Four years ago, I got rid of my cell phone. I feel completely liberated and free from that hellish thing. I've never had any difficulty whatsoever being without it.
I have not done this yet, but due to the smart phone becoming an addicting substance that has real similarities to the 1990s Star Trek Next Generation episode called -- "The Game" (It's highly recommended to watch this), I have often threatened to confiscate my kid's smart phones and replace them with walkie-talkies. The range for these walkie-talkies are commonly 35+ miles. Whenever I mention this, the gnashing of teeth and howls coming from my kids is ear shattering.
The original intent according to my wife for buying the kids smart phones was for emergency communication purposes. No one ever mentioned the Internet and social media problem we now face. It is a constant battle parents are engaged in. So, why not a walkie-talkie? Or nothing at all?
The benefit of this privacy overreach is that the incentive to self-host your own web and communications services becomes greater and greater. At the same time the technology has matured to a point where you can have access to enterprise software tools at home on a private server. Most of these tools are free and open source as well.
You can self host your own email server. You can self host services like Jitsi for video and voice calls. You can go a step further and use the decentralised Matrix protocol through a service like Element for end-to-end encrypted video, voice, and messaging. These don't require a phone number. "Cloud" storage (networked storage), documents, spreadsheets, video streaming, music streaming, project management, etc. can all be hosted at home if you have the right knowledge and time. The downside is you have to pay for the hardware and maintain everything; which is a big hurdle for most. A hurdle that looks less intimidating the more government and big tech violate our privacy.
Exactly what my husband set-up. Encrypted server, web search, (anonymous searching) etc. Never been happier. Use Signal for encrypted messaging. Proton mail for same. Trying to de-google.
This is fascinating. I had no idea. Can you give advice to someone who is not a techie by is willing to learn how to do this? Where to begin, etc? Thanks.
Sure. It's a complex topic, but I'll keep it simple.
The most fundamental part of self-hosting network services is networked data storage. Everything builds on that foundation. The best place to start is some form of network attached storage (NAS). A NAS is a low-power, consumer friendly, server that is designed to run 24/7. Essentially a small computer with a bunch of hard drive bays connected to your home network. You load it with hard drives that join together to make a single redundant array that can survive failure of one or more drives without losing your data. You can access files on a the NAS from any computer, mobile, or tablet, etc connected to your home network. You can even open it up to the internet to access from outside your home.
You can build a NAS yourself using standard computer parts and install a Linux derived NAS operating system like TrueNAS or Unraid. Alternatively you can buy pre-made solutions from companies like Synology or QNAP. I highly recommend you start with a pre-made system. Synology makes good quality systems with amazing software that is really beginner friendly. They come with native software packages out of the box that enable various web services.
For example you can use services like Synology Drive to sync files to all your computers similar to Dropbox, Google Drive, and OneDrive, You can store all your movies/TV shows on the NAS and install Plex to have a Netflix like experience; streaming to all your devices. You can install packages like Synology office which provide documents and spreadsheets like Word/Excel or Google Docs. You can even connect security cameras and install surveillance packages that record and store video to the NAS. There are also packages for email servers, calendars, contacts, notes, photos, etc. similar to what you see with Google or Microsoft services.
Once you familiarize yourself with the basics and built in packages you can start performing more advanced tasks using "docker containers". This requires some networking skills, but opens you up to a limitless number of open source software packages. You can install things like Home Assistant to control your smart home locally without the cloud. You can install password managers, messaging apps, git repositories, personal wiki's, etc.
All data is stored on your server and owned by you. Everything communicates directly with your server and bypasses big tech. You don't even need to open any of this up to the internet and can just use it at home (although many services like instant messaging are pretty useless if you don't have it accessible from the internet).
A great resource for self-hosting tutorials is the blog Marius Hosting. The self-hosting subreddit is also good.
Thank you so much! This is great. What state do you live in? I'd like to hire you to set this up for me. :D Haha. Seriously though, this is awesome and I appreciate your help. I'm going to check out that blog, too. I love this idea. I didn't even know it was possible. Thanks again.
I have been going down this path for years and already do most of the things you mentioned. It is very time consuming, yes, but the experience of hosting your own communication platforms and cloud data services on a private server is something I wouldn't trade for anything.
As a side note, a few months ago I set up gaw.social using the Matrix platform like you mentioned. Its still up and running though I have been too busy lately to promote it so activity has pretty much died. But if there was a resurgence I'd probably dedicate some time to picking it back up and making some upgrades.
It really is a daunting task to decouple from big tech services. It's taken me years as well, and I am still not done. Wouldn't go back if I had the choice though.
It's truly frightening in hindsight how dependent we all are on outsourced web services. I mean it's gotten to the point where people's entire smart home is controlled by some centralised server in China; the internet goes down and you can't control your lights lol. The holy grail for me is a local voice assistant that doesn't touch the internet. Unfortunately the current offerings can't match the cloud options from Amazon, Google and Apple.
Do you have any good resources for technically inclined to learn to set this up? I've always been a technical person, mostly with hardware... it's the software bit/server management where I begin getting lost.
They require a sms capable cell number to text you a verification ID number to access the TS app. My cell is calls only no data, no text so this prevents me from participating so far.
While not feasible to implement by the normal person, Kevin Mitnick’s Art of Invisibility is an incredible read about the lengths you’d have to go to to really erase as much of yourself from surveillance as possible.
On a different note, realizing two-factor-authentication was introduced as a “safety tool” but truly just keeps more tabs on you and takes more of your data was one of my first red pills as an adult.
I was raised in a conservative household, but things like this were seen as measures against identity theft—which still happens all the time—and therefore good.
How though? And what data? Personally I don't trust Google Authenticator so I use Authy and other third party 2FA apps which just verify a timestamped code. I'm not aware of any mechanism which grants a service access to internal data solely from a 2FA code.
2FA is a generic term. It stands for "two factor authentication," which just means you have to have two separate factors in order to log in. For example, this could be both a password and a fingerprint, or a password and a hardware key, or a password and a location.
But when most people think of 2FA, they are talking about TOTP, or time-based one-time passwords. This is a common second factor in addition to a password or fingerprint. It's the one where you have an authenticator app like Google Authenticator and you have to enter in the code it provides, which changes every 15 seconds or so.
I'm assuming this is what you are talking about. This does not give the website you're logging into access to any data on the device you use to run the authenticator app.
The website doesn't "talk" to your secondary device at all, actually. In fact, as long as the clock on your device is accurate, your secondary device doesn't even need to be connected to in the internet. Moreover, you are not latched to a big tech company when you use this security feature. Google Authenticator is popular, but Google didn't create this system. The algorithm itself is open source and there are a shit-ton of apps that do the exact same thing, or you can code one yourself (it's not hard).
A quick rundown on how TOTP actually works: when you setup TOTP for a website you are given a key. This key is stored (ideally securely) on your secondary device and is also stored (ideally securely) on the website's server. Both your secondary device and the website's server have the same algorithm they use to combine your key and the current time to produce a passcode. This algorithm is "one-way," so it is virtually impossible to take a passcode and the time and get the key.
From here, the website server simply compares the passcode you submitted with the passcode the algorithm says. If it's correct, you can log in.
So, ultimately, that key you're given needs to be kept secure. All the time stuff goes completely out the window if your key is obtained by the hacker. It's no different than a password at that point. The beauty of it, though, is that you only deal with that key one time, then it's stored encrypted in your phone. Then the thing that you deal with every time you log in (the passcode) is constantly changing. So even if a hacker, for example, installed a keylogger on your device, they could still not get into your account.
TOTP 2FA is a great security tool. It is not inherently "watching you" or anything like that. You can verify because all of the algorithms are open source. Just download an authenticator app that you trust, or make one yourself. You don't have to use Google.
It’s not the actual TOTP/authentication process that does it. I understand why that improves security, so long as someone isn’t holding a gun to your head to make you enter the code.
It’s the installation of the app, and the back doors that stay even after you’ve deleted it. See: the Q posts about CIA algorithms staying even after you’ve deleted the Facebook/Instagram/Twitter applications from your phone.
I doubt the open source versions of 2FA have as much of a privacy leech problem, but I know Google and Meta do given the discussions I’ve had with people who work at those companies. They’ve resigned themselves to essentially destroying people’s privacy for a paycheck.
First of all, 2FA wasn't pushed in order to get you to download another app on your phone. For the vast majority of people, they already have control over apps all over your phone.
Secondly, if you don't trust Google Authenticator... how do you trust Android at all? Are you running an open source version you compiled yourself? Why would they need you to download an app in order to do this shit since they literally control the operating system on your phone?
Thirdly, there are a shit ton of authenticator apps. They are incredibly easy to do and make. It's not a matter of open source versions having "less" of a "privacy leech problem." They have zero problem. You can review the code and compile it yourself.
Sorry, but you're way off on this one. Google Authenticator may have some backdoor shit built into it, but that's not a reason to not use 2FA at all, and, chances are, they are getting the shit from you that they want some other way.
The things I use it for did not allow me the choice to use a third party authenticator. And, because I don’t have extensive compsci knowledge, I wouldn’t know how to set it up for everything in a way that works every time.
Are you suggesting I and every other average American are simply too lazy to build our own platforms? How dare we complain about the things shoved on us by big tech, when open source formats are out there?
My issue with 2FA is that there are now multiple points of contact—a computer, and some mobile device usually. Hell, Apple made me log into every single one of my devices recently just to log into a shared AppleID. The more devices I have to use to log into something, the bigger issue I have with it.
Yes, the platforms themselves are collecting data all the time. Yes, the platforms are problematic. Yes, there are other apps you can use for 2FA that don’t have the same collection and back door problems. No, they don’t work with everything and for everybody.
We should revisit this discussion if, after S2992 is passed, Google Authenticator ceases to be free like Google Maps.
The things I used it for did not allow me the choice to use a third party authenticator.
Which authenticator did they "require" you to use? Because I'll tell you that almost everywhere uses the exact same standard, so you can use any authenticator app you want, even if they say you have to use Google Authenticator or whatever. Every website I've come across uses the same standard.
The company I work for does use one that's proprietary, for whatever reason. But that's all on my work phone.
Are you suggesting I and every other average American are simply too lazy to build our own platforms?
No, I'm saying that you can use your own platform with relative ease, making 2FA apps a very silly attack vector for Big Tech to use when they have all sorts of far more effective attack vectors at their disposal (the entire operating system on your phone, for example).
The things shoved on us by big tech
Big tech isn't shoving you to use their authenticator app. It is just as easy to download literally anybody else's.
Open source formats are out there.
Not open source formats. The exact same thing. The 2FA used by all these websites is open source. It's a standard.
Apple made me log into all my devices
This type of 2FA is already built into your phone's operating system. Ergo, even if you don't use it, Apple already has any access they would get by you using this. They're not giving information to the websites and, if they were, they could literally just do that whether you opt in to this style of 2FA or not.
I don't have extensive compsci knowledge.
I can tell. I do. I don't expect you to trust me, but hopefully I can send you on the right path: 2FA as currently implemented is not likely malicious like you think it is.
If Google Authenticator ceases to be free once Google can no longer profit from your data
Listen, Google Authenticator is the same thing as all of the open source alternatives that you can download just as easily from Google Play. The only differences are how it looks and how you interact with it. The standard behind it is the exact same. Out of all the apps Google has, Google Authenticator is easily the least offensive.
Just use something other than Google Authenticator. It's literally no more difficult and does the exact same thing.
Your phone is always listening. Do an experiment, pick a thing, like shoes or camping stuff whatever. Keep talking about near your phone, over and over and over, soon you will begin to get ads for what you were talking about on your phone.
Way back you could truly be anonymous. Their tracking ability was crappy, took time, and manpower. You could have e-mails with no personal details. Now they know you better than you know yourself.
Start over might be good. Although I bought my first computer in the late 70's, I didn't do any business at all via computer until 15 years ago. I do 0 business via cellphones, but they are making it harder and harder.
I don't like giving out my phone number HOWEVER most services ask for your phone number at signup as a bad way to combat spam accounts.
It used to be to make a new account you just needed a email and password. Well the average person could easily make many new email addresses or use any "one minute email" services on the web to make hundreds of accounts.
Now most places ask for a phone number since the average person only has one number, their cell number. That way the average person can't spam out hundreds of accounts. Sure there are free texting services online but it's easy enough for services to only allow one unique phone number for any account. Or use Google voice to get a phone number but you will hit a limit.
So, not a great way to combat people making spam account since you have to give your phone number away.
This is the issue with the internet not being anonymous anymore.
Spam accounts don't matter if it's just one person posting across multiple accounts. They still have the same posting power, whether they post it all on one account, or post it on a million accounts.
The only problem is bots. And there are better ways to identify and stop actual bots than limiting account generation by phone number.
The thing with phone numbers isn't to stop spam, it's to force people to use only one individual account. There are many reasons a website may want to do this, some more nefarious than others, but it sucks.
I like Reddit in the old days, when you were almost expected to have a billion accounts to post from. It allowed people to freely express themselves and created actual discussion.
The minute that asshole convinced everyone to use their real details online was when the culture of being called “silversheet123” and refusing to give over any personal information because “never trust anyone online” ended.
The restaurants near me, in Calgary, AB, are all asking us to use a qr code to get the menu on the phone... really classless imho. I always ask for a paper menu, which they grudgingly supply... Doing my part :)
i agree. as a former server, i used to hate going up to a table where the guests are all on their cellphones, lamenting the lack of dining etiquette/social skills (i used to joke, "Do you want to text me your order?") Now, it's encouraged with qr codes. Don't forget, they used covid as a reason to get rid of paper menus (because...germs), which makes me all the more suspicious. After using resto qr code menus, you get ad spam from them, and annoying texts requesting reviews. I'm glad you insist on paper menus, good for you.
I have less than two years before I stop working. My company has supplied me with a phone since 1999. My intention is to buy this one from them (an iPhone XR) and reduce it to individual, constiuent atoms on my gun range.
Call me at home or get your ham license and contact me on the local repeater.
100 bucks says you can hit it from 500 yards. 1000 yards if you can get your hands on a Barret 50 cal. You should call someone and have them record the conversation as it blows up. Then you would know, first hand by phone proxy, what it sounds like to get shot from 500 or 1000 yards.
I only have a 300 yard range in the backyard. I have a buddy who sells very high end high speed cameras. Our plans are to record the phone destruction in visual, near IR, mid-wave and long-wave IR.
I worked Nights most of my life and grew to hate those phone calls during the day. No Sears, I don't need siding or forever paint on my house, just like I been telling you every week for years...
it's ridiculous. i have a friend who refuses to use a cellphone and he can't even get a telegram account. i no longer have a cellphone sim card either, but my old whatsapp account still works. this is new about skype i think. last i heard, it was for people without phones. when i quit fb, some 'friends' acted like i was quitting oxygen, aghast...a few others made comments about how they wish they could, as though they were trapped. the same people don't send me emails as per my invitation. i guess they don't have time to write a real letter. their loss.
I only go on FB to interact with my wife's family who are Filipino. They load there phones pay as you go for as little as 10 cents. They get FB messenger for free because the USA wants to spy worldwide. Theres very little marketing because there are a lot of people who have no jobs and those that do earn very little. Minimum wage is 7 dollars a day, and a huge percentage earn less. No disposable income for most.
I refuse to own a mobile or smartphone. It's difficult but I do most comms using email or the regular phone.
I also pay with everything using cash because fuck the New World Order.
microsoft owns skype
need any more explanation?
Four years ago, I got rid of my cell phone. I feel completely liberated and free from that hellish thing. I've never had any difficulty whatsoever being without it.
I have not done this yet, but due to the smart phone becoming an addicting substance that has real similarities to the 1990s Star Trek Next Generation episode called -- "The Game" (It's highly recommended to watch this), I have often threatened to confiscate my kid's smart phones and replace them with walkie-talkies. The range for these walkie-talkies are commonly 35+ miles. Whenever I mention this, the gnashing of teeth and howls coming from my kids is ear shattering.
The original intent according to my wife for buying the kids smart phones was for emergency communication purposes. No one ever mentioned the Internet and social media problem we now face. It is a constant battle parents are engaged in. So, why not a walkie-talkie? Or nothing at all?
'The Game" is an amazing episode. Very portentous.
Good for you !
The benefit of this privacy overreach is that the incentive to self-host your own web and communications services becomes greater and greater. At the same time the technology has matured to a point where you can have access to enterprise software tools at home on a private server. Most of these tools are free and open source as well.
You can self host your own email server. You can self host services like Jitsi for video and voice calls. You can go a step further and use the decentralised Matrix protocol through a service like Element for end-to-end encrypted video, voice, and messaging. These don't require a phone number. "Cloud" storage (networked storage), documents, spreadsheets, video streaming, music streaming, project management, etc. can all be hosted at home if you have the right knowledge and time. The downside is you have to pay for the hardware and maintain everything; which is a big hurdle for most. A hurdle that looks less intimidating the more government and big tech violate our privacy.
Exactly what my husband set-up. Encrypted server, web search, (anonymous searching) etc. Never been happier. Use Signal for encrypted messaging. Proton mail for same. Trying to de-google.
This is fascinating. I had no idea. Can you give advice to someone who is not a techie by is willing to learn how to do this? Where to begin, etc? Thanks.
Sure. It's a complex topic, but I'll keep it simple.
The most fundamental part of self-hosting network services is networked data storage. Everything builds on that foundation. The best place to start is some form of network attached storage (NAS). A NAS is a low-power, consumer friendly, server that is designed to run 24/7. Essentially a small computer with a bunch of hard drive bays connected to your home network. You load it with hard drives that join together to make a single redundant array that can survive failure of one or more drives without losing your data. You can access files on a the NAS from any computer, mobile, or tablet, etc connected to your home network. You can even open it up to the internet to access from outside your home.
You can build a NAS yourself using standard computer parts and install a Linux derived NAS operating system like TrueNAS or Unraid. Alternatively you can buy pre-made solutions from companies like Synology or QNAP. I highly recommend you start with a pre-made system. Synology makes good quality systems with amazing software that is really beginner friendly. They come with native software packages out of the box that enable various web services.
For example you can use services like Synology Drive to sync files to all your computers similar to Dropbox, Google Drive, and OneDrive, You can store all your movies/TV shows on the NAS and install Plex to have a Netflix like experience; streaming to all your devices. You can install packages like Synology office which provide documents and spreadsheets like Word/Excel or Google Docs. You can even connect security cameras and install surveillance packages that record and store video to the NAS. There are also packages for email servers, calendars, contacts, notes, photos, etc. similar to what you see with Google or Microsoft services.
Once you familiarize yourself with the basics and built in packages you can start performing more advanced tasks using "docker containers". This requires some networking skills, but opens you up to a limitless number of open source software packages. You can install things like Home Assistant to control your smart home locally without the cloud. You can install password managers, messaging apps, git repositories, personal wiki's, etc.
All data is stored on your server and owned by you. Everything communicates directly with your server and bypasses big tech. You don't even need to open any of this up to the internet and can just use it at home (although many services like instant messaging are pretty useless if you don't have it accessible from the internet).
A great resource for self-hosting tutorials is the blog Marius Hosting. The self-hosting subreddit is also good.
Thank you so much! This is great. What state do you live in? I'd like to hire you to set this up for me. :D Haha. Seriously though, this is awesome and I appreciate your help. I'm going to check out that blog, too. I love this idea. I didn't even know it was possible. Thanks again.
I have been going down this path for years and already do most of the things you mentioned. It is very time consuming, yes, but the experience of hosting your own communication platforms and cloud data services on a private server is something I wouldn't trade for anything.
As a side note, a few months ago I set up gaw.social using the Matrix platform like you mentioned. Its still up and running though I have been too busy lately to promote it so activity has pretty much died. But if there was a resurgence I'd probably dedicate some time to picking it back up and making some upgrades.
It really is a daunting task to decouple from big tech services. It's taken me years as well, and I am still not done. Wouldn't go back if I had the choice though.
It's truly frightening in hindsight how dependent we all are on outsourced web services. I mean it's gotten to the point where people's entire smart home is controlled by some centralised server in China; the internet goes down and you can't control your lights lol. The holy grail for me is a local voice assistant that doesn't touch the internet. Unfortunately the current offerings can't match the cloud options from Amazon, Google and Apple.
Do you have any good resources for technically inclined to learn to set this up? I've always been a technical person, mostly with hardware... it's the software bit/server management where I begin getting lost.
See my reply to gobby above.
Doesn't TS still require a phone number to join?
Yes. This is one of the anti-bot techniques.
They require a sms capable cell number to text you a verification ID number to access the TS app. My cell is calls only no data, no text so this prevents me from participating so far.
have you looked at creating a Google (yuck) Voice for the sole purpose of receiving that text? wonder if that would work
I don't even own a smart phone, so it prevents me, as well.
While not feasible to implement by the normal person, Kevin Mitnick’s Art of Invisibility is an incredible read about the lengths you’d have to go to to really erase as much of yourself from surveillance as possible.
On a different note, realizing two-factor-authentication was introduced as a “safety tool” but truly just keeps more tabs on you and takes more of your data was one of my first red pills as an adult.
I was raised in a conservative household, but things like this were seen as measures against identity theft—which still happens all the time—and therefore good.
Can you elaborate on the 2FA thing? How exactly does that keep tabs on you?
Google/Facebook/Banks/whoever it is you’re using 2FA with essentially get access to the data on your secondary device.
How though? And what data? Personally I don't trust Google Authenticator so I use Authy and other third party 2FA apps which just verify a timestamped code. I'm not aware of any mechanism which grants a service access to internal data solely from a 2FA code.
That's not true.
2FA is a generic term. It stands for "two factor authentication," which just means you have to have two separate factors in order to log in. For example, this could be both a password and a fingerprint, or a password and a hardware key, or a password and a location.
But when most people think of 2FA, they are talking about TOTP, or time-based one-time passwords. This is a common second factor in addition to a password or fingerprint. It's the one where you have an authenticator app like Google Authenticator and you have to enter in the code it provides, which changes every 15 seconds or so.
I'm assuming this is what you are talking about. This does not give the website you're logging into access to any data on the device you use to run the authenticator app.
The website doesn't "talk" to your secondary device at all, actually. In fact, as long as the clock on your device is accurate, your secondary device doesn't even need to be connected to in the internet. Moreover, you are not latched to a big tech company when you use this security feature. Google Authenticator is popular, but Google didn't create this system. The algorithm itself is open source and there are a shit-ton of apps that do the exact same thing, or you can code one yourself (it's not hard).
A quick rundown on how TOTP actually works: when you setup TOTP for a website you are given a key. This key is stored (ideally securely) on your secondary device and is also stored (ideally securely) on the website's server. Both your secondary device and the website's server have the same algorithm they use to combine your key and the current time to produce a passcode. This algorithm is "one-way," so it is virtually impossible to take a passcode and the time and get the key.
From here, the website server simply compares the passcode you submitted with the passcode the algorithm says. If it's correct, you can log in.
So, ultimately, that key you're given needs to be kept secure. All the time stuff goes completely out the window if your key is obtained by the hacker. It's no different than a password at that point. The beauty of it, though, is that you only deal with that key one time, then it's stored encrypted in your phone. Then the thing that you deal with every time you log in (the passcode) is constantly changing. So even if a hacker, for example, installed a keylogger on your device, they could still not get into your account.
TOTP 2FA is a great security tool. It is not inherently "watching you" or anything like that. You can verify because all of the algorithms are open source. Just download an authenticator app that you trust, or make one yourself. You don't have to use Google.
It’s not the actual TOTP/authentication process that does it. I understand why that improves security, so long as someone isn’t holding a gun to your head to make you enter the code.
It’s the installation of the app, and the back doors that stay even after you’ve deleted it. See: the Q posts about CIA algorithms staying even after you’ve deleted the Facebook/Instagram/Twitter applications from your phone.
I doubt the open source versions of 2FA have as much of a privacy leech problem, but I know Google and Meta do given the discussions I’ve had with people who work at those companies. They’ve resigned themselves to essentially destroying people’s privacy for a paycheck.
First of all, 2FA wasn't pushed in order to get you to download another app on your phone. For the vast majority of people, they already have control over apps all over your phone.
Secondly, if you don't trust Google Authenticator... how do you trust Android at all? Are you running an open source version you compiled yourself? Why would they need you to download an app in order to do this shit since they literally control the operating system on your phone?
Thirdly, there are a shit ton of authenticator apps. They are incredibly easy to do and make. It's not a matter of open source versions having "less" of a "privacy leech problem." They have zero problem. You can review the code and compile it yourself.
Sorry, but you're way off on this one. Google Authenticator may have some backdoor shit built into it, but that's not a reason to not use 2FA at all, and, chances are, they are getting the shit from you that they want some other way.
I never said I don’t use 2FA at all.
The things I use it for did not allow me the choice to use a third party authenticator. And, because I don’t have extensive compsci knowledge, I wouldn’t know how to set it up for everything in a way that works every time.
Are you suggesting I and every other average American are simply too lazy to build our own platforms? How dare we complain about the things shoved on us by big tech, when open source formats are out there?
My issue with 2FA is that there are now multiple points of contact—a computer, and some mobile device usually. Hell, Apple made me log into every single one of my devices recently just to log into a shared AppleID. The more devices I have to use to log into something, the bigger issue I have with it.
Yes, the platforms themselves are collecting data all the time. Yes, the platforms are problematic. Yes, there are other apps you can use for 2FA that don’t have the same collection and back door problems. No, they don’t work with everything and for everybody.
We should revisit this discussion if, after S2992 is passed, Google Authenticator ceases to be free like Google Maps.
Which authenticator did they "require" you to use? Because I'll tell you that almost everywhere uses the exact same standard, so you can use any authenticator app you want, even if they say you have to use Google Authenticator or whatever. Every website I've come across uses the same standard.
The company I work for does use one that's proprietary, for whatever reason. But that's all on my work phone.
No, I'm saying that you can use your own platform with relative ease, making 2FA apps a very silly attack vector for Big Tech to use when they have all sorts of far more effective attack vectors at their disposal (the entire operating system on your phone, for example).
Big tech isn't shoving you to use their authenticator app. It is just as easy to download literally anybody else's.
Not open source formats. The exact same thing. The 2FA used by all these websites is open source. It's a standard.
This type of 2FA is already built into your phone's operating system. Ergo, even if you don't use it, Apple already has any access they would get by you using this. They're not giving information to the websites and, if they were, they could literally just do that whether you opt in to this style of 2FA or not.
I can tell. I do. I don't expect you to trust me, but hopefully I can send you on the right path: 2FA as currently implemented is not likely malicious like you think it is.
Listen, Google Authenticator is the same thing as all of the open source alternatives that you can download just as easily from Google Play. The only differences are how it looks and how you interact with it. The standard behind it is the exact same. Out of all the apps Google has, Google Authenticator is easily the least offensive.
Just use something other than Google Authenticator. It's literally no more difficult and does the exact same thing.
Your phone is always listening. Do an experiment, pick a thing, like shoes or camping stuff whatever. Keep talking about near your phone, over and over and over, soon you will begin to get ads for what you were talking about on your phone.
Way back you could truly be anonymous. Their tracking ability was crappy, took time, and manpower. You could have e-mails with no personal details. Now they know you better than you know yourself.
Web3 is supposedly the answer to all of that.
The whole pitch is the user owns their data and their account is their wallet, and so a new account (wallet) can be generated and you can start fresh
That’s the pitch at least.
And there’s a lot of people in that world who believe strongly in that use case
Obviously there’s the flip side and the real risk it goes the other way and it’s just improved tracking and monitoring we can’t escape.
Too early to tell at this point imo
Start over might be good. Although I bought my first computer in the late 70's, I didn't do any business at all via computer until 15 years ago. I do 0 business via cellphones, but they are making it harder and harder.
I don't like giving out my phone number HOWEVER most services ask for your phone number at signup as a bad way to combat spam accounts.
It used to be to make a new account you just needed a email and password. Well the average person could easily make many new email addresses or use any "one minute email" services on the web to make hundreds of accounts.
Now most places ask for a phone number since the average person only has one number, their cell number. That way the average person can't spam out hundreds of accounts. Sure there are free texting services online but it's easy enough for services to only allow one unique phone number for any account. Or use Google voice to get a phone number but you will hit a limit.
So, not a great way to combat people making spam account since you have to give your phone number away.
This is the issue with the internet not being anonymous anymore.
Spam accounts don't matter if it's just one person posting across multiple accounts. They still have the same posting power, whether they post it all on one account, or post it on a million accounts.
The only problem is bots. And there are better ways to identify and stop actual bots than limiting account generation by phone number.
The thing with phone numbers isn't to stop spam, it's to force people to use only one individual account. There are many reasons a website may want to do this, some more nefarious than others, but it sucks.
I like Reddit in the old days, when you were almost expected to have a billion accounts to post from. It allowed people to freely express themselves and created actual discussion.
That stupid lizard Zuccc ruined the internet
The minute that asshole convinced everyone to use their real details online was when the culture of being called “silversheet123” and refusing to give over any personal information because “never trust anyone online” ended.
Lifelog Psyop worked bigly.
Um. Not quite. This is how they prevent bot spam.
good idea!
The restaurants near me, in Calgary, AB, are all asking us to use a qr code to get the menu on the phone... really classless imho. I always ask for a paper menu, which they grudgingly supply... Doing my part :)
i agree. as a former server, i used to hate going up to a table where the guests are all on their cellphones, lamenting the lack of dining etiquette/social skills (i used to joke, "Do you want to text me your order?") Now, it's encouraged with qr codes. Don't forget, they used covid as a reason to get rid of paper menus (because...germs), which makes me all the more suspicious. After using resto qr code menus, you get ad spam from them, and annoying texts requesting reviews. I'm glad you insist on paper menus, good for you.
See, that's when you pull up the local Dominos Pizza and use their phone # :-)
I don't own a phone. It sucks.
I have less than two years before I stop working. My company has supplied me with a phone since 1999. My intention is to buy this one from them (an iPhone XR) and reduce it to individual, constiuent atoms on my gun range.
Call me at home or get your ham license and contact me on the local repeater.
100 bucks says you can hit it from 500 yards. 1000 yards if you can get your hands on a Barret 50 cal. You should call someone and have them record the conversation as it blows up. Then you would know, first hand by phone proxy, what it sounds like to get shot from 500 or 1000 yards.
I only have a 300 yard range in the backyard. I have a buddy who sells very high end high speed cameras. Our plans are to record the phone destruction in visual, near IR, mid-wave and long-wave IR.
No mercy.
Post a link when that happens
I worked Nights most of my life and grew to hate those phone calls during the day. No Sears, I don't need siding or forever paint on my house, just like I been telling you every week for years...
it's ridiculous. i have a friend who refuses to use a cellphone and he can't even get a telegram account. i no longer have a cellphone sim card either, but my old whatsapp account still works. this is new about skype i think. last i heard, it was for people without phones. when i quit fb, some 'friends' acted like i was quitting oxygen, aghast...a few others made comments about how they wish they could, as though they were trapped. the same people don't send me emails as per my invitation. i guess they don't have time to write a real letter. their loss.
I only go on FB to interact with my wife's family who are Filipino. They load there phones pay as you go for as little as 10 cents. They get FB messenger for free because the USA wants to spy worldwide. Theres very little marketing because there are a lot of people who have no jobs and those that do earn very little. Minimum wage is 7 dollars a day, and a huge percentage earn less. No disposable income for most.
i would have kept my fb messenger for that purpose, but quit in a moment of rage over their censorship and third-party data sales