described the measure as a “coordinated attack by the tech giants to kill competition in the marketplace market place,” cautioning that “you can expect the war on competition and free speech to continue.”
Hackers Archive Parler Data
In a bid to gather evidence against capitol rioters, a Twitter user going by @donk_enby began downloading and archiving posts from the site, starting with January 6, 2020 (the day of the riot). Upon hearing of Parler’s imminent shutdown, they quickly decided to crowdsource the downloading process on Twitter to archive as many posts as possible before the site was taken down.
@donk-enby described the situation as “a bunch of people running into a burning building trying to grab as many things as we can.” The hackers managed to scrape 70 TB of data, which is to be hosted on the Internet Archive.
Parler’s Deficient Security Infrastructure
Parler’s system was vulnerable to hacking, with minimal security infrastructure. All Parler data was accessible through a public API. A fault within its 2-factor identification system allowed the Twitter ‘hackers’ to create unlimited accounts with administrator privileges, enabling them to download posts.
In an interview with Wired, Kenneth White, co-director of the Open Crypto Audit Project, described Parler’s main weakness as insecure direct object reference. Parler’s post URLs were simply listed in chronological order, meaning that by changing the value in the URLs, the posts could be easily and systematically downloaded.
Like many social media sites, Parler did not entirely delete posts when a user clicked ‘delete.’ Instead, posts were ‘soft deleted,’ meaning that while they weren’t searchable, they remained archived. The saying “once it’s on the internet, it’s there forever” was proven to be true in this case.
@donk-enby cleared up rumors about what information they were making accessible, explaining on Twitter that “only things that were available publicly via the web were archived.”
Parler Metadata Could Incriminate Capitol Hill Rioters
However, unlike most social media sites, Parler left metadata attached to user videos, meaning that rioters on Capitol Hill inadvertently revealed personal information such as their GPS coordinates when posting to Parler. Some of this metadata demonstrated that Parler users had breached deep into the Capitol building, providing potentially incriminating evidence for the FBI.
Far-right groups swiftly responded, condemning the hack and alerting their members. One account, North Central Florida Patriots, described the intent of the hackers (“left extremists”) as “a mass dox and a list to hold patriots ‘accountable,’ warning that “there is nothing you can do to prevent whats [sic] already happened.”
What will become of the downloaded data remains to be seen. Though it will be an uphill battle for Parler to find a new host, other sites will likely fill the gap Parler left behind, with Signal and Telegram’s platforms already rising to the occasion.