Starting October 1, passengers on most Delta will have free access to WhatsApp, Facebook Messenger and iMessage. To access the feature, a passenger will have to log into Delta’s in-flight wifi portal powered by Gogo. This is first time an airline has offered such a service throughout its fleet.
Traditional SMS messages will not work. Only the aforementioned mobile messaging services are supported at launch and users will not be able to send videos or pictures. Passengers are, thankfully, not able to use this service to live stream from their flight.
I fly a lot and this is a significant free service to me. Over countless flights, I purchased a costly Gogo internet package just to use iMessage. Most of the time in a flight I don’t want to check my email or Slack or Twitter. When flying I want some me time, but sometimes, it’s also nice to just chat with some friends and now that can be done for free.
Even before this, there was some hacks and workarounds to let users access these services without paying. Not that I’m the sort of guy to exploit such loopholes.
September 27, 2017 / Comments Off on Delta to offer free in-flight use of WhatsApp, Facebook Messenger and iMessage
Adding an extra layer of security to your online accounts is a fundamental step to protect your digital life from hackers, but what’s the point if the new methods are just as vulnerable as the old ones?
It’s a question some Twitter users are asking after discovering that the two-factor authentication on their accounts isn’t as secure as it seems.
But let’s back up for a second. No matter who you are, having your Twitter hacked would be a major bummer. In the case of political figures like Donald Trump, however, a hijacked account means more than just a headache — think of the havoc a fake policy pronouncement could wreak?
And so it was welcome news back in 2013 when Twitter rolled out two-factor authentication (2FA) to all of its users. This added layer of security allows users to protect their accounts, even if their passwords had been stolen, by requiring a second login credential sent via text message.
Great, right? Well, kinda.
While SMS-based 2FA does provide additional protection, there’s a big problem with it. Namely, SMS itself isn’t secure. A flaw in what is known as Signaling System 7 protocol (SS7) — something that allows different phone carriers to communicate back and forth — means that hackers can redirect texts to practically any number they want.
That means your SMS verification code could end up being sent directly to the cellphone of your hacker.
And this is not just theoretical. In January, reports Ars Technica, a group of criminals exploited this flaw to snatch victims’ SMS 2FA verification codes and drain their bank accounts.
So, with text-based 2FA known to have a security hole so large you could drive a truck through it, Twitter helpfully introduced additional ways to set up 2FA. Users who already have access to their accounts via the Twitter mobile app can use something called a login code generator, but as this requires already being logged in on mobile, it doesn’t help if you’re signed out.
The other method, a 3rd-party authenticator app, offers a better option. These apps, like Google Authenticator, generate a number sequence on your phone as your verification code — no vulnerable text message required.
Problem solved, right?
Not so fast. Because here’s the thing, even with an authenticator app enabled Twitter still sends out SMS verification codes. That’s right, the people that have taken the extra step to secure their Twitter accounts with an authenticator app — arguably the people most concerned about having their accounts hacked — are still just as vulnerable as those who rely on SMS-based verification codes.
And this has not gone unnoticed.
@Twitter please explain what the point of developing & supporting proper secure 2FA was when we don’t have the option to disable the SMS?
Users are rightly wondering what’s the point of having a 3rd-party authenticator app set up if Twitter still sends out text messages with the codes.
Twitter, for its part, is staying silent on the matter.
We reached out to the company and exchanged multiple emails with numerous employees who all categorically refused to explain if there was any way to disable SMS-based 2FA verification codes while maintaining a 3rd-party authenticator app, as well as why that would be the case.
One spokesperson simply responded the company had “nothing to share on our 2FA beyond what’s in our help center.” To be clear, the help center does not address this issue.
What about just deleting your phone number from your Twitter account? Then it can’t send you texts, right? Go ahead, but then you can no longer use the 3rd-party authenticator app.
The company, through spokespersons, also refused to comment on the SS7 exploit rendering SMS vulnerable to hackers.
Why this matters
For the average Twitter user, a text message-based verification code — despite its flaws — is a great added layer of security. However, as demonstrated by the criminals that emptied bank accounts in January, a determined hacker can bypass this security measure.
And maybe this is just a bug affecting some users’ accounts, and not each and every one of Twitter’s users with 3rd-party 2FA apps. Twitter’s refusal to discuss the matter, however, means we don’t know.
For you and me, this might not be that big of a deal at the end of the day. For celebrities, politicians, and members of the Silicon Valley elite? Well, that’s a different matter — and it’s one that Twitter should quickly address.
June 16, 2017 / Comments Off on Twitter’s 2-factor authentication has a serious problem
Microsoft’s name isn’t exactly synonymous with social networking, though that hasn’t stopped the company from finding angles into this space – generally, with more of a focus on the business side of socializing, as with its LinkedIn and Yammer acquisitions. It’s own efforts in social, meanwhile, have failed, as with last month’s shuttering of its social network for students, Socl.
Now the company is giving social another shot with a new iMessage app called “Who’s In,” aimed at helping friends plan events and other outings, like movie dates, dinners out, visits to nearby attractions, and more.
The app, which just launched today on the iMessage App Store, does not have an iPhone or iPad version at this time – it can only be accessed via iMessage.
When you first launch the app, it asks you to select an activity: “Eat and drink,” “Watch a movie,” “Visit an attraction,” or “Create your own.”
After choosing one of the options, Who’s In then leverages Microsoft’s search engine Bing for its suggestions of things to do – like area restaurants or movie showtimes, for example. These appear after you consent to sharing your location with the app.
With a few more taps you enter the other details, like the event time, or – in the case of a custom event – the location, name, and a description.
The app will the create a custom card for your event, designed for texting, which includes a thumbnail image with the location and the time. The images the app uses are generic, however, as you can see in the above example. That’s disappointing in terms of the overall experience.
Recipients can tap on this card and then tap a thumbs up button to indicate they’re “in” or the thumbs down to indicate they’re “out.” (Hence the app’s name.)
What’s also useful is that the app offers a way for the event’s organizer to enter in multiple dates/times, allowing Who’s In to serve as a sort of group polling app.
This addresses one of the common struggles of organizing outings via iMessage – there’s often a lot of back and forth chatter about what time everyone wants to do the thing being discussed. With Who’s In, you can instead send out the event’s card and collect votes.
One funny thing to note about Who’s In is that Google years ago launched its own social app aimed at getting friends together to hang out. Its name? Who’s Down. That app was eventually shut down for lack of use.
That said, Microsoft’s app (also not to be confused with this indie app of the same name) seems like a handy addition for anyone who spends a lot of time in SMS and iMessage chats making plans with friends.
Unfortunately, with the way the app integrations in iMessage have been designed, it’s still overly cumbersome to find apps, and use them after installation. This has led to slowing growth in the store, according to one third-party report, as well as complaints from developers and pundits alike about the iMessage store’s design issues. These concerns are valid, and will likely impact the adoption of Microsoft’s Who’s In app, too.
We should note, too, that this is not Microsoft’s first entry into the iMessage App Store, nor even its first social app for iMessage.
The company already launched iMessage apps for OneDrive, Yammer, and Bing, plus a Halo stickers app, and a similarly focused event planning app, called #MovieDate. This latter app, as the name implies, is only for movies, and it has a dating focus.
Want to remember to tell a friend happy birthday, good luck or congratulations? Had a follow-up question for a client that just occurred to you at 1 AM? Want to write a heartfelt thank you to be texted at a later date? Unfortunately, neither SMS nor most messaging apps – including iMessage – allow you to draft a text in advance and schedule it to be sent out on a later date. But a new iOS application called Scheduled can help.
To be clear, the app does not actually schedule texts for automatic sending.
For that, you’d need to hack your iPhone and use one of the jailbreak apps instead. Apple does not allow for this functionality, officially.
What Scheduled does is offer an App Store-approved workaround for scheduling texts.
The app itself is simple and straightforward to use.
You first select the person you want to text from your Contacts, then write the text you want to send and select the time you want to be reminded to send the text. When that time rolls around, Scheduled sends you a push notification so you can return to the app to send the text.
After sending, a quick swipe will delete the reminder from the app’s queue.
Scheduled isn’t only for SMS or iMessage, however – it also supports messaging apps like Telegram, WhatsApp, Messenger, Twitter, and it allows you to copy the message’s text to paste it into any other app of your choice. It can be used for reminding you of emails or phone calls, too.
Further down the road, Scheduled plans to add support for LinkedIn and Slack, and it will roll out a few tweaks to the sending flow, Apple Watch integration, and Android support at some point.
To be fair, there are other text message scheduling apps on the App Store, but Scheduled’s interface is clean and modern, compared with those I’ve seen previously.
compose message – text – en@1x
overview – text – en@1x
send with – text -en@1x
The app itself is a product from Brthrs Agency, a digital agency just outside Amsterdam in The Netherlands, which does a combination of client work and startupinvesting. The team, which consists of Sebastiaan Kooijman and Robert Keus, tells TechCrunch that Scheduled is currently a bootstrapped company project. They’re considering making it a startup of its own, if it achieves traction.
The team says the plan to make money is to charge $0.99 if you want to add four or more messages to the queue.
Of course, many users are already asking for auto-send functionality following the app’s launch a few days ago, but this is not something that Apple permits.
“We are investigating the options [for auto-send],” says Keus, “but it’s hard from a technical perspective. And our concept is to support people to be thoughtful,” he adds. “When we have auto-send then people can act like robots.”