Facebook admits SMS notifications sent using two-factor number was caused by bug

Facebook this evening clarified the situation around SMS notifications sent using the company’s two-factor authentication (2FA) system, admitting that the messages were indeed caused by a bug. In a blog post penned by Facebook Chief Security Officer Alex Stamos, the company says the error led it to “send non-security-related SMS notifications to these phone numbers.”

Facebook uses the automated number 362-65, or “FBOOK,” as its two-factor authentication number, which is a secure way of confirming a user’s identity by sending a numeric code to a secondary device like a mobile phone. That same number ended up sending users Facebook notifications without their consent. When users would attempt to get the SMS notifications to stop, the replies were posted to their own Facebook profiles as status updates.

Facebook Turned Its Two-Factor Security ‘Feature’ Into the Worst Kind of Spam

Kate Conger, writing for Gizmodo:

I’ve been getting these text-spam messages since last summer, when I set up a new Facebook account and turned on two-factor authentication. I created the new profile with somewhat vague intentions of using it for professional purposes — I didn’t like the idea of messaging sources from my primary Facebook account, where they could flip through pictures of my high school prom or my young nephews. But I didn’t end up using the profile often, and I let it sit mostly abandoned for months at a time.

At first, I only got one or two texts from Facebook per month. But as my profile stagnated, I got more and more messages. In January, Facebook texted me six times — mostly with updates about what my ex was posting. This month, I’ve already gotten four texts from Facebook. One is about a post from a former intern; I don’t recognize the name of one of the other “friends” Facebook messaged me about.

Really Facebook? Really?

Indian character crashes iOS 11.2.5, may require full device restore

Sending a specific Indian character in a text message can crash an iOS device’s Messages app and potentially require the device to be restored from a backup, Italy’s Mobile World reports. The bug follows last month’s device-freezing ChaiOS issue, which Apple rushed to patch in iOS 11.2.5, but has more serious potential to damage the data on your device. Backing up your iPhone or iPad right now might be a good idea.

The triggering character comes from the Telugu language, spoken by roughly 70 million people in India, and is shown (safely) in the image above. According to the report, if the text version of the character is either received in a message or pasted into a text field, applications can freeze or iOS as a whole can crash. Attempts to restart the application will fail.

All New Apps Must Be Built With iOS 11 SDK Starting in April

Juli Clover, writing for MacRumors:

Apple today sent out a notice to developers letting them know that starting in April of 2018, all new apps submitted to the App Store must be built using the iOS 11 SDK, which is included in Xcode 9 or later.

Furthermore, Apple says that all new apps designed for the iPhone, including universal apps, must support the iPhone X’s Super Retina display.

 

Kottke on the state of blogging

Jason Kottke, in an interesting interview for the Nieman Journalism Lab:

Melancholy, I think, is the exact right word. Personally, I think I felt a lot worse about it maybe three, four years ago. I was like, crap, what am I going to do here? I can see where this is going, I can see that more and more people are going to go to Facebook, and to mobile, and to all of these social apps and stuff like that, and there’s going to be less and less of a space in there for blogs like mine. I can’t churn out 60 things a day and play that social game where you use the shotgun approach to spit stuff out there and see what sticks. I’ve got to do four, five, six things that are good, really good. Since then, though, I’ve sort of come to terms with that. I’m like: Okay, if I can just keep going it, just keep doing it, it will work itself out somehow. I don’t know why I think that, but I kind of do.

The membership thing was actually really helpful in that regard, because within a pretty short amount of time, there was a lot of signal that people really appreciate what it is I do, enough that they’re willing to pay for it. It was kind of like, holy shit, we’re all in this together. I knew before that there were people who really into the site and who really like it, and that’s always been great to know and to get that feedback in the inbox and via Twitter and stuff like that. But to actually have those people pony up some dough changed my whole mindset about how I feel about the site.

The Wirecutter’s Apple HomePod review: “It only sounds great”

In its current state, the HomePod is not the device that Apple originally announced in 2017. In particular it’s missing a few marquee features, such as the ability to connect multiple speakers in multiple rooms. Overall, the HomePod is neither as versatile nor as affordable as most of its competitors, and it’s not compatible with as many non-Apple devices. The HomePod is likely to be updated with more features and perhaps more compatibility, but Apple isn’t offering a timeline or roadmap for updates, so anyone buying a HomePod now is taking a gamble

[..]

An unhappy discovery after we placed a HomePod on an oiled butcher-block countertop and later on a wooden side table was that it left a defined white ring in the surface. Other reviewers and owners (such as Pocket-lint, and folks on Twitter) have reported the same issue, which an Apple representative has confirmed. Apple says “the marks can improve over several days after the speaker is removed from the wood surface,” and if they don’t fade on their own, you can basically just go refinish the furniture—the exact advice Apple gave in an email to Wirecutter was to “try cleaning the surface with the manufacturer’s suggested oiling method.”

I’m holding out some hope for the HomePod, since Apple products tend to be great, but I don’t think I’ll be getting this first iteration of it.

I’ll stick to my Google Home in the meantime.

Stimulus

Stimulus is a JavaScript framework with modest ambitions. It doesn’t seek to take over your entire front-end—in fact, it’s not concerned with rendering HTML at all. Instead, it’s designed to augment your HTML with just enough behavior to make it shine. Stimulus pairs beautifully with Turbolinks to provide a complete solution for fast, compelling applications with a minimal amount of effort. modest JavaScript framework for the HTML you already have.

I’ve been playing with Stimulus since it was released, and it’s interesting. I can see this being a good answer for stuff like WordPress themes that are designed to be server side but, like any site, could benefit from client-side JavaScript enhancements.

How “Hey Siri” works with multiple devices

Apple Support:

When you say “Hey Siri” near multiple devices that support “Hey Siri,” the devices quickly communicate to each other using Bluetooth to determine which one should respond to the request. The device that heard you best or was recently raised will respond.

HomePod responds to most Siri requests, even if there are other devices that support “Hey Siri” nearby. If you want to use Siri on a specific device, raise to wake that device or press the button to use Siri, then make your request.

I’ve found this works great, I’ve also tried Hey Google with multiple devices and saw some not so great results as all devices rush to answer at the same time and respond to your request.

Apple Opens Repair Program for iPhone 7

Apple:

Apple has determined that a small percentage of iPhone 7 devices may show “No Service” in the status bar (even if cellular coverage is available), due to a component that has failed on the main logic board.

These affected units were manufactured between September 2016 and February 2018 and sold in China, Hong Kong, Japan, Macao, and the U.S.

If your device exhibits the symptom described above, Apple will repair your device, free of charge. Your iPhone will be examined prior to any service to verify that it is eligible for this program. This program only applies to iPhone 7.

Surface Pro 4 owners are putting their tablets in freezers to fix screen flickering issues

Tom Warren, writing for The Verge

Some owners have even started freezing their tablets to stop the screen flickering temporarily. “I get about half an hour’s use out of it after ten minutes in the freezer,” says one owner. Another user posted a video showing how the flickering stops as soon as the Surface Pro 4 is placed in a freezer.

The Verge understands that the screen flickering problem is a hardware issue that Microsoft won’t be able to fix with a software update. It’s currently affecting less than 1 percent of all Surface Pro 4 devices.

What?????

I own a Surface Pro 4, use it for testing, etc and have never encountered this issue (one of the 99% I guess) but putting a computer in a freezer?

This is not a fix.