What is Public Key Cryptography?
From TLS to authentication, “crypto” is used for a lot more than just currencies. In 2018, security should be part of every developer's toolkit and cryptography a fundamental building block for the libraries and tools we use to protect our data and applications. This post will dive into modern cryptography, an overview of how it works, and its everyday use cases — including how Twilio uses public-key crypto in our Authy application and to secure our API.
Let's start with some context and history.
Meet Alice and Bob
Alice and Bob have a history of illicit dealings. We're not really sure what they're up to, but they don't want us, or the ever-curious Eve, to know. Before the internet, Alice and Bob could pass secret messages by encrypting text with an agreed upon cipher. Maybe that was through letter substitution or shifting or other sophisticated methods. They agreed on the method ...
Build an Emojidex with Python and the Twilio WhatsApp API
If you've ever wondered about the story behind your favorite emoji, this app is for you. We'll build an interactive bot to give us more information about just what 💁 is doing. With the Twilio API for WhatsApp and Emojipedia 👌😍 we can easily query this information on demand.
🌅 Getting started
Before we can dig into some code, make sure that your Python and Flask development environment is setup. If you haven't done so already,
- Install Python 3
- Install Ngrok to make your Flask app visible from the internet so Twilio can send requests to it
- Set up your Python development environment
If you're new to Python and Flask check out this handy guide for more information on getting started.
I've started the project off, so clone or download the repo from GitHub and checkout the
git clone -b getting-started firstname.lastname@example.org:robinske/emojimon-whatsapp.git
💬 Setting Up Twilio API ...
How to Test Your iOS Application on a Real Device
There are some features of iOS apps that don’t work from the iOS simulator. Maybe you want to test how your application works with the device camera or send an SMS message from your application. For these examples and more you’ll need to test and debug your app using a real device.
This post will walk through how to run the Xcode simulator on your iPhone or other iOS device and show you how to fix some common errors you’ll see along the way.
How to select your iPhone as the “Simulator” Device
Simulator is in quotes here since this will create an actual app on your phone; it’s no longer a simulation. Open up a project in Xcode and click on the device near the Run ▶ button at the top left of your Xcode screen.
Plug your iPhone into your computer. You can select your ...
How to do Phone Verification in iOS Apps with Twilio Verify and Swift
Security is at the top of everyone’s mind and phone verification is a simple way to secure your application and help prevent bot accounts. Phone verification is a common security tool used when people sign up for a product or give you their phone number for the first time.
Confidence in your users’ phone numbers decreases fraud and increases reliability of notifications. Let’s take a look at how to verify phone numbers from an iOS application using Swift and the Twilio Verify API.
This tutorial will walk you through the process of SMS phone verification step by step. You can check out the final project on my GitHub.
What you’ll need
To code along with this post, you’ll need:
Navigate to the Twilio Console and grab ...
Getting Started with Apache Spark by Analyzing Pwned Passwords
Apache Spark aims to solve the problem of working with large scale distributed data and with access to over 500 million leaked passwords we have a lot of data to dig through. If you spend any time with the password data set, you’ll notice how simple most passwords are. This is why we’re always thinking about how to encourage stronger passwords and recommend turning on Two-factor authentication everywhere it’s available.
While tools like Excel and Python are great for data analysis, Spark helps solve the problem of what to do once the data you’re working with gets too large to fit into the memory of your local computer.
This tutorial will show you how to get setup for running Spark and introduce the tools and code that allow you to do data manipulation and exploration. Read on to find out how to spot the most common ...
Round up: Libraries for checking Pwned Passwords in your 7 favorite languages
Earlier this year Troy Hunt released version 2 of his popular Pwned Passwords API service. The new version comes with even more compromised passwords and a more secure way to query the password API that doesn’t require sending plain text passwords over the network.
The API update comes at a good time. When NIST updated its password guidelines in 2016, it included a new recommendation to check “memorized secret verifiers”, or passwords, against known data breaches:
When processing requests to establish and change memorized secrets, verifiers SHALL compare the prospective secrets against a list that contains values known to be commonly-used, expected, or compromised. For example, the list MAY include, but is not limited to passwords obtained from previous breach corpuses.
Since the API release, the community has created API wrappers in many of our favorite programming languages. In this post, I round up the libraries in 7 languages ...
How I keep my mom updated on my travel schedule with Python, Twilio, and Google Calendar
I travel a lot for both work and pleasure. My mom loves to know where I’m jetsetting off to and I was failing to keep her properly updated. I could share my location via Find my Friends, but that doesn’t solve the problem of upcoming travel events. I could create a shared document or calendar, but she isn’t always in front of a computer.
Enter the Where’s Kelley bot.
Using Twilio SMS, I hooked up a phone number to my Google calendar and created a simple text message bot that my mom can ask about my current location and upcoming travel schedule.
This post will walk through how to build one for yourself! Check out the final code here or follow along with this tutorial to build your own Text Travel Tracker from scratch.
Google Calendar API and Service Accounts
First things first, you’ll need ...
How to Encourage Stronger Passwords: P1e@$e $t0p Using Bad Rules
We have a big problem when it comes to password security.
People reuse passwords. And they use passwords that are short and easy to guess. This is a problem because even if you don’t care if your Myspace account gets hacked, if you were using the same password there as you are for your email or your bank account, you’re gonna have a bad time.
That’s because hackers will use those leaked credentials to gain access to your other accounts in a process known as credential stuffing. It’s still common practice because bad actors can make a lot of money doing this.
You may hope people have moved past using short, easy to crack passwords like 123456, but of course there are people that still use them.
In fact this password, 123456, has been seen over 20 million times according to the site haveibeenpwned, a project ...
Responding to Incoming Text Messages with Scala and Finatra
If you’ve ever wanted to create an SMS bot with Scala, you’re in the right place. Perhaps you’re looking for an interactive way to learn Scala or trying to build some automation into your customer interactions. Your SMS bot can be informational or just pure fun. We’ll be building a bot that will respond with your fictional bank balance. In this post, you will learn how to:
- Sign up for Twilio and get your first SMS-enabled Twilio phone number
- Set up your development environment to send and receive messages
- Receive inbound text messages
- Reply to incoming messages with an SMS
Let’s make sure we’re set up with the necessary dependencies.
Send Email programmatically with Gmail, Python, and Flask
We’ve all been there – you just need to send an email from your application. Maybe it’s password resets or a product notification. You’re probably reading this because you’ve hit that point. Whatever your use case, this post will walk through how to send an email in code using a plain ol’ Gmail account. I’ll also show you how to fix some common errors you’ll see along the way.
What you’ll need
To code along with this post, you’ll need:
In a new folder create a
requirements.txtfile. This file will help you manage your dependencies in a Python project. We only have one dependency for this project; add the following to your
You can read more about Flask-Mail in their ...