Recently I flew to Surabaya and took Silk Air (MI) for the return flight. It was a short flight, about 2 hours, and in the evening. I was rather tired, I arrived in Surabaya in the morning (on SQ flight) and spent few hours before flying back. I was looking forward to sleep on the plane.
The last time I took MI was a good 10+ years ago, also for flight to/from Surabaya. So, I did not expect too much from the carrier that some people referred to as “budget airline with SQ fare.”
After I boarded the plane, and while waiting for the push back, I browsed the in-flight magazine and noticed now Silk Air provided in-flight entertainment; an improvement. However, the plane had no in-flight entertainment equipment; no LCD screen at the back of the seat. Instead, the movies were streamed to mobile devices through on-board WiFi.
Such setup has becoming very common across many airlines. With everyone has mobile devices and with pervasive access to contents – including movies, many passengers would prefer to watch their own movies on their own devices. For passengers who prefer to watch airline-provided movies, streaming the movies over WiFi saves the airlines lots of money by not having the in-flight entertainment equipment. The absence of such devices also means less weight, less weight means less fuels consumed, which in turn saves the airline more money.
However, I was intrigued by the whole setup on mobile devices in order to access the in-flight entertainment. I took the picture off the page of the in-flight entertainment magazine; and after I touched down in Singapore, I posted the picture on social media, with title ‘SilkAir teaches its passengers how not to do IT security.”
There are two reasons.
For passengers with mobile devices running Android operating system, the magazine instructed the passengers to download the app and then install it directly without going through Google Play Store.
The practice of downloading and installing any applications from any sources other than the official app store is call sideloading; and it is not a recommended practice.
The official Google Play Store, while not perfect, provides some level of protection from malicious app. That may not be the case with an alternative app store or with a website or forum hosting an APK file.
By advising passenger to sideload the application, MI unintentionally is training its passengers to push past all of the warnings that Android displayed.
SilkAir may argue that they could be ‘trusted’. However, such argument simply undermines the education given by IT security professionals: “Do Always download from official stores”.
- The usage of Flash
The magazine also stated that for laptop users, Flash must be enabled in order to enjoy in-flight entertainment.
Good luck for that. Safari, Chrome and Firefox browsers have disabled access to Flash by default. Users must go through myriad setting just to have it enabled, and that only for current session.
Flash was originally a good platform for delivering multimedia content across multiple platforms. The browser plug-in was available on many platform combinations (OS, browsers). Web developer need only to develop the content once, and it was guaranteed to run and work consistently across platforms.
Flash came in the era when browser compatibility was a main issue. Using Flash, web developers could overcome browser compatibility issue with ease.
Now the issue has past with the adoption of HTML5; it could what Flash could natively on the browser, without any plug-ins.
Flash also started to decline after Apple refused to have Flash plug-in on its iOS, and even it went further downhill after strings of vulnerabilities have been discovered on Flash, even up to today. Those issues really pushed browser manufactures to disable Flash , ,; and indeed Adobe itself will terminate Flash support by 2020.
As modern browser has disabled Flash by default, passengers need to tweak the settings in order to enable Flash (and watch the video). It is an inconvenience to passengers; it also showed MI used an old, obsolete, soon-to-be decommissioned platform.
So, what SilkAir can do?
- Silk Air should advise passengers to download the applications ahead, before boarding. Show the instruction on the ticket, or even boarding gate.
When I took Qantas last year to Australia, the website clearly indicates that to enjoy inflight entertaintment in domestic flights, passengers need to install Qantas app.
- Change the technology used to deliver video to HTML5. This will allow any passengers to use their mobile devices, connected to on-board wifi, to access inflight entertainment content with standard browser. It is a much simpler and requires no installation whatsoever.
Post script: after checking many sites, I don’t think Silk Air is unique. KA, TR do provide similar instruction; UA requires Flash plug-in, VA even requiring a more obsolete plug-in: Silverlight. But D8 seems to do it right.