Securing Firebase: Preventing administrators from being able to see all users' data in the Forge?

Question

I'm building an app that stores users' potentially-private notes. It's a little weird to me that I can just go into the Firebase Forge UI and look up anything which anyone has written, and it also means that anyone who somehow gains access to my Firebase account can then go in and select "Export JSON" to get all of my users' data.

Obviously I am careful with my account and am a scrupulous human being, but it generally seems like good practice for administrators to not have access to all of our users' data.

The only way I can think of to accomplish this would be to store everything in stringified JSON that has been encrypted by the user's password, but that obviously makes dealing with Firebase much more annoying, and would prevent granular access to data below the point at which things are stringified and encrypted.

---

Edit: This is, on second thought, not specific to Firebase, but is the case with most/all data stores unless you go out of your way to make it otherwise.

Answer 1

The only way to guarantee information security is to hand roll your own encryption on the server. You could host your firebase connectivity server-side and have your user send the data to that via SSL and from there do your encryption and then use the SSL address of firebase to store.

On the clientside, things are suspect to CSS attacks. If you really want to go down this route you can use js encryption from this lib: http://code.google.com/p/crypto-js/. Note that crpto-js works well in isolation but you will also need to be sure your webpages are not tampered with (quite hard to do IMOP, cause you don't know whats infected the users machine)