Password bypass flaw in Western Digital My Cloud drives puts data at risk

Password bypass flaw in Western Digital My Cloud drives puts data at risk
A security researcher has published details of a vulnerability in a popular cloud storage drive after the company failed to issue security patches for over a year.
Remco Vermeulen found a privilege escalation bug in Western Digital’s My Cloud devices, which he said allows an attacker to bypass the admin password on the drive, gaining “complete control” over the user’s data.
The exploit works because drive’s web-based dashboard doesn’t properly check a user’s credentials before giving a possible attacker access to tools that should require higher levels of access.
The bug was “easy” to exploit, Vermeulen told TechCrunch in an email, and was remotely exploitable if a My Cloud device allows remote access over the internet — which thousands of devices do. He posted a proof-of-concept video on Twitter.
Details of the bug were also independently found by another security team, which released its own exploit code.
Vermeulen reported the bug over a year ago, in April 2017, but said the company stopped responding. Normally, security researchers give 90 days for a company to respond, in line with industry-accepted responsible disclosure guidelines.
After he found that WD updated the My Cloud firmware in the meanwhile without fixing the vulnerability he found, he decided to post his findings.
A year later, WD still hasn’t released a patch.
The company confirmed that it knows of the vulnerability but did not say why it took more than a year to issue a fix. “We are in the process of finalizing a scheduled firmware update that will resolve the reported issue,” a spokesperson said, which will arrive “within a few weeks.”
WD said that several of its My Cloud products are vulnerable — including the EX2, EX4 and Mirror, but not My Cloud Home.
In the meantime, Vermeulen said that there’s no fix and that users have to “just disconnect” the drive altogether if they want to keep their data safe.

Source: Gadgets – techcrunch

6 million users had installed third-party Twitter clients

6 million users had installed third-party Twitter clients

Twitter tried to downplay the impact deactivating its legacy APIs would have on its community and the third-party Twitter clients preferred by many power users by saying that “less than 1%” of Twitter developers were using these old APIs. Twitter is correct in its characterization of the size of this developer base, but it’s overlooking millions of third-party app users in the process. According to data from Sensor Tower, six million App Store and Google Play users installed the top five third-party Twitter clients between January 2014 and July 2018.

Over the past year, these top third-party apps were downloaded 500,000 times.

This data is largely free of reinstalls, the firm also said.

The top third-party Twitter apps users installed over the past three-and-a-half years have included: Twitterrific, Echofon, TweetCaster, Tweetbot and Ubersocial.

Of course, some portion of those users may have since switched to Twitter’s native app for iOS or Android, or they may run both a third-party app and Twitter’s own app in parallel.

Even if only some of these six million users remain, they represent a small, vocal and — in some cases, prominent — user base. It’s one that is very upset right now, too. And for a company that just posted a loss of one million users during its last earnings, it seems odd that Twitter would not figure out a way to accommodate this crowd, or even bring them on board its new API platform to make money from them.

Twitter, apparently, was weighing data and facts, not user sentiment and public perception, when it made this decision. But some things have more value than numbers on a spreadsheet. They are part of a company’s history and culture. Of course, Twitter has every right to blow all that up and move on, but that doesn’t make it the right decision.

To be fair, Twitter is not lying when it says this is a small group. The third-party user base is tiny compared with Twitter’s native app user base. During the same time that six million people were downloading third-party apps, the official Twitter app was installed a whopping 560 million times across iOS and Android. That puts the third-party apps’ share of installs at about 1.1 percent of the total.

That user base may have been shrinking over the years, too. During the past year, while the top third-party apps were installed half a million times, Twitter’s app was installed 117 million times. This made third-party apps’ share only about 0.4 percent of downloads, giving the official app a 99 percent market share.

But third-party app developers and the apps’ users are power users. Zealots, even. Evangelists.

Twitter itself credited them with pioneering “product features we all know and love,” like the mute option, pull-to-refresh and more. That means the apps’ continued existence brings more value to Twitter’s service than numbers alone can show.

Image credit: iMore

They are part of Twitter’s history. You can even credit one of the apps for Twitter’s logo! Initially, Twitter only had a typeset version of its name. Then Twitterrific came along and introduced a bird for its logo. Twitter soon followed.

Twitterrific was also the first to use the word “tweet,” which is now standard Twitter lingo. (The company used “twitter-ing.” Can you imagine?)

These third-party apps also play a role in retaining users who struggle with the new user experience Twitter has adopted — its algorithmic timeline. Instead, the apps offer a chronological view of tweets, as some continue to prefer.

Twitter’s decision to cripple these developers’ apps is shameful.

It shows a lack of respect for Twitter’s history, its power user base, its culture of innovation and its very own nature as a platform, not a destination.

P.S.:

twitterrific

Source: Mobile – Techcruch

Twitter company email addresses why it’s #BreakingMyTwitter

Twitter company email addresses why it’s #BreakingMyTwitter

It’s hard to be a fan of Twitter right now. The company is sticking up for conspiracy theorist Alex Jones, when nearly all other platforms have given him the boot, it’s overrun with bots, and now it’s breaking users’ favorite third-party Twitter clients like Tweetbot and Twitterific by shutting off APIs these apps relied on. Worse still, is that Twitter isn’t taking full responsibility for its decisions.

In a company email it shared today, Twitter cited “technical and business constraints” that it can no longer ignore as being the reason behind the APIs’ shutdown.

It said the clients relied on “legacy technology” that was still in a “beta state” after more than 9 years, and had to be killed “out of operational necessity.”

This reads like passing the buck. Big time.

It’s not as if there’s some other mysterious force that maintains Twitter’s API platform, and now poor ol’ Twitter is forced to shut down old technology because there’s simply no other recourse. No.

Twitter, in fact, is the one responsible for its User Streams and Site Streams APIs – the APIs that serve the core functions of these now deprecated third-party Twitter clients. Twitter is the reason these APIs have been stuck in a beta state for nearly a decade. Twitter is the one that decided not to invest in supporting those legacy APIs, or shift them over to its new API platform.

And Twitter is the one that decided to give up on some of its oldest and most avid fans – the power users and the developer community that met their needs – in hopes of shifting everyone over to its own first-party clients instead.

The company even dismissed how important these users and developers have been to its community over the years, by citing the fact that the APIs it’s terminating – the ones that power Tweetbot, Twitterrific, Tweetings and Talon – are only used by “less than 1%” of Twitter developers. Burn! 

Way to kick a guy when he’s already down, Twitter.

But just because a community is small in numbers, does not mean its voice is not powerful or its influence is not felt.

Hence, the #BreakingMyTwitter hashtag, which Twitter claims to be watching “quite often.”

The one where users are reminding Twitter CEO Jack Dorsey about that time he apologized to Twitter developers for not listening to them, and acknowledged the fact they made Twitter what it is today. The time when he promised to do better.

This is…not better:

The company’s email also says it hopes to eventually learn “why people hire 3rd party clients over our own apps.”

Its own apps?

Oh, you mean like TweetDeck, the app Twitter acquired then shut down on Android, iPhone and Windows? The one it generally acted like it forgot it owned? Or maybe you mean Twitter for Mac (previously Tweetie, before its acquisition), the app it shut down this year, telling Mac users to just use the web instead? Or maybe you mean the nearly full slate of TV apps that Twitter decided no longer needed to exist?

And Twitter wonders why users don’t want to use its own clients?

Perhaps, users want a consistent experience – one that doesn’t involve a million inconsequential product changes like turning stars to hearts or changing the character counter to a circle. Maybe they appreciate the fact that the third parties seem to understand what Twitter is better than Twitter itself does: Twitter has always been about a real-time stream of information. It’s not meant to be another Facebook-style algorithmic News Feed. The third-party clients respect that. Twitter does not.

Yesterday, the makers of Twitterific spoke to the API changes, noting that its app would no longer be able to stream tweets, send native push notifications, or be able to update its Today view, and that new tweets and DMs will be delayed.

It recommended users download Twitter’s official mobile app for notifications going forward.

In other words, while Twitterific will hang around in its broken state, its customers will now have to run two Twitter apps on their device – the official one to get their notifications, and the other because they prefer the experience.

A guide to using Twitter’s app for notifications, from Iconfactory

“We understand why Twitter feels the need to update its API endpoints,” explains Iconfactory co-founder Ged Maheux, whose company makes Twitterrific. “The spread of bots, spam and trolls by bad actors that exploit their systems is bad for the entire Twitterverse, we just wish they had offered an affordable way forward for the developers of smaller, third party apps like ours.”

“Apps like the Iconfactory’s Twitterrific helped build Twitter’s brand, feature sets and even its terminology into what it is today. Our contributions were small to be sure, but real nonetheless. To be priced out of the future of Twitter after all of our history together is a tough pill to swallow for all of us,” he added.

The question many users are now facing is what to do next?

Continue to use now broken third-party apps? Move to an open platform like Mastodon? Switch to Twitter’s own clients, as it wants, where it plans to “experiment with showing alternative viewpoints” to pop people’s echo chambers…on a service that refuses to kick out people like Alex Jones?

Or maybe it’s time to admit the open forum for everything that Twitter – and social media, really – has promised is failing? Maybe it’s time to close the apps – third-party and otherwise. Maybe it’s time to go dark. Get off the feeds. Take a break. Move on.

The full email from Twitter is below:

Hi team,

Today, we’re publishing a blog post about our priorities for where we’re investing today in Twitter client experiences. I wanted to share some more with you about how we reached these decisions, and how we’re thinking about 3rd party clients specifically.

First, some history:

3rd party clients have had a notable impact on the Twitter service and the products we build. Independent developers built the first Twitter client for Mac and the first native app for iPhone. These clients pioneered product features we all know and love about Twitter, like mute, the pull-to-refresh gesture, and more.

We love that developers build experiences on our APIs to push our service, technology, and the public conversation forward. We deeply respect the time, energy, and passion they’ve put into building amazing things using Twitter.

But we haven’t always done a good job of being straightforward with developers about the decisions we make regarding 3rd party clients. In 2011, we told developers (in an email) not to build apps that mimic the core Twitter experience. In 2012, we announced changes to our developer policies intended to make these limitations clearer by capping the number of users allowed for a 3rd party client. And, in the years following those announcements, we’ve told developers repeatedly that our roadmap for our APIs does not prioritize client use cases — even as we’ve continued to maintain a couple specific APIs used heavily by these clients and quietly granted user cap exceptions to the clients that needed them.

It is now time to make the hard decision to end support for these legacy APIs — acknowledging that some aspects of these apps would be degraded as a result. Today, we are facing technical and business constraints we can’t ignore. The User Streams and Site Streams APIs that serve core functions of many of these clients have been in a “beta” state for more than 9 years, and are built on a technology stack we no longer support. We’re not changing our rules, or setting out to “kill” 3rd party clients; but we are killing, out of operational necessity, some of the legacy APIs that power some features of those clients. And it has not been a realistic option for us today to invest in building a totally new service to replace these APIs, which are used by less than 1% of Twitter developers.

We’ve heard the feedback from our customers about the pain this causes. We check out #BreakingMyTwitter quite often and have spoken with many of the developers of major 3rd party clients to understand their needs and concerns. We’re committed to understanding why people hire 3rd party clients over our own apps. And we’re going to try to do better with communicating these changes honestly and clearly to developers. We have a lot of work to do. This change is a hard, but important step, towards doing it. Thank you for working with us to get there.

Thanks,

Rob

Source: Mobile – Techcruch

Musical.ly investor bets on internet radio with $17M deal for Korea’s Spoon Radio

Musical.ly investor bets on internet radio with M deal for Korea’s Spoon Radio

One of the early backers of Musical.ly, the short video app that was acquired for $1 billion, is making a major bet that internet radio is one of the next big trends in media.

Goodwater Capital, one of a number of backers that won big when ByteDance acquired Musical.ly last year, has joined forces with Korean duo Softbank Ventures and KB Investment to invest $17 million into Korea’s Spoon Radio. The deal is a Series B for parent company Mykoon, which operates Spoon Radio and previously developed an unsuccessful smartphone battery sharing service.

That’s much like Musical.ly, which famously pivoted to a karaoke app after failing to build an education service.

“We decided to create a service, now known as Spoon Radio, that was inspired by what gave us hope when [previous venture] ‘Plugger’ failed to take off. We wanted to create a service that allowed people to truly connect and share their thoughts with others on everyday, real-life issues like the ups and downs of personal relationships, money, and work.

“Unlike Facebook and Instagram where people pretend to have perfect lives, we wanted to create an accessible space for people to find and interact with influencers that they could relate with on a real and personal level through an audio and pseudo-anonymous format,” Mykoon CEO Neil Choi told TechCrunch via email.

Choi started the company in 2013 with fellow co-founders Choi Hyuk jun and Hee-jae Lee, and today Spoon Radio operates much like an internet radio station.

Users can tune in to talk show or music DJs, and leave comments and make requests in real-time. The service also allows users to broadcast themselves and, like live-streaming, broadcasters — or DJs, as they are called — can monetize by receiving stickers and other virtual gifts from their audience.

Spoon Radio claims 2.5 million downloads and “tens of millions” of audio broadcasts uploaded each day. Most of that userbase is in Korea, but the company said it is seeing growth in markets like Japan, Indonesia and Vietnam. In response to that growth — which Choi said is over 1,000 percent year-on-year — this funding will be used to invest in expanding the service in Southeast Asia, the rest of Asia and beyond.

Audio social media isn’t a new concept.

Singapore’s Bubble Motion raised close to $40 million from investors but it was sold in an underwhelming and undisclosed deal in 2014. Reportedly that was after the firm had failed to find a buyer and been ready to liquidate its assets. Altruist, the India-based mobile services company that bought Bubble Motion has done little to the service. Most changes have been bug fixes and the iOS app, for example, has not been updated for nearly a year.

Things have changed in the last four years, with smartphone growth surging across Asia and worldwide. That could mean different fortunes but there are also differences between the two in terms of strategy.

Bubbly was run like a social network — a ‘Twitter for voice’ — whereas Spoon Radio is focused on a consumption-based model that, as the name suggests, mirrors traditional radio.

“This is mobile consumer internet at its best,” Eric Kim, one of Goodwater Capital’s two founding partners, told TechCrunch in an interview. “Spoon Radio is taking an offline experience that exists in classic radio and making it even better.”

Kim admitted that when he first used the service he didn’t see the appeal — he claimed the same was true for Musical.ly — but he said he changed his tune after talking to listeners and using Spoon Radio. He said it reminded him of being a kid growing up in the U.S. and listening to radio shows avidly.

“It’s a really interesting phenomenon taking off in Asia because of smartphone growth and people being keen for content, but not always able to get video content. It was a net new behavior that we’d never seen before… Musical.ly was in the same bracket as net new content for the new generation, we’ve been paying attention to this category broadly,” Kim — whose firm’s other Korean investments include chat app giant Kakao and fintech startup Toss — explained.

Source: Mobile – Techcruch

Facebook, Google and more unite to let you transfer data between apps

Facebook, Google and more unite to let you transfer data between apps

The Data Transfer Project is a new team-up between tech giants to let you move your content, contacts, and more across apps. Founded by Facebook, Google, Twitter, and Microsoft, the DTP today revealed its plans for an open source data portability platform any online service can join. While many companies already let you download your information, that’s not very helpful if you can’t easily upload and use it elsewhere — whether you want to evacuate a social network you hate, back up your data somewhere different, or bring your digital identity along when you try a new app. The DTP’s tool isn’t ready for use yet, but the group today laid out a white paper for how it will work.

Creating an industry standard for data portability could force companies to compete on utility instead of being protected by data lock-in that traps users because it’s tough to switch services. The DTP could potentially offer a solution to a major problem with social networks I detailed in April: you can’t find your friends from one app on another. We’ve asked Facebook for details on if and how you’ll be able to transfer your social connections and friends’ contact info which it’s historically hoarded.

From porting playlists in music streaming services to health data from fitness trackers to our reams of photos and videos, the DTP could be a boon for startups. Incumbent tech giants maintain a huge advantage in popularizing new functionality because they instantly interoperate with a user’s existing data rather than making them start from scratch. Even if a social networking startup builds a better location sharing feature, personalized avatar, or payment system, it might be a lot easier to use Facebook’s clone of it because that’s where your profile, friends, and photos live.

If the DTP gains industry-wide momentum and its founding partners cooperate in good faith rather than at some bare minimum level of involvement, it could lower the barrier for people to experiment with new apps. Meanwhile, the tech giants could argue that the government shouldn’t step in to regulate them or break them up because DTP means users are free to choose whichever app best competes for their data and attention.

Source: Mobile – Techcruch

Trump just noticed Europe’s $5BN antitrust fine for Google

Trump just noticed Europe’s BN antitrust fine for Google

In other news bears shit in the woods. In today’s second-day President Trump news: ‘The Donald’ has seized, belatedly, on the European Commission’s announcement yesterday that Google is guilty of three types of illegal antitrust behavior — with its Android OS, since 2011 — and that it is fining the company $5 billion; a record-breaking penalty which the Commission’s antitrust chief, Margrethe Vestager, said reflects the length and gravity of the company’s competition infringements.

Trump is not! at all! convinced! though!

“I told you so!” he has tweeted triumphantly just now. “The European Union just slapped a Five Billion Dollar fine on one of our great companies, Google . They truly have taken advantage of the U.S., but not for long!”

Also not so very long ago, Trump was the one grumbling about U.S. tech giants. Though Amazon is his most frequent target in tech, while Google has been spared the usual tweet lashings. Albeit, on the average day he may not necessarily be able to tell one tech giant from another.

Vestager can though, and she cited Amazon as one of the companies that had suffered as a direct result of contractual conditions Google imposed on device makers using its Android OS — squeezing the ecommerce giant’s potential to build a competing Android ecosystem, with its Fire OS.

Presumably, for Trump, Amazon is not ‘one of our great companies’ though.

At least it’s only Google that gets his full Twitter attention — and a special Trumpian MAGA badge of honor call-out as “one of our great companies” — in the tweet.

Presumably, he hasn’t had this pointed out to him yet though. So, uh, awkward.

Safe to say, Trump is seizing on Google’s antitrust penalty as a stick to beat the EU, set against a backdrop of Trump already having slapped a series of tariffs on EU goods, and Trump recently threatening the EU with tariffs on cars — in what is fast looking like a full blown trade war.

Even so, Trump’s tweet probably wasn’t the kind of support Google was hoping to solicit via its own Twitter missive yesterday…

#AndroidWorksButTradeWarsDon’t doesn’t make for the most elegant hashtag.

But here’s the thing: Vestager has already responded to Trump’s attack on the Android decision — even though it’s taking place a day late. Because the EU’s “tax lady”, as Trump has been known to vaguely refer to her, is both lit and onit.

During yesterday’s press conference she was specifically asked to anticipate Trump’s tantrum response on hearing the EU antitrust decision against Google, and whether she wasn’t afraid it might affect next week’s meeting between the US president and the European Commission’s president, Jean-Claude Juncker.

“As I know my US colleagues want fair competition just as well as we do,” she responded. “There is a respect that we do our job. We have this very simple mission to make sure that companies play by the rulebook for the market to serve consumers. And this is also my impression that this is what they want in the US.”

Pressed again on political context, given the worsening trade relationship between the US and the EU, Vestager was asked how she would explain that her finding against Google is not part of an overarching anti-US narrative — and how would she answer Trump’s contention that the EU’s “tax lady… really hates the US”.

“Well I’ve done my own fact checking on the first part of that sentence. I do work with tax and I am a woman. So this is 100% correct,” she replied. “It is not correct for the latter part of the sentence though. Because I very much like the US. And I think that would also be what you think because I am from Denmark and that tends to be what we do. We like the U.S. The culture, the people, our friends, traveling. But the fact is that this [finding against Google] has nothing to do with how I feel. Nothing whatsoever. Just as well as enforcing competition law — well, we do it in the world but we don’t do it in a political context. Because then there would never, ever be a right timing.

“The mission is very simple. We have to protect consumers and competition to make sure that consumers get the best of fair competition — choice, innovation, best possible prices. This is what we do. It has been done before, we will continue to do it — no matter the political context.”

Maybe Trump will be able to learn the name of the EU’s “tax lady” if Vestager ends up EU president next year.

Or, well, maybe not. We can only hope so.

Source: Mobile – Techcruch

Twitter buys a startup to battle harassment, e-cigs are booming, and a meditation app is worth $250M

Twitter buys a startup to battle harassment, e-cigs are booming, and a meditation app is worth 0M

Hello and welcome back to Equity, TechCrunch’s venture capital-focused podcast where we unpack the numbers behind the headlines. This week TechCrunch’s Silicon Valley Editor Connie Loizos and I jammed out on a couple of topics as Alex Wilhelm was out managing his fake stock game spreadsheets or something. (The jury is out on whether this was a good or bad thing.)

First up is Twitter buying Smyte, a startup targeting fixes for spam and abuse. This is, of course, Twitter’s perennial problem and it’s one that it’s been trying to fix for some time — but definitely not there yet. The deal terms weren’t disclosed, but Twitter to its credit has seen its stock basically double this year (and almost triple in the past few years). Twitter is going into a big year, with the U.S. midterm elections, the 2018 World Cup, and the Sacramento Kings probably finding some way to screw up in the NBA draft. This’ll be a close one to watch over the next few months as we get closer to the finals for the World Cup and the elections. Twitter is trying to bill itself as a home for news, focusing on live video, and a number of other things.

Then we have Juul Labs, an e-cigarette company that is somehow worth $10 billion. The Information reports that the PAX Labs spinout from 2015 has gone from a $250 million valuation all the way to $10 billion faster than you can name each scooter company that’s raising a new $200 million round from Sequoia that will have already been completed by the time you finish this sentence. Obviously the original cigarette industry was a complicated one circa the 20th century, so this one will be an interesting one to play out over the next few years.

Finally, we have meditation app Calm raising a $27 million round at a $250 million pre-money valuation. Calm isn’t the only mental health-focused startup that’s starting to pick up some momentum, but it’s one that’s a long time coming. I remember stumbling upon Calm.com back in 2012, where you’d just chill out on the website for a minute or so, so it’s fun to see a half-decade or so later that these apps are showing off some impressive numbers.

That’s all for this week, we’ll catch you guys next week. We apologize in advance if Alex makes it back on to the podcast.

Equity  drops every Friday at 6:00 am PT, so subscribe to us on Apple PodcastsOvercast, Pocketcast, Downcast and all the casts.

Source: Mobile – Techcruch

Juul tightens up social media to focus on former smokers switching to e-cigs

Juul tightens up social media to focus on former smokers switching to e-cigs
Juul Labs, the company behind the ever-popular Juul e-cig, has today announced a new policy around social media.
This comes in the midst of Juul’s effort to get FDA approval, which has been made more arduous by the fact that the FDA has cracked down on Juul after learning how popular the device is with underage users.
As part of the new policy, Juul will no longer feature models in pictures posted on Instagram, Twitter, or Facebook. FWIW, Juul doesn’t even have a Snapchat. Instead of using models to market the e-cig, Juul Labs will now use real former smokers who switched from combustible cigarette to Juul.
Juul has always said that its product was meant to serve as an alternative to combustible cigarettes, which are considered far more harmful to your health.
Juul has also initiated an internal team focused on flagging and reporting social media content that is inappropriate or targeted to underage users.
The company mentioned that it has worked to report and remove more than 10,000 illegal online sales since February from various online marketplaces.
We reached out to Juul to see if any changes have been made to the way that Juul targets ads on social media and elsewhere. We’ll update the post if/when we hear back.
Here’s what Juul Labs CEO Kevin Burns had to say in a prepared statement:
While JUUL already has a strict marketing code, we want to take it one step further by implementing an industry-leading policy eliminating all social media posts featuring models and instead focus our social media on sharing stories about adult smokers who have successfully switched to JUUL. We also are having success in proactively working with social media platforms to remove posts, pages and unauthorized offers to sell product targeted at underage accounts. We believe we can both serve the 38 million smokers in the U.S. and work together to combat underage use – these are not mutually exclusive missions.
In April, the FDA sent a request for information to Juul Labs as part of a new Youth Tobacco Prevention Plan, which is aimed at keeping tobacco products of any kind out of the hands of minors. The information request was meant to help the FDA understand why teens are so interested in e-cigs (particularly Juul) and whether or not Juul Labs was marketing the product intentionally to minors.
In response, Juul announced a new strategy to combat underage use, with an investment of $30 million over the next three years going towards independent research, youth and parent education and community engagement efforts.
Since August 2017, Juul has required that people be 21+ to purchase products on its own website, but online and offline third-party retailers have not been so diligent.

Source: Gadgets – techcrunch

Twitter has an unlaunched ‘Secret’ encrypted messages feature

Twitter has an unlaunched ‘Secret’ encrypted messages feature

Buried inside Twitter’s Android app is a “Secret conversation” option that if launched would allow users to send encrypted direct messages. The feature could make Twitter a better home for sensitive communications that often end up on encrypted messaging apps like Signal, Telegram or WhatsApp.

The encrypted DMs option was first spotted inside the Twitter for Android application package (APK) by Jane Manchun Wong. APKs often contain code for unlaunched features that companies are quietly testing or will soon make available. A Twitter spokesperson declined to comment on the record. It’s unclear how long it might be before Twitter officially launches the feature, but at least we know it’s been built.

The appearance of encrypted DMs comes 18 months after whistleblower Edward Snowden asked Twitter CEO Jack Dorsey for the feature, which Dorsey said was “reasonable and something we’ll think about.”

Twitter has gone from “thinking about” the feature to prototyping it. The screenshot above shows the options to learn more about encrypted messaging, start a secret conversation and view both your own and your conversation partner’s encryption keys to verify a secure connection.

Twitter’s DMs have become a powerful way for people to contact strangers without needing their phone number or email address. Whether it’s to send a reporter a scoop, warn someone of a problem, discuss business or just “slide into their DMs” to flirt, Twitter has established one of the most open messaging mediums. But without encryption, those messages are subject to snooping by governments, hackers or Twitter itself.

Twitter has long positioned itself as a facilitator of political discourse and even uprisings. But anyone seriously worried about the consequences of political dissonance, whistleblowing or leaking should be using an app like Signal that offers strong end-to-end encryption. Launching encrypted DMs could win back some of those change-makers and protect those still on Twitter.

Source: Mobile – Techcruch

Facebook swings at Twitter with Breaking News label

Facebook swings at Twitter with Breaking News label
 Facebook’s algorithm is terrible at surfacing breaking news, often showing urgent posts hours or even days later when more facts have since emerged or the story has changed. This has made Twitter the default home for this content, but that position has weakened since Twitter implemented its own relevancy algorithm that brings up old tweets. Facebook isn’t ready to make any changes… Read More

Source: Mobile – Techcruch