MAGA-Friendly Twitter Clone, GETTR, Coughs Up 90,000 User Email Addresses To Hackers
from the gettr-(un)done dept
GETTR, the Twitter clone created by former Trump advisor Jason Miller, seems to have rolled out just as smoothly as every other attempt to replace the social media service that's still inexplicably popular with people who claim to hate it for moderating their speech.
It's yet another "free speech" platform that claims it upholds the lofty ideals of allowing those banned from other, more functional sites to speak their minds… just as long as said mind speech does not include any of the following:
Without limitation, we may, but do not commit to, do so to address content that comes to our attention that we believe is offensive, obscene, lewd, lascivious, filthy, pornographic, violent, harassing, threatening, abusive, illegal, or otherwise objectionable or inappropriate, or to enforce the rights of third parties or these Terms or any applicable Additional Terms.
Just like Gab, Parler, and whatever the fuck the thing is that the MyPillow guy is doing, GETTR is finding out it has a host of moderation problems that can't easily be dealt with, especially when you've promised to not "censor" your users' speech.
On top of that, GETTR -- like the other platforms listed above -- seems to have been cobbled together somewhat incompetently and rolled out hastily, opening itself up to an unhealthy blend of toxic content, trolling (both expert and inexpert), and security stress testing from those interested in this new collection of user data.
GETTR, whose surprising surge of early users appears to be mostly a mirage created by the importation and deployment of Twitter data, is no exception to the Far Right Twitter Clone™ rule. Toxic content abounds, as do multiple trolling efforts that only add to the mess. And it appears that while GETTR claims it wants to protect speech, it doesn't care nearly as much about protecting speakers.
Hackers were able to scrape the email addresses and other data of more than 90,000 GETTR users.
On Tuesday, a user of a notorious hacking forum posted a database that they claimed was a scrape of all users of GETTR, the new social media platform launched last week by Trump’s former spokesman Jason Miller, who pitched it as an alternative to "cancel culture." The data seen by Motherboard includes email addresses, usernames, status, and location.
New platforms are often a bit leaky, usually thanks to the inexperience of those creating them. This is all part of the learning curve. But GETTR had some advance notice its uncensored ecosystem had some security problems, given that it was successfully breached on opening day.
On July 4, the day of the site' official launch, a hacker broke into and defaced some of the site's most prominent users, including its founder Jason Miller, former CIA director Mike Pompeo, former Trump advisor Steve Bannon, and pro-Trump congresswoman Marjorie Taylor Greene, as first reported by Insider.
Less than three days later, the platform was coaxed into coughing up user data. Not exactly a sign things are improving. The site's CEO says otherwise, claiming this scraping was related to the first breach, which allowed a hacker to deface several prominent accounts. Jason Miller claims the security hole has been closed and that GETTR "takes cybersecurity seriously."
Maybe so, but we'll see what happens. Alt-right Twitter also-rans Gab and Parler both gave up plenty of user data -- some of it proving instrumental in federal prosecutions -- and those sites had plenty of time to harden themselves against attackers. A quick patch of a service that seems to rely heavily on someone else's API to give the appearance the platform is heavily used is still a very tempting target, both for malicious hackers and those whose efforts are just another form of trolling. When your social media alternative is more performative than functional, little things like securing user data tend to be afterthoughts.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: emails, hack, jason miller, scraping, security
Companies: gettr
Reader Comments
Subscribe: RSS
View by: Time | Thread
Hey, I'm pretty sure there are people who actually like "sonic the hedgehog furry porn".
Or at least I assume there are. And that in itself isn't sufficient to consider them toxic.
[ link to this | view in chronology ]
Re:
“Pretty sure there are people who like furry porn”
Pretty sure??! This is Techdirt. You’re referring to 99% of the commenters here and 100% of the writers.
[ link to this | view in chronology ]
network effect
Certain products are valuable because they are used by many people, which makes the product even more valuable to others who want to use it. This is called the Network Effect. In communications systems, such as a social media network, being able to connect with a large number of people can overcome its other undesirable features.
[ link to this | view in chronology ]
Let the conspiracy theories begin!
I think these sites are just a honeypot created by the Biden administration.
[ link to this | view in chronology ]
"Alt-right Twitter also-rans Gab and Parler both gave up plenty of user data -- some of it proving instrumental in federal prosecutions -- and those sites had plenty of time to harden themselves against attackers"
It seems quite bold to assume that any time in the world would have been enough for those services to ever do such a thing. They seem to concentrate on attracting "true believers", which doesn't bode well for attracting the most competent people. Parler didn't even have a disaster recovery strategy, so I don't think that day to day exploit fixing was high on their list. I'd guess they'd be more likely to create more exploitable bugs as time went on, not less.
[ link to this | view in chronology ]
out_of_the_blue's team just keeps winning, don't they?
[ link to this | view in chronology ]
Give up? The sites were hacked. You're enjoying these failures from the conservatives way too much, we know you wouldn't be happy if techdirt's financial supporters got doxxed.
[ link to this | view in chronology ]
Re:
You're enjoying these failures from the conservatives way too much
Yeah, definitely. I seem to remember some asshole loving Wikileaks when the shoe was on the other foot. So don't expect a shitload of sympathy now.
Let's see how these folks like their turn in the barrel.
[ link to this | view in chronology ]
Re:
The same people pushing to destroy the internet just so they can lie and toss around slurs without any pushback? Gee, wonder why people are amused by their misfortune.
[ link to this | view in chronology ]
Re:
Cry me a river. Maybe if GETTR spent half the effort on security as it did on "owning the libs" , maybe it wouldn't have happened.
[ link to this | view in chronology ]
Re:
There’s this great word called schadenfreude. You should look it up. It would make you sound slightly less like a petty bitch.
[ link to this | view in chronology ]
Re: Re:
Or alternatively, have Scary Devil Monastery tell you what it means. ;-)
[ link to this | view in chronology ]
Re: Re:
“Bitch”. Typical Techdirter misogyny. Just because you all prefer to be the passive partner in male-male sodomy doesn’t mean you should refer to women that way, faggots.
[ link to this | view in chronology ]
Re:
Didn't you already have that information on hand, John Smith?
[ link to this | view in chronology ]
facts
The internet said it, so it must be true.
[ link to this | view in chronology ]
90,000 right wingers are about to get a taste if the wonderful post section 230 world they've been told they should long for, with their inboxes flooded with unsolicited spam, scams and abuse, all of which are free speech that shouldn't ever be filtered, ever. Their right to be heard trumps your desire to see them, guys! Enjoy.
[ link to this | view in chronology ]
Re:
And if they don't like the avalanche of spam they can just choose not to view it or move to another email provider as that's apparently the 'proper' response to content you don't like.
[ link to this | view in chronology ]
Antifa ran their security!! /s
You many continue your regular scheduled chaos.
[ link to this | view in chronology ]
GETTR "takes cybersecurity seriously."
...But not seriously enough to design it into their web site.
[ link to this | view in chronology ]
Securing your website isn't as easy as slipping the hackers an abortion pill smoothie....
[ link to this | view in chronology ]
Competence level in the negatives
"Big Tech sucks!! We can do better!!"
Lol, define "better" because we're not seeing it.......
[ link to this | view in chronology ]
Re: Competence level in the negatives
If the last few years have made anything clear, it's that when given a choice between ideology and competence, a lot fo people choose the former.
[ link to this | view in chronology ]
The LULZ from GUTTR
just keep getting BETTR.
Popcorn farmers will be happy.
[ link to this | view in chronology ]
"Without limitation, we may, but do not commit to, do so to address content that comes to our attention that we believe is offensive, obscene, lewd, lascivious, filthy, pornographic, violent, harassing, threatening, abusive, illegal, or otherwise objectionable or inappropriate, or to enforce the rights of third parties or these Terms or any applicable Additional Terms."
It's like reading L. Ron Hubbard at his booze and pill soaked best.
[ link to this | view in chronology ]