There are a lot of major security vulnerabilities in the world that were made un...

endigma · 2024-09-20T03:07:40.000000Z

Also, firebase? seriously? this is a company with like, low level software engineers on payroll, and they are using a CRUD backend in a box. cost effective I guess? I wouldn't even have firebase on the long list for a backend if I were architecting something like this. Especially when feature-parity competitors like Supabase just wrap a normal DBMS and auth model.

aaomidi · 2024-09-20T02:52:28.000000Z

You’d think that a company shipping a browser would pay a little more attention to security rules.

Also, shame on firebase for not making this a bit more idiot proof.

And really? $2500? That’s it? You could’ve owned literally every user of Arc… The NSA would’ve paid a couple more zeros on that.

nemomarx · 2024-09-20T03:03:02.000000Z

Are there a lot of Arc users? It seems like a pretty niche browser even compared to other niches.

viraptor · 2024-09-20T06:48:32.000000Z

Lots of developers and power users make a good chunk of Arc's use base. If you're after some interesting credentials then "every Arc user" is a perfect group with little noise.

nicce · 2024-09-20T06:51:04.000000Z

> power users

Not that many. Most power users don't like to be forced for logging in, before they are able to use the browser.

sulandor · 2024-09-20T07:10:17.000000Z

confirmed

i don't even like logging in WHILE using the browser and have never heard of arc

shepherdjerred · 2024-09-20T04:12:49.000000Z

Having arbitrary browser access would be pretty valuable, even for just a small number of users.

Thorrez · 2024-09-20T06:32:24.000000Z

The page says $2,000.