Comment by rakoo

Comment by rakoo 10 months ago

1 reply

View on Hacker News

> it's very easy to misconfigure, but basic security practices like these are highlighted in bright, bold warning text in the Firebase docs.

I'm sorry but if the whole design is "one big database shared with everyone and we must manually configure the database for auth" there is a problem that's deeper than just having to read the doc. It means the basic understanding of what it means to keep data as private as possible is not understood. A shared database only works when the server accesses it, not when client has direct access.

What Arc needs is to segregate each user's data in a different place, in the design of the database, not as part of configuration of custom code. Make it impossible to list all user's data, or even users. When, not if, an id is guessed, related data becomes accessible by someone else; make it so that someone else still can't read it, or can't replace it.

esperent 10 months ago

Also how does this work legally with regards to data sovereignty? Is it just a case of hoping nobody notices/complains?

Reply View 0 replies