Originally published at: Parler back online, with new logo | Boing Boing
…
I like it. Whether that’s blood, shit, or a mixture of the two, it perfectly captures the essence of Parler content: raw sewage thrown at the wall, through a stencil so it vaguely resembles actual thought.
ya I’m good with ambiguously nasty maroons
ambiguously nasty maroons
Hey! That’s my band’s name!
(it’s not, but would be if I had a band)
I am so tempted to start an account and spam the f*** out of the place, but seeing just how careless they were with everyone’s information after the Jan 6th data dump, I don’t have the nerve. I could set up a sock puppet email, but I’ve got too many accounts already.
I wonder if the K-Pop Stans will have a go at it?
When they were online last time, they were using a free trial version of their email verification service, and when that service found out about it they shut down Parler’s account.
So for weeks you could sign up under any email address you liked without actually being able to receive mail there. Also the password reset for admins couldn’t use email verification, so you could just take over any admin account you wanted.
Yeah, iirc, that’s the exact exploit they used to get universal admin access and dump the data. That and they accidentally publicized their authentication service so people knew where to dig.
For the good of whomever they roped into moderating the place, don’t do this. It’ll burn on it’s own without making life harder for the mods.
I expect whomever they’ve convinced to let them use their infrastructure will be facing this same pressure once folks determine who has decided to host them.
Is the nazi swastika copyrighted?
Won’t anyone consider the mods!?!
Seriously, good point. It seemed more appealing before Jan 6th, but now it just seems like showing up late to the game just to ridicule the losers as they hit the locker room. Of course, these losers refuse to accept the scoreboard tally and are threatening to burn the gym down with everyone inside.
… You could not pay me enough money to be a moderator on that site. No Way, No How.
Their new hosting provider is a boutique virtual private server host down in LA, per NPR:
I’m expecting they won’t be able to scale and we are in for more flustercluck. Buy popcorn futures.
Edit: godspeed to the poor souls hired to moderate that cesspool.
Yeah email verification is a big deal. We emphasize over and over in Discourse setup that
- email = identity
- whoever controls your email controls your account (and probably every other account you signed up for via that email)
- if you use SSO (login passthrough via some other system) and fail to verify email there, you have created a dystopian nightmare where any user can impersonate any other user … that’s basically what happened to Parler
This is also why security on your email account is critical. If you aren’t using 2FA auth on your email, ideally with a hardware 2FA key, but at least with an authentication app on your phone, you are cruisin’ for a bruisin’.
(and yes SMS verification is to be avoided these days because phone companies are too easy to social engineer into SIM-swapping, etc – but the authenticator apps are still a solid step in the right direction.)
This topic was automatically closed after 5 days. New replies are no longer allowed.