this post was submitted on 25 Nov 2020
0 points (NaN% liked)

Main, home of the dope ass bear.

15966 readers
56 users here now

THE MAIN RULE: ALL TEXT POSTS MUST CONTAIN "MAIN" OR BE ENTIRELY IMAGES (INLINE OR EMOJI)

(Temporary moratorium on main rule to encourage more posting on main. We reserve the right to arbitrarily enforce it whenever we wish and the right to strike this line and enforce mainposting with zero notification to the users because its funny)

A hexbear.net commainity. Main sure to subscribe to other communities as well. Your feed will become the Lion's Main!

Good comrades mainly sort posts by hot and comments by new!

gun-unity State-by-state guide on maintaining firearm ownership

guaido Domain guide on mutual aid and foodbank resources

smoker-on-the-balcony Tips for looking at financials of non-profits (How to donate amainly)

frothingfash Community-sourced megapost on the main media sources to radicalize libs and chuds with

just-a-theory An Amainzing Organizing Story

feminism Main Source for Feminism for Babies

data-revolutionary Maintaining OpSec / Data Spring Cleaning guide

ussr-cry Remain up to date on what time is it in Moscow

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
0
Parler just got hacked. (twitter.com)
submitted 4 years ago* (last edited 4 years ago) by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

Oh, it is good.

https://twitter.com/hashtag/ParlerLeaks

https://twitter.com/hashtag/parlerhack

Post any good finds.

Best explanation I've seen why this is a big deal.

WordPress Config file being accessible is a big yikes. Gives you the destination for the DB as well as the username and password to sign into it. MySQL export and anything not using MD5 Hash is visible right away - the rest? Decrypt.

Soon as the DB has been exported, game over.

https://twitter.com/IckleIzu/status/1331401417186299909

top 6 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 4 years ago (1 children)

Chapo: Use protonmail to sign up, browse using a VPN, assume everyone is a fed including the admins

Parler: Give us your SSN and driver's license photo lmao

[–] [email protected] 1 points 4 years ago (1 children)

Using any email address is lib. Just remember your password. :agony-turbo:

[–] [email protected] 0 points 4 years ago (1 children)

The admins were admonishing people to use a proton mail email to setup 2fa on here and I don’t really understand the benefit. This single-use email just becomes the SPOF instead of chapo chat so what’s the difference? I don’t use an email.

[–] [email protected] 0 points 4 years ago (1 children)

Also: let’s say my profile gets hacked. What are they going to do? Post? Comment? It’s not like they can send themselves money or buy things in my name.

[–] [email protected] 1 points 4 years ago (1 children)

I was thinking about this too and it’s like unless you’re using the same username/password on here as your bank, the worst that could happen is they hijack a power poster’s reputation on here and use it to influence people in some kind of negative way, which is a lot of effort for what actual benefit and also why we shouldn’t have power posters.

[–] [email protected] 1 points 4 years ago

the top 1% of posters make 50% of posts

this shall not stand