As social networks crackdown on misinformation and hate speech, users have flocked to a new site: Gab.
The alt-tech community has emerged as a refuge for those barred from other platforms. And despite widespread censorship, it has accumulated more than one million users.
But that growth has also drawn the attention of security experts. Critics claim the site serves as a haven for extremist groups. And some officials want to investigate Gab’s role in the January riots in the U.S. Capitol building.
But exactly what is Gab? And why should security teams pay attention?
Here’s what you need to know.
What is Gab?
Founded in 2016, Gab is a microblogging network that resembles a cross between Twitter and Reddit.
Users publish short posts, called “gabs”, up to 300 characters in length. On the right-hand side of each page, you can find a list of trending news topics from across the site.
CEO Andrew Torba launched the network in reaction to perceived censorship by the mainstream social networks.
The tech entrepreneur had long criticized Silicon Valley’s bias against right-wing users. He envisioned a site where the community, not big tech companies, control the conversations that take place online.
“What makes the entirely left-leaning Big Social monopoly qualified to tell us what is ‘news’ and what is ‘trending’ and to define what ‘harassment’ means?” Torba explained in a 2016 BuzzFeed interview.
“It didn’t feel right to me, and I wanted to change it, and give people something that would be fair and just.”
For that reason, Gab has always kept a hands-off approach to policing content.
Moderators permit any posts constitutionally protected under the U.S. First Amendment. Only doxxings, pornography, and violent threats are barred from the platform.
Who uses Gab?
Gab has more than 1.1 million registered users, according to Fox News.
Membership consists mostly of Americans who support former President Donald Trump. Though the site features communities discussing everything from Christianity and classic cars to military history.
Gab’s hands-off approach to content moderation, however, has turned the site into a refuge for those booted from more mainstream outlets.
High-profile personalities include far-right commentator Milo Yiannopoulos, conspiracy theorist Alex Jones, and white nationalist leader Richard Spencer.
The site also serves as a gathering place for militias, neo-Nazis, QAnon, and the alt-right.
A 2018 paper by the University College of London suggests Gab straddles the line between mainstream and fringe internet communities.
In their study, researchers reviewed 22 million comments by 336,000 participants on the platform. They found 5.4% of all Gab posts included a “hate word.”
For comparison, that number was 2.4 times larger than the rate found on Twitter. Though Gab members used far less hate language than 4chan’s infamous “Politically Incorrect” message board.
“Gab was created,ostensibly as a censorship-free platform, aiming to protect free speech above anything else.” the paper’s authors write.
“We ﬁnd that, while Gab claims to be all about free speech, this seems to be merely a shield behind which its alt-right users hide.”
Why Should Security Teams Pay Attention to Gab?
Social media monitoring now represents an everyday practice at most organizations.
The biggest platforms, like Facebook, Twitter, and Reddit, hold swaths of valuable data for marketers. And as the infamous Cambridge Analytica scandal made clear, political campaign managers have adopted the technique in earnest.
But for security teams, the big platforms are not always the most useful.
For starters, both Facebook and Instagram have tightened their data protection policies. This prevents security teams from conducting much in the way of broad-scale monitoring.
And as hinted above, bad actors have migrated to a growing number of “alternative” communities.
As mainstream sites crack down on hate speech and misinformation, problematic groups have looked elsewhere to conduct their online activities. That has forced many to rival networks.
The January riots at the U.S. Capitol building provides a perfect case in point.
In the weeks leading up to the attacks, far-right activists openly broadcasted their plans on alt-tech platforms like Gab and Parler.
But because these discussions occurred off mainstream websites, it caught national security officials off guard.
The same principle, however, still applies to private organizations.
If a bad actor posts something on a fringe social network like Gab, it might slip past your detection. That could leave your team caught off guard by a threat you later learn was published right in plain sight.
Of course, teams still need to watch established places like Twitter and Facebook. Thanks to their raw size, the majority of threats will emerge from these platforms.
But as a best practice, it pays for security professionals to diversify their coverage and increase the number of social media sites they monitor.
Beyond violent threats, security teams can use Gab to spot risks such as:
- Internal threats
- Brand impersonation
- Damaging viral content
Given Gab’s lax content moderation policies, users often exploit the site to spread misinformation.
This presents an especially big issue for vaccine manufacturers and health care companies.
Misleading pictures and memes circulate widely on the platform. And it’s not uncommon for rumors to spread from Gab to more mainstream sites.
Is Gab Here to Stay?
Not everyone believes Gab will stick around.
New alt-tech platforms, such as Parler, 4chan, and Minds, pop up all the time. Donald Trump is even rumored to be cooking up a rival social network of his own.
Gab’s tech infrastructure also struggles to keep up with the influx of new sign-ups. And users often complain about the lack of features and security protections standard elsewhere.
Most importantly, mainstream service providers have shunned the company.
In 2018, it emerged that Pittsburgh synagogue mass shooter Robert Bowers had a long history of posting anti-Semitic messages on Gab. That resulted in numerous companies blacklisting the platform, including GoDaddy, PayPal, Medium, Stripe, and Joyen.
More businesses have followed. In 2020, Visa and Amazon Web Services cut ties to Gab for “promoting hate speech.” Both Apple and Google have also removed the site from their app stores due to “objectionable content.”
Gab, however, appears to have addressed these challenges.
Over the past year, management successfully migrated from cloud hosting providers to its own in house servers. That leaves the company less vulnerable to any “deplatforming.”
In 2020, the company started accepting Bitcoin payments. That has allowed Gab’s revenues to reportedly top $100,000 per month, despite the company getting blocked by all mainstream payment platforms.
“This month [November 2020] against all odds Gab had our first six figure revenue month in our four year history,” Torba wrote in a recent blog post.
“This is without one single credit or debit card transaction, which makes it all the more impressive.”
Besides social media, Gab offers an open-source web browser called Dissenter.
Billed as the “browser built for people,” Dissenter blocks all ads and trackers. This allows users to surf the web faster and more securely.
Dissenter also creates a unique comment section for every URL online.
Here, people can discuss an article or web page with other Dissenter users. And these conversations are completely invisible to those on other browsers.
All of these initiatives are part of what Torba describes as an “alternative internet.”
Any alt-tech company which relies on mainstream service providers is vulnerable to getting taken down. So Gab has built out all of its own site infrastructure from scratch, completely independent of any third-party providers.
That gives Gab far more staying power than most of the other alt-tech social network sites security professionals often encounter.
The Bottom Line on Gab
Alt-tech sites often represent a big hole in the social media monitoring programs of corporate security teams.
Most companies focus on the biggest platforms like Twitter and Facebook. But increasingly, threat actors have started migrating to lesser known platforms.
Gab presents a textbook example. The site has carved out a niche for itself online — that corner of the web that borders between the mainstream and the fringe.
And security teams that overlook this site might be kicking themselves later.