All of Parler's User Data Is Being Hacked 

Apparently, the way Parler was designed for its "lost password" flow was that once their authentication provider failed to actually handle the "click this link in this email to reset your password", Parler displays the "reset page" anyway, so users just used it on administrator accounts, then created tons of fake administrator accounts, & then used those account privileges to scrape all user data. Also "deletion" was just a bit-flip and posts werent actually deleted

Parler's User Data Archive Progress Link 

It seems they are using the archive team's tooling to accomplish this:


In case it isn't obvious: I have zero sympathy for Parler users.

Β· Β· Web Β· 1 Β· 0 Β· 3

However, I would also like to continue to build tools for the Fediverse that improves user safety and security here. And while there isn't much tech in common between the two, I do constantly worry about the legislative fallout because Congress is excellent at crafting bad digital laws. If they craft any, maybe I just worry too much.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!