all AI news logo
all AI news - Your AI news aggregator
Log in Sign up
all AI news

900 Sites, 125 million accounts, 1 vulnerability

Add to bookmarks
s
March 18, 2024, 6:53 p.m. |

Simon Willison's Weblog simonwillison.net

900 Sites, 125 million accounts, 1 vulnerability


Google's Firebase development platform encourages building applications (mobile an web) which talk directly to the underlying data store, reading and writing from "collections" with access protected by Firebase Security Rules.


Unsurprisingly, a lot of development teams make mistakes with these.


This post describes how a security research team built a scanner that found over 124 million unprotected records across 900 different applications, including huge amounts of PII: 106 million email addresses, 20 million …

applications building data data store development development platform firebase google mistakes mobile platform reading rules security store talk teams vulnerability web writing

Visit resource

More from simonwillison.net / Simon Willison's Weblog

Si
Spam, junk … slop? The latest wave of AI behind the ‘zombie internet’ 23 hours ago | simonwillison.net
ai ethics generativeai internet +7
Si
NumFOCUS DISCOVER Cookbook: Minimal Measures 1 day ago | simonwillison.net
accessibility collection conferences diversity +8
Si
Fast groq-hosted LLMs vs browser jank 1 day, 5 hours ago | simonwillison.net
browser browsers callback every +12
Si
A Plea for Sober AI 1 day, 18 hours ago | simonwillison.net
ai drewbreunig generativeai good +6
Si
AI counter app from my PyCon US keynote 2 days, 3 hours ago | simonwillison.net
ai app artificial artificial intelligence +11
Si
Quoting Patrick Reynolds 2 days, 17 hours ago | simonwillison.net
building change codebase data +2
Si
Understand errors and warnings better with Gemini 2 days, 20 hours ago | simonwillison.net
ai applications chrome chrome devtools +23
Si
Commit: Add a shared credentials relationship from twitter.com to x.com 2 days, 22 hours ago | simonwillison.net
apple json manager password +5
Si
Quoting Kelsey Piper 2 days, 23 hours ago | simonwillison.net
agreement ai document employee +6

Jobs in AI, ML, Big Data

Post a Job Search Talent

Software Engineer for AI Training Data (School Specific)

@ G2i Inc | Remote
View on ai-jobs.net

Software Engineer for AI Training Data (Python)

@ G2i Inc | Remote
View on ai-jobs.net

Software Engineer for AI Training Data (Tier 2)

@ G2i Inc | Remote
View on ai-jobs.net

Data Engineer

@ Lemon.io | Remote: Europe, LATAM, Canada, UK, Asia, Oceania
View on ai-jobs.net

Artificial Intelligence – Bioinformatic Expert

@ University of Texas Medical Branch | Galveston, TX
View on ai-jobs.net

Lead Developer (AI)

@ Cere Network | San Francisco, US
View on ai-jobs.net