Ever wonder what happens to your information when a website goes out of business? Our personal information is an asset, and assets sell. Such is the case of Parler.
Over the years I followed the ups and downs of a Twitter competitor called Parler. Feel free to read my past articles1, but alas, the platform died. I did not have much personal information at Parler. But I at least had an ID, a password and an e-mail address. A considerable amount of mischief can be done with those three things.
Damage Control
What can be done?
The first thing you need to consider is whether you are aware of the company’s demise. I used to check Parler daily so I was immediately aware something was not right with the company. But over the years I have revisited accounts to update my password and have discovered the company has vanished or has been purchased by another operation. The remedy? Keep a list all the accounts you have created and visit them at least annually.
The first element of risk is the ID. Unfortunately, it does not take a lot of brain power to track down a person’s IDs. I would not sweat that detail because there is absolutely nothing you can do about that. Many sites use e-mail addresses or, unfortunately, universal accounts like Google or Microsoft. My recommendation is to minimize the use of universal accounts and utilize instead e-mail accounts based on risk. I discuss this at length in E-mail: A Method to the Madness. In this case, Parler was a potential abuse target so I created a unique e-mail account for Parler.
The second element of risk is the password. No matter what, if a hostile party obtains the password database, a password can be discovered. Not to say that is easy. Encryption algorithms can be quite complex and sometimes the password database file is itself encrypted. But given time and enough computing power, an encrypted password can be reverse-engineered.
The solution to password management is discussed in detail in Passwords: The Gremlins of Cyberspace. But one of the fundamental things to note is that do not use the same password for your bank that you use for something like Parler. If a hostile party figures out my Parler password, they will be rewarded with a password that only works for Parler. If you are in the habit of using predictable password patterns, I would be sweating bullets.
The third element of risk is the e-mail address. As noted above, I deliberately use multiple e-mail addresses to isolate areas of risk. As a result, I have a business-related email address that is virtually never affected by spam traffic. But addresses like Parler can have significant vulnerabilities. First of all, it is a chatty application. Unless you are good at configuring your social media sites, they can dump a lot of information into a mailbox. So creating a unique e-mail address for a social media site is a good idea.
A vast majority of the websites where I maintain an account utilize what I classify as a “general purpose” Internet risk. You know what I mean. It is sites like ESPN, Jimmy John’s, your local newspaper, your favorite car parts vendor and the neighborhood grocery store. That e-mail account can get pounded and it has the highest incident of spam traffic.
It is this sort of e-mail address that is highly susceptible to spam if a company goes out of business or is purchased by another company that simply dispenses with the rules of the previous company. The solution is awareness. It circles back to that first thing I mentioned. If there is a positive aspect to this, it is an e-mail address that is used for that type of risk. It is not the same e-mail you use to send letters to friends or to correspond with the bank.
The Parler address, in my case, was unique. So the risk to me was minimal.
… And a bit amusing.
The Phoenix arises!
So it was that about a year after Parler stopped working I noticed leaking into my Parler-related e-mail address some correspondence. I ignored it for the most part for some time, glancing at the messages and deleting them. I was simply too busy to look into it further. But there you have it in a nutshell – my e-mail address was passed on to somebody else.
Last month I got a bit curious. The message did not come from Parler itself (which was parler.com), but from a Parler-like site: newsletter@parlermailer.com.
The message got flagged as spam because it carried a pseudo-domain characteristic. Spam filters are rather smart and they can pick up on anomalous messages. For example, instead of getting a message from parler.com it may read parler.net. Or even more slyly, parlor.com. Phishing attacks employ this technique. If they can, they will obtain a domain name that confuses the reader. A person clicks on it and they are then susceptible to being fooled even more.
So before visiting the site, I decided to look into the domain. Using WHOIS, the domain resided at Epik which was where Parler was last registered.
Registrar is Epik Inc
Registered on 04/20/21
Anonymize, Inc.
Sheridan, WY
So we have reached a dead-end there. It is another of one of those “anonymous” domain registrations. That immediately garners suspicion.
I next turned to the e-mail forensics. Some readers may not be aware of this, but your e-mail message has a “header” that contains the meta data used to transmit the message. I use Thunderbird, so I click the “More” button and select “View Source”.
The next thing I need to divulge is what is called a DKIM certificate. To reduce the deluge of spam that was produced in the 2000’s, a standard was developed by which servers could acknowledge each other as legitimate e-mail servers. In this manner, users can now determine if they will only accept DKIM-originated messages (typical of businesses and governments) or accept anything.
In this case, the header was solidly constructed, where the sending servers utilizied DKIM standards to certify the transmission. Within the header rested an IP address of the sending server: 13.110.209.101
The ping command confirmed what the message header detailed.
The IP address did not have a root web page, but the URL did contain an unsubscribe link:https://click.parlermailer.com/subscription_center.aspx
The Subscription Center appeared to be the remains of the Parler communication preferences: the newsletter, Parler updates, Shop Parler, Special Messages – all remnants of Parler.
It turned out that parlermailer.com was actually the real thing – an email marketing tool for Parler. Parler is back!! The listed news articles all point to https://blog.parler.com/.
Nothing about who is behind it. No contact information. No About section. But … there were several news items to read, all with a conservative bent. Maybe Parler is back in some shape or form.
A Lot Can Happen in One Month
I began this project in early January and got distracted. So I returned to this article to see what remained.
The first thing I discovered was that 13.110.209.101 is dead. WHOIS indicates it is still owned by Salesforce, just inactive for now.
The next thing I did was check to see if the parler.com site is active.
Seeing that it is, I typed in the last clue I had previously: https://blog.parler.com/
What came up was this ominous warning from the browser.
What this warning entails is that a) it is a rogue site or b) the certificate has expired. Remember my discussion on DKIM, how servers confirm their legitimacy by exchanging information on their digital certificates. Websites do the same, and it is denoted by the “HTTPS” component of the URL. Certificates have expiration dates and it is incumbent on the website owners to renew their subscription. Failing that, the website can still work but this warning gets flashed up. Clicking “Advanced” provides more technical information about the site.
BAD CERT DOMAIN is not a good thing. Checking WHOIS, parler.com is still registered at Epik under Anonymous. BAD CERT refers to the certificate which has likely expired.
I took the leap and clicked “Accept the Risk”. The result was an empty folder.
Alas – for a brief moment Parler lived again. But it is now just floating about the ether like a failed transporter attempt in Star Trek.
Conclusion
So let’s return to what happens to your private information when a company, like Parler, ceases to exist. The data is still an asset and it will be sold to somebody. That somebody will use it to follow up on your preferences, seeking to appeal to your political and social interests and, eventually, to obtain some of your cash.
There is not much you can do about that. But what you can control is how you use your passwords and how you organize your e-mail addresses. The Internet is not a safe place. You must acknowledge that there are risks and you can take measures to minimize that risk.
That IP address is registered to Salesforce.
I earlier noted that third-party account services can be dangerous. I refer to them as universal accounts. For example, the Google account is so handy to use on ever-more-numerous websites. This, in a nutshell, off-loads security responsibility from the hosting website to Google. If your account password gets hacked at Google, it is Google’s problem and not the website that uses their account.
Universal accounts are handy, but with some risks. If the company that uses your account goes out of business, your Google account ID is most likely on the open market. I typically restrict my Google account for specific Internet services that require interaction with Google. I don’t send friends letters from Google or correspond with the bank. So if that account gets hacked, what is exposed are those inter-connected services. Just keep that mind. Note where you are using your Google account and consider whether it would be wiser to use a different approach.
Using Apple IDs has a similar risk. But Microsoft is a notch higher because of the prominence of its operating system in the PC market. Such key services like Skype, One Drive, Outlook and Azure can all utilize a Microsoft account. Utilizing a Microsoft ID at a website can place all those services at risk, including your own computer.
The story of Parler is a sad commentary on the history of monopoly power in the IT industry being used to muscle out competition and alternative political views. But a lot can be learned from it, and so it appears that the lessons continue.
1Past articles on Parler include Why Parler?, Disaster Recovery – The Case of Parler, and What’s Up With Parler?.
© Copyright 2024 to Eric Niewoehner
I can’t keep up with Parler. Alas, only days after posting this article, the web site was up again.
https://parler.com/newsroom/