I like what Mozilla has been doing with their services, but they have built a very confusing business model of many micro services that I just don't see a ton of people signing up for as independent subscriptions.
Why not bundle them all as one membership? Pocket, Mozilla VPN, Relay, Monitor, and whatever services they can scrape up premium options and features for to give them value?
Great to hear!
One suggestion; I think it would be great to have an integration with smartphones Contact apps. This way a user can leverage autocomplete and do not disturb rules on mobile.
i would like this too. i think you can do it with apple email relay.
currently i have example.com as my email, which i use with mailbox.org, would it be possible to keep using it with mailbox.org and then for mozilla to allow it to be used for email relays? e.g.
I assume this means you have an MX record at example.com pointing to your/mailbox.org SMTP server? AIUI, a sending MTA will look up the MX record for example.com by preference order and will deliver emails to the first server that accepts the connection.
So it may depend if you can configure your mailbox.org account/server to reject connections from servers trying to send mail to unknown addresses? Then the sending MTA server might "fail over" to the Relay server instead?
I can't tell if /s is missing or not but Mozilla had a standalone password manager eventually it changed its name to Lockwise, and once all my passwords were in it, they sunsetted it even quicker than a google product.
It's still a thing, they only got rid of the standalone app. Now it's just part of the actual Firefox app though you can apparently use it to autofill in other apps on android at least.
Maybe you use it as part of a multi-layered approach to personal digital privacy.
Without having hired a lawyer to dissect the TOS and Privacy Policy for Mozilla's new service here, I'm going to assume for the sake of argument that they will not sell the data to brokers. If that is true, then it's one more way to try and keep your true PII out of circulation. For instance, maybe you pair this with a high quality VPN offering, browser plugins or whole-network based stuff like pi-hole/etc along with also using aliased credit card numbers through services like Privacy.com or other similar offerings. Then when you "sign up for an account" or "make online purchase" you could use name like John Smith, private/aliased email, etc etc... This just puts distance between your activity and your true identity.
With all that setup you have at least _some_ chance of evading a decent amount of the persistent and invasive tracking that is beginning to be top of mind for many people.
Service-unique email / username + service-unique credit card is good enough for, I'd estimate, 95% of people.
You are trying to avoid wholesale scoops of info and automated credential stuffing. If your threat model is people specifically seeking out and targeting you: godspeed.
Yeah, I'm a little confused on the use case for this. I guess I could put all of the annoying services that demand a phone number for totally-only-security purposes-trust-us into a "bucket" number. It doesn't sound like it is a feature but I'd prefer that calls and texts to that number just be outright ignored unless I've turned the number on temporarily for verification. But since they have started rejecting VOIP numbers for verification, and now even prepaid phone numbers (!) for verification I feel like this probably won't work for that either.
I personally only use prepaid cards so a service that makes them appear like post paid might be useful on its own though.
The fact that you only get one number and you can't change is seems to blunt some of the utility. Ideally you'd want a separate number for each service and to have them all turned off, to block identifying you as the same user of different services. Not quite as easy to do with finite numbers as with email address suffixes.
I wonder if you could use this like 5sim or other shady text verification services by just remaking a monthly account. I suspect that is not the idea here and probably forbidden, otherwise they'd let you change numbers.
> If you find yourself receiving too many unwanted spam calls or texts, you can easily turn it off for all phone numbers or select the specific ones you want to block.
So it sounds like if your aliased phone number has issues, you can block those specific ones. In theory, you can do that now from your phone, for individual numbers, but it isn't applied if you switch devices. So it's a very moderate improvement.
Additionally, your existing phone number is probably already overwhelmingly accessible to robo-callers, i.e. the cat is already out of the bag.
This is definitely just the first step; we've got lots of ideas for additional protections we could add, and are monitoring usage and feedback [1] to inform our roadmap.
What this first version gives you is a way to add a tier of trust to your phone number: your Relay number for untrustworthy partners, and your true phone number for important things. That means that data leaks of untrustworthy services can no longer be linked to the important ones through your phone number. Additionally, if you receive a phishing call to your Relay number, that's an extra red flag that it might not be who they say it is.
>This is definitely just the first step; we've got lots of ideas for additional protections we could add, and are monitoring usage and feedback [1] to inform our roadmap.
Yes, and I don't doubt in the least that it may become the third best thing in life after icecream and sliced bread, but right now its usage cases and advantages seem not clear.
Maybe it could be useful to people that lose/get stolen their phone/number, since this mask is "centralized" you change the connected "real" number to a new one only in one place instead of updating several places where the old real number is stored.
>Additionally, if you receive a phishing call to your Relay number, that's an extra red flag that it might not be who they say it is.
I still don't understand.
If I use this relay, giving this mask number to three different organizations for - say - 2FA or emergency recovery or similar, any call or SMS to that number must come from one of the three (untill it is leaked).
Once it is leaked it may still come from any of the three or from someone who is attempting a phishing call, what is the difference against a "main" number or a spare "burner" one?
Like email masks, we recommend using the phone mask for untrusted organisations. In other words, if you need to provide a phone number to get a shopping coupon, use your Relay number. If your bank wants to do 2FA via SMS (please no, but you know how banks are...), provide your true number.
Now, if you get a phishing attempt that looks like it's from your bank, but it's sent to your Relay number, that should be an additional sign that it's unlikely to actually be from your bank.
Still, I see no differences with a second number/burner phone.
For e-mails, a strategy I used and that worked (at a time I had a domain with its own mail server) is to give a "non-existing" e-mail, like specificsite@mydomain.com, the mail server was set to have a "catch-all" account, so specificsite@mydomain.com would arrive (together with messages to anything@mydomain.com, etc.) to this catch-all inbox, while identifying by the address used the "source".
With telephone numbers, a possibility would be to fake a PBX with internal numbers (no idea if it is feasible) i.e. if the relay main number is 123456789, have it working with added "internal" numbers, such as 123456789101, 123456789102, etc.
> Still, I see no differences with a second number/burner phone.
That's because that's essentially what this is :)
And yes, that's how Relay for email works (although instead of using mydomain.com, you use mozmail.com, so your different email masks can't be linked together).
We'd definitely like to support a similar pattern for phones, but we still have to figure out a way to do that. Using extensions is one thing we'll be looking at (was also suggested at [1]), but a challenge there is that many services have rather strict validation rules on phone numbers that will disallow that. But it might still be worth it, so stay tuned!
I'm not terribly familiar with Google Voice (it also isn't available in my country...), but they look similar in terms of functionality at this point in time. For me personally, the primary reasons to go with Relay would be that I'm already trying to move away from Google as much as possible for privacy reasons, that I'm already using Relay for email masking, and that Relay is explicitly focused on the privacy use case and will keep evolving in that direction.
I can relate to the privacy-focused goal of getting away from google however Google Voice is free. Sadly I think having a competing free Google product that accomplishes most of the same things is going to hurt adoption of the Firefox relay product (which is paid)
I effectively did this with Google Voice back when.
I would give marketers my Google voice number, it had better interface (and on cloud instead on device) contact management. I could send non favorites to a voice identification prompt (voiding all slow recordings or agents making multi calls that have a pickup delay) and for the final small percentage voice transcripts that I could determine if important.
Or for craigslist, I could forward calls to a phone for a short period of time, then turn off forwarding.
I still use google voice like that, give it out when I absolutely have to give a phone number (because they verify by text or whatever) but have the app set to silent.
Google does a really good job of filtering out the telemarketing calls so the rare message is usually valid.
Pretty much the only time I have to open the app is this one stupid company (coughWalmartcough) which insists on doing 2FA via text every single time I want to check the balance on my prepaid debit card.
I think the idea is to give your real email and phone number to real friends and family; then you use the relayed one with online services who might sell or lose the data. Then you could presumably ditch the related info after the spam gets to be too much? Or maybe you just do it to be more anonymous?
But - originally - you give a number (be it real or Mozilla or "burner") in order to be contacted by someone (and then somehow it was leaked to the robocallers).
The moment you change or abandon the number (be it Mozilla or "burner") that someone won't be able to contact you anymore.
But if you keep it, with the burner at least that someone will still be able to call you at the end of the month (when the the robocallers will have already eaten the 50 minutes allowed by Mozilla).
It would kind of make sense if you could "open" the relay when you need to 2fa, and then you close it again after. With this usepattern you would only need one alias, that would be closed 99.9% of the time.
But if you can use a unique number per service, you now know which company is selling your PII and you could address that either by switching to a competitor or, depending on the legal specifics, sue/expose them.
That's a shame, it wasn't entirely clear from the article but I assumed it must be multiple numbers since it didn't seem to me like it would be all that useful otherwise.
> Also, probably wont work for services that require a phone number but don't accept VOIP numbers.
I'm running into an increasing number of these, and it's annoying because I use Google Voice as my primary phone number. Using VOIP is important for me because I travel frequently between the US and EU.
Aside from being inconvenient for me, I take blocking VOIP as a red flag that the service might want to misuse my phone number.
Totally agree, this should be a telephone version of a spam folder. I have a legacy google voice plan that I use for this, but would be happy to pay a couple bucks a month to Mozilla for a comparable service.
If y'all are interested in something like this, let me know. I wrote a service exactly like this [0] and it sort of flopped because the marketing plan was bad and I struggled to crack my (poorly chosen) target market of 'privacyfreaks'.
If you want to re-co-found with me on marketing / sales, hit me up: maddie+hn[at]qnzl.co. I tried some pivots, sucked at marketing it, I occasionally get asked about where it went.
---
If anyone wants to run their own instance using Twilio, I open-sourced the basic structure of my previous service [1] so it should be fairly plug-and-play to do this cheaper ($1 per number + small usage fee) and for more numbers.
My caveat about this is some services will silently ignore you if you try to use a virtual number. It's more useful for IRL where you don't want to throw your real number around much.
ya that's useful. I do like this service. I have noticed more and more that people are asking for phone numbers for app registration and even in person I have seen this. A phone number to me is private and personal.
The firefox service is priced well but 75 texts and 50 minutes of voice is fairly limited. The burner phone services that exist are too sketchy and too expensive for my taste.
I don't like marketing or sales but if you could market yourself as a privacy focused, Free/Libre solution that wasn't a sketchy fly by night operation and offered more than a closed source phone app I would subscribe.
Twilio itself seems to be oriented towards businesses and not individuals which is why I did not sign up with them.
"Since 2013, Hushed has offered consumers affordable private phone number solutions with fully equipped talk and text capabilities. With an expansive selection of phone numbers from over 300 area codes in the US, Canada, and UK, our goal is to provide a secure telecommunication experience for users around the world. Hushed offers mobile and local phone numbers from a variety of countries and area codes. We pride ourselves on the high-quality service we offer all our customers, and we believe that protecting your privacy is of the utmost importance."
Maybe this is a good place to ask: I'm a British expat living in the USA, and for a while now I've wanted a service which provides a British phone number, and forwards calls and texts to my US number, while also allowing me to send texts and make calls "from" the UK number if I want to.
It looks like I might be able to do this with Twilio, but I'm not a developer, and quickly got frustrated trying to build what I wanted.
Is there a service that will do this for me at a reasonable price?
Check out Andrews & Arnold. They provide real 07 numbers that aren't classified as VoIP by most providers, so they will actually work fine for most online services too.
(my company resells these with some add-on services on top, but for your use-case you're better off just going to the source directly)
I was tempted by this but I've heard they'll shut down your service if they figure out you're outside the UK? I still have a UK number at the moment but if I could port to A&A without worrying about this I totally would.
Maybe just reach out, they take pride in their support and are very accommodating. If their concern is about payment, you may get around that by offering to prepay for a year's worth of usage upfront.
I think TextNow offers a better solution and I've been using it to do this for quite some time and it doesn't require any kind of forwarding. I can send/receive calls and messages directly from within its app and recycle numbers at any time - all for free (ad supported). Calls are of great quality too and it even includes voicemail. If I really like a number and want to lock it (to also receive 2FA codes), it's a yearly $7 fee. Works with area codes in US and Canada.
I think there are other options like Fongo and probably a dozen other similar services that already have been doing this for some time. Not really seeing the value proposition of going with the Mozilla option here. Am I missing something?
I silently miss so many incoming calls with TextNow and from reviews it seems I'm not the only one, but I don't really know another option for a Canadian number.
I have heard similar things from friends that use it on iOS but on Android, I haven't missed any call I was expecting. Even when I've lost connection to data (e.g., in an elevator or something) and a call was made, at least I see the missed call notification after my data was restored. Fongo is another option for a Canadian option.
> Each month you will receive up to 50 minutes for incoming calls and 75 text messages. All phone number masking plans will include unlimited email masking. The cost is $3.99 a month for an annual plan or $4.99 a month for a monthly plan.
So you pay $4-5 per month and you're still limited? I was expecting there would be some free amount and after that it's paid.
Google Voice numbers are reported as landlines, there seems to be some way to verify that a number is actually mobile. Very likely that Mozilla's report as landline. Banks (capital one) have definitely balked at my google voice number.
What these burner numbers are great for are rewards programs. I sign up for every one I can with my GV number!
When I look up my Google Voice number, it shows up as VoIP (not quite landline) with the carrier being Grand Central - SVR. It seems likely that Mozilla's service will similarly show up as VoIP. Some places are filtering VoIP numbers from their SMS verification schemes, but most places will let you sign up for promotional texts from a VoIP number.
There was something recently around a game which was able to detect if a user's phone number was on a prepaid or postpaid plan. I had no idea carriers share this information with others.
I'd be very interested to know if they work for SMS-only applications. I guess it's only $5 to try and find out. If anyone has tried, please report back!
> Next, you will be prompted to verify your true phone number where the calls and texts will be forwarded to via text message. After verification, we will generate your phone number mask.
Doesn't feel necessary to me really. I've never ever been in the need for an incoming call, just for sms. And I'd much rather have them sent to an email rather than my actual phone too (and then I wouldn't need to share my phone number with this service either). That would be a real use-case for me. But paying a monthly subscription for that twice a year sms isn't that great either.
I currently have a pre-paid sim and an old phone for this usecase. It kind of sucks and I don't have access to it when I'm not home (sure, there are ways to sync this but haven't felt a big enough need for it yet).
This looks nice. I'm currently using Tutanota and love it. Seems like it would be possible to connect this with Firefox Relay, digging into it a bit more!
Spam calls are not the reason it is bad to give your number out; it isn’t related to calls at all.
Your number is your permanent cross-app, cross-company tracking identifier. It is a lookup key for your name, address, income bracket, email, spam history, etc.
This is why so many apps require it during signup.
> this feature is available in the U.S. and Canada
Bummer. Before reading this, I was so excited, since robocalls and sketchy SMS messages with malware payloads have plagued my phone for years, and now it's not available to me (I'm in the EU).
Just set up an email service and everything and start offering similiarities to Google's web ecosystem already. Mozilla doesn't need to worry about devices or a cloud division, or even a search engine (yet? Brave has one).
The slower they are to realize they need to do all that to stay relevant, the faster Firefox's market share shrinks
It would be great if someone could package several virtual services into one app. Virtual cc number, virtual email address, virtual phone number all with one click. That way I can sign up for some in-store membership with working info, get the discount, and never worry about my info being compromised.
I use Fastmail for what they call Masked Email, and Privacy.com for unique debit cards for shopping online. They both integrate with 1Password. So when I sign up for a new account, 1Password generates a Masked Email, a random password, and a unique debit card, and saves it all, and I LOVE IT!
This service seems interesting for people who are establishing net new phone numbers, but for those of us who have existing numbers they've been using, the barn door is already open. This wouldn't get us off existing lists.
They could still so easily regain much of their lost trust by sincerely apologising for their cock-ups (dodgy studies/data-collection, addons-fiasco, etc) and their political shilling; and yet, they do not.
The sewage they keep pumping out on their blog, and spaffing money on expensive rebrands, is turning-off the users who keep Mozilla alive.
Given how much they're doing for Google's market-share with this blatant self-sabotage, you'd be forgiven for thinking Mozilla is being run by Google.
Is someone at Mozilla willing to share some technical details about how this is implemented under the covers? The main thing I’m curious about is:
Can the ability to have multiple relay numbers tied to 1 real number be added relatively easily by scaling your technical architecture, or is there some non-marginal underlying cost to each additional relay number that would make such a feature too expensive to support at this price point?
As I understand it there's a cost to every number, which is why we're limiting it to just one number at the moment. (Though we'd definitely have loved to implement it the same way we do email masks; if we do find a way to cost-effectively do so, I'm sure we will.)
This is cool. I've recently been thinking about getting a "burner" number for sharing outside my immediate circle.
Same for email - the idea would be to have a phone/email for public consumption and then a separate address and number for my inner circle of family/friends.
Not worth it. I have a Google Voice number (free, easy, good UX). Now it’s a constant juggle of “which number did I give”. Especially since you presumably have already given away your current number. Even if you go all-in on burner number, there’s a question of longevity and risk. Do you give it to government? Do you give it to banks? Etc
> throwing a given problematic number away would already solve so much.
The search space of valid numbers is very small compared to email. A throw away number is surely a number that has already been trashed by dozens of users before you. It’d be useless unless you can make everyone forget it between users.
My personal cell number is 20 years old and gets almost no spam besides a rare robo call. Any throw away number I’ve acquire has a sordid history of being used as a honeypot it seems because it’s a cesspool.
Same. Though for email there are good services like Fastmail (and likely many others) which already offer this and other benefits for a nominal subscription fee.
I haven't implemented this idea yet, but what stops us from just buying Twilio credits, getting a number through them and then writing a bit of glue code to their API to pull down SMS messages (for things like 2-factor codes, etc) and route them wherever we find personally convenient? Maybe Twilio is also selling our customer data paired with these numbers to data brokers, though, IDK. It's just a fleeting idea I've had.
Thank you! I'm going to check this out. A question about a comment you made elsewhere herein:
> My caveat about this is some services will silently ignore you if you try to use a virtual number. It's more useful for IRL where you don't want to throw your real number around much.
How, specifically, do other services detect this? Is it like with IP address space where it's possible to determine things like "this C block belongs to Entity X, Inc"? Are you aware of mechanisms to avoid this detection/blocking that don't require using a "real" number.
> How, specifically, do other services detect this?
I don't actually know specifically. I assume there are two different ways:
- The service is using Verify / Authy, which is owned by Twilio so likely Twilio themselves discourage it
- Looking up the number either through Twilio or some sort of central subscriber database. All virtual numbers are described as virtual numbers.
> Are you aware of mechanisms to avoid this detection/blocking that don't require using a "real" number.
Definitely gets into ethically gray areas since that would be super useful to nefarious people. I don't actually know for sure. I know from the recent Blizzard mobile 2FA controversy that this issue expands to also prepaid phone numbers.
So I don't know of a definitive way to get around it beyond using a postpaid number.
Somewhat related, near the end of my above mentioned service, I had pivoted into trying to launch a "21st century phone service" complete with SIM cards provided by Twilio.
The issue? They were still considered virtual numbers. At the time, in Twilio's defense, I was somewhat misusing their service because their SIMs were intended for IoT purposes not actual cellphone usage. That's all to say, it's likely provider / subscriber level vs something you can individually spoof.
> what stops us from just buying Twilio credits, getting a number through them
I was considering exactly this, or potentially getting a second mobile number via eSIM on my phone (which feels a bit more "permanent" but that might be delusion...)
I feel like we have very different expectations of what recruiters can and will do with personal information. I'm from within the EU, you?
Not that they don't share your email to other persons working for the same company (I've had some name I never heard of from RecruitCorp email me seven years after I last talked to someone from RecruitCorp), or I could imagine they keep their contacts when moving into / out of self-employment, but that's a far cry from public.
As someone in the UK and used to dealing with UK-based recruitment agencies, I didn't understand the recruiter hate until I had my first experience with one of those shitty "agencies" that claims to be in the UK (or whatever they're targeting) but is actually ran from a third-world call center right next to the tech support scammers. When it comes to those, obviously all bets are off when it comes to your personal information, and the recruitment industry in the US seems to be saturated with this scum much more so than in the EU.
However, even legitimate recruiters can be a problem if you get too many of them. I recently had to rotate my business number because I was getting pretty much one call a day from someone wanting to "have a chat". They're all nice, courteous and seem to know what they're doing, but the sheer quantity became a major problem especially when you're already fully booked and aren't open to new business.
Yes, recently I was on a spree, receiving roughly 40 calls a day, I had to set my phone to not accept calls outside contacts, but then what is even the point of having a phone number at all.
The only way to really prevent it is to allowlist specific numbers you know will call the number and send "Number disconnected" signals for the rest. Eventually, the number gets quieter until it can be reached again.
The ideal setup would be to have a private number that you never give out that denies anyone not on your allow then use throwaway numbers you can turn on and off as you need them.
I used to have it where I would give numbers out then only have them 'active' when I was expecting a call.
My original hypothesis was that the numbers were harvested, my new one (and likely correct) is that numbers are randomly dialed.
> The only way to really prevent it is to allowlist specific numbers you know will call the number and send "Number disconnected" signals for the rest.
> Since launching in 2020, Firefox Relay – a privacy-first product that hides your real email address to help protect your identity – has blocked more than 1.3 million unwanted emails
Gmail might block the same 1.3M unwanted emails every... minute?
Isn't this Google Voice which was once Grand Central (12 years ago)?
Forward your phone number to a different number through gvoice. For email, add a '+' symbol to your email address and filter them out if they get abusive.
Right, because adding *more* anonymity to our tech is precisely what we need to enable more bad actors to do whatever they want without facing any repercussions.
slow clap
I am all for privacy, but many so-called privacy-centric tech “solutions” are simultaneously crime-enablers. Things need to be fixed at the legislative level, not by opening more pandora’s meta-crypto-app-boxes.
> Currently, this feature is available in the U.S. and Canada. As we roll out this feature, we will explore how we can expand this offering to outbound calls and texts, as well as to other regions.
(Edited to add:) And I feel your pain - I'm a Relay engineer in the Netherlands, and I can't even use this myself... But unfortunately, it's not easy to offer this elsewhere at a reasonable price, so we're still figuring that out.
Why not bundle them all as one membership? Pocket, Mozilla VPN, Relay, Monitor, and whatever services they can scrape up premium options and features for to give them value?