We’re excited to announce the upcoming release of some new security features, designed to keep your email account more secure than ever before.
On Monday, 25th July, we’ll be launching a range of new security features to provide greater protection in making sure you, and only you, can access your FastMail account.
For most users, the most noticeable change is simply that the login box will move from our homepage to its own dedicated page, so you might want to update any bookmarks. We've provided a complete overview of what else is changing below.
We understand that sometimes change can bring uncertainty, however we want to assure all our users that we’re not changing how you send and receive emails within FastMail. We’ve simply added some additional security measures for greater peace of mind.
As a leader in email security, we’re always looking for more ways we can help you keep your account secure, and we believe our new security features make FastMail an ever better choice for secure email hosting.
The new security features will only require small changes from you but will offer huge improvements in the security of your account, greatly reducing any chance of your account becoming compromised.
Two-step verification (also known as ‘two-factor authentication’ or ‘2FA’) increases the security of your account by requiring something you have (your phone or a special security key), to be paired with something you know (your password), in order to log in to your account.
You are probably already familiar with two-step verification, even if you are not familiar with the name. For example, if you use online banking then you may occasionally need to verify your account via an SMS code. Or if you log into a web-based account from a different device or computer then you might be asked to verify your account with an additional code, usually generated at the time of log in as an SMS to your phone.
With the changes coming next week, we’ve made it easier than ever to add this extra layer of security to your account. We’ll be supporting two-step verification with either an app on your phone, a dedicated security device that plugs into your computer (U2F or old-style Yubikey), or a code sent by SMS. Once enabled, you’ll need to use two-step verification to log in from your web browser, or the FastMail mobile app.
If you're currently using our "alternate logins" system, you will need to migrate to the new system sometime in the next month. We will be removing all old-style "alternate logins" on 31st August. Also, please note that if your alternate login has a second factor, you will now be asked for this after submitting your username and password, rather than entering it on the initial login page.
When you set up third party apps to access your FastMail account (such as Outlook or Mail.app on your phone or desktop), in the future you will need to log in to the web first and get a special app password. This password will restrict access to just what the app needs, so it can't be used to change your settings, for example. It also allows you to easily remove the app's access to your account should you ever lose your phone or computer, without having to change your password everywhere. We will generate a secure app password for you, and don't worry – you won't have to remember it!
Any devices you already have set up will continue to work just fine with your regular FastMail password. We will gradually help existing customers to upgrade to the new system for all apps over the coming months, but there will be no change immediately. If you set up the new two-step verification however, you will need to update your apps immediately with an app password, as third-party apps do not currently support two-step verification.
In the past you could add a backup email address to your account, which we could use to help you recover access should you forget your password. With the upcoming changes, you will be able to add multiple email addresses and also now phone numbers that we can use to verify your identity. As always, we take your privacy very seriously and will only ever use these details to keep your account secure. We never share them with anyone else.
We have a new account recovery tool that will also be launching soon. This will allow you to regain access to your account more quickly and easily should you get locked out, while providing greater security than ever before against malicious users trying to get in.
Want to learn more about staying safe online? In the lead up to next week's launch of these new security improvements, we'll be posting helpful and informative blog posts each day this week. Check back each day for some more background and additional information on what you can do to keep your account secure, manage your passwords and recover your account should you ever get locked out.
Got any security questions or recommendations? Tweet us @FastMail using the hashtag #securitymatters.
Last week in a blog post, I wrote:
My daughter’s iPhone can’t deliver a strep test to her, yet. But it can deliver an eye exam and a hearing test.
So I thought I would showcase one of these iPhone based medical tests on feature friday today.
If you download an app on your iPhone called “Mimi Hearing Test” and install it, you can test your hearing with your earbuds.
I did that this morning.
It is just like the hearing tests you do at the doctor’s office. As I suffer from mild hearing loss, I have done this test a bunch in doctors offices over the years.
You sit in a quiet spot and wait for beeps in your right or left ear and when you hear them you press the right or left button.
The quick test lasts about three or four minutes and when you are done you get results like this:
You then store your profile in the system and are then offered additional services:
And, once you’ve done an in-depth test and stored that, you can use the Mimi Music app to enhance the music listening on your iPhone.
I assume that is just the start of a suite of enhanced audio apps and products that Mimi intends to offer.
Full disclosure – The Gotham Gal is an investor in Mimi and therefore I have a financial interest in the company too.
19 June 2016
Tim is a retired Marine infantry officer. I spent much time with Tim in various provinces in Afghanistan, such as Nangarhar, Kabul, Kandahar, Helmand, Nimoroz.
Good Lord almighty we went everywhere together, often alone or with just one other man, an ex-Aussie Soldier named Shem.
First time Tim picked me up in Kabul to take me to Jalalabad, Nangarhar, there was a bag beside me in the backseat filled with grenades. I said I'll just help myself to a couple of these.
We were going down roads sometimes passing burning and blown-up, shot up vehicles. IED holes, and people who obviously were Taliban and associates, yet somehow we got away with it. You had to be there to believe it.
I was not advertising this at the time due to the obvious peril, but we both learned a lot about the war which left both of us ahead of the curve when writing about it.
This morning I checked Tim's website and saw that he posted on the Orlando shooting.
Our thoughts are parallel on this.
The people in the nightclub should have bum rushed the shooter, and the first two cops on the scene should have gone in there in the combat mode.
Anyway, people with much infantry or special operations combat experience realize that there should not have been a three-hour standoff. That should have been over in five minutes.
Some people offline have said, "But what if he had a bomb?" So what? What if he did have a bomb? You might die. Go in there and get him. If you die you die.
That was not a hostage situation. He was killing innocent people.
I published something similar after the Paris attack and Facebook blocked me for 7 days. Hopefully they will not block me this time.
After I saw Tim's piece, I just called him in Texas and we talked for about 20 minutes. I said right on, keep it coming.
This is real experience talking, not idle chatter and not bluster. We both have seen a lot of combat. There is only one thing to do in a situation like this -- attack, attack, attack:
Fourth Generation War Comes To America: What Are You Going To Do About It?
by babatim on June 19th, 2016
Orlando is not the first mass shooting by a so called ‘Lone Wolf’ Islamic Jihadist in America; it’s the seventh in recent years but this one is different. The knee jerk reaction from the political left and their media enablers has (unbelievably) gained traction in the establishment media. The Orlando massacre has nothing to do with guns; decreasing the civil liberties of law abiding Americans is not the answer. A majority of the American public knows this and are dismissing the governing elites attempts to spin this attack for political advantage out of hand. The problem is Islamic Jihadists and the fact that they are embedded inside our society and are going to, with ever increasing frequency, attack the citizens around them in the name of Allah. It’s what they do.
I find myself in a unique position, given my background, training and experiences, to write about an appropriate response to the Icehole (the FRI name for ISIS) violence. I’m a retired Marine infantryman who taught at a professional firearms training academy for several years. I also spent over 8 years in Afghanistan; most of that time I was in the contested provinces and all of that time I lived outside the wire embedded inside the local community. I carried a sidearm (and often a rifle) daily and when in the south I was never without fragmentation grenades in both my vest pockets. I have spent decades studying the literature associated with gun fights and gun fighters. I met Dave Grossman before he published On Killing and used his unpublished manuscript when we remodeled the USMC Infantry Officer Course close combat package. I had the honor of meeting and listening to Col. Boyd before he passed. For those of you who do not recognize these names read on – they are the core of the Sheepdog phenomenon and Sheepdogs are about to step onto the historical stage and light the way for freedom loving peoples to follow.
That the target was a gay night club is irrelevant. Homosexuality and Islam have a strange relationship due to the many peculiar customs routine among unmarried young adult males that in the west would consider homosexual. That’s old news. My speculation is that the nature of the target aided the Icehole shooter by de-humanizing his targets through the interpretation of the targeted group contained in the Koran. He could have targeted a stripper bar or any kind of bar for the same reason.
This observation enrages the gay rights crowd who insist this attack was an attack on gays specifically and thus a hate crime first and a Jihadist crime second. I am not sure what difference it makes to view the attack this way; as far as I’m concern this was an attack on the foundations this country was founded on and thus an attack on all of us; not just gays. But I have family and friends who find this view reprehensible and I don’t know what to say about that except I love my family and friends and am trying to show you a way forward that is not predicated on fear.
It is clear that our federal and local law enforcement agencies are not capable of protecting us from the Islamic Jihadi threat. Look at the latest Icehole Shooter; interviewed by the FBI twice, a gun store owner refused to sell him weapons or body armor and reported him to the FBI as a potential Jihadi terrorist, the store that did sell him the guns also called the FBI after doing so because they thought him a potential threat. The Orlando police department waited three hours (do you honestly believe with a 100 people already shot the police thought they had a hostage situation?) to take out the Icehole and how many people bled out and died due to the tactics of risk aversion is unknown but (given the circumstances) had to be a considerable. There was even an off duty cop outside the club who traded shots with the Icehole but then fell out of the media narrative. Where the hell did he go? Why didn’t he follow the Icehole in and try to take him out? I’ don’t know why but can tell you that he’s no sheepdog and that is the case with the vast majority of law enforcement officers in America. They can’t be sheepdogs because they can’t fight…your average police officer is barely capable of qualifying with a weapon and has no (as in zero) training on how to function in a gun fight.
Obama and the sycophants he has installed at the helm of the American government are still importing tens of thousands of un-assimilateable, hostile Muslims (not our former interpreters who we promised could come here) into our country and setting them up with our tax money. Why? Because for Obama and company moral preening is more important than the lives of Americans – most of whom are white people and we know what Obama thinks about white people.
Mistaking the government for a competent entity that cares about the average American citizen is insane. We’re on our own when it comes to Islamic terrorists folks and my question is what are you going to do about it?
For a vast majority the best thing to do is nothing. The chances of being caught up in one of these attacks are remote. You can live your life without changing daily routines or habits because you will never be caught up in a terrorist attack. This is the “hope” plan as in “I hope it doesn’t happen to me” and given the laws of averages it will prove a solid plan for the vast majority currently residing in the United States.
Those who do nothing about the threat of Jihadi’s are sheep; they cannot or will not accept responsibility for their personal safety or the safety of those around them. The law of averages, not The Law is their only protection. But the law of averages is moot if you are in the cross-hairs and there are thousands of Americans alive today who will be killed by Jihadis in the future because our government has neither the will or ability to stop them.
For law abiding Americans who believe hope is not an adequate plan there is another option and that is to become a sheepdog. Human Sheepdogs are, by nature, not a threat to their fellow citizens but are death dealing fighting machines when they, their loved ones or the sheep (other citizens) are in peril. To be effective in this role the sheepdog needs to be prepared mentally, physically and emotionally for close quarters battle (CQB). Death lurks in the CQB environment; the only way to beat death is to kill without hesitation or remorse. That is not easy to do.
Don’t think you’re up for that? Think again, if a woman can fight off a mountain lion with her bare hands or a retiree with poor gun handling skills and piss poor physical conditioning can run off two strongarm robbers (who both had guns) out of an internet cafe then you can take on a Icehole Jihadi. The other option is to submit and die.
If you are a christian who believes your religion forbids the taking of human life I urge you to read this post at the Captain Journal. Herschel Smith can sort you out in a heart beat. He is also the most prolific (and best) blogger in the country on Sheepdog related issues.
Sheepdog Mental Conditioning
Perspective sheepdogs should start their professional development with the man who came up with the Sheepdog concept ; LTC Dave Grossman, USA (Ret) and his book On Killing . Understanding the psychological basis for overcoming man’s instinctive reluctance to taking a human life is critical to developing the mind set required to fight and survive in a close quarter gun battle. One of the most important lessons to internalize from Col Grossman is his intra vs extra species conflict model. Many of you are familiar with the “fight or flight” model which is a good conflict model for exta-species encounters. When confronted by a Rattlesnake your options are to kill it or leave it alone and leave the area. When confronted with a human threat the fight or flight model expands to include posture and submission. Most of the fights you have witnessed in your life involved tedious verbal and physical posturing before the adversaries came to blows. Many victims of violent crime submitted when confronted by the criminal. Understanding how violent encounters escalate as well as the normal human responses to violence is imperative because the Sheepdog has to learn to bypass them to be effective.
Another essential book is The Gift of Fear by Gavin de Becker. Dave Grossman speaks at the Gavin DeBecker and Associates Mosaic Threat Assessment seminars and I was scheduled to go to one years ago but it was cancelled due to wildfires at the venue in Big Bear. I remain disappointed to this day. The Gift of Fear is a textbook on how to spot human predatory behavior. This understanding hones the senses by providing a framework that assists in anomaly detection. Detecting anomalies within the daily pattern of life is the quickest way to identify a potential threat. You do not need a laundry list of things to look for you just need to pay attention to every anomaly that catches your eye. Behaviors like loitering, angry hostile stares, excessive headgear in warm weather, sunglasses at night etc… could mean something or could mean nothing.
We have been told by the media, educators, politicians and other members of the ruling class that violent acts are unpredictable. That is absolutely not true and DeBecker’s book will teach you why. Remember our most recent Icehole shooter was throwing off such obvious, hostile vibes that two gun stores reported him to the FBI. How do you think that Icehole was looking before he unmasked inside the Pulse nightclub …what kind of vibes was he throwing off? DeBecker will teach you what is already ingrained inside your brain housing group and that’s how to spot predators. More importantly he’ll eliminate the most common response to the sudden appearance of dangerous anomalies which is denial.
The last topic to read up on is the OODA loop. There is much written by and about Col John Boyd, USAF (Ret) so a link to a compendium of his writings is here . OODA is the acronym for Observe Orient Decide Act and it’s importance to a gunfighter cannot be overstated. Once you enter the fray you function on mental and physical conditioning; there is minimal cognition occurring as you adjust to the noise suppressing, vision narrowing, fine motor skill degrading rush of adrenaline. It is tough to handle which is why high end firearms instruction includes breathing exercises that are designed to bleed off adrenaline and keep the pulse below 150. The time to think is while observing and the sooner you orient onto a target the more time you have to prepare for the upcoming fight. Once the flag drops there is no time for thinking…only action counts.
The next post will cover the mechanics of gun-fighting in the close quarter environment but there is one more component of the combat mindset that needs to be internalized and its not good news. If you are in the midst of a Jihadi attack and present a gun to fight back you’re going to get shot. There is no way around it; you have to understand up front you will be hit so that when you are hit you stay in the fight. Being shot is not the same as being killed and most people who are shot in America do not die.
Of course it is possible to intervene in a shooting and come out of the encounter without a scratch but you can’t think that is going to happen before you fight. You have to understand you’re going to get hit and might well die and then you have to ignore that and fight like a demon possessed. Going through the crucible and emerging without a scratch means you’re lucky, or blessed or cursed….as some of my fellow vets know being the one guy to walk away from a gunfight without a scratch can be a curse as well as a blessing….but I digress.
People who have been hit hard will bleed out if they are left in a pool of their own blood for three hours before the cops feel its safe enough for them to go in and get them. For the people who were shot at the Pulse it was their bad luck to be attacked in a city with a substandard, risk adverse, tactical unit.
The Sheepdog deals with reality not the narrative and the reality is he is on his own when confronting Iceholes (or common criminals dubbed ‘teens’ by the establishment media). So my perspective sheepdog friends remember the essential truth for sheepdogs. If caught up in an Icehole attack you are on your own. There is no one coming to help you; you have to deal with the threat and rescue the injured because that’s what sheepdogs do. Sheepdogs are humans who are not perfect, we are tolerant of the normal faults and foibles of our fellow man with one exception: we cannot stand and will not associate with cowards.
Click here to see Tim's article over at Free Range International.
Turning a great app into a successful business requires more than simply releasing your app and calling it a day. You need to quickly adapt to your user’s feedback, test out new features and deliver content that your users care about most.
This is what Firebase Remote Config is made for. By allowing you to change the look and feel of your app from the cloud, Firebase Remote Config enables you to stay responsive to your user’s needs. Firebase Remote Config also enables you to deliver different content to different users, so you can run experiments, gradually roll out features, and even deliver customized content based on how your users interact within your app.
Let's look at what you can accomplish when your wire up your app to work with Remote Config.
We've all had the experience of shipping an app and discovering soon afterwards that it was less than perfect. Maybe you had incorrect or confusing text that your users don't like. Maybe you made a level in your game too difficult, and players aren't able to progress past it. Or maybe it was something as simple as adding an animation that takes too long to complete.
Traditionally, you'd need to fix these kinds of mistakes by updating those values in your app's code, building and publishing a new version of your app, and then waiting for all your users to download the new version.
But if you've wired up your app for Remote Config in the Firebase platform, you can quickly and easily change those values directly in the cloud. Remote Config can download those new values the next time your user starts your app and address your users' needs, all without having to publish a new version of your app.
Firebase Remote Config allows you to deliver different configurations to targeted groups of users by making use of conditions, which use targeting rules to deliver specific values for different users. For example, you can send down custom Remote Config data to your users in different countries. Or, you can send down different data sets separately to iOS and Android devices.
You can can also deliver different values based on audiences you've defined in Firebase Analytics for some more sophisticated targeting. So if you want to change the look of your in-app store just for players who have visited your store in the past, but haven't purchased anything yet, that's something you can do by creating Remote Config values just for that audience.
Remote Config conditions also allow you to deliver different values to random sets of users. You can take advantage of this feature to run A/B tests or to gradually rollout new features.
If you are launching a new feature in your app but aren't sure if your audience is going to love it, you can hide it behind a flag in your code. Then, you can change the value of that flag using Remote Config to turn the feature on or off. By defining a "My New Feature Experiment" condition that is active for, say, 10% of the population, you can turn on this new feature for a small subset of your users, and make sure it's a great experience before you turn it on for the rest of your population.
Similarly, you can run A/B tests by supplying different values to different population groups. Want to see if people are more likely to complete a purchase if your in-app purchase button says, "Buy now" or "Checkout"? That's the kind of experiment you can easily run using A/B tests.
If you want to track the results of these A/B tests, you can do that today by setting a user property in Firebase Analytics based on your experiment. Then, you can filter any of your Firebase Analytics reports (like whether or not the user started the purchase process) by this property. Watch this space for news on upcoming improvements to A/B testing.
Many of our early partners have already been using Firebase Remote config to test out changes within their app.
Fabulous, an app from Duke University's designed to help people adopt better lifestyle habits, wanted to experiment with their getting started flow to see which methods were most effective for getting their users up and running in their app. They not only A/B tested changes like images, text, and button labels, but they also A/B tested the entire onboarding process by using Remote Config to determine what dialogs people saw and in what order.
Thanks to their experiments with Remote Config, Fabulous was able to increase the number of people who completed their onboarding flow from 42% to 64%, and their one-day retention rate by 27%.
Research has shown that an average app loses the majority of their users in the first 3 days, so making these kinds of improvements to your app's onboarding process -- and confirming their effectiveness by conducting A/B tests -- can be crucial to ensuring the long-term success of your app.
When you use remote config Remote Config, you can supply all of your default values locally on the device, then only send down new values from the cloud where they differ from your defaults. This gives you the flexibility to wire up every value in your app to be potentially configurable through Remote Config, while keeping your network calls lightweight because you're only sending down changes. So feel free to take all your hard-coded strings, constants, and that AppConstants file you've got sitting around (it's okay, we all have one), and wire 'em up for Remote Config!
Firebase Remote Config is part of the Firebase platform and is available for free on both iOS and Android. If you want to find out more, please see our documentation and be sure to explore all the features of the Firebase SDK.