Post ASocYeW2hV3YOFoGtE by mcc@mastodon.social
(DIR) More posts by mcc@mastodon.social
(DIR) Post #ASoWvTSdMxsB2UiMRU by seldo@alpaca.gold
2023-02-18T19:45:12Z
0 likes, 0 repeats
It's even weirder because app-based auth (which is better!) is still available to free users so they are making shitty security a premium feature? Are they trying to save on SMS bills or something? https://gruene.social/@weddige/109887396394437654
(DIR) Post #ASoX3cavIJZ7gRTbyS by pwbrooks@friend.camp
2023-02-18T19:46:39Z
0 likes, 0 repeats
@seldo I think that's exactly it. IIRC they briefly cut off SMS 2FA for entire countries at one point because they felt the operators were charging them too much for it
(DIR) Post #ASoXASDWHAmJWdmuMS by aredridel@kolektiva.social
2023-02-18T19:47:12Z
0 likes, 0 repeats
@seldo Totally sounds like trying to lower SMS bills ("make Twitter profitable" is I think attached to Elon's ego), but I'd not bet against "Elon has a grudge against the leadership at the SMS vendor"
(DIR) Post #ASoXH448T6t2eGYCem by piofthings@mastodon.social
2023-02-18T19:47:22Z
0 likes, 0 repeats
@seldo I think Musk just found out his Twillio bills for Twitter :D :D :D
(DIR) Post #ASoXPW2qKJCjjzyZOK by floby@mastodon.social
2023-02-18T19:50:25Z
0 likes, 0 repeats
@seldo I read that it's indeed to reduce SMS bills as Elon Says (I know)> some shady SMS providers leverage fake accounts and authorization requests to bill twitterVerified phone numbers is also wildly used to target adds accross websites and thus poses serious privacy issues. So in that regard I'm all for the move.
(DIR) Post #ASoXneCTelo9z5zO6a by winjer@m.adju.st
2023-02-18T19:54:52Z
0 likes, 0 repeats
@seldo yeah it's their SMS bill that's the problem.
(DIR) Post #ASoYJ9SdTqAhulZMw4 by bobo_of_id@mastodon.social
2023-02-18T20:00:36Z
0 likes, 0 repeats
@seldo they are definitely trying to save on those bills.
(DIR) Post #ASocYeW2hV3YOFoGtE by mcc@mastodon.social
2023-02-18T19:57:22Z
0 likes, 0 repeats
@floby @seldo they normally require phone authentication to prove you aren't a bot if their pretty-wide heuristic starts to suspect you are one. I really wonder how that's going to interact with this.
(DIR) Post #ASocYf1wmsZpzCjkcS by KWierso@mastodon.social
2023-02-18T20:45:38Z
0 likes, 0 repeats
@mcc @floby @seldo it looks like if you currently use sms2fa but don't pay for blue, if you don't remove your 2fa config before the deadline you'll lose your ability to log in at all since they won't send out auth codes.So, if you're a sms2fa-using Blue subscriber, and your card expires and you miss a Blue monthly payment, do you also lose your ability to log in and update payment methods to continue being able to receive auth codes?
(DIR) Post #ASocYfmjyu0WKKd7YW by seldo@alpaca.gold
2023-02-18T20:48:19Z
0 likes, 0 repeats
@KWierso @mcc @floby They definitely thought this all the way through before announcing the policy, just like all the other policy changes announced by tweets after midnight by Elmo.
(DIR) Post #ASocr1hnDmEHWX4Eq0 by mcc@mastodon.social
2023-02-18T20:51:33Z
0 likes, 0 repeats
@seldo @KWierso @floby something I've been thinking about is how if you're an online service traditionally you never ship or announce changes on a Friday but if you're a politician traditionally you always make announcements on a Friday so people's ability to respond is diminish, and they're closer to the second scenario than the first