Skip to content
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Wired)   Gab's been hacked. 70GB of passwords, private posts, data for researchers, journalists, and social scientists. "It's another gold mine of research for people looking at militias, neo-Nazis, the far right, QAnon, and everything surrounding January 6"   (wired.com) divider line
    More: News  
•       •       •

5067 clicks; posted to Politics » on 01 Mar 2021 at 7:18 AM (5 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook



158 Comments     (+0 »)
View Voting Results: Smartest and Funniest


Oldest | « | 1 | 2 | 3 | 4 | » | Newest | Show all

 
2021-02-28 9:46:35 PM  
"Among the users whose hashed passwords appeared to be included in the data were those for Donald Trump, Republican congresswoman and QAnon-conspiracy theorist Marjorie Taylor Greene, MyPillow CEO and election-conspiracy theorist Mike Lindell, and disinformation-spouting radio host Alex Jones. "

Sooprise, sooprise.
 
2021-02-28 9:49:00 PM  
Searchable archive of truly horrible posts in 3...2...1...

Fark user imageView Full Size
 
2021-02-28 9:52:00 PM  
This is fantastic news!
 
2021-02-28 9:55:09 PM  
Pants...tightening...
Fark user imageView Full Size
 
2021-02-28 10:06:40 PM  
HAHAHAHAHAHAHAHA

*inhales*

HHAAAAAAAAAAAAAAAAAHAHAHAHAHAHA
 
2021-02-28 10:07:46 PM  
Oh, this is sweet. They had bragged about having their own servers, lot of good that did them.
 
2021-02-28 10:08:43 PM  
Sure, my account was hacked and some Romanian teenager who maxed out my credit cards is threatening me with blackmail, but at least no one is fact checking my election fraud claims! 

Checkmate, Big Tech!
 
2021-02-28 10:16:34 PM  
Lol
 
2021-02-28 10:33:36 PM  
Baron Samedi Laughing on train
Youtube gX3wGWHRlXQ
 
jbc [TotalFark]
2021-02-28 10:40:03 PM  
I wish this was announced earlier in the weekend just to see them freak out at NaziCon.
 
2021-02-28 11:25:19 PM  
Gargle piss
 
2021-02-28 11:25:45 PM  

jbc: I wish this was announced earlier in the weekend just to see them freak out at NaziCon.


Oh, they know. Gab released an ambiguous statement regarding the hack on Friday.
They're just too stoopid to understand the ramifications.

Can't wait to see the private Dm's.
 
2021-02-28 11:27:03 PM  
To loosely paraphrase a journalist I spoke to about this a few days ago, "I expect DMs that could land people in supermax."

Here's hoping.
 
2021-02-28 11:34:28 PM  
When they say the results will be available to researchers, journalists, and social scientists you can be 100% sure they are available to law enforcement. Especially since there's an intense investigation going on currently about a recent attempt to stop  the government from functioning in order to install a Gab idol as ruler.
 
2021-03-01 1:40:47 AM  
QUESTION FOR GED-LAW-HAVING FARKERS:

Would the "hacked" information be admissible in court?
 
2021-03-01 1:43:56 AM  

dodecahedron: Oh, this is sweet. They had bragged about having their own servers, lot of good that did them.


Fark user imageView Full Size
 
2021-03-01 2:02:49 AM  
This is the information Gab collects, and is now in the hands of someone

gab.com/about/ccpa

Fark user imageView Full Size


A lot of people are farked
 
2021-03-01 2:07:31 AM  
CEO of gab's response

reveals one of the best Cover band names

Fark user imageView Full Size
 
2021-03-01 2:45:23 AM  

GreatGlavinsGhost: QUESTION FOR GED-LAW-HAVING FARKERS:

Would the "hacked" information be admissible in court?


Background and disclaimer: I do work in infosec that frequently touches on regulatory compliance issues, so I try to stay up on this stuff, but I am far from a lawyer. If I ran into an issue where this would be a question, I would reach out to legal professionals for real advice.

So, that said... Here's my limited understanding, take it with the giant grain of salt it deserves: There are no fourth amendment issues as long as the hack was perpetrated by a private party for their own reasons. A cop can't hack you and bust you for it, nor can they compel a hacker to take action... But if someone just decides to hack you on their own volition, and the cops get their hands on that data, there's nothing to stop them from using that as evidence against you.

In order to satisfy chain of custody concerns, they'd probably want to get a warrant and collect the data directly if at all possible. But the hacked info could be used to get that warrant.

See United States v. Steiger, United States v. Jarrett, and United States v. von der Goltz for examples of cases where the initial evidence was hacked, and that led to conviction. The first two are child porn cases, the last is related to the Panama Papers. There's likely others out there, but those were the ones I had some recollection of and was able to turn up in a quick search.
 
2021-03-01 2:57:16 AM  

kkinnison: CEO of gab's response

reveals one of the best Cover band names

[Fark user image 850x656]


That's actually a pretty shiatty cover band name. Unless you're a hateful transphobic Nazi sympathizer, of course.
 
2021-03-01 7:10:30 AM  

GreatGlavinsGhost: QUESTION FOR GED-LAW-HAVING FARKERS:

Would the "hacked" information be admissible in court?


If the hacker were working for law enforcement and using a warrant gotten under the belief that there was a possibility of an attack on our government by domestic enemies. The kind of people that print out the shirts for uniforms, and carry out armed attacks on our government.

When you have people adopting uniforms, killing cops, attending rallies with Nazi symbolism, and basically behaving like the bad guys in any Indiana Jones movie, it should be easy enough to get your warrant.

And that evidence would be admissible in a court of law.
And used to show these are enemies of the nation. Drawing the line between treason and sedition.
 
2021-03-01 7:20:54 AM  
The original Nazis kept excellent records on purpose.

These guys oopsed their way there.
 
2021-03-01 7:22:52 AM  
Infiltrated not hacked.

Only people who despise education, misuse hack to mean crime. Implying hacking is inherently criminal is as stupid as calling all pens implements of check forgeries.

The billionaires who want a weak and controllable populace, thank you, Subby, for promoting ignorance.
 
2021-03-01 7:23:06 AM  

GreatGlavinsGhost: QUESTION FOR GED-LAW-HAVING FARKERS:

Would the "hacked" information be admissible in court?


Sure, why not?

Think of it as a burglar breaking into a house and finding evidence of a serial killer or child porn ring. As long as the burglar immediately contacts the cops, admits what he's done, and didn't compromise the evidence in any way, he just bought himself full immunity for explaining how he found all this evidence in front of the grand jury.
 
2021-03-01 7:23:10 AM  
I read "Gab" as "Gabe" and immediately went to check my steam account.
 
2021-03-01 7:24:20 AM  
What are the ethics of using hacked material for a paper...?
 
2021-03-01 7:27:09 AM  
houseofgeekery.files.wordpress.comView Full Size
 
2021-03-01 7:28:17 AM  
OH SNAP!
 
2021-03-01 7:30:01 AM  

Purple_Urkle: Infiltrated not hacked.

Only people who despise education, misuse hack to mean crime. Implying hacking is inherently criminal is as stupid as calling all pens implements of check forgeries.

The billionaires who want a weak and controllable populace, thank you, Subby, for promoting ignorance.


SQL injection is infiltration now?  Who knew?
 
2021-03-01 7:30:22 AM  
Fark user imageView Full Size
 
2021-03-01 7:31:57 AM  

strapp3r: [Fark user image image 634x942]


Is that Joe the Plumber?
 
2021-03-01 7:32:34 AM  

Likwit: What are the ethics of using hacked material for a paper...?


Depends, is it publicly available information now?  List of issues will vary, but can and has been done.
Consider use of data from Internet Census of 2012.
 
2021-03-01 7:33:14 AM  
Nice.  And chance there's some Josh Hawley in there?
 
2021-03-01 7:34:46 AM  

kkinnison: CEO of gab's response

reveals one of the best Cover band names

[Fark user image image 850x656]


The entire company should not be all hands working on this. Security experts that know what in the hell to look for and how to find it should be handling the situation.

Of course since it was a SQL command injection hack the primary people to blame is the idiots at Gab that cannot handle input sanitization or web application firewalls.

Oh and yes, "bad hackers, bad. Do not do that. It is bad."
 
2021-03-01 7:36:32 AM  

Chromium_One: Purple_Urkle: Infiltrated not hacked.

Only people who despise education, misuse hack to mean crime. Implying hacking is inherently criminal is as stupid as calling all pens implements of check forgeries.

The billionaires who want a weak and controllable populace, thank you, Subby, for promoting ignorance.

SQL injection is infiltration now?  Who knew?


Thank you, I was about to go twitchy eyed.
 
2021-03-01 7:37:01 AM  

Likwit: What are the ethics of using hacked material for a paper...?



i.imgflip.comView Full Size
 
2021-03-01 7:37:17 AM  
Oh that's a shame.
 
2021-03-01 7:37:31 AM  

quatchi: strapp3r: [Fark user image image 634x942]

Is that Joe the Plumber?


No that's Terry, the unemployed.
 
2021-03-01 7:38:04 AM  

kkinnison: CEO of gab's response

reveals one of the best Cover band names

[Fark user image image 850x656]


Mentally I'll trans demon hackers.  Sweet, I was trying to think up a name for my Rupaul inspired death metal band.
 
2021-03-01 7:38:44 AM  
There was no hacking on these sites. They sold the information to the highest bidder.
 
2021-03-01 7:38:54 AM  

GreatGlavinsGhost: QUESTION FOR GED-LAW-HAVING FARKERS:

Would the "hacked" information be admissible in court?


yes.
 
2021-03-01 7:38:55 AM  

Chromium_One: Purple_Urkle: Infiltrated not hacked.

Only people who despise education, misuse hack to mean crime. Implying hacking is inherently criminal is as stupid as calling all pens implements of check forgeries.

The billionaires who want a weak and controllable populace, thank you, Subby, for promoting ignorance.

SQL injection is infiltration now?  Who knew?


Bobby Tables.
 
2021-03-01 7:38:57 AM  
well...gargle my urine.  That's going to be hard to swallow.
 
2021-03-01 7:39:01 AM  

fortheloveof: Of course since it was a SQL command injection hack the primary people to blame is the idiots at Gab that cannot handle input sanitization or web application firewalls.


I follow a (former?) farker on twitter who I think is some sort of IT security expert, and probably 95% or what he posts, likes and retweets is incomprehensible to me. you should talk to him.
 
2021-03-01 7:41:20 AM  
 I have a gab account just for trolling, but as per usual I use a password manager generated random password and my spam email so... *shrug/lol*

Were these schmucks actually storing them plain text?
 
2021-03-01 7:42:09 AM  

Purple_Urkle: Infiltrated not hacked.

Only people who despise education, misuse hack to mean crime. Implying hacking is inherently criminal is as stupid as calling all pens implements of check forgeries.

The billionaires who want a weak and controllable populace, thank you, Subby, for promoting ignorance.


Hard pass on the "ackchually".
 
2021-03-01 7:42:29 AM  
Is this the part where I note "if they did nothing wrong then they have nothing to fear"?

Cos I feel like it might be.

I look forward to the spate of stories currently being worked on that will come out soonish as more journos and LE types wade into this nasty Nazi cesspool.
 
2021-03-01 7:44:02 AM  
Didn't Gab move to an open source client based on the Mastodon protocol?

I wonder if they fuxed-up the SQL vulnerability by their lonesome, or if it needs to be fixed other places that run Mastodon
 
2021-03-01 7:44:16 AM  
Most of the passwords were, "Password123" and "MAGA123" you didn't have to be a hacking wizard.
 
2021-03-01 7:44:33 AM  
Passwords for private groups are unencrypted, which Torba says the platform discloses to users when they create one. Individual user account passwords appear to be cryptographically hashed-a safeguard that may help prevent them from being compromised-but the level of security depends on the hashing scheme used and the strength of the underlying password.

hah "We let you know we're stupid... that's on you"
 
Displayed 50 of 158 comments


Oldest | « | 1 | 2 | 3 | 4 | » | Newest | Show all


View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking





On Twitter



  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.