all AI news logo
all AI news - Your AI news aggregator
Log in Sign up
all AI news

900 Sites, 125 million accounts, 1 vulnerability

Add to bookmarks
s
March 18, 2024, 6:53 p.m. |

Simon Willison's Weblog simonwillison.net

900 Sites, 125 million accounts, 1 vulnerability


Google's Firebase development platform encourages building applications (mobile an web) which talk directly to the underlying data store, reading and writing from "collections" with access protected by Firebase Security Rules.


Unsurprisingly, a lot of development teams make mistakes with these.


This post describes how a security research team built a scanner that found over 124 million unprotected records across 900 different applications, including huge amounts of PII: 106 million email addresses, 20 million …

applications building data data store development development platform firebase google mistakes mobile platform reading rules security store talk teams vulnerability web writing

Visit resource

More from simonwillison.net / Simon Willison's Weblog

Si
Quoting Moxie Marlinspike 16 hours ago | simonwillison.net
ai black box box build +8
Si
Quoting Dana Mattioli 20 hours ago | simonwillison.net
access amazon competitors dana +9
Si
Food Delivery Leak Unmasks Russian Security Agents 1 day, 12 hours ago | simonwillison.net
agents april bellingcat data +18
Si
Quoting Alex Jason, via Adam Savage 2 days ago | simonwillison.net
adam alex difference jason +4
Si
Quoting James Betker 2 days, 9 hours ago | simonwillison.net
clear dataset datasets every +6
Si
Blogmarks that use markdown 2 days, 10 hours ago | simonwillison.net
blog blogging commentary djangosqldashboard +6
Si
No, Most Books Don't Sell Only a Dozen Copies 2 days, 10 hours ago | simonwillison.net
antitrust book books lawsuit +6
Si
Snowflake Arctic Cookbook 2 days, 11 hours ago | simonwillison.net
ai apache architecture arctic +15
Si
Quoting Cherlynn Low 2 days, 23 hours ago | simonwillison.net
ai ai pin generativeai hey +9

Jobs in AI, ML, Big Data

Post a job on ai-jobs.net Find talent on ai-jobs.net

Data Architect

@ University of Texas at Austin | Austin, TX
View on ai-jobs.net

Data ETL Engineer

@ University of Texas at Austin | Austin, TX
View on ai-jobs.net

Lead GNSS Data Scientist

@ Lurra Systems | Melbourne
View on ai-jobs.net

Senior Machine Learning Engineer (MLOps)

@ Promaton | Remote, Europe
View on ai-jobs.net

Principal Applied Scientist

@ Microsoft | Redmond, Washington, United States
View on ai-jobs.net

Data Analyst / Action Officer

@ OASYS, INC. | OASYS, INC., Pratt Avenue Northwest, Huntsville, AL, United States
View on ai-jobs.net
View more jobs