> Don't they have any sort of vulnerability assessment or security code review?
I bet people just don't realize that the frontend code could end up being a source of major data confidentiality vulnerability. The threat modeling, auditing etc. usually just concentrates on attack scenarios involving the backend to save money and keep frontend development a bit lighter on the security review process side.
Does not make it excusable of course, just means their threat modeling was inadequate. But probably explains how this was able to sip into production.
I dunno, you don’t need to be particularly concerned with security to understand that you do not need a facebook tracking pixel on your ‘paying customer’ UI.
Facebook will be pitching to your Marketing folks that's exactly where you need it.
Facebook want data on what actions users took before signing up, which users actually signed up and started paying, and how that relates to revenue. This UI is exactly where they can determine these types of actions.
Whether this actually makes Facebook better at marketing or not is a good question.
That's why it's a killer mistake to let "marketing folk" dictate _anything_ that has to do with the app. They can suggest, but not dictate. If this points to anything it'd the dysfunctional development process at Backblaze.
I bet people just don't realize that the frontend code could end up being a source of major data confidentiality vulnerability. The threat modeling, auditing etc. usually just concentrates on attack scenarios involving the backend to save money and keep frontend development a bit lighter on the security review process side.
Does not make it excusable of course, just means their threat modeling was inadequate. But probably explains how this was able to sip into production.