To the same audience: quit selling my fucking phone number!
I ditched a phone number I had for 10+ years because it was leaked everywhere. Only a few short months after updating my number with the DMV and a handful of other government agencies I started receiving scam calls/messages again.
At some point we need to adopt some fucking privacy laws. This is absolutely bonkers—is no one else fed up??
Edit: I already know how to silence unknown callers. What I want is to not have the problem in the first place, ideally by 1) having companies not sell personal data to third parties and 2) being able to block spoofed (non-encrypted) caller ID.
I set my phone to decline calls from unknown callers years ago.
These calls are already illegal. I used to report them to the FTC but I never heard anything back so I have no idea what happens, but I presume nothing. If I had the time to take them, and if they spoke English, I would record them with the Cube ACR app (which no longer works) and convince them to incriminate themselves. Ask their name, company, location, time/date, whether they ran my number through the DNC registry.
Oh everyone is fed up but we just elected a guy and government who is sure to make it all way way way worse.
He just helped put the nail in the coffin of the lie that crypto is for anything but scams, don’t worry, it’s gonna get real bad before it gets any better.
In South Africa, where I live, everyone is assigned an ID Number at Birth. You need an ID number, thumbprint scan AND proof of address to get issued a SIM card number due to a law introduced called RICA. It was meant to help fight crime. Worried that the government could listen in to calls or read their SMSs, the criminals just switched to WhatsApp, which also happened to become cheaper than SMSs and gained popularity in this time.
The cops never seemed to crack WhatsApp. The only drug busts that happen are when an open secret becomes laughably too open and when they harass every person arriving from South America at O.R. Tambo international airport just to catch the decoy mules carrying 12g of cocaine (total). Every dealer I ever organised with was over WhatsApp.
So now, woopsi, RICA stopped nothing and just became a liability. That treasure trove of fragile data made its way to scammers and spammers. A total net negative.
I’d encourage everyone else in other countries to apply major pushback to any government proposals in this direction.
Do people still believe that drug trade is ran by criminals?
I am pretty sure in every country, it is controlled either police or the spooks.
I am done pretending otherwise. Criminals are just useful idiots, the real thugs are the police and security apparatus
[citation needed]
there are MANY MANY examples don’t be a lazy pelican with your beak open. go look
The person who makes a claim has to back it up
stay ignorant and dangerous friend
At some point we need to adopt some fucking privacy laws.
Yeah we absolutely had to ban TilTok because of privacy concerns but the idea of creating a law to protect our privacy is ridiculous beyond all reasoning. The stupidity of the United States government is absolute.
I’m pretty sure a lot of scam calls use machines that call every possible phone number within an area code and see who answers. There is no way to avoid it.
this right here. I stopped getting scam calls years ago, I stopped answering and they just eventually stopped calling. If you don’t interact with the call (interact being ignore it or mute it NOT reject it) and it just goes to voicemail, they seem to eventually stop
Lucky you. I’ve been letting calls from any number I don’t recognize go to voicemail for years and nothing ever seems to change.
Setup a whitelist, I think it’s native on iPhone and there are multiple Android apps. Only calls from your contact list will ring through. My voicemail is, “You’re getting this because you’re not on my contact list, send a text and I’ll get back to you.”
- Phone numbers
- social security numbers
Stop making personal information into digital ids because when it inevitably ends up in some kind of data breach. These companies all throw their hands up saying sucks to be you.
What I hate is when they want you to store “secret” information like your mother’s maiden name/ first pet name for later verifications. You know these are stored in plain text of course. My own damn government does this stupid shit, and they’ve had several hacks of PII including gun registrations because as far as I can tell, nobody competent works in government IT.
I use bullshit answers for these, and save them in the notes section of my password manager.
I choose random questions and store the random passwords that I use as answers in my password manager. It’s also more secure because people can’t just Facebook stalk you for answers.
Security questions don’t care what you put in there. It’s not an exam. It’s basically just an alt password.
I just generate a string of alphanumeric text from my password generator and stuff those in there. If I lose my password vault somehow I’m cooked anyway, so.
Bane of my life as about a year ago my dad switched his sim and immediately started pestering me about not being able to log into his accounts.
Yes he got rid of the old number completly and expected me to somehow make his logins work. This is still going on to this day when he complains to me something doesn’t work it’s because he’s tied it to his old phone number.
Please. It is the most annoying part of trying to use some sites and I rather not give out my number to people who store important info in plain text files.
I don’t want to treat phone numbers as an ID, but for some reason my customers will give their phone number to me online far more willingly than they’ll cough up their email address, which is baffling only until you realize:
- Most people are technologically incompetent and are intimidated by the avalanche of crap they get in their email, and
- They never answer their phones anyway, so who cares?
I actually offer the option, because I don’t give a rat’s ass how people ignore me when I try to contact them. But when they place an order I at least need to be able to prove that I tried.
When I give out my email, I always get spam, regardless of how many boxes I uncheck.
When I give out my phone number, sometimes I don’t
Of course that no longer makes sense since I have one phone number I can’t easily change, but give out uniquely generated emails that I can individually turn off
On this question of verification, I don’t have a particularly foolproof solution, but maybe there just isn’t one.
I can criticize the modern web for a lot of things, but as long as we have situations where we want to check whether an account is a real person, as opposed to FarmingBot #295038, they need something. I’m not a fan of phone verification, but I’d only criticize it when we have alternatives.
I’d even be in favor of some kind of one-way algorithm by which a trusted real-person-identifying entity could tell a random third party site: Yes, this is a genuine human.
The technology has existed since the 80s.
X509 certificates would allow a government agency to sign a digital identity indicating that it’s legitimate, would allow for remote revocation in the event of loss or theft, and can be easily integrated with every existing computer and browser.
An issued physical card would resemble a credit card, with a chip in it. Other physical form factors can take the shape of USB-devices which bundle the card and the reader into a single device.
In the real world:
Also https://www.cac.mil/Common-Access-Card/, if the Americans are skeptical.
I don’t like the Austrian one being phone-integrated, but I understand why people would want that.
It’s because the phone is a two-factor token that everyone has with them. With a secure processor being the hardware token and fingerprints or face scans biometrics. This makes it ideal for saving such sensitive data. I most frequently use it to digitally sign documents in a legally enforceable way.
The card you linked is similar, and a smart card was one of the previous versions of our system. The goal here was to make it universally accessible, and a smartphone is perfect for that.
https://www.oesterreich.gv.at/en/id-austria.html
That exists and is better than a phone number.
Cool, now provide solutions that exist today for every other country
It is the same thing that happened with US Social Security Numbers, which were originally just tracking numbers for that one purpose that were coopted by capitalists and treated like something special.
I remember I was flipping through some of my mom’s old college stuff and there was a club that she was involved with and everyone listed their address and social security numbers. It was wild, no idea why they felt the need to collect socials. But this was a very long time ago.
My college ID used to be my social security number, so maybe it was something like that? Iirc that’s no longer allowed in the US.
This should be what digital ID looks like:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEZ26+ARYJKwYBBAHaRw8BAQdAsUGMjbGNUyyz9PHsHKP4xj/tIfYIuHb4miPH 0iCPpu60K0VSUk9SOiBFYXJ0aC5leGUgaGFzIGNyYXNoZWQgPG5vQGVtYWlsLmV4 ZT6IcgQTFggAGgQLCQgHAhUIAhYBAhkBBYJnbr4BAp4BApsDAAoJEI6E3uMn31Z3 028BAM5o8ER0dqTsxFlZSgZOvvgFHGuy2eFgF3rULkGKl1KrAP9fdE7WwnYbBer/ AVmw5jr0P5m/XsEQQrSueuk/FLYBBbg4BGduvgESCisGAQQBl1UBBQEBB0BDR0Bv pf4jxbwp9rVowFTnL59NGqnnh6XyF/LjAoYDGgMBCAeIYQQYFggACQWCZ26+AQKb DAAKCRCOhN7jJ99Wd1dMAP45xmN03SodkWHi7PYOORqNXJUBdMzzfsRXdqE8ZXaW vAD+PqNqPcbwJYCOEAXkg7DlZ0SX3o9MViZLdzHFQ3TpUA8= =krDh -----END PGP PUBLIC KEY BLOCK-----
PGP Key Fingerprint: 857957d40f06cc816fd3d29a8e84dee327df5677
Should be good until quantum computers come around
-----BEGIN PGP MESSAGE----- hF4D7cLqolaUp8cSAQdAOCdAgwhjdDgwk6TsYbey9XLZrKT7ny+KRAORyTPJsmUw Fl1llKK3dYtwrPDUts8CA71uU8D2SOWwrk/mrQxlrP/btjNNj6j1vXehQJ0+FIuc 0sBPAU3onDQoAiPLDU7qky1cgtbgitMp4nGEnZ48Xh8OhWS03d9YfU4iIIuf/AWA MTzzbMLZCLqZrIiJGyE2EgJOLIMAOToxidQ6Z/blrT6W9effeu4GwEB622O0eIv5 ct0jm/e2A6j1Gf/7UsnzeC21ME55/JkDIFQQ5ZrYqRGp9+M0yNHXIhJXQvO+QmHz 1CclNIdwbnupIIy0+eiy+Wn41An/IUV2NJy+bmCxRmqTXZyNrfnPMrelY5imknd9 1oZGuHc6tWqNq0ntjV1sBBsxHtAXtFIBWcqEmUgnpxEBglRxx20thoWvQINisCB4 9ptHAUM9Qjr3tWFdvL5MqOHZ14XQ65bbKXhx5MJmr5yijA== =JKT0 -----END PGP MESSAGE-----No one except this guy will be able to read this. Die out of curiosity muhahahaha
That… very thoughful… 😅
I’ll make sure to remember your kinds words and never give you up, and never let you down 😎
I’m sad PGP didn’t become a popular way to log into websites. A challenge-response protocol could have even been built into web browsers. Big tech is reinventing that idea as Passkey, but with a very big tech flavor.
I mean, passkeys are… sort of… PGP… 🤷♂️
I’m already hearing about restrictions on exporting passkeys and some apps requiring that you’re not running a custom ROM on Android and stuff like that. Makes me worried they’re going to fuck that up and make it restrictive bs
Why should my OS be any of their concern?
From what I heard passkeys need google services framework for some reason. Don’t know technical reasons behind it but I would assume its bs given its google.
Yes, they don’t work without Google Play Services. Google didn’t implement passkeys in Android, only their own services.
I’ve been considering getting a pager or a burner phone just for this
Just get a virtual DID number from something like Voip.ms or virtualphone. There may be other providers out there that use crypto for payment for added privacy, but if all you want to do is be able to keep your real phone # off the grid, these work.
usually they check for VOIP numbers and give you an error. Has to be legit.
I’m in a quest to find a good email provider that doesn’t ask for a cellphone or another email address while creating an account, cock.li used to do this but now it’s “getting back on its feet”
Proton? More like pro Nazi.
OFTL Did they support Trump?
Their founder did, very openly and expressively, it was quite bizarre
Then he tried to walk it back by gaslighting.
“I wasn’t being political” said the man who was clearly being political.
Selfhosted email I guess.
Is that even feasible without getting marked as spam by all the major players?
Hi, I recently set up my own email server
- It’s a huge pain in the ass getting things like DMARC and DKIM and whatever to work. Without those, most providers won’t even deliver your messages. But luckily, there are websites that help you check and fix your configuration
- Even once you do get these things set up correctly, most providers will send your outgoing messages straight to the recipient’s spam folder
- That being said, I believe most providers will mark you as “not spam” if the other person initiates the conversation. So this could be a non-problem if you’re making an email for your business and putting it on business cards or something.
- Mullvad (VPN provider) self-hosts their support email, and they seem to be doing fine.
Hope that helps
Yes. I host my own using Mailu.io. With the proper records, you will be able to send emails to any big email provider (proton, gmail, outlook). You need to pick a good TLD (.com, .net, .org, etc) so you don’t get your email thrown into the spam folder immediately.
If you buy a domain now, you will probably get on the Spamhaus blacklist, which every big email service seems to use (again, proton, gmail, outlook, and probably others), so you will need to wait a few months and keep a good spam record (well, don’t send spam emails obviously and keep your email server with the proper configurations).
Also, pick a good VPS provider (No vultr, no linode) with low levels of abuse, because if you setup your email server in an IP range with a lot of abusers, you may get your email flagged. (You can check that using https://www.uceprotect.net/en/rblcheck.php, but I’m not sure if uceprotect is trustable).
I have absolutely no need for my phone number, nor do I use it for anything that I couldn’t use a voice app for. Just get rid of them altogether.
Yeah I mean I’d get rid of that and email entirely if I could but unfortunately there are legal and societal expectations.
We need email. It’s one of the few protocols that are 100% in the user’s control. I run my own mail server. I can’t do the same for whatsapp.
We’ve added a lot of checks to email (SSL, DKIM, DMARC, SPF) so it’s very easy to identify spam these days. It’s also easy to avoid giving any two companies the same email address. That’s something much harder to avoid with a phone number.
For 2FA, per-account email addresses and authenticor apps are the best approach for privacy.
I run my own mail server. I can’t do the same for whatsapp.
No, but you can do the same for a wide variety of chat apps.
it’s very easy to identify spam these days
LOL then why is my inbox constantly full of spam?
Platforms like SimpleX solve spam by requiring participants to have an invitation to message you. You can either send them a 1-time invitation or you can use a semi-permanent one that can be posted publicly and rolled as necessary without losing contact with anyone you’ve already connected with, so by the time it’s mined somehow and sold to some company, it’s already changed.
For 2FA, per-account email addresses and authenticor apps are the best approach for privacy.
LOL what? No they’re not. How does an email protect your privacy over just a username?
LOL what? No they’re not. How does an email protect your privacy over just a username?
They said per-account email addresses, presumably meaning that when giving out an email address, you would use a different one for each service. That way, they couldn’t be used to link you across services, and you could easily delete one (and know who to blame) if it was abused.
Yes, I understand how email aliasing works. Again, how is that more private than a username?
I don’t see a claim of it being more private than a username. Perhaps the person you’re arguing with views them as equally private, or is thinking of services that require some form of contact info. I can’t speak for them.
Zoomer spotted, opinion rejected. Email >>>>> chat apps.
Zoomer spotted
Haha, not even close
Email >>>>> chat apps.
Wrong again. But please, do go on.
Computer technology is fundamentally insecure so long as everything is connected all the time. It drives me mental that idiots keep trying to foist the whole of human society onto devices which are clearly unfit for the task.
