Tried today, for the first time, to delete an old app that I used to get familiar with the Bubble.io platform about a year ago. When clicking the delete button, a popup appeared saying that the action was permanent and that there is NO WAY to recover the application once it’s gone. I entered the app name and clicked the final red delete button. That’s it, the app was gone. No record of it ever existing, apparently no grace period, and no way to recover it.
This scared me. There’s an app in my portfolio that I’ve literally spent thousands of hours building. It appears it could be deleted in 10 seconds, no questions asked and no additional validation. Not even a password, or a 2FA.
Now, to my question: Is it really that simple to wipe out the existence of an app? If someone with malicious intent got access to my Bubble.io account, could they really permanently delete all that data for thousands of users, all that work, permanently, with no route for recovery whatsoever, by clicking two buttons and typing less than 10 characters?
Honestly, I’m freaking out. If that is the case, does anyone know of a way to protect the data and content, to keep a copy that will always be out-of-reach or in some way recoverable?
First, you can add 2FA to your account. Second, you can copy the app and send it to another account that you own!
But right, I believe that there should be a protected status for apps that you want to keep protected, which would make it much more difficult for it to delete.
I already have 2FA enabled. I believe 2FA for your Bubble account can be enabled with any plan. If you want to add Google Auth 2FA to your app, however, you would need the Production plan.
@building4stripe, from the perspective of anyone here in the forum, a deleted app is gone forever with no way to recover it, and only Bubble would be able to tell you if that isn’t actually the case.
The above being said (and I mean no offense here, of course), I think your logic is a bit flawed, and it really doesn’t seem necessary to freak out.
Your app isn’t being deleted with no questions asked and no validation. You are describing a situation where a bad actor has gotten your account password and has access to your 2FA device. At that point, it probably doesn’t matter what the process is for deleting an app because you’re pretty much screwed. How would adding another password or a longer process help? Again, the bad actor has access to your account and your mobile device. So, I am genuinely curious, what additional security would you put in place to stop someone who has full access to your account (in other words, the person is essentially you at that point) from deleting an app?
Don’t get me wrong, I have multiple apps where it would be disastrous for me if they were deleted, but I have never given it a second thought, and who knows, maybe I am missing the boat by not freaking out. I don’t think so, though.
@mikeloc Bubble is advertising itself as a scalable platform, a platform on which you could run a VC-funded startup. No matter how unlikely it is for a bad actor to get access to a 2FA-enabled account, the (apparent) fact that it is possible to wipe out a product with any number of users in 10 seconds without any backup or other recourse… Even something as simple as a Twitter account can be recovered for 30 days. So to answer your question, what security measures would I suggest:
Always keep a deleted app recoverable for at least a week.
Allow users to add admins that would have to approve the deletion of an app.
Ability for one admin to lock out a compromised account.
Require a backup code to make material changes.
These precautions wouldn’t have to be enabled by default, but they should exist to prevent a worst-case-scenario for businesses like ours with hundreds of thousands, or even millions, of dollars in funding. I understand that lesser security precautions are necessary for most apps, but the fact that I could delete an app that’s been developed over thousands of hours just as easily as an app I played around with for 1 hour, it’s just not right.
In reality, Bubble does backups on a regular basis. In the worst case scenario, in this specific catastrophic situation, a simple call to Bubble will fix the problem. This has never happened so far, at least publicly. Bubble doesn’t erase things, it takes too long. It takes them days or weeks imo. So yes, there is a second change
Agree with you here. Though the scenario is unlikely, it’s frightening to think there is no failsafe.
For any app on a paid plan, I would be much more comfortable if Bubble sent a confirmation email prior to deletion, and also delayed the deletion for some period, like a week.
I’ve emailed Bubble support to get more details on their security policies. Got a reply that they will gather some details and get back to me. Will let you all know when I hear from them
“Thank you so much for your patience here. While the app deletion is permanent, as you’ve noted in your post, protecting your application from deletion can be approached from an account security perspective. So long as you keep your 2FA safe and do not share account credentials with anyone, there should be no reason for someone to access your account.
I’ve forwarded the feedback you share in your forum post with our Product team for them to consider adding confirmation steps to the process in addition to the DANGERZONE confirmation.”
That confirms my fears that the security precautions are in fact minimal.
