New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vodafone: CallYa Toppings not redeemable #1780
Comments
On 08/02/2014 10:43 AM, SecUpwN wrote:
TextSecure adds 13 spaces to the end of every plaintext message. This
|
Thanks for chiming in directly, @moxie0. And congrats for hitting my wound spot. 😸 |
Because there's no other way to detect that someone else is a TextSecure user before an encrypted session has started. This whitespace tagging is how that signalling is done. |
Interesting. So when a TextSecure user sends out a normal SMS to another TextSecure user without having exchange keys, TextSecure recognizes the use of TextSecure on the other end through these 13 whitespaces. Did I get this right? If so, maybe you can add an option to (temporarily) turn off the signalling? |
yes, but here is the "keep the settings minimal" rule. such thing is a typical "let's confuse the average user and bloat the menu" option. |
@bungabunga, I agree with your point that TextSecure already is a complex tool. But can't we just add a checkbox called "Expert-Mode" within the settings to enable such features as proposed here? This Issue just states the particular case of my friends and me, but imagine someone who wants to confirm some important booking confirmation like a flight (which is probably very unlikely) or other stuff that has to be confirmed by a certain word or number. What about those cases? Shouldn't the use of TextSecure still provide all the basic SMS functionality? I already see the argument coming that this Issue with the circumstances and problems mentioned in it would be a "perfect reason" to erase the encrypted SMS functionality. But if you really think that way, you're on a wrong path. In my eyes, an "Expert-Mode" within the settings would make much sense, because many things that are yet confusing to the average chump could be put into this place. When enabling "Expert-Mode", a small warning could be displayed to prompt the user to get familiar with these "dangerous" functions and know what he is doing in the first place. The overall settings of TextSecure could be "cleaned up" that way, too. |
In my opinion this would be a colossal waste of time, talent, and energy that is better spent on implementing features that are already important in the present and absolutely critical for the future--features that this horribly outdated and terribly insecure transport layer cannot ever support. |
I have the slight feeling that everybody just want encrypted SMS to be gone and that nothing regarding this feature will be improved but rather labeled as a "waste of time". All I would like to do is have a convenient way of sending out certain SMS to confirm things without having to have the creepy standard SMS app. The first thing I do after having flashed a fresh build of my beloved AOKP is to completely get rid of a bunch of stuff I don't need - including the standard SMS app. And if you tell me now "Hey, why don't you switch the SMS app just to send out this confirmation" I reassure you that this clearly is not the way TextSecure is meant to be. For me, it is my improved and much better replacement for the standard SMS app and I won't keep both. Isn't there some way of getting rid of the whitespace tag, @jlund? |
Yes there is: eliminating encrypted SMS. |
@SecUpwN I recommend that you check out the CONTRIBUTING.md file, which outlines some of the ways we're thinking about this project. What you're asking for is in contradiction to rule no. 1, "the answer is not more options," and also rule no. 3 "there are no power users." As an aside, you might not be able to get rid of the standard SMS app. I don't know about AOKP, but some ROMs require the system SMS app to be present for the system's outgoing SMS provider. |
@jlund, if you want TextSecure to be like any other fucking messenger out there and people stop using it, do so. Let me ask you this: What makes TextSecure unique after erasing encrypted SMS? I don't get it. @moxie0, thanks for pointing out how to contribute. I will follow along those lines from now on. But truly, not having a way of turning off the whitespace tagging is really a bummer. Wonder why noone complains, filed Issues about this before or contributed code to solve this problem (which is common in Germany). |
hey, @SecUpwN, i am also very sad to see encrypted SMS feature getting phased out from TextSecure. i agree with most of the arguments why this is still a very important feature and i am using it on a daily basis. on the other hand, i really respect TextSecure and it's philosophy that is so nicely put in the Development Ideology. i think this is what makes TextSecure standing out among most of the open source privacy apps and makes it usable for the general public. we really need tools for private communication for everybody!! and adding obscure settings that my mother wouldn't understand heads to a different direction. TS developers really need to be strict here. if encrypted SMS feature can't be made following those rules, than let it get phased out. :/ |
@bungabunga and @moxie0, how about if I submitted a pull request for the discussed possibility of deleting the whitespace tag? Would it be accepted or can you honestly tell that it's "senseless"? |
how about detecting if the number is a service number? It's highly unlikely that a service number will process encrypted SMS. Maybe libphonenumber could be useful to detect this. |
@eisenlaub, herzlichen Dank für Deine Hilfe! 😺 I think those guys avoid all further work on SMS. |
Just decide if TextSecure is for experts or for average Joe. You refuse to add more advanced options arguing that average user will be confused. On the other hand you expect "average" user to know about whitespace tag and if they want to send service sms they should go to Settings->Wireless & Networks->Default SMS app-> choose stock sms app-> open that app, write, send, and change it all back to TextSecure EVERY time they want to send that special sms... Solution for service SMS: Please, don't hate me... I really want to be liked.
|
@kuba86, I very much enjoyed reading your comment - but I'm afraid the internal discussion on how @moxie0 and the other developers are going to throw out SMS in the long run is already decided. I must admit that I very much support your point in adding those menus that pop up when holding the send-button. And if anything like that will ever get added, expeect me to contribute code to TextSecure! Overall, I like you. You seem to be a smart person - just like we need in our very own security-related project (yes, I'm going to cross-advertise here since no developers seem to be interested of solving this Issue and will most likely just silently close it): The Android IMSI-Catcher Detector - feel free to join us! |
Not that I have anything to say or was involved with that decision, but throwing out encrypted SMS (not SMS at all) will actually solve this issue: The whitespace-tagging is then not needed anymore and will probably cease to exist. Only one of a truckload of reasons why encrypted SMS is PITA. ;) |
@tinloaf, with your above reasoning, TextSecure becomes senseless for me (and most likely others). |
@SecUpwN It's their app and they should do what they want with it. If someone wants to have more options and know how to code they can fork it (maybe some day I will have the skills and time to do it and convince some people to join me) In my opinion throwing SMS support out will cause most users to forget that TextSecure exist and most people will not even install it. It will be used by geeks and people involved in the project. Example scenario: a lot of people turn off data and WIFI when their battery is low and then they are forced to communicate via SMS. Right now TextSecure is the ONLY solution (that I know of) that gives secure and transparent solution for secure communication via push and SMS in one app. Once you get rid off in-app SMS communication these users are left with no communication or insecure SMS. @moxie0 I hope the SMS support will stay since it is the best feature of TextSecure. Or that CM will release their SMS app in Play Store so other people can use it without CM installed. |
This will not happen. Encrypted SMS are on their way out.
And you will be able to still do that in the future (if plans don't change). Only that SMS will not be encrypted anymore betwees TS users. Only Push-Messages will be encrypted. Sending unencrypted SMS (i.e. using TS as your SMS app) is not (that I know of) being thrown out. sigh This feels like the 100th time writing this, and this is not what this issue is about, just trying to counter the alarmist "everything is going to be useless" claims.. |
@tinloaf Then what is the point to keep unencrypted SMS? oh never mind :-) It's their baby, they know what is best for it. I know they need to get focus on push messages and can't fight with SMS issues. It probably halts app/server/protocol/iOS/RedPhone development. They have a lot on their plates. Hopefully someone will come along and create an app that supports encrypted SMS and push messages all accomplished with TextSecure messaging protocol. |
@tinloaf, I'm digging this up again since it is still present in the current version of TextSecure. I wonder if there wouldn't be a convenient way to detect if the number the SMS is sent to is actually a service number? I mean, TextSecure is able to warn about the "possible costs" of that SMS, why not take away the spacing at the same time when that detection happens? |
This should be fixed soon, since sending encrypted sms will not be possible anymore in the next release |
@agrajaghh, awesome! So what was the purpose of TextSecure again? :( |
Locked in 3...2...1... |
Hi there TextSecure developers, @moxie0 and all you funky freaks of the GitHub community,
let me first say that I still love TextSecure and keep using it until encrypted SMS are vanishing.
Now to the Issue several friends of mine and I do have: For the ones that do not use CallYa Toppings, here is a short explanation: CallYa Toppings is a bonus program for prepaid users, which is offered by Vodafone when recharging the prepaid card. Selectable toppings: Free minutes, free SMS or free surf-flats. The longer a prepaid user is using the same prepaid card from Vodafone, the more Toppings this user will get.
The usual redeeming process is the following:
22990
to show available Toppings.AUSWAHL
to22990
a user can change the available Topping)TOPPING
to22990
.22919
.The Issue: When sending
TOPPING
to22990
, my friends and I just get an SMS from number22919
that the booking code is "wrong" and that we shall check it and try again. I've been in a huge fight with the Vodafone customer service, called them at least 10 times, have ruined their shops over here in Germany, wrote multiple heavy complaints to them and was really upset - until my girlfriend noticed that this Issue appeared since we've been using TextSecure. To verify this, I've used the standard SMS application - and there it works flawlessly. Through the standard SMS app, Vodafone recognizes the selection and grants it.Questions: Does TextSecure add special characters to each SMS or modify normal SMS even though sending them unencrypted through the network? Or does Vodafone recognize that I'm using TextSecure and does not want to grant access to the Toppings for users where they can't spy on their SMS?
If there are things to test, data to collect or anything else to resolve this, please let me know.
The text was updated successfully, but these errors were encountered: