This Parler user explains it quite well here. Because of yet more security flaws at Parler, it's now possible for all that "free speech" to be shared and archived with the world, even if the posters tried to erase their not-at-all innocent videos and GPS data. https://twitter.com/donk_enby/status/1348484125825658887

In slightly more technical terms, it seems as though Parler never closed some of their developer-friendly security holes (sort of the programming equivalent of game cheat codes made by devs) and as a result, their anyone with the right knowledge could have admin access.

Parler never actually deleted anything its users posted. And, stupidly, they also kept it accessible to admin users.

This meant that anyone with admin access could still download it.

Once Parler's two factor authentication feature was disabled, because it was designed for developer convenience rather than security, anyone with the knowledge could become an administrator. And that's how Parler just got owned.

People have been downloading the raw videos, photos, and text posts by the gigabyte and archiving it for later public distribution.

All that perfect, totally harmless free speech will still be searchable, even now that Amazon locked out Parler from its servers.

I haven't confirmed this yet but it's possible that among the not-actually-deleted data might be the archived photos of the state identification cards that Parler invited users who wanted to be verified to upload.

Amazon taking Parler offline was actually what saved the site from being totally and completely archived.

If Amazon had kept the site online, people could still be mass downloading its data store. Parler should be grateful to Jeff Bezos!

It's going to take a little while for this data to end up at a permanent central repository but once it's done, it'll be a Wikileaks style data dump of Parler users, where they were, what they posted, what they tied to delete. Lots of #MAGATerrorist types are gonna get doxed.

I'll be very, very interested to see what verified right wing celeb users were up to, especially Lin Wood and Michael Flynn.

The "digital soldiers" got fragged tonight. The internet will be cleaning up body parts for months.

The two data types that I've not seen discussed are whether private messages and uploaded photos of identity cards are available in the dumps. Can someone confirm either?

I'm going back to sleep. This is what I get for turning on Twitter after waking up in the night.

/thread

Addendum: Please be careful w/use of this data. Infosec people like me repeatedly warned people not to use Parler bc of its bad security and invasive requirements.

But plenty of normal ppl signed up for it anyway. They didn't commit crimes/incite violence. Many were watchdogs.

The FBI almost certainly has a copy of the Parler data as well and it's fully legitimate to try to help investigate criminals. Please be careful not to harm innocents in your rightful desire to bring violent criminals to justice.

Here's more info on another aspect of the Parler security flaws. The site was yet another DevOps screw-up.

Most developers don't care about security and don't want to be bothered with it. This is why they shouldn't manage your website. https://twitter.com/ReedForecasts/status/1348658998241878018?s=20