Hacker News new | past | comments | ask | show | jobs | submit login

When people suggested phone 2fa was a data collection scheme they were hushed and called tinfoils.



While I share the sentiment, I think I should be fair to HN: according to a quick search I've just performed, I brought up the topic 4 times in comments over 3 years, and those comments have scores of 7, -4, 16, and 3 [1][2][3][4]. So saying that I was "hushed and called tinfoil" would not be fair to HN.

[1] https://news.ycombinator.com/item?id=17515029

[2] https://news.ycombinator.com/item?id=14105696

[3] https://news.ycombinator.com/item?id=12782158

[4] https://news.ycombinator.com/item?id=9804876


People still do that when you point out that using a phone number as a required identifier (WhatsApp, Signal, etc.) gives every 'free' service a near perfect unique identifier that's the same for all services used by that person. Ideal for cross-service collation.

Who wants a social security number when you've got someone's phone number?


Except that a phone number is as quickly and easily disposable and changeable as an email address or any other identifier?




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: