Facebook started sending me newsfeed notifications to the number I'd registered for 2FA, around a year after I'd done so, without any opt-in on my part.
After the first few, I passive-aggressively texted "go away" back to the robot buzzing my phone. Within the hour, I started receiving concerned messages from friends asking whether I was alright... Turns out Facebook posts anything you text it straight to your profile, and the out-of-context "go away" read like cry for help.
So you're telling me for the low low cost of porting someone's 2FA cell phone, I could use it to post to their page and they wouldn't know about it? No need to reset password, just use the phone number straight to account.
Unfortunately, I texted back “f* off” and I deleted the post as quickly as possible. Just one of the worst “features” of a social media app I’ve ever seen.
To put this in plain English, could we say Facebook asked for phone numbers in the name of "security" but there was no restriction on how Facebook could use those phone numbers. Usage was not restricted to the purpose for which Facebook collected the numbers. Facebook could use them for reasons other than "security".
When I got my first Yubikey the first thing I did was start securing all of my accounts with 2FA. Facebook was one of the few accounts I had at the time that supported U2F, which is what I wanted to try the most. Foolishly, I saw no harm in giving up my phone number for the purposes of enabling it, but only two weeks later I was receiving daily updates from my Facebook feed that I never asked for. Oddly, the text messages stopped on their own but not before they continued a month later, with Facebook asking me why I haven't been logging in and to tell me what I've been "missing." Again, this stopped a few days afterwards.
Then, about three months ago I had a privacy scare, courtesy of Facebook. I was exchanging contact information with a friend several states away whom I had just recently met, and the moment she added my phone number to her contacts list, her Pixel phone had automatically associated my phone number with as much information about me from Facebook without my knowledge, apparently by performing a lookup that can also be done using someone's email address. This exact thing was brought to more public attention with an article that was posted here to HN a week after this happened to me, but I can't seem to find it.
Thankfully, the person that I had this scare with is someone I can trust, but the plausibility that anyone could do this again with just a phone number or email address was enough for me to finally delete my Facebook account since I could not find a way to dissociate my number now that I had given it to them. I figure that even though my information is still stored somewhere on their systems, deleting my account is as much as I can do to try and mitigate/prevent further damage.
With Microsoft I was able to use my email for 2 weeks before they blocked it, they don't require the mobile number on sign up. It was a legitimate email, not spamming etc. so it was pretty bad of them.
LinkedIn is even worse, every week they ask me to add a profile photo even after I decline, and I pay for LinkedIn premium. Really scummy tactics.
I tried to create a hotmail account a couple of days ago; while they don't require the mobile number on signup, they do require it before you're allowed to send any email.
Facebook showed me my own mobile phone number prefilled into a textfield when logging into their mobile website and asked if they should add it to my account.
I never gave it to them and never ever had installed any of their apps. I can only suspect that they got it by farming my friends contact lists on their phones.
I did give it to them specifically for 2FA, and that's the reason I'm kinda pissed. It's still weird for me sometimes. I feel like logging in with my phone number didn't work for a long time. Mostly because I feel I'm not 100% sure it works right now.
Anyways, that came with the promise they would only use it for 2FA. What happens when they see it in contact lists then? I'm 100% sure they hoover up the goodies. Ask forgiveness not permission?
I signed up for FB 14 years ago last Sunday. Putting the dorm building and room number where I lived was a requirement of the signup process. I openly lived my dorm life on this site. The feds were not on it. Cops? I don't think so. My mother was _never_ supposed to show up for the party.
On the other hand, seeing Grandma there was dope.
Mark Effing Zuckerburg xD, and he still runs the place!
It's ironic that Americans are trying hard to bring down Facebook while flocking to services like TikTok and games released by Tencent, who use your data in numerous evil ways and are not planning to tell you any of that.
Faces... Videos of all kinds of people and places.. Friend networks (via who you follow).. What videos you like showing what you think.. They have a lot of data
Giving up your personal "mobile" phone number to online services which feed on your brain-chemicals to make profit is like agreeing to place one foot in the bear-trap.
People's behaviour as a collective is business, a predictability leading to profit.
For instance, a friend of mine help develop an app which track each product-placing in super-markets, Store-Planning for profit.
Same reason, most super-malls don't let customers have a time-sense inside the mall.
After the first few, I passive-aggressively texted "go away" back to the robot buzzing my phone. Within the hour, I started receiving concerned messages from friends asking whether I was alright... Turns out Facebook posts anything you text it straight to your profile, and the out-of-context "go away" read like cry for help.