I don't see an issue, using something like Firebase is what a smart engineer wou...

notoverthere · 2024-09-20T11:14:00 1726830840

I tend to agree with this. Why re-invent the wheel by spending engineering effort building a CRUD backend?

If you're trying to bring value to market, focus on your core differentiator and use existing tooling for your boilerplate stuff.

serial_dev · 2024-09-20T12:15:22 1726834522

It’s the “chrome replacement we have been waiting for”, but (if I read this right), my data is still sent to Firebase? Also it’s a browser, not a “tinder but for cats” startup idea I’m writing for my cousin for a beer.

It’s not only not a smart engineering decision, it’s also a terrible product, reputation and marketing decision.

notoverthere · 2024-09-20T13:35:04 1726839304

I'm not disagreeing about the severity of the security vulnerability that has been uncovered – to be clear, it's an absolute shocker of a bug. It's really disappointing to see.

But I still disagree that the use of Firebase, in and of itself, is a bad engineering decision. It's just a tool, and it's up to you how you use it.

Firebase gives you all features needed to secure your backend. But if you configure it incorrectly, then _that's_ where the poor engineering comes into play. It should have been tested more comprehensively.

Sure. You could build your own backend rather than using a Backend-as-a-Service platform. But for what gain? If you don't test it properly, you'll still be at risk of security holes.

shermantanktop · 2024-09-20T14:44:43 1726843483

> a “tinder but for cats” startup idea

Needs a name. Meowr? Hissr?

duskwuff · 2024-09-20T17:10:44 1726852244

Yowlr. (Which is apparently a dubstep musician.)

nosioptar · 2024-09-21T12:41:51 1726922511

(Dubstep isn't music.)

My cats would use Yowlr.