[π] Today Was #152: Developer Horror Special: DB Overwrite and Password Exposure
β¨ Gemini 2.5 Pro Summary γ
A day when horror-special incidents like a DB overwrite and password exposure taught me again how scary development can be.
- Original: http://blog.naver.com/hyeogikarp/223955198682
- Naver published at: 2025/08/01 16:07 KST
- Original category: Todayβs Verification
Original
ποΈ Date: 2025.7.31 Thu
Goals: 1/1
Tasks: 1/1
Habits: 3/3
Bets: 2
π-π― Goal Management Routine System
Lifetime Goals
-
[Life RPG]
-
π― Reach more than 1 million monthly active users (MAU)
Goals for 2025
-
[Life RPG] (liferpg.online)
-
π― 2025.07 Complete the Life RPG proposal draft -
π― Temporary roadmap (not confirmed): Develop at least 5 apps (modules) built into the Life RPG platform
-
π― 2025.08 Gurumiya -
A gamification app that saves academy/PT lesson records, accumulates experience, and levels up through attendance checks and homework.
-
π― 2025.09 Oharu (Today Was) -
A daily gamification app with an internal SNS feature for setting todayβs goal and sharing completion with friends.
-
π― 2025.10 Pianolic -
A music gamification app that manages piano performance records and collects practiced songs and albums.
-
π― 2025.11 Running Party -
A running gamification app that tracks running records and provides a matching feature for running with nearby users.
-
π― 2025.12 Auto Vibe -
An educational gamification app that collects tips and lectures on automation tools and vibe coding and presents learning guidelines tailored to the userβs purpose.
-
π― 2026.01 Open Life Store -
Officially opening the Life Store, the core of the platform. Users can purchase app access rights in the store, and developers can register new apps.
-
π― 2026.02 Preliminary Startup Package Challenge -
Challenge the government-supported Preliminary Startup Package to verify business feasibility and secure support for the platformβs growth and stable operation.
-
[Gurumiya]
-
π― Creating a B2B model with SaaS (administrator/teacher focused updates)
-
π― Register on App Store/Play Store
-
π― Adding B2C elements to B2B model: Integrated management of data between all lesson organizations (student-oriented updates)
-
[Health]
- π― Lose 10 kg (85kg β 75kg)
Goals for August
-
[Life RPG] (liferpg.online)
-
π― Draft the Life RPG proposal
-
π― Platform-related business and revenue model design
-
π― Consider B2B conversion
-
π― Market research: planning plan, apps to be included, business and revenue model related, β¦ (+ AI)
-
π― Core hypothesis verification: Collection of materials related to gamification efficacy
-
π― survey
-
π― Organize content in Notion Workspace
-
[Gurumiya]
-
π― Creating a B2B model with SaaS (administrator/teacher focused updates)
-
π― Register on App Store/Play Store
-
[Health]
-
π― Lose 2.5 kg (84.5kg β 82.0kg)
Goals for the Fourth Week of July
-
[Life RPG] (liferpg.online)
-
None
-
[Gurumiya]
-
π― Change in direction to SaaS
-
π― Completion of organization management system
-
[Health]
-
π― Lose 0.5 kg (85.0kg β 84.5kg)
Todayβs Goal (β οΈ Required)
- β Gurumiya: Emulator -> production
π-π Task Management Routine System
Todayβs Tasks (β οΈ Required)
- β Write 2 blog reviews
[restaurant] Bricks5221 Beer, a Sinchon bar with delicious pizza
The restaurant I am introducing today is Bricks5221 beer house, where pizza is absolutely delicious. The ownerβs cuteness stands out from the entranceβ¦
blog.naver.com
[restaurant] Sinchon restaurant Frozen pork belly restaurant Sinchon Smile Samgyeop
The restaurant I am introducing today is Sinchon Smile Samgyeop, a frozen pork belly restaurant. Itβs amazing to eat a highball with meat againβ¦ β¦
blog.naver.com
π-βΎοΈ Habit Management Routine System
Todayβs Habits
-
β Strength: at least one strength I discovered in myself today
-
Even when I face major difficulties, I do not give up and keep clinging to the problem until I solve it.
-
β Gratitude: at least one thing I was grateful for today
-
I am grateful to precious people who understand my foolish mistakes
-
β Routine: check todayβs goal / tasks / habits
π-πΈ Bet Management Routine System
Ongoing Bets (β οΈ Required)
-
~2025.8.2 πΈ Fine: 50,000 won (advance deposit) -
Achieve a weight of 84.5 kg
-
2025.7.26: 86.2Kg
-
2025.7.27: 86.8Kg (+0.6)
-
2025.7.28: 85.7Kg (-1.1)
-
2025.7.29: 85.0Kg (-0.7)
-
2025.7.30: 84.5Kg (-0.5)
-
2025.8.1: 85.0Kg (+0.5)
-
π Success Reward: None
-
~2025.8.15 πΈ Fine: 50,000 won -
Converting an organization-specific service (iD Diary) to a SaaS service (Gurumiya)
-
Apply for review on App Store/Play Store
- π Success Reward: Magikarp figure
π€ Brief reflection
Wow⦠I really felt a chill down my spine today.
In the process of deploying the Firebase Emulatorβs local DB to the production DB, an unexpected mistake occurred.
I made the rare mistake of forcibly resetting all Auth passwords to temporary passwords (for example, βtemp1234β).
The problem was that I was taking my eyes off Claude Code because I felt a little sleepy.
I never imagined this damn thing would secretly plant such terrible code without me noticing.
Fortunately, there were past backups, so it was possible to restore all but 10% of users. However⦠the remaining 10% of users were forced to change their passwords.
I was so devastated that something like this was possible.
When I made a huge fuss at Claude, blaming it and telling it to put everything back, the model that normally would never write forced password-reset code, saying he couldnβt write it for security reasons, obediently wrote the code.
Hmm, I guess I also learned about conscience. (β¦Huh? Found a loophole?)
And there was one more thing that shocked me.
There is a sign-up approval process, but the password entered by the user is displayed in the sign-up approval DB.
I freaked out. Claude knows enough to understand that security matters, so how could it write such unhinged code?
I hurriedly deleted the entire password field and modified the code to only authenticate with Auth, but I felt dizzy.
What if this had been leaked due to a security loophole�
Ughβ¦
Dealing with data is not easyβ¦
If I had given instructions on how to handle certain data in exactly what way, even this damn Claude wouldnβt have written code like thatβ¦
Itβs my faultβ¦
Leave a comment