I use Apple's Messages. If someone spams me, I report them. They're blocked and have to go through the extra work of setting up a new account to try again.
Compare this with, say, Google. Gmail lets spammers / scammers have limitless accounts and they don't do shit when an account is reported for spam. You can block and report Gmail spammers all day long and you'll get nowhere.
WhatsApp apparently still uses phone numbers, and they're owned by a company that wants engagement at ANY price. Are any of us really so dumb that we think they're going to do the right thing?
It would be good if phone companies weren't quite so complicit in hiding companies behind anonymous phone numbers, and relaying numbers for which they don't have verified origin info.
Supposedly today is the day that even the small carriers that were previously exempt from not having to comply with STIR/SHAKEN will now have to.
But its meaninglessness is demonstrated by the fact that I have received two spam calls (complete with "accurate" caller ID) since starting to read these comments.
I don't want one company to be the arbiter of all communications everywhere. Phone numbers work fine.
For me too and if there is an application that allows to block numbers, spam is not a problem.
Now I use the Google builtin caller app antispam function. Most of the spam numbers have already been marked as such by somebody else. Even if that didn't exist I could just block the number after the fact and no more calls or SMSs.
I'd rather program that myself than relying the functionality to Google, I hope Pine or some other programmable phone gets to a usable state some day. But as of now, it's good enough.
Edit: I'm in Spain, not sure if that works the same in the USA.
Phone numbers have the same problem as email, though: because "everyone" is responsible, no one is responsible. The deluge of spam texts and calls to my public phone number is genuinely unpleasant and frustrating to deal with as, like, a person living in the world.
I practically don't use email anymore for those reasons, and a phone number hangs around only because right now I can't not have one for legal-type reasons.
email, at least, you can fully implement your own antispam solution in whatever way you want
at one extreme, you can just point the mx records for your domain at office365 or gsuite or similar and let them handle it
at the other extreme, you can point the mx records at your own mailserver you admin yourself and do absolutely anything you want with the incoming smtp mail flow for antispam measures, sorting, filtering, categorization, risk analysis.
the ordinary person even if they work for a telecom cannot implement their own phone number at one of the most fundamental levels of the pstn, because they don't run their own ss7 switch.
if you control your own DID and interface with it from a sip trunk to a trusted provider, running your own voip system, you can do a lot with custom routing/antispam measures on incoming call flow, but nowhere near to the extent that you can with email.
There's still a little bit of control near the client end with things like call screening and phone apps that checks numbers against a database. You can't reject the initial connection (like DNS blocklists) but it's still something
The way to solve this is by educating the people in your network about better security practices, not by giving away control over your communications just because of "convenience".
"Just get everyone to be perfect, including random companies who require a phone number for validation, and if a single failure ever happens you're going to be spammed forever in a way that is directly interruptive and intrusive instead of one in a list of messages in a queue."
I don't know how to say this any more nicely than this: this is a permanently losing solution with no redeeming qualities to such a degree that it makes me wonder at how in-good-faith the suggestion actually is with regards to solving the stated problem.
The point is not to "be perfect", the point is to raise the standard of acceptable practices, to make it harder to abuse it.
Just as an example: phone numbers should not be used for validation of anything as they are public. So companies who are requiring phones for any kind of authentication should be shamed into changing their practices, much like we learned to not trust companies that stored passwords in plain text, or use "recovery questions".
The abuse is that without sufficient guardrails a ten-digit number can be used to bother me at all hours of the day or night unless I want to be less accessible to people who I may need to hear from, not that it's used as an authentication source (which, yeah, not great, but also not the end of the world).
Out-of-band authentication aside, a company is going to retain my phone number to be able to contact me. So are my parents. Somebody is also going to inevitably leak it because security is difficult. Breaking the capabilities of bad actors, then, is a requirement. You have entirely ignored this in favor of blame-the-user rhetoric and I can't come up with a great reason why you'd blame every user for a systemic failure other than that the system cannot be repaired.
> Somebody is also going to inevitably leak it because security is difficult.
Phone numbers were and will always be assumed to be public. (Yellow pages are still a thing)
> unless I want to be less accessible to people who I may need to hear from.
You don't need to be less accessible to anyone. Your phone can and should be able to filter things for you.
And is not just a matter of setting up number filtering, I am talking about implementing changes in the application layer. One could imagine, e.g, a phone app that only rings if the caller provides a secret code provided by you, effectively making you reachable by phone number (public) + caller-specific code (private). You could also make that if you have the code on your addressbook, it sends it via DTMF after the call being completed.
> other than that the system cannot be repaired.
It can be repaired, it is just that the cost of these changes might be too high if mandated for all network operators.
But even if the system couldn't be repaired, the solution is not to encourage adoption of a proprietary solution. Apple already controls way too much stuff, we shouldn't give them yet another monopoly for them to exploit.
Phone numbers work fine but we're missing solid cryptographic verification systems on top of them.
Why are registered businesses not verifiable? Or at least banks and government departments? Why can't phones hold an ID in their cloud profiles so switching numbers let's your friends auto-uodate to you?
We could be doing so much better (with the goal of making it practical to whitelist only operate).
For what it's worth my solution which may not work for others is to set the default ring/text tone to "None" and then add custom ring/text tones in my address book on my little throw away flip phone. It works great for me personally. I never get distracted by bots and just mass delete their messages without even looking at them when I get around to it. This method probably will not work for people glued to their phones.
An android solution is to only ring/notify the phone for people in your contacts. It's easier than giving individuals a ring tone as unknowns get the silent treatment by default. Basically just whitelist instead of blacklist.
I'm considering doing that to my personal email. Default deny, whitelist known contacts, auto delete the junk mail folder. If I didn't have friends and family using them, I'd just outlook.com and gmail.com outright. It's frustrating how much spam they send.
I'd give anything to get rid of my phone, but almost everyone you do business with (DMV, electric/gas/water company, etc) expects you to have one. Same thing with USPS and their paper spam. At this point they're little more than government-mandated spam delivery channels. Private companies are handling the spam situation infinitely better.
I don't think I agree with that. I rarely get scams via USPS, never get explicit or potentially damaging content, the senders are all in my legal jurisdiction, and the spam arrives once per day in a manageable format. Almost all of the content is from businesses in my local area, businesses that I have previously shopped at, or political ads.
Electronically from private companies I frequently get a larger volume of spam, malware, scams, explicit content, and most of them originate outside of my legal jurisdiction to evade the law. And it's a steady stream all day, on multiple mediums.
I'd take 10x the amount of spam in my mailbox if I could get rid of all of the rest of the garbage I'm bombarded with. I obviously would rather not have any of it, but the hoops you have to jump through to send snail-mail inherently filters out most of the worst garbage.
> I'd take 10x the amount of spam in my mailbox if I could get rid of all of the rest of the garbage I'm bombarded with
I for one would not. Digital spam is easy to deal with. There are automated filters, easy ways to block them, and the few that slip through are simple to deal with. Mailbox spam is physically painful to deal with and it's a massive waste of paper.
Email is the least of my problems. If you know of any good filters for SMS, phone calls, LinkedIn, Snapchat, Instagram, etc, I'd be very interested. I have to mute all of them because it is a constant stream of garbage from all of them.
You are legally required to be reachable by mail by the US government. Unless you're planning on being an undocumented citizen living on US land off the grid, you will need a mail box.
It is without a doubt a shameful waste, but how is it physically painful? Did you get a paper cut
Personally I find it emotionally painful and depressing to deal with. It sucks to be physically confronted with the reality that my personal contact information is being passed around like a bitch in prison.
Exclude that as a sunk cost: the paper is coming to your mailbox either way. The only difference is, does the carbon get sequestered in the dump, or does it prevent another artificially-fast-growing pine from being processed into paper? Which of those options is less damaging? I don’t have the data, but I feel like it’s probably pretty close.
Long term, the paper will decompose while sitting in the landfill and then release the carbon back into the atmosphere. Even temporary sequestration is beneficial, but I don’t know whether it is still a net positive once you factor in the resources spent growing the wood, mailing the paper, and transporting it to a landfill.
Many US landfills capture methane, since they can then profitably sell/burn it. I haven't seen anything about them capturing all the CO2 emitted, which would be much trickier.
I have the idea (maybe wrongly) that people don't often use the USPS for scams because committing fraud by mail is a federal crime, and the postal service actually has inspectors with police powers who don't fool around once they get on the scent.
>I have the idea (maybe wrongly) that people don't often use the USPS for scams because committing fraud by mail is a federal crime, and the postal service actually has inspectors with police powers who don't fool around once they get on the scent.
Apparently, mail fraud[0] (via USPS) and wire fraud[1] (electronic communications) are both Federal felonies punishable by a fine and up to 20 years imprisonment.
Perhaps the difference would be FBI investigating instead of the postal inspectors?
It’s illegal to scam people electronically too. People often scam internationally to evade capture. Email is just considerably cheaper to send internationally and easier to spoof the source.
How many letters do you have to send before you find someone stupid enough to believe that they have to pay the IRS via gift card and that the IRS return address is in Russia? If anyone has tried, they went bankrupt on postage.
Sure, I could move to the woods and live off wild berries for the rest of my days. But if you want to be part of modern society, your bank will mail you your credit card, and your water company will text you a code to login and pay. Realistically, what choice do you have?
Every community decides for itself what technologies to adapt. The nearest to me have a single phone booth in the front yard of one member's house. Anyone wants to use the phone, they go there to make a call, and most only use it if they need to make an appointment at a hospital for serious illnesses.
Others not quite as close are a fair degree more liberal in what they adopt, while I imagine there's probably a few that are more strict.
My experience is based on visits to an Amish town in Ohio when I was growing up in the 2000s. I distinctly remember being surprised to see they used phones and rode in cars. But that was a long time ago and only one town of many. I didn't mean to generalize all Amish communities.
They are correct. The USPS has a universal service obligation. If you send a letter or parcel to any address in the US, the post office must deliver it.
I respectfully disagree. The postal service is held to a standard of service by a USO - Universal Service Obligation. [0]
This means it is an org mandated to accept your request for service at a reasonable price regardless of your location of residence. There is an important distinction between that, and being mandated to receive mail service. That is not a stipulation of being alive in USA.
I can understand the concept of Amish communities not having telephones or mailboxes, but that lifestyle seems inconsistent with the behavior of arguing for the merits of that lifestyle on Hacker News.
Apple Messages could have become an open standard to replace SMS, but they deliberately chose not to in the interest of locking in existing users, and locking out anyone too poor to own an iPhone. I'm not exaggerating, this is public knowledge.
Google voice has a poor shaken stir implementation that only blocks the most egregious spam calls and sms and does not let users choose to be more strict. It also does not support blocking phone numbers by pattern/prefix.
Apple Messages breaks if you temporarily use a different phone number on your cell. All chats in old threads were broken off into different threads. It was a disaster. You would think that since Apple knows this is still the same user that this would not happen?
saying stop using phone numbers and then going directly into
"hey, use this one proprietary vendor's closed source walled garden messaging app"
is NOT a solution.
people should be looking at things like Signal or custom implementations of Matrix/Element/Synapse or similar if they want real control of their two way chat communications.
So don't be like Google Pay? (Which originally used proper accounts but was switched to be based on phone numbers, specifically because the new google pay was developed targeting India, where phone number based login is considered normal thanks to apps like WhatsApp.)
I’m a new WhatsApp user. My exchange students and Au Pair use it as their primary communication. I have been fighting tooth and nail to avoid giving it access to my contacts. You can’t do much without that, even though it’s totally adjacent to purpose of the service.
I use Apple's Messages. If someone spams me, I report them. They're blocked and have to go through the extra work of setting up a new account to try again.
Compare this with, say, Google. Gmail lets spammers / scammers have limitless accounts and they don't do shit when an account is reported for spam. You can block and report Gmail spammers all day long and you'll get nowhere.
WhatsApp apparently still uses phone numbers, and they're owned by a company that wants engagement at ANY price. Are any of us really so dumb that we think they're going to do the right thing?