Connect with us

Mobile

Every secure messaging app needs a self-destruct button – TechCrunch

Published

on

The growing presence of encrypted communications apps makes a lot of communities safer and stronger. But the possibility of physical device seizure and government coercion is growing as well, which is why every such app should have some kind of self-destruct mode to protect its user and their contacts.

End to end encryption like that you see in Signal and (if you opt into it) WhatsApp is great at preventing governments and other malicious actors from accessing your messages while they are in transit. But as with nearly all cybersecurity matters, physical access to either device or user or both changes things considerably.

For example, take this Hong Kong citizen who was forced to unlock their phone and reveal their followers and other messaging data to police. It’s one thing to do this with a court order to see if, say, a person was secretly cyberstalking someone in violation of a restraining order. It’s quite another to use as a dragnet for political dissidents.

This particular protestor ran a Telegram channel that had a number of followers. But it could just as easily be a Slack room for organizing a protest, or a Facebook group, or anything else. For groups under threat from oppressive government regimes it could be a disaster if the contents or contacts from any of these were revealed to the police.

Just as you should be able to choose exactly what you say to police, you should be able to choose how much your phone can say as well. Secure messaging apps should be the vanguard of this capability.

There are already some dedicated “panic button” type apps, and Apple has thoughtfully developed an “emergency mode” (activated by hitting the power button five times quickly) that locks the phone to biometrics and will wipe it if it is not unlocked within a certain period of time. That’s effective against “Apple pickers” trying to steal a phone or during border or police stops where you don’t want to show ownership by unlocking the phone with your face.

Those are useful and we need more like them — but secure messaging apps are a special case. So what should they do?

The best-case scenario, where you have all the time in the world and internet access, isn’t really an important one. You can always delete your account and data voluntarily. What needs work is deleting your account under pressure.

The next best-case scenario is that you have perhaps a few seconds or at most a minute to delete or otherwise protect your account. Signal is very good about this: The deletion option is front and center in the options screen, and you don’t have to input any data. WhatsApp and Telegram require you to put in your phone number, which is not ideal — fail to do this correctly and your data is retained.

Signal, left, lets you get on with it. You’ll need to enter your number in WhatsApp (right) and Telegram.

Obviously it’s also important that these apps don’t let users accidentally and irreversibly delete their account. But perhaps there’s a middle road whereby you can temporarily lock it for a preset time period, after which it deletes itself if not unlocked manually. Telegram does have self-destructing accounts, but the shortest time you can delete after is a month.

What really needs improvement is emergency deletion when your phone is no longer in your control. This could be a case of device seizure by police, or perhaps being forced to unlock the phone after you have been arrested. Whatever the case, there need to be options for a user to delete their account outside the ordinary means.

Here are a couple options that could work:

  • Trusted remote deletion: Selected contacts are given the ability via a one-time code or other method to wipe each other’s accounts or chats remotely, no questions asked and no notification created. This would let, for instance, a friend who knows you’ve been arrested remotely remove any sensitive data from your device.
  • Self-destruct timer: Like Telegram’s feature, but better. If you’re going to a protest, or have been “randomly” selected for additional screening or questioning, you can just tell the app to delete itself after a certain duration (as little as a minute perhaps) or at a certain time of the day. Deactivate any time you like, or stall for the five required minutes for it to trigger.
  • Poison PIN: In addition to a normal unlock PIN, users can set a poison PIN that when entered has a variety of user-selectable effects. Delete certain apps, clear contacts, send prewritten messages, unlock or temporarily hard-lock the device, etc.
  • Customizable panic button: Apple’s emergency mode is great, but it would be nice to be able to attach conditions like the poison PIN’s. Sometimes all someone can do is smash that button.

Obviously these open new avenues for calamity and abuse as well, which is why they will need to be explained carefully and perhaps initially hidden in “advanced options” and the like. But overall I think we’ll be safer with them available.

Eventually these roles may be filled by dedicated apps or by the developers of the operating systems on which they run, but it makes sense for the most security-forward app class out there to be the first in the field.



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Mobile

Lime touts a 2020 turnaround and 2021 profitability – TechCrunch

Published

on

Micromobility company Lime says it has moved beyond the financial hardship caused by the COVID-19 pandemic, reaching a milestone that seemed unthinkable earlier this year.

In short, the company is now largely profitable.

Lime said it was both operating cash flow positive and free cash flow positive in the third quarter — a first — and is on pace to be full-year profitable, excluding certain costs (EBIT), in 2021.

During the WSJ Future of Everything event Thursday, Lime CEO Wayne Ting painted a far rosier picture of the company’s future than one might have expected.

There was a time when Bird and Lime, competing domestic scooter rental companies, were raising capital at a torrid pace, fighting for market share, regulatory breathing room and sidewalk real estate. Then, the pandemic hit and the companies had to take shelter.

Lime underwent a round of layoffs in April, taking on capital from Uber the next month in a down-round that brought its valuation under the $1 billion mark. As it announced in a blog post that TechCrunch reviewed before publication, it paused most of its operations for a month during the early COVID-19 days.

“It was certainly a very, very tough decision for us earlier this year and I know we weren’t the only company during COVID,” Ting said during the event.I think it’s been in so many ways helpful to us to realize how hard these choices can be. We’re going to be growing headcount again. We’re going to do so in a careful way so that we’re not going have to make hard choices like the ones we made earlier this year.”

Now things are better, Lime says. Much better. Indeed, the company claims that it is the “first new mobility company to reach cash-flow positive for a full quarter.”

Cash flow positivity, in general, is an important threshold for a startup to reach as it implies that the company can largely self-fund from that point forward, limiting its dependency on external cash for survival.

Lime also claims that it “reached EBIT positive at the company level over the summer.” The specifics of the phrase “EBIT positive” are important. Was the company employing strict EBIT on its math and not discounting share-based compensation, or was it measuring using adjusted EBIT as many startups do, removing the cost of share-based compensation that shows up in GAAP results? According to the company the number did exclude share-based compensation, making the news slightly smaller.

Perhaps the most bullish data point from Lime is that it expects to be full-year profitable in 2021. TechCrunch asked for specifics because again how one measures profitability matters. It turns out, Lime is basing this projection on EBIT, as opposed to more traditional net income. For a startup this is not a surprising decision, but before we declare Lime fully “profitable,” we’ll want some more GAAP metrics.

Still, it appears that Lime is not going to die, and is, importantly, putting capital into developing new products. The company provided the first example of that new product pipeline on Thursday with the launch of the Gen4 scooter in Paris. It also teased a so-called “third and fourth mode” in the first quarter of 2021 as well as the addition of a swappable battery.

The scooter company wouldn’t give TechCrunch much information about what these third and fourth modes will be. The first two modes are bikes and scooters, which leaves skateboards, cars, flying cars and boats?

Lime did give TechCrunch a little bit of clarification, stating that “move beyond,” means the company will be operating an additional mode, accessed through the Lime app, in line with its goal to serve any trips under five miles. These modes will build on the Lime Platform play, but this will be operated by Lime rather than a partner.

Lime has long discussed reaching profitability. Perhaps because it and its competitor Bird were infamous for their losses during their early unicorn period.

By November of 2019, Lime was talking about reaching EBIT positivity in 2020. But the start of 2020 was not kind on the company, with 100 of its staff losing their jobs and 12 markets getting dropped. At the time TechCrunch wrote that “Lime is hoping to achieve profitability this year by laying off about 14% of its workforce and ceasing operations in 12 markets,” with the company itself writing at the time that “financial independence [was its] goal for 2020, and [that it was] confident that Lime will be the first next-generation mobility company to reach profitability.”

Depending on how you measure profitability, that could be true.

Things didn’t get easier for Lime later in the year. Its competitor Bird underwent layoffs, and Lime cut more staff in April. At the time, Lime said that it was focused on coming “back stronger than ever when this is over.”

The company is certainly in better shape than it was in April and May. So, how did Lime come back from the brink? In its own estimation, the company took time during its pause to “drill down on getting the business right, narrowing [its] focus and strengthening [its] fundamentals.” That might sound like corporate babble, but by taking a nearly full stop in its operating business, Lime could probably see a bit more clearly what was working and what was not. And with some cuts to what wasn’t, it could set up a future in which its operations were leaner, and more unit-economically positive.

And, now, here we are asking niggling questions about just what sort of profit Lime is really making. Instead of, you know, who might buy its leftover office furniture. It’s a nice turnaround.

Continue Reading

Mobile

Verizon partners with Apple to launch 5G Fleet Swap – TechCrunch

Published

on

Apple and Verizon today announced a new partnership that will make it easier for their business partners to go all-in on 5G. Fleet Swap, as the program is called, allows businesses to trade in their entire fleet of smartphones — no matter whether they are currently a Verizon customer or not — and move to the iPhone 12 with no upfront cost and either zero cost (for the iPhone 12 mini) or a low monthly cost.

(Disclaimer: Verizon is TechCrunch’s corporate parent. The company has zero input into our editorial decisions.)

In addition, Verizon also today announced its first two major indoor 5G ultra wideband services for its enterprise customers. General Motors and Honeywell are the first customers here, with General Motors enabling the technology at its Detroit-Hamtramck Assembly Center, the company’s all-electric vehicle plant. To some degree, this goes to show how carriers are positioning 5G ultra wideband as more of an enterprise feature than the lower-bandwidth versions of 5G.

“I think about how 5G [ultra wide band] is really filling a need for capacity and for capability. It’s built for industrial commercial use cases. It’s built on millimeter wave spectrum and it’s really built for enterprise,” Verizon Business CEO Tami Erwin told me.

It’s important to note that these two projects are not private 5G networks. Verizon is also in that business and plans to launch those more broadly in the future.

“No matter where you are on your digital transformation journey, the ability to put the power of 5G Ultra Wideband in all of your employees’ hands right now with a powerful iPhone 12 model, the best smartphone for business, is not just an investment for growth, it’s what will set a business’s future trajectory as technology continues to advance,” Erwin said in today’s announcement.

As for 5G Fleet Swap, the idea here is obviously to get more businesses on Verizon’s 5G network and, for Apple, to quickly get more iPhone 12s into the enterprise. Apple clearly believes that 5G can provide some benefits to enterprises — and maybe more so than to consumers — thanks to its low latency for AR applications, for example.

“The iPhone 12 lineup is the best for business, with an all-new design, advanced 5G experience, industry-leading security and A14 Bionic, the fastest chip ever in a smartphone,” said Susan Prescott, Apple’s vice president of Markets, Apps and Services. “Paired with Verizon’s 5G Ultra Wideband going indoors and 5G Fleet Swap, an all-new device offer for enterprise, it’s now easier than ever for businesses to build transformational mobile apps that take advantage of the powerful iPhone 12 lineup and 5G.”

In addition, the company is highlighting the iPhone’s secure enclave as a major security benefit for enterprises. And while other handset manufacturers launch devices that are specifically meant to be rugged, Apple argues that its devices are already rugged enough by design and that there’s a big third-party ecosystem to ruggedize its devices.

Continue Reading

Mobile

Apple will pay $113M to settle 34-state ‘batterygate’ lawsuit – TechCrunch

Published

on

Apple has agreed to pay $113 million to 34 states and the District of Columbia to settle allegations that it broke consumer protection laws when it systematically downplayed widespread iPhone battery problems in 2016. This is in addition to the half billion the company already paid to consumers over the issue earlier this year and numerous other fines around the world.

The issue, as we’ve reported over the years, was that a new version of iOS was causing older (but not that old) iPhones to shut down unexpectedly, and that an update “fixing” this issue surreptitiously throttled the performance of those devices.

Conspiracy-minded people, which we now know are quite numerous, suspected this was a deliberate degradation of performance in order to spur the purchase of a new phone. This was not the case, but Arizona Attorney General Mike Brnovich, who led the multi-state investigation, showed that Apple was quite aware of the scale of the issue and the shortcomings of its solution.

Brnovich and his fellow AGs alleged that Apple violated various consumer protection laws, such as Arizona’s Consumer Fraud Act, by “misrepresenting and concealing information” regarding the iPhone battery problems and the irreversible negative consequences of the update it issued to fix them.

Apple agreed to a $113M settlement that admits no wrongdoing, to be split among the states however they choose. This is not a fine, like the €25M one from French authorities; if Apple had been liable for statutory penalties those might have reached much, much higher than the amount agreed to today. Arizona’s CFA provides for up to $10,000 per willful violation, and even a fraction of that would have added up very quickly given the amount of people affected.

In addition to the cash settlement, Apple must “provide truthful information to consumers about iPhone battery health, performance, and power management” in various ways. The company already made changes to this effect years ago, but in settlements like this such requirements are included so they can’t just turn around and do it again, though some companies, like Facebook, do it anyway.

Continue Reading

Trending