Comment by soared

Comment by soared 10 months ago

8 replies

View on Hacker News

What sort of data does Arc track? Our plain-english Privacy Policy summarizes it well:

We don’t know which websites you visit

nfm 10 months ago

From the quoted snippet, every page load is leaking both the domain and authed user’s ID to Firebase.

Reply View 6 replies
  • Cthulhu_ 10 months ago

    Yeah but if they super promise to not look at incoming Firebase queries they're not tracking you, right?

    Reply View 5 replies
    • bschmidt1 10 months ago

      The super promise died with crypto, now you have to add no backsies. My site uses No Backsies Proofs (NBPs) which are encrypted to prove that all my super promises are backed by a no backsie which is stored in the no backsie vault in Antarctica.

      Reply View 4 replies
      • fouc 10 months ago

        Later on moxie ends up writing a quick review of NBPs

        > Instead of storing the data on-chain, NBPs instead contain a URL that points to the data. What surprised me about the standards was that there’s no hash commitment for the data located at the URL. Looking at many of the NBPs on popular marketplaces being sold for tens, hundreds, or millions of dollars, that URL often just points to some VPS running Apache somewhere. Anyone with access to that machine, anyone who buys that domain name in the future, or anyone who compromises that machine can change the image, title, description, etc for the NBP to whatever they’d like at any time (regardless of whether or not they “own” the token). There’s nothing in the NBP spec that tells you what the image “should” be, or even allows you to confirm whether something is the “correct” image.

        Reply View 2 replies
      • LegitShady 10 months ago

        I would feel more comfortable if your super promises were all on a blockchain, and we made No Backsie NFTs so people could clearly see these were legitimate and bid on them.

        Reply View 0 replies
[removed] 10 months ago
[deleted]
Reply View 0 replies