That's just ... absurd.
replyThe flaw itself is absurd but then just accepting it as "by design" makes it even worse.
It's also trivially easy to fix. 1 min delete and deploy.
replyI'm guessing it's not trivial to fix without breaking other things? The weakness seems to be that anyone can turn UUIDs into details like email. But I assume this functionality is necessary for other flows so they can't just turn off all UUID->email/profile look ups. And similarly hiding author UUIDs on posts also isn't trivial.
replyConceptually, I agree it should be easy, but I suspect they're stuck with legacy code and behaviors that rely on the current system. Not breaking anything else while fixing this is likely the time consuming part.
This is a rendering artifact, nothing more. If you can tokenize and protect PII on your platform, you can protect PII on your public pages.
reply if (metadata.is_public)
Of course they can fix it, come on.
replyThey can easily withold information they put out intenionally.
The whole point of that comment is that it's not that easy. There are potential side effects and consequences that are difficult to architect around.
replyExcept it is.
replyIf you can't easily architect around it, then don't do what you're trying to do.
"Oh I needed to disclose user data in order to make more money" isn't an acceptable excuse.
You literally don’t know that. Add this to the mammoth file titled “HN comments in which the author makes some completely unsubstantiated technical claim”
replyThis is, as a notion user with public pages, beyond stupid.
replyDon't attribute to stupidity what can be explained by malice.
reply[dead]
replySome CMSs do this in their RSS feeds as well. Can't recall which ones, but seen it.
reply