Hacker News new | ask | show | jobs
by mschoening 58 days ago
Hi, this is Max from Notion.

First: This is documented and we also warn users when they publish a page. But, that’s not good enough!

Second: We don’t like this and are looking at ways to fix this either by removing the PII from the public endpoints or by replacing it with an email proxy similar to GitHub’s equivalent functionality for public commits.

P.S: Some folks here have speculated that this should be a 1 minute fix. Unfortunately that is not the case. :(
11 comments
aucisson_masque 58 days ago
> P.S: Some folks here have speculated that this should be a 1 minute fix. Unfortunately that is not the case. :(

4 years.

link
blitzar 57 days ago
We have top men working on it right now
link
aucisson_masque 54 days ago
Haha
link
wferrell 58 days ago
Can you share the warning? I made a public page and would say it was not clear to me this was a consequence of doing that. The warning as I remember it (a month ago) makes it sound like the information on this page is going to be public -- not - oh yeah the email addresses of everyone who edited this page will also be leaked.
link
mschoening 58 days ago
When you start contributing to a page you see this:

https://cleanshot.com/share/trYdqYFZ

This is pretty meh. We will deploy more explicit messaging while we mitigate this properly.

link
janalsncm 58 days ago
The warning is too vague. “May become visible” kind of sounds like Notion doesn’t know whether they will become visible or not.
link
halJordan 58 days ago
It's definitely weasel wording. And moreover, it's honestly tiring to constantly have these weasel words carrying such weight, and then jackasses getting bent out of shape that they aren't given the benefit of the doubt anymore.
link
mschoening 56 days ago
Just following up that we've made it more explicit while we work on this:

https://cleanshot.com/share/8yFpGVDQ

link
reddalo 57 days ago
Also, to me, "anyone who can view this page" sounds like "anyone _in this workspace_ that can view this page", not "anyone _on the public web_".
link
nashashmi 58 days ago
Please also especially clarify that IDs of contributors will be public. Meh is good, but this was a bit too simple.

There is a way to mitigate this. Re-hash and cache the page to be meta-less for public URLs. I guess that requires a huge amount of coding for a team that has not built the product from the ground up. But I feel like a "copy and paste" could fix that (remove author data).

link
ktallett 58 days ago
Considering it was reported in 2022, and it is obviously an error, I don't think it is unfair for people here to have expected it to be fixed by now since it was first reported.
link
mschoening 58 days ago
I agree. We will do better.
link
_kl 58 days ago
Can you please share an update when you can? will this be prioritised and fixed or not.
link
cm11 58 days ago
I will speculate that Notion has had more than one minute to fix it.
link
popalchemist 57 days ago
You should explain WHY that is not the case, or else accept that everyone's takeaway about this is that you've KNOWN you've been leaking your users' data for FOUR YEARS and have done nothing about it by CHOICE.
link
dspillett 58 days ago
> P.S: Some folks here have speculated that this should be a 1 minute fix. Unfortunately that is not the case. :(

Ignoring the “the bug was raised four years ago” part and assuming you just mean it isn't as easy as that and might break other things: what other things could resolving this potentially break? If the issue is that the PII needs to be present for private/authenticated views, would not making it unavailable everywhere including there, and fixing that later, be the better option over leaving the PII present for public views for a second longer?

link
account42 49 days ago
For a PII leak like this, why do you think it's OK to wait for "looking at ways to fix this"? It you can't do anything better you shut those endpoints (or whole servers) down IMMEDIATELY and then deal with the fallout afterwards. Your attitude towards this is beyond unacceptable.
link
hluska 58 days ago
This flaw was reported four years ago. Forgive me if I don’t believe a word of what you’re saying.
link
andrelaszlo 58 days ago
While you're here, why is Notion so slow on Firefox? I mean extremely slow.
link
gib444 57 days ago
The answer is usually that the devs only use Chrome.
link
danpalmer 58 days ago
What are you doing to address the process/structural issues that allowed such a privacy issue to get to production?

What are you doing to address the support issues that allowed such a privacy issue to remain after being reported?

What are you doing to address the issues with the company's prioritisation framework that allowed such a privacy issue to remain for 4 years?

Which authorities are you reporting the privacy issue to in line with local requirements?

link
markdown 58 days ago
> P.S: Some folks here have speculated that this should be a 1 minute fix. Unfortunately that is not the case. :(

Nonsense! It is a 1 minute fix. You just don't want to take a $ hit from inconveniencing users by breaking another part of your app.

Pull your thumb out and do the right thing. Implement the 1 minute fix, and then spend the rest of the week or month fixing the other parts of your app that might break as a result of fixing this.

link