this post was submitted on 25 Jul 2025
625 points (98.2% liked)
Technology
73287 readers
4007 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That's exactly what hacking is.
'90s hacking movies may have given you a different idea of what cybersecurity looks like, but this is what the real world is like
Also, Google deserves a scolding here. Firebase's default configuration is absolutely atrocious. One of the few critical vulnerabilities I've seen where the system is working as intended. Dubbed the hospital gown vuknerability because they leave the backend wide open by default
I'm going to get on my grumpy old man soapbox. I understand making things idiot proof for end users. End users are idiots. But do we have to make things super safe for developers now too? Do we want to add a warning to rm so we don't accidentally remove the wrong directory?
Any developer who doesn't know to check permissions and accessibility on their database deserves to have their AI vibe coding bot taken away.
I mean this is just writing a script to access a public database, this is not even exploiting a code vulnerability. So there is an area between digital number waterfalls on the screen and accessing a public database which I would consider more of hacking.