acaptutorials · acaptutorials · Feb 7, 2025 · Feb 7, 2025 · Feb 7, 2025
diff --git a/docs/pages/announcements/firebase-storage-2024.mdx b/docs/pages/announcements/firebase-storage-2024.mdx
@@ -133,11 +133,15 @@ _All Firebase components service usage (including those not used by ACAP) will o
 <FAQBox title="Are there security considerations that I should be aware of?">
 <div id="security-considerations" />
 
-Yes. <u>Some of the latest core deliverables</u> implemented for ACAP in its [2.0](/changelog/#version-2-acap-20) version **introduced security flaws** not present in the initial ([1.0](/changelog/#version-1-acap-10)) version, which had strictly followed [security guidelines](/security) and adhered to best practices in web development security, effectively preventing these issues. Based on the following criteria, the new security flaws introduced in version 2.0 resulted in a **60% reduction in the established security from version 1.0**.
+Yes. <u>Some of the latest core deliverables</u> implemented for ACAP in its [2.0](/changelog/#version-2-acap-20) version [**introduced security flaws**](/changelog#acap-2-security-debts) not present in the initial ([1.0](/changelog/#version-1-acap-10)) version, which had strictly followed [security guidelines](/security) and adhered to best practices in web development security, effectively preventing these issues. Based on the following criteria, the new security flaws introduced in version 2.0 resulted in a **60% reduction in the established security from version 1.0**.
+
+<Callout>
+> "With ACAP 2.0+, the <u><b>new main code Maintainer</b></u> introduced a more flexible Firestore database approach to speed up development. While this improved iteration speed, it also loosened security rules, introducing concerns not present in version 1.0. <u><b>The same Maintainer</b></u> is aware of these trade-offs and is the <u>best point of contact for security improvements</u>, as they have the <u>most insight into the changes and potential fixes</u>".
+</Callout>
 
 | Criteria | Purpose | ACAP [1.0](/changelog/#version-1-acap-10) | ACAP [2.0](/changelog/#version-2-acap-20) |
 | --- | --- | :---: | :---: |
-| User authentication | Authorized, allowed, and predictable operations access to resources | ✅ | ✅  |
+| User authentication | Authorized, allowed, and predictable operations access to resources | ✅ | ✅ |
 | Cross-Site Scripting (XSS) Protection | <u>Predictable billing</u>, reliable/authentic website information, <u>user information confidentiality</u>, predictable data manipulation / SMS sending, protection for <u>unvalidated writes that allow tampering with stored data</u>, impacting system reliability, protection for <u>injecting malicious scripts</u> that <u>steal user info</u> or <u>redirect users to phishing sites</u> (and protection for other uncontrolled scenarios that stem from XSS) | ✅ | ❌ |
 | Cloud storage protection | Authorized, allowed, and predictable operations access to storage, <u>predictable billing</u> | ✅ | ✅ |
 | Database integrity | Accuracy, consistency, and <u>reliability</u> of data stored in a database and presented to users | ✅ | ❌ |
@@ -183,7 +187,7 @@ Before activating a paid Firebase subscription, consider whether unresolved [ACA
    ```
 
 For more details, see [ACAP Security Technical Debts](/changelog/#acap-2-security-debts).
-If these issues with specific information (available at [[1]](https://github.com/amia-cis/acap-v2/issues/57) and [[2]](https://github.com/amia-cis/acap-v2/issues/34)) remain unaddressed, it may be beneficial to consult the lead ACAP programmer responsible for designing and implementing [ACAP 2.0](/changelog/#version-2-acap-20) before activating a paid Firebase subscription.
+If these issues with specific information (available at the (private) parent **acap-v2** GitHub Repository Issues list [[1]](https://github.com/amia-cis/acap-v2/issues/57) and [[2]](https://github.com/amia-cis/acap-v2/issues/34)) remain unaddressed, it may be beneficial to consult the <u><b>new ACAP Maintainer</b></u> who is also the <u><b>lead ACAP programmer</b></u> responsible for designing and implementing [ACAP 2.0](/changelog/#version-2-acap-20) before activating a paid Firebase subscription.
 
 Key topics to discuss include:
 
@@ -195,7 +199,7 @@ Key topics to discuss include:
 - **Review the Firestore security rules** to restrict direct database writes.
 - **Check for XSS vulnerabilities** in crop recommendations and apply sanitization.
 - **Monitor database writes** for unstructured or excessive storage.
-- **Consult the lead ACAP programmer responsible for implementing the core [version 2.0+](/changelog/#version-2-acap-20)** deliverables for current mitigation strategies and planned fixes.
+- **Consult the <u>new ACAP Maintainer</u> who is also the <u>lead ACAP programmer</u> responsible for implementing the core [version 2.0+](/changelog/#version-2-acap-20)** deliverables for current mitigation strategies and planned fixes.
 </Callout>
 
 <Callout type="info">