Comment by bhaney

Comment by bhaney 3 hours ago

4 replies

View on Hacker News

There are a lot of major security vulnerabilities in the world that were made understandably, and can be forgiven if they're handled responsibly and fixed.

This is not one of them. In my opinion, this shows a kind of reputation-ruining incompetency that would convince me to never use Arc ever again.

endigma 3 hours ago

Also, firebase? seriously? this is a company with like, low level software engineers on payroll, and they are using a CRUD backend in a box. cost effective I guess? I wouldn't even have firebase on the long list for a backend if I were architecting something like this. Especially when feature-parity competitors like Supabase just wrap a normal DBMS and auth model.

Reply View 0 replies
aaomidi 3 hours ago

You’d think that a company shipping a browser would pay a little more attention to security rules.

Also, shame on firebase for not making this a bit more idiot proof.

And really? $2500? That’s it? You could’ve owned literally every user of Arc… The NSA would’ve paid a couple more zeros on that.

Reply View 2 replies
  • nemomarx 3 hours ago

    Are there a lot of Arc users? It seems like a pretty niche browser even compared to other niches.

    Reply View 1 reply
    • shepherdjerred 2 hours ago

      Having arbitrary browser access would be pretty valuable, even for just a small number of users.

      Reply View 0 replies