
I would rather drink piss like Bear Grylls than log in with Facebook - melissamiranda
http://dickbrouwer.com/post/16748664071/facebook-perils
======
AlexandrB
I don't care about apps using my Facebook data (what little there is). I don't
trust Facebook not to use data from/about apps that I use. That's why I would
never use my Facebook ID to log in to anything.

Actually I can come up with a better summary: I don't trust Facebook

~~~
melissamiranda
Just curious, why don't you trust Facebook? Did you trust them at one point in
time? What made you lose your trust?

I'm a designer so it's interesting to me what's behind all the Facebook hate.

~~~
joering2
I dont know how much of value I can bring here, but I can tell you what would
make me love Facebook (love opposite to hate).

If they would charge me $5/month for an account BUT give me fair, solid and
reasonable TOS that I own my data and they DONT make money off of my eyeballs
and clicks under some sort of a penalty. And throw an Independent Board of
Facebook Policy-makers so its not that one hacker own majority of the vote.

You can try to revert this and get your answer out of it.

~~~
melissamiranda
Super interesting. I wonder what would happen if Facebook would implement a
subscription service that shows no ads and lets you own and control your data.
It's not a bad idea- I'll see if a friend at Fb will ask Zuckerberg if they've
ever considered this.

~~~
joering2
no need to -- I will answer you. Its not feasible in FB current situation. IF
they make $100 per year per user already on showing
ads/tracking/selling/analyzing/whatever they do to make a buck, then going
down to $5/month/user and shifting from paying advertiser to paying user would
make it a ghost town. Bottom line: I think most people enjoy what they get out
of FB even if they data is being used/sold and they are, up to some point,
aware of it.

~~~
icebraining
1) They don't make $100/user/year, not even close. They have 800M users and
made 4.27B$ last year. That's $5.33 per user _per year_.

Even considering their number of active users is bunk, there's no way they've
reach anything close to $100/user/year - that would mean they only had 42M
users.

2) I don't think the suggestion was for them to shift to another revenue
model, I think it was to give the _option_ of subscribing. Much like many
other sites e.g. Slashdot, Reddit, etc. Most people would probably still
choose the free option.

~~~
sofifonfek
1) you're missing a few figures and the whole picture, by the conservative
estimation Zuckerberg will make 16 billions with the ipo so he personally made
~20 bucks per registered user. Selling ads is pocket money, at the end of the
day the wealth is in the mega database of the user data. See, paying users can
choose to take their dollars elsewhere so you have to give them what they
want, if it's gratis people flock on the service and lack the incentive to go
away if the service is somewhat unsatisfying so you can impose whatever you
want to them.

2) they can't offer such an option, facebook is a machine designed to collect,
store, hold and aggregate user data and they built a business model out of it.
Putting the user in control of its data is the opposite of what facebook
wants. You can't really compare the subscription of news aggregator websites
and an hypothetical subscription on facebook. Facebook is unique in the fact
that it holds user personal data and has a strong grasp on it through heavy
vendor lock-in, you can easily leave slashdot or reddit and get your news
elsewhere from an alternative but you can't leave facebook easily because they
have your data, data you need in your daily use and there's nowhere to go to
to find an equivalent.

------
waleedka
Before blaming the 50% drop-off on Facebook, you should measure the drop-off
of the ID/password approach and compare the two. I would expect the drop-off
for any login method to be relatively high on mobile apps. Anyone has data
they can share?

~~~
franze
i know the stats of some websites(or webapps if you like to call them as such)
which started years ago with user/pass and after integrating fb got a major
better sign-up rate. most logged-in users now use the site via fb.

either mobile is majorly different, the tinyreview adopter group is majorly
different, their product is majorly different or their analysis is flawed (as
you have pointed out correctly)

~~~
dikbrouwer
FYI, here is another perspective on FB Connect signup:
[http://damurillo.tumblr.com/post/9214057988/disappointment-w...](http://damurillo.tumblr.com/post/9214057988/disappointment-
with-facebook-connect)

------
pdenya
Actual Headline: "Tiny Review and the Perils of Facebook Login"

Realistic Headline: "Tiny Review and the Perils of only offering Facebook
Login"

~~~
dikbrouwer
Agreed, the headline comes from a real email from one of our users. It's just
one of many pretty direct responses to (only) fb auth (I'm the author)

------
ghayes
What always shocks me is that _if you have a traditional sign-in method,
people will be more likely to Facebook Auth_. Well, that's been the case for
me. People enjoy the ease of logging in with Facebook, but are weary of its
repercussions.

Also, I would love to see more sites that Facebook Auth to just asking for
e-mail address permission and that's it. Just simply as a log-in tool..

~~~
rhizome
I wouldn't be surprised if people think that offering _only_ FB login means
you're trying to exploit on FB specifically, but if you have self-login as
well it means you're not trying to force them into it.

~~~
billybob
This is how I perceive Spotify. I can't sign up for it because I deleted my FB
account. FB as the only option makes me think they must want to datamine me as
hard as possible.

~~~
FaceKicker
I don't really understand what Spotify is thinking with the FB-only login. I
get that it's free advertising and data for them, but it seems like there's
probably a very large percentage of potential users who are uncomfortable with
spamming each one of their FB friends every time they listen to a song (not to
mention "guilty pleasure songs" that people would be embarrassed to listen to
knowing that everyone will see it).

~~~
pavel_lishin
I was under the impression that you could turn this off; and that the people
who actually care whether they're spamming their friends or not would go to
the trouble of doing so.

~~~
FaceKicker
Ah, if that's true I didn't know. I think I sort of assumed that if it could
be turned off, pretty much everyone would (and I've only ever seen
technologically competent people posting these ticker stories), but I guess
not.

~~~
pavel_lishin
> I think I sort of assumed that if it could be turned off, pretty much
> everyone would

There's no incentive for me, as a college derp, to turn it off - after all,
it's not impacting _my_ experience on Facebook. Sure, everyone else's feeds
are annoying, but it's like a mix of the prisoner's dilemma and the tragedy of
the commons.

Not to mention, you can hide truly annoying feeds - but again, most people
don't care.

My solution is no longer visiting Facebook. I keep my account because it's
still the least inconvenient way to plan events.

------
alan_cx
Are there any over all stats as to how the general public feel about all this?

Its cool that all us techie types knowing all about these issues, but does the
average mug user know, or know enough to care? Most of the "normal" people I
know don't even consider this sort of stuff, they just go along with it.
"Yeah, whatever", seems to be the usual response. You can see them glaze over
and mentally shut down if I dare try to explain it. That sort of go in to
"conspiracy nut" mode.

------
esm23
I'm currently building a social media news aggregation site, and was
considering the merits of using a Facebook/Twitter only login/comment
services. Do you believe most potential users would be opposed to this? If
using these services we would be very clear about privacy issues and
options,giving our users the option of restricting their activities to our
network, and not sharing the information with facebook/twitter if the user
would choose not to. Also in our service agreement and in practice we would
restrict our use of our users information to strictly what they share with us,
not datamining them, which in my opinion violates peoples privacy. There is a
lot of upside in my opinion with using the Facebook/twitter login. They are
the 2 dominant social media platforms, in which our potential users are bound
to have their strongest ties. If they choose to share their activities on our
site with their social media network of choice, it would be their way of
advertising a service they are using (and presumably enjoying if they are
participating on the site), which would help our service attract users. Would
appreciate any feedback and advice, especially pointing out where im wrong :)

~~~
possibilistic
I can't speak for everyone, but please just take my email address. There is no
Facebook or Google Plus in my life, and I don't use my old Twitter account. I
only keep up with a handful of people--something I can do with email and
phone; I don't want to give glorified marketers another tool for spying on me.
For me personally, the web is just a means to gain and exchange useful
information to aid in my academic life; I like to stay "disconnected", if that
makes sense.

Everyone uses the web differently. I understand that other (much larger)
demographics have no problem with single sign on and that you can perhaps get
to market faster without implementing a dedicated sign up system. I respect
that.

I do like "social" (I hate that word) news sites; a tool to help cull non-
interest items, prioritize on key interests, and introduce novel information
from users who share similar interest graphs would help me out enormously.

I don't want to derail the topic, but has anyone given a thought as to whether
aggregation (and distribution and reader functionality) could work in a
decentralized, p2p manner? Without relying on a central authority of any kind?

I would love a scaled-down, low-bandwidth bittorrent-type app that delivers
news items (with highlighted commentary) to my devices, already wrapped in an
readability like interface, collected from among my "interest graph peers".
That way, the mining/ML algorithms and processing overhead can be implemented
and tweaked by me.

~~~
icebraining
_I don't want to derail the topic, but has anyone given a thought as to
whether aggregation (and distribution and reader functionality) could work in
a decentralized, p2p manner? Without relying on a central authority of any
kind?_

I think that's Usenet (cue George Santayana's quote).

It doesn't have a centralized authority, it's delivered in machine readable
formats (so you can easily process it), it has plenty of readers, etc.

------
mbeswetherick
There is something sleazy about Facebook that extends beyond privacy failures.
I don't like the idea of blending a new community I'm about to join with the
filth on my Facebook friends list. I think this mostly applies to younger
people who ended up adding everyone they knew through high school: my Facebook
friends are mostly just an accumulation of people I don't really care about.

If I wanted to join a network separate from Facebook, why would I want that
network to have access to my Facebook?

I use Spotify and Songkick reluctantly only because they are great services.
Facebook is a great way to get your name out there, but I'd rather fill out a
few text fields than have a service I want to use depend on Facebook.

People join new networks to get away from Facebook, not extend it into every
sector of their lives.

~~~
icebraining
_If I wanted to join a network separate from Facebook, why would I want that
network to have access to my Facebook?_

Possibly because that network offers thing that FB doesn't, even if you don't
have a problem with it.

 _People join new networks to get away from Facebook, not extend it into every
sector of their lives._

Are you sure you aren't attributing your own personal opinions to others? Not
wanting to login using FB has other possible explanations, like not trusting
the new site/app not to spam your friends. It's not necessarily trying to "get
away" from Facebook.

------
jseims
What gets me is it's 2012 and we _still_ have to keep solving account
management over and over. It's a big bucket of word dealing with multiple
signup methods, resetting passwords, profile pictures, etc.

I wish there were an open source project that unified best practices (in
various tech stacks).

~~~
melissamiranda
Open ID tried and failed. What I see now is more developers creating their own
registration auth. Even if they lose on signup conversions vs. 1-click Fb or
Twitter, they avoid duplicate account mixups.

~~~
18pfsmt
Most of the discussions on HN surrounding privacy and FB usually have several
mentions of a creation of a 2nd acct (as you've seen), but also mention
Mozilla's BrowserID project: <https://browserid.org/>

------
daimyoyo
I have found a compromise that works well for me when I'm asked to login with
facebook. I have created an account that exists solely for situations like
this. That way I can use whatever site or app I want and its not connected to
me.

~~~
melissamiranda
Interesting. Anyone else out there have a second Fb account just to login?

~~~
Selvik
Me, but _they_ have your data anyway cause of your ip. It's more so that they
won't suddenly start posting my spotify playlists or whatever.

~~~
icebraining
If they did tracking based on IPs, they'd get some pretty screwed up results.
My university alone has hundreds of FB users behind a dozen IPs or less. Even
my home alone has two.

~~~
Selvik
Yeah, but you're probably the only one who's account is connected to both of
those and some other places you've been at various times. Or? (I don't really
know what I'm talking about.)

------
adrian201
1\. I think the on-boarding process to an app is probably more crucial the app
itself. This is purely anecdotal, but as an early adopter whenever I go
through the trouble of downloading an app which greets me with “Create An
Account”, I'm almost always immediately turned off. In some cases I've just
excited the app and hit un-install. The last thing I need is another account,
with a service I may not use for more than 15mins.

I think the best process is to give users a feel for your product without an
account being necessary. Maybe it's just in READ mode with the ability to
WRITE enabled upon signup. Or just simply ask for an email address which is
then used as a unique identifier for your account. Oink did this awhile back.

2\. I think the Facebook hate is miss-placed. Do you really hate Facebook
(provider of a tool) or those who spam you via Facebook (users of the tool)?
If you're so worried about Facebook tracking you offsite, why have an account
at all? They're in the business of collecting, optimizing, and monetizing the
social graph. If their platform has more 'cons' than 'pros' I think you should
ditch it and keep your tin foil hat on. I myself use it, with my tin foil hat
on, but don't go through the hoops to block it as some of you are doing.

~~~
sofifonfek
>2\. I think the Facebook hate is miss-placed. Do you really hate Facebook
(provider of a tool) or those who spam you via Facebook (users of the tool)?
If you're so worried about Facebook tracking you offsite, why have an account
at all?

I think it is right on. Both because the tool shapes the usage (if your only
tool is hammer, all problems look like nails). I don't have one.

------
scott_to_s
There are no doubt a lot of users like me: I don't have a Facebook account,
and I will _never_ have a Facebook account. The result of my personal policy
and utter dislike of Facebook is that as soon as I see a Facebook login popup
on a new app, I immediately close the tab. Then again, perhaps you don't want
customers like me!

~~~
sofifonfek
Same here and sometimes I wonder if those who provide facebook only login
would consider answering the phone 1 out of 10 times by saying "fuck off" and
hanging up a good business practice, because that's basically what they are
doing.

"hey we have this fantastic service offering this and that, but we don't want
you to use it (unless you register to a third party whose sole purpose is to
collect as much personal data on you as possible and has a long history of
privacy issues)". Best sales pitch ever.

------
natasham25
We had the same exact experience with out app. It was Facebook login only, and
we got a 50% drop in conversion, bad app store reviews, and some of the people
who tried to login couldn't because Facebook login either didn't work or was
really slow.

------
sofifonfek
I never register a facebook account and there's no way I will regsiter to
facebook just to use an app even if its _the_ killer app.

I trust facebook for snooping in on the data provided by 3rd party apps,
they've been doing all the dirty tricks of the book since they started.

why no facebook account for me ? because it was obvious from the beginning
where facebook was heading with a business rooted in linking real world
identities and online activities. They are basically building a closed
facebooknet to compete with the open web and internet. There's no way I would
be part or support a closed and proprietary internet.

------
lordlicorice
The funny thing is that they've basically admitted that they didn't want to
take the time to build a community system capable of dealing with anonymous
users or users identified only by some number. The problem with these
featureless micro-apps is that you have 20 different tools which cost you
little to nothing but are garbage. Either abandon the idea of one-feature apps
and incorporate your functionality in a not-quite-as-slick general platform,
or double down and make your app work with anonymity.

------
AznHisoka
Hmm good points. Also, what if you create an account with Facebook, and then
later decide to deactivate your Facebook, what happens to that account you
just created?

~~~
ghayes
When I use Facebook Auth in my applications, I create a''User'' account with
the clients e-mail address and a nil password. My users can then use "Password
Recovery" to get a password for traditional login.

~~~
melissamiranda
Smarty pants. This is a good way to think ahead.

------
arjn
I would too. I've not been on Facebook since 2007 and it annoys me to see a
growing number of web-sites/apps using FB for login. (Same complaint for
twitter)

------
smackfu
Main problem with Facebook only login is that the 5% that care wi rate your
app one star until they cows come home.

------
neuromancer2600
I usually use a fake Facebook account (with a couple of other fake friends)
first. And only after I see how the app is behaving and if I see a real
benefit to give access to my real friends, I might consider logging in with my
real name and Facebook account.

------
Melyan
Here's a proposal: use your email address. Period. No password. Take your
average bulletin board--you're probably not going to use your email address as
your nym anyway. Even if you do, what do you lose if someone impersonates you?

------
GiraffeNecktie
I'd be happy to log in with Facebook, but every single time I've tried to do
it, Facebook informs me that the application wants to help itself to my
contacts, my wall etc etc etc. Now I don't bother.

~~~
sofifonfek
The funny part is that for a long time they just did it without informing you
and no one complained. _cough_ zynga _cough_

------
zak_mc_kracken
Create a fake, empty Facebook account, use it everywhere to log in.

Problem solved.

~~~
melissamiranda
Ok, that makes 2 of you who have fake Facebook login accounts to login. Anyone
else?

~~~
mappu
Two people out of (currently) 47 comments. The number of people using this
technique is probably statistically significant (i know lots of my friends
have multiple facebook accounts under pseudonyms for similar reasons).

------
jsavimbi
> nurture a community of real, authentic users.

This is utter BS and the author knows it. The last people you want to fill the
role of early adopter are the people of Facebook. Nurture, foster, incubate.
That's lazy business people speak for not actually doing any work of note and
spending more time networking and that all-consuming fundraising so they can
actually hire someone to do the work for them and pay them squat. You know,
living the dream that made them go to B-school in the first place.

Facebook-only? That's what lazy people do.

~~~
melissamiranda
Off base. Facebook login was implement to prevent a Chatroulette problem
(nudity and profanity). The Internet Fuckwad theory: normal person + anonymity
+ audience = total fuckwad ([http://www.quora.com/What-is-the-Greater-
Internet-Fuckwad-Th...](http://www.quora.com/What-is-the-Greater-Internet-
Fuckwad-Theory)) explains why anonymity allows bad behavior.

The decision had nothing to do with laziness, and everything to do with
encouraging real identity on the app.

~~~
ghayes
Agreed that anonymity brings trolls. What about low-friction sharing that
Facebook Auth brings? How did this play into your decision? You said earlier
that you used to ask for that authorization AFTER asking for login auth?

~~~
dikbrouwer
Yes, asking for FB permissions twice was tripping over our users however. What
seems to work right now: login with Twitter or username/password, and add FB
auth later when a user wants to share. This apparently doesn't feel the same
as allowing FB on signup. Makes sense?

------
gaius
What you don't see is that Bear Grylls travels with 5 support vehicles and a
helicopter and spends his nights in a hotel. I'd be _very_ surprised if he was
actually drinking piss on camera, his whole schtick is fake.

~~~
ithought
You would prefer to see a grown man die on TV?

Your comment is wrong and false. He doesn't spend every night in a hotel, the
shoots are between 5 to 7 days. Some he stays outside all night, the other
supporting shots he stays in a hotel.

He risks his life in significant (and foolish) ways every episode. Climbing
and swinging on rope vines over 1,000 foot drops are not faked. Hunting by
hand, cleaning and cooking animals, or eating them raw is not faked. Sure he
has assistance and safety precautions but that's reasonable.

~~~
smokinn
Just because you don't have a massive support crew doesn't mean you're going
to die.

I'd recommend you check out a series called Survivorman:
<http://en.wikipedia.org/wiki/Survivorman>

It's a guy who goes out into the wilderness to survive with nothing but some
basic gear and a couple of cameras and tripods. Less flashy but way more
realistic.

~~~
sofifonfek
Two different shows, one is about showcasing techniques in extreme situation
and feature an ex british special forces with a heavy background in
adventuring while the other is about putting one guy alone in a survival
situation for a few days featuring a regular guy who has personal interest in
survival.

Though they're not with him, Les stroud also has a support crew and a way to
contact them in case of life-threatening emergency.

~~~
smokinn
No he doesn't. Most episodes he says that he has to get out on his own. If he
missed his rendez-vous search and rescue teams kick into action to go out and
find him.

There was one particular episode where he had to find some natives to get him
out because he was dying of dehydration. He got sick and had diaharrea and no
one was there to help him.

