Unless you’ve been living the life of a hermit in some far off mountain cave, it can’t have escaped your attention that the last six months in US politics have been somewhat turbulent. The web hosting world has seen its fair share of developments in that time too, and the new year got off to an interesting start when Amazon banned alternative social media site, Parler, from hosting on its platform on 11th January.
(Image: Wikimedia Commons)
So What Happened?
The Capitol Hill riots that took place on January 6th saw Trump supporters storm the Capitol building in Washington D.C in protest over the recent election results.
The majority of the rioters were users of Parler to share their rhetoric and to organize the masses for what most Americans and outsiders see as a stain on their democracy. Amazon made the decision to ban the platform only a few days following the riots citing its failure to moderate extreme communication that incited violence and essentially became a call to action. Parler CEO, John Matze, has promised to rebuild and has launched a legal challenge against Amazon to get reinstated. Unfortunately for him, things aren’t looking hopeful at the moment.
How Likely is Parler’s Full Revival?
Lessons we want website owners to take away from this suspension are to realize the need for proper site dilligence and management and also just how fragile cloud web hosting solutions can be. Large organizations looking to switch platforms often requires months, sometimes years of careful planning to migrate successfully, and that’s based on those that have established infrastructure to begin with. Issues to consider include:
- The number of systems you host and their interconnections - There could be hundreds if not thousands of ways different systems are connected, and many organizations need time to understand how all this works before hosting on a new provider. If you migrate one system incorrectly, who knows how many other systems you’ll knock out as a result
- Sheer volume of data - Parler had around 12 million users at the time of its ban, meaning a huge chunk of user data to transfer. This is never as simple as people might think, and not only is it a slow process, it can also be incredibly expensive. This is a bill the platform may not be able to afford even if it can guarantee a new hosting platform
These issues are compounded by the fact that Parler doesn’t have an extensive in-house team of experts to facilitate the migration to a new platform. The current lead engineer, Jared Thompson, only has two years of industry experience outside of the social network, and none of that was in cloud computing. Plus, Parler only has 35 paid staff, whereas other organizations have whole teams dedicated to migration alone. Or, if an in-house team isn’t available, a third-party organization will have to be brought in to make the transition, but this requires resources.
Other Issues Specific to Parler
Parler doesn’t just have to make the switch to a new provider, it also has to consider some complex security issues too, but it’s having trouble finding new providers due to the controversial nature of the platform. For example, Cloudflare, one of the biggest providers of denial of service protection on the market, has expressed no interest in coming to its aid.
It’s not just security and tech companies that are abandoning the platform either; a number of groups, companies, and organizations have come out to say they’ll no longer allow the social media site to operate through their platforms, including well-known names like Stripe and Shopify.
Parler may have to go out to the market and find a piecemeal set of suppliers willing to help support different aspects of its network and security needs, creating a less than ideal mishmash solution. The alternative is somewhat of a digital revolution like we’ve never seen before, which, no doubt, will only further the divide and political tension we’re already witnessing boiling over.
Move to Epik
(Image: epik website)
Parler has found some light at the end of the tunnel, though, after it registered its domain name with Epik. Founded in 2009, it’s made a name for itself as something of a haven for conservatives and far-right celebrities that have been banned from other platforms. It’s not a surprise to see Parler turn here.
Not only does this solve the social media platform’s hosting issues, but it also resolves security concerns too, not least for the fact that Epik acquired cybersecurity company BitMitigate in 2019. This allows the host to leverage the skills and expertise gained during the acquisition to protect its clients, including DDoS protection, web application firewalls, load balancing, SSL certificates, and load balancing.
Many web hosts will outsource various cybersecurity features to specialist platforms, but since Epik now owns BitMitigate, there’s minimal risk of websites hosted here having their protections taken away.
Plus, it looks to solve issues thrown up by not having a content delivery network (CDN). A good CDN is able to securely and quickly deliver videos, data, and applications to users. When it was hosted at Amazon, Parler made use of the tech giant’s Cloudfront CDN technology, but after the banning, this was of course denied to the platform too. BitMitigate offers a CDN alternative and it’s starting to look like Parler might find everything it needs at Epik. How long the relationship lasts is anyone’s guess.
We’ve already seen the industry moving towards a one-stop-shop service provider model like this for a number of years now, and this banning by Amazon could accelerate the trend as companies try to buy up security firms to remove any dependence. However, we still need to bear in mind the difficulties in migration as we mentioned earlier, but given Epik’s now hosting Parler, perhaps the lack of resources and infrastructure to execute a migration on Parler’s end wasn’t quite as unlikely as the mainstream media suggested.
(Image: epik website)
Other Solutions to Get Reinstated
Other solutions are available to Parler, and the options open can give other organizations some insights into hosting issues too, both industry veterans and those looking to start a new site.
Start From scratch
If Parler doesn’t stick with Epik and ends up looking elsewhere, the data migration could end up proving just too problematic to carry out successfully. We’ve seen that this kind of project can take months, or even years to complete, requiring a lot of manpower over that period of time. It’s not just a major time and resource sink, either; the costs and time involved with transferring so much data to a new platform could be astronomical.
What’s more, there’s always a chance that there’ll be at least some form of corruption or issues along the way.
This might all prove too much of a hassle, and Parler could choose to cut its losses and simply start fresh with a brand new site on a new web hosting platform. It’s certainly gained enough publicity in the last few days that this could be a viable move, but in the grand scheme of things, 12 million users is a drop in the water compared to other similar platforms.
This is something all organizations need to bear in mind, especially those that are considering either moving on-site infrastructure to a cloud or switching to an alternative cloud host. This isn't a decision anyone should ever make lightly, and it’s no trivial matter. This takes time and effective planning.
If you are going to make the switch, you need to have a cast-iron guarantee that the benefits are going to outweigh the costs before making this serious commitment.
Build Its Own Server Infrastructure
This whole affair has served as a timely reminder of how tight the grip is on the cloud computing market by just a few of the known names in big tech. Statistics up to the end of Q2 2020 showed that of the $100 billion cloud industry, Amazon holds a staggering 33% share of the market, followed by Microsoft Azure at 18% and Google Cloud in a distant third place on a 9% share.
When just three companies make up a 60% share of an industry, we start to see a trend of monopoly taking place and the smaller providers are pushed out, especially when faced with the toss-up between free speech and reputation. Being completely reliant on a cloud provider highlights that you don’t really own your own websites and data. Remember, you’re signing up for that platform’s terms of service, and if you breach them in any way, you can be kicked off, likely with nowhere to go if you’re on the wrong side of the political climate we’re witnessing.
One stable solution is for Parler to build its own on-site server solution. This way, the company will have full control over every aspect of its site and won’t be at risk of being taken down. In fact, it’s this level of control that’s stopped a lot of organizations taking the leap over to a cloud solution. The pressure applied to Epik over its decision to host Parler could wind up being too much, so the relationship is fragile.
While there’s no denying the growing trend of those that are switching, the on-premises solution is still appealing for many. Other benefits include:
- Greater control over security measures
- An optimized solution with a team of trained staff that know exactly what the company needs
- While very expensive to set up initially, these on-premise solutions often end up being cheaper in the long run
- Increased levels of independence
However, reviewing what we've learned so far, this probably won’t be the route Parler prefers for the long term. Its small team and apparent lack of financial backers would mean this solution, which could require immediate implementation if everything goes south with Epik, will likely be too much to take on, making the platform defunct.
These are considerations other organizations need to take into account also. If you have sensitive data, value privacy and want full control over your operations, you might be better off going with an in-house solution; if you’re able to implement this, of course.
We could even see a hybrid solution come about that combines both cloud and on-premise infrastructure. The important thing is for you to do your research thoroughly before making a decision and know that planning starts now; this is a big, risky task to take on. Generally, it’s only really sites with such a political target on their heads that for the time being should consider it.
(Image: Cloud Market Share - Statista.com)
Convince Amazon to Reinstate It
This is Parler's last option should Epik decide to pull out of hosting. CEO John Matze has stated this would be the preferred solution. An algorithm to flag unsuitable posts just days before the ban was put in place, alongside around 600 unpaid moderators trawling through the site to remove problematic content, but Amazon has allegedly been flagging worrying content for at least two months now, with no prior effort to fix this.
Amazon hadn’t actually deleted any data or removed any of Parler’s systems from its servers; it existed in a suspended state until the migration took place.
However, Parler is looking to sue Amazon for what it deems an affront to its contractual agreement, so we’ll see what comes of that.
We’ve already touched on the fact that it was booted by Amazon for breaching its terms of service after users were found to be inciting violence, and it’s important to stress just how ‘in the pocket’ of these companies anyone hosting a website via a third party is. These are private companies, with their own rules, after all; what they say goes. But, as we’re learning more and more every day, they can swing the remorseless scythe at their own discretion, and there’s often not a lot we can do.
Being de-platformed won’t be an issue for the vast majority of organizations that use cloud hosting, and we won’t all have to turn to Epik, the so-called alt-right haven for controversial websites, to get back online. But you must read the terms and conditions very carefully. The chances of getting kicked off your platform are low, but should it happen, the harm this does to your bottom line can be severe.
Parler’s Poor Coding Exposed By Hacktivists
An issue that came to light not long after it was removed from Amazon is that Parler is built on amateurish code; so much so that hackers were able to recover a whopping 80 terabytes of user data before the site was shut down, leading to various arrests of Trump supporters that stormed Capitol Hill.
The data wasn’t swiped using complicated hacking but was instead simply captured by exploiting huge holes and weaknesses in Parler’s security and infrastructure. When users deleted a post on the platform, the data wasn’t actually deleted; instead, it was just assigned a ‘delete’ flag, meaning old posts could still be accessed to those that know how to access it. Plus, every post was assigned an incremental number ID, meaning hackers could easily automate the process and archive every piece of content in order.
Matters were made even worse when Twilio abandoned the platform. This cloud communications company provided the software that managed the authentication process of users’ email addresses, as well as the apparently safe two-factor authentication. When Twillo abandoned ship, it was open season for hackers.
In fact, Twilio even announced which of its services Parler was using, allowing the data scrapers to log in and create verified accounts without having to go through the usual rigmarole of verification. Once in, they were able to get past the login box API, find users with admin rights and reset their passwords. With no verification email step to confirm the change, it was easy to then start harvesting data anonymously.
While the main cause of the breach was Twilio removing it’s security support, Parler’s poorly coded build made the job especially easy for hackers. Around 15 different parties were involved in the breach, with the lion's share of the work done by a hacktivist known by the Twitter handle ‘donk_enby’.
She notes in her bio that she’s a Meiklejohnian absolutist, in reference to 19th and early 20th century free speech activist Alexander Meiklejohn, and that she likewise believes that the first amendment protects all speech, even unpopular and incendiary types, and that Parler’s posts were worth archiving.
For those concerned about privacy issues associated with the hack, ‘donk_enby’ clarified to followers that only information that was already publicly available on the web was archived. There was no breach of other personal details like email addresses, phone numbers or credit cards.
This hack served to highlight the poor practices that were going on at Parler, and the clear oversight on the devs’ part. For example, in the archived posts, hackers were still able to access users’ geolocation at the time of a post - information that’s routinely deleted by other platforms like Google and Twitter for user protection.
The impact of the exposing of users’ posts and location metadata may help assist authorities in tracking down around 150 suspects from the Capitol Hill riots that are still at large, as many of them are likely Parler users.
In addition, this serves as a timely reminder of the importance of data security to anyone that’s using a cloud service. Whatever measures you already have in place, make sure you have a business continuity plan as a failsafe. Have backup plans ready to be implemented; use multiple layers of security and protection options. The lesson to learn here is to never be complacent.
Lawsuit Against Amazon and Its Implications
In fine American tradition, Parler has now opened legal proceedings and is suing Amazon on the grounds that it violated antitrust laws and is in breach of contract. This of course certainly isn’t going to help Parler in its efforts should it to get reinstated by Amazon, and really, it sends mixed messages about which direction the social media platform wants to head in.
The antitrust part of the suit relates to a complaint that the banning was politically motivated and a deliberate attempt to help better-known rival Twitter by removing the competition posed by challenger sites like itself. Plus, it’s alleged that the only reason the site was shut down was that it was claimed Donald Trump would switch to the alternate microblogging site once he left office, potentially providing some serious competition to Twitter.
In the second part of the suit, Parler is hoping that it can get a temporary restraining order against Amazon that would allow the site to be reinstated, arguing that it was a breach of contract to take it down in the first place. In addition, the web host is being sued for lost revenues to cover its time offline.
Amazon has hit back stating that there’s no merit to any of Parler’s claims and, on the face of it, the lawsuit certainly looks like a Hail Mary throw. For instance, proof would first need to be provided that showed Amazon and Twitter had been conspiring to eliminate smaller platforms. In addition, antitrust laws only apply to commercial activity, not politically motivated actions so this part of the suit might not have a leg to stand on.
Amazon has countered the breach of contract claims too, stating that it requested Parler better moderate its content over a number of weeks going back to early November 2020. This would put the decision outside of the minimum 30 days required to take action before being suspended, as set out in the contract. We’re expecting a fast decision on whether the case will be heard.
However the case pans out, it’s yet another reminder for anyone that uses cloud services to go over all contracts and agreements with a fine-tooth comb. Make sure you and your staff are fully aware of what you can and can’t do, and make sure you stay up to speed on potential suspensions. Big tech is more powerful than ever and seemingly, making your political leanings known, especially in the direction of what seems to be considered by most the incorrect one, you may find yourself on the business end of a ban.
What the Future Holds
While it’s still early days, the Parler ban could be the catalyst for some interesting changes in the industry. We’re not saying these speculations will definitely happen; they’re exactly that. Speculations. What we might see in the near future of hosting and big tech is:
- A loosening of the grip on the market by Amazon, Microsoft and Google - If nothing else, this ban has brought alternative web hosts to the attention of users, and many might start to research alternatives at the very least, even if they don’t see a switch immediately
- Expect on premise solutions for some time to come - A good few years back, many in the industry were telling us how no-one would have any need for on-site server solutions given the growth and efficiency of the cloud. This event highlights the importance for some organizations to keep at least some operations in-house. Especially those that deal with a lot of confidential information
- We may see new government regulation - Certain sectors are already subject to different regulations when it comes to cloud computing, the most stringent being on the organizations that are processing payments in the cloud. Amazon banning Parler could lead the government to add some clarity to the responsibilities of these platforms, which are primarily used for what every individual deems their own free speech and opinions