Hacker News new | comments | show | ask | jobs | submit login
Facebook spamming users via their 2FA phone numbers (mashable.com)
550 points by pinewurst 9 months ago | hide | past | web | favorite | 367 comments

Finally, somewhere I can appropriately vent about this.

About TWO years ago I was constantly annoyed by the 'secure your account: add your phone number here' banner frequently displayed at the top of the page upon loading FB, so I input my number to make it disappear for good. (Also, they kept hiding the 'x' (close) icon in different spots, making the banner difficult to dismiss.)

A few days later I got a text message containing a Facebook notification. I was flabbergasted. What an EGREGIOUS misuse of personal information. Completely under the guise of account security... Facebook had in reality acquired another way to keep their brand under my nose.

Naturally I was livid so I spent the better portion of the day scrubbing whatever sensitive information I could. Sure enough, the banner came back a few days later. And here we are.

I realize that the proper solution is to terminate my account and never attempt to log back in.... but I've had my account since 2006 and despite the company's terrible practices, I'm really not interested in disconnecting for good at this time

That thing facebook does with demanding your phone number, that's my favorite dark pattern. Apple does the same thing with iOS upgrades.

First you pose a seemingly innocent question, like 'would you like to give us your phone number so we can keep your account secure?' or 'would you like to upgrade to new iOS?'. Then you take away the NO option. You replace it with 'i'll decide later'. And by doing so, you make it not a choice for the user. You make it a statistical guarantee that sooner or later, most users will cave in and hit yes, even if by accident. iOS is an extreme example of this - when you say you don't want to upgrade, you are immediately prompted with a pin code request as if your device just locked itself, and your reflex is to punch in the pin to unlock it again. But if you read what it says at the bottom, it's asking for your pin to get permission to schedule the upgrade that you just said no to.

Whoever the designers are who came up with this stuff, fuck them. This shit is going to be in ethics textbooks in a decade or two. I hope someone from the facebook UX team is reading this, I hope they know their day job is to make the world a worse place.

When I first opened up the Netflix mobile app and it asked me if I wanted it to show me notifications I thought "hey, that's nice, most apps just start spamming me without asking". I clicked "No thanks" and went on my way.

It turns out, though, that it asks that _every_ single time I open the app. It's really annoying and I'm about to allow them only to block them at the OS level.

This is one reason some folks prefer Apple. iOS had privacy options at the OS level for years before Android got into the game (yes xPrivacy but not everyone can root)

So, enable Netflix notifications but disable Netflix notifications at a system level? Seems like a silly reason to prefer iOS, considering every modern Android has the same feature.

He's just saying that iOS had this feature way sooner than Android did

And android could sync my contacts through the cloud (google servers) to a new device and edit online, syncing the other way before iOS. What's the point?

Could whoever downvote explain? It's a feature that Android had first... The fact is, today, they both have Feature X, so debating who had what first doesn't add to a constructive argument was my point.

You asked for explanation and I did explain. You replied to me with something that could be seen as an attack. I don't know his point, I just explained his comment, that's all. I didn't downvote you though.

If you look through the parents, I didn't ask for anything. Also, the point made was that iOS had features first... Android has had other features first... they've both had the feature in question long enough to be in place through several hardware refreshes (given an average ownership of 1-3 years), so the preference doesn't hold as much weight.

You're changing the topic.

The post I replied to was effectively "iOS had features first" my reply was that "android also had features first" ... the point being that there have been enough hardware refreshes where the features in question are on both platforms reducing the weight of the argument.

If you buy a current Android phone, it will have privacy controls for 90% (guesstimate) of apps in the Play Store.

You can allow/block permissions from any app, no matter what Android version it targets. If the app targets a version below 6.0 (Marshmallow) then the app won't ask at runtime and Android will warn you that block a permission for that app may break it.

Ah yes, I forgot about that.

100%, you mean.

I'm guessing this is a bug. It asked me once (per device), and never asked again. Or I'm too trusting, and this is indeed a change in behavior for new customers.

I had the same issue. I said "yes", then went in the settings and disabled it. I wasn't asked again.

Interestingly, that happened to me on my Android tablet, but not on the Netflix iOS app

It’s still possible on iOS but if you declined the official pop-up once you can’t show it again. But you can annoy the users with different and equally intrusive pop-ups asking you to go to settings to change it for example.

As an ethical UX designer, unethical UX designers/PMs/ need to be shamed for creating/allowing dark pattern in their work. This goes against the fundamental tenets of empathetic UX design and in downright manipulative and bordering evil.

But who/where do we draw the line for "ethical" design? Every design decision is on a spectrum, and anything above helping someone eat, sleep or shit, is to some degree "un-needed" design.

I'd say anything that faces a user in a digital experience that utilizes cheap psychological or behavioral manipulation/UI obsfucation to benefit from their interaction in achieving a desired business metric/outcome in which a user may not have otherwise consented to/authorized said interaction had the user interface been written clearly in plain language (no jargon) and accessibly designed for the common lay person (user testing).

In design, everything is intentional and I fail to believe these cheap UI tricks were anything other than intended as designed by whoever designed it. Any seasoned UX designer worth their title knows if what they are designing removes their agency in deciding on how to act or if it feels icky or wrong in a manipulative sense.

But where do you draw the line between offering genuine convenience for the end user and UX tricks? Is underlining a link unethical because it's giving undue weight to highlight an action you want the user to notice? (I know, reductio ad absurdum, but I think it's valid to point out personal interpretation of ethics can be stretched beyond usefulness).

That's more of a rhetorical point - I don't believe most things related to "morality" can ever be as clear as black/white, ethical/unethical, and think it muddies waters to assert it does.

Considered design does not always exactly equal purer-than-pure ethical design.

Out of curiosity, who or what has designated you an “ethical UX designer”? I’m sure you could find an Apple designer who would claim that forcing people to upgrade ensures that their device is patched and secure, preventing many potentially livelihood threatening problems down the line, so they are just as ethical of an UX designer as you are, if not more so since you do not want to protect people from their device being hacked into and their personal info stolen.

"Out of curiosity, who or what has designated you an “ethical UX designer”?"

Simply put, I would never allow these dark design patterns into the product if I was the designer, by arguing that it would affect perceived trustworthiness of the company and brand credibility if dark patterns start to become pervasive and the norm across the product. As a professional UX designer, it's my duty to be the voice of the user and I'd put my neck on the line to make sure I voiced my concern before they went over my head and implemented dark patterns. I'll never sign off on it.

The issue is a lack of accountability by designers/PMs who hide behind the company name when these dark patterns are exposed. In an era when companies like Facebook sway political elections through their dark pattern designed newsfeeds, watchdog groups and regulatory bodies need to be created to keep them in check.

What was described is not "forcing people to upgrade" but tricking people into unintentionally upgrading. Your argument can be used to justify the former but not the latter.

Only if the incessant streams of breaking updates were primarily about device security would this be a valid argument.

The invocation of “primarily” here suggests that your mind is refusing to address reality because it conflicts with your ideals.

What an amazingly deep analysis of a person's mind just based on a few words.

From the UX I've studied it seems that ethics is unrelated. Typically in consumer apps the goal is to increase MAU and engagement and UX is dictated by whatever moves the needle on those areas. It's hard to separate whether people are using the app more because of it's better design through UX design feedback loop iterations or if it is a dark pattern.

For example it is entirely plausible that the sms notification being sent once you put in a 2FA number is completely unrelated. In a normalised database there will only be one phone number for multiple uses. If notifications are set to send to the phone number by default and 2fa uses that phone number the app will not necessarily have knowledge whether the phone number was entered due to a 2fa prompt or something else. It only checks for a phone number and acts accordingly. The 2 people/teams who designed each feature would most probably have no idea how else the number is being used such is the nature of complexity.

> In a normalised database there will only be one phone number for multiple uses.

No! Normalization does not mean keeping only one copy of each piece of data, regardless of category and context. I see this behavior all the time in junior and even some senior devs, both in databases, and when they code.

A piece of information has a type, but it also has a context. A 2FA phone number is different than a marketing contact phone number. It should never be normalized into just one field.

My favorite example of this is people re-using a constant in multiple places in code just because it happens to have the same value. Imagine you have a constant defined as `USER_DISPLAY_AS = 'first_name'`. Then, somewhere, you are building sorting and want to be able to sort by first name or last name. You notice you already have a constant that contains a value 'first_name', so you use it. Not you have tied two completely different things together in your code because you thought you are being DRY.

I don't disagree with you on the type issue but you can see in a large organisation how this would easily fall through the cracks. It's also entirely plausible that an intern came up with the sms notification idea and it wasn't caught in code review. I don't really subscribe to Hanlon's razor but in this context I can understand how it could happen quite easily.

This is a type of error that is often found in code and data modeling. I haven't come across a name for it yet. It most definitely can and does fall through the cracks, in small, medium, and large organizations. It is a code smell and should be eliminated whenever it starts happening. However, it is often quite subtle, and a developer's ego is often stronger than the explanation for why it should not be done that way.

I shall dub it "Krystian's Overoptimistic Denormalization Error", or KODE for short.

> From the UX I've studied it seems that ethics is unrelated. Typically in consumer apps the goal is to increase MAU and engagement and UX is dictated by whatever moves the needle on those areas. It's hard to separate whether people are using the app more because of it's better design through UX design feedback loop iterations or if it is a dark pattern.

No matter which metrics you choose, you run the risk of PM's ordering unethical means of increasing those metrics. A bakery can measure itself by sales volume and ensuing revenue numbers - that doesn't by itself prevent bakery managers from adding addictive drugs to the recipes, nor does it mean that those are poor metrics.

What it does mean is a) the company made some poor hiring decisions along the way, and the best way to deal with that problem is by having some b) ethical review board.

I like the example here. I want to outwardly acknowledge the obvious force that is preventing the baker from putting drugs in their recipe: government regulation and law enforcement.

I am an American but I am well accustomed to learning that other countries are able to prevent certain consumer abuse before it replicates at massive scale by acting early and adjusting along the way.

Does this happen in Europe?

We're just introducing the GDPR Europe wide which iterates on the member states existing privacy laws to provide definitive rights to any human in Europe, and obligations to any company dealing with their information.

Abusing the 2FA number is likely illegal in most member states now, and is definitely so at the end of May.

Probably you mean EU when you say Europe

Absolutely, sorry- bad habit

MAU = Monthly Active Users

It is a nasty dark pattern but I think in the case of iOS upgrades you can somewhat justify it - it’s important that users upgrade to avoid security issues etc. Of course really, iOS upgrades should be so pain-free that no one would ever want to say no, but that’s a different story!

iOS upgrades have long been synonymous to me to having to go through a dozen modal screens nagging me for apple services...

iOS devices in general. Spend two months away from one and you'll have about 3-5 modals pop up at different times while you just start to use the device. Awhile ago I was using an old iPad, dismissed a several modals and started reading. One modal that I dismissed previously came not more than two minutes later again, completely interrupting me. Stopped using it after that, wanted to throw it against the wall.

I suspect that their motivation to push users to upgrade has far more to do with their planned obsolescence than anything to do with keeping users secure.

I wouldn't be so sure. Security issues are bad publicity. Even Microsoft patches known pirate copies of their os for security reasons.

I see no basis for thinking that whatsoever.

> Then you take away the NO option. You replace it with 'i'll decide later'. And by doing so, you make it not a choice for the user. You make it a statistical guarantee that sooner or later, most users will cave in and hit yes, even if by accident.

Fucking YouTube and their "Would you like to merge your account with your Google Account and use your real name forever more? Yes / Soon."

I'd still like to know, what the particular difference between that acquisition and Facebook's acquisition of WhatsApp is, that made so many countries block the sharing of data between WhatsApp and Facebook, but not the sharing of data between YouTube and Google.

If it really is just that asshole prompt that made the difference, then man, did Facebook fuck up. They should have just blocked people from using WhatsApp until they volunteer their data.

WhatsApp has a shitload of alternatives, and it's much easier to switch. YouTube users had way more investment in retaining their account and not switching to another video hosting service (the best alternative is Vimeo I guess?).

I've only had a FB account for a very short while and that was 8 years ago or so, their disrespect for user privacy creeped me out back then already, never went back.

If WhatsApp had forced me to link to a FB account (and thus make a new one), I'd have told my friends "yeah that's nice you can message me on a different platform from now on". And I wouldn't have been the only one.

There's no social network for people refusing to use FB, so we don't know each other :) But there is way more of us than you'd expect (and from many different corners of society too, not just the tech crowd, friend of mine is a doctor and she's very intent on privacy, even if she sometimes lacks the tech knowledge to make the "perfect" choices, she's much more hard core about it than I am, as if I didn't have enough reason already for respecting the hell out of her).

Same thing that they've done with the new Wifi toggle on the quick menu on iOS 11. You CANNOT turn off Wifi. It just "Disables it temporarily". They do this so that when you are home and your phones plugged in and on do not disturb its automatically downloading updates over Wifi again. This was the final straw for me.

My non technical partner was regularly finding herself out of data because she would turn off WiFi for some reason, forget to turn it back on again, and use a months data in a week. Since that change, it’s never happened. Yes, the option is misleading, (although there is a banner saying “turning off nearby WiFi until tomorrow”) but the vast vast majority of people don’t really turn off WiFi and want it off for good, they mean “I don’t want to use WiFi right now”. If you really do want to turn off WiFi, it’s in settings. I’d rather have a convenient feature that does what I want, even if it’s over use an un-updateable device where all the core services are tied to one of the largest tracking companies in the world, thanks.

YouTube did that a while ago too, when they were trying to get everyone to make a Google+ account.

Websites also do that screen-covering style popup on load with the two options like:

   Yes I'd love to sign up
   I'll sign up later
Neither of those are my true answer of "no" and as dumb as it sounds I don't really like lying by clicking the "I'll sign up later". Their loss because I usually just close the site instead if the box doesn't close when I click outside of it.

There's the other type where they imply the user is an idiot for taking the "no" option, as in:

   Yes I'd love to sign up
   No, I hate great deals

You don't want to see annotations on _this_ youtube video? That's fine. I'm sure you'll want to see them on the next one.

Good call, but I'm a bit confused how that would increase engagement, unlike the other patterns here.

They do a similar thing with Apple Pay too. In order to get rid of the Badge on settings, you have to run through the wizard and cancel out at the end.

Google does it too, so does Twitter. They're all fishing for your mobile number but 'for your own good'.

this behavior in iOS drives me absolutely insane. and somehow apple gets away with it when it's just as intrusive as the shit microsoft and facebook do.

in that interface, and in mac os x as well, it seems it will upgrade at a certain point anyway, no mater what you choose. i always answer remind me later, and i will often come home to my macbook pro or iPad having been restarted due to an upgrade. the macbook is particularly annoying when it upgrades because it leaves about 10 minutes or so of stuff left to do that isn't triggered until i go to unlock my computer. so i come home having something urgent to do, try to wakeup and login to my macbook only to find it needs to finish the installation i never chose to do (or at least never intended to do). and still apple gets away with it.

> Whoever the designers are who came up with this stuff, fuck them.

Are you sure you're laying the blame at the feet of the right people? I'm a design lead on a mobile game and I find myself in a constant battle against these kind of shenanigans with the PM team.

I would argue that you have an ethical responsibility to fight that battle.

Here in Australia, when you become a software engineer, you join the Engineers of Australia, become a chartered Engineer with some additional civic rights and responsibilities, and swear an oath which includes upholding ethics values, much like doctors swear an oath to do no harm. I hope this kind of thing becomes universal and more prominent with the younger generations. If we want to make the world a better place (and most people who set out to do engineering do), we must put ethics and the good of society above KPIs and profits and individual company valuations.

I've been an Australian software engineer for 20 years and this is the first I've heard about "Engineers of Australia". Source?

I think parent is referring to Engineers Australia (formally, the Institution of Engineers, Australia), which is the professional body to which most engineery-engineers belong.

Most "Bachelor of Software Engineering" degrees offered by Australian universities are EA-accredited and contain mandatory engineering courses that EA requires. Most CS/IT degrees that don't have "Engineering" in the degree name are only accredited by the ACS (or potentially not accredited at all).

I'm also an Australian software "engineer", I don't have an EA-accredited degree, and the more I see of this industry, the less certain I am that we get to claim the mantle of "engineer" with the professional responsibilities that go with it.

What would be your proposed alternative to engineer?

Even though I hate how these companies take advantage of people, I hate restricting freedom even more. I prefer having the freedom to manipulate and be manipulated into these kind of traps instead of sending people to jail because they did something people don't like.

And we have the freedom to not use products that mistreat us, I left facebook a year ago and I'll soon install lineageOS on my cellphone, limiting myself to only open source apps.

I love the argument that severely diminishing your capabilities and quality of life in relation to others equates to “freedom.”

Keep in mind if more people were proactive about their own digital landscapes, things like LineageOS and open source software would not seem like second rate diminished quality of life to people like you.

Oh fuck it I was trying to be nice but this has got me going. In my opinion it's certifiably dillusional to think that Google and Facebook equate to a higher quality of life. Holy shit that's crazy. It's bonafide brainwash.

I've severely scaled back my dependence on Facebook and Google the last few years and I could not be happier. It's made me pursue real social interactions again. My personal laptop is poewered primarily by free and open source software and in the last year or so has become so smooth it's putting macOS to shame (I am not making that up for the sake of argument).

Idk what has convinced you that Facebook and Google equal better life, but I can only pray you wake up some day and remember how to live life that isn't managed by someone else's server...

I should add I don't disagree with society regulating behavior that negatively impacts society, but I don't think your chosen method of arguing that point is intellectually sound. And in this case I really find it hard to imagine how you'd regulate user experience of an opt in service such as these companies are providing.

>Keep in mind if more people were proactive about their own digital landscapes, things like LineageOS and open source software would not seem like second rate diminished quality of life to people like you.

If wishes were horses then beggars would ride. I prefer to deal with the world as it is rather than the world as I’d like it to be. Also keep in mind that if more people with proactive about their own digital landscapes, they’d be spending more time managing their platforms and less time doing the stuff they actually want to do. It’s solipsistic to think everyone should have YOUR preferred priorities and time allocation.

>idk what has you convinced that Facebook and Google equal better life

Not having to sound like a fussy prig anytime someone wants to get in touch with me is kind of a thing. Not having to have a “well actually, don’t you know that Facebook is bad!?” discussion whenever I meet someone new who wants to stay in touch with me, likewise. It’s like that old joke about “how do you know if someone does CrossFit/is vegan?”

“Real social interactions” means actually being able to participate in the social interactions where people are having them. I don’t know why you think being able to keep in touch with distant family via WhatsApp, or not not having to create extra steps for people who want to send me photos, or not needing to insist on a special process for inviting me to things are all valueless functions. What you’re proposing is like the equivalent of insisting, after the invention and mainstream adoption of the telephone, that people come to your house and drop off a visiting card if they want to speak with you.

As a tech lead I fight such dark patterns to a bloody battle.

It’s our responsibility to call out on bullshit like this.

You are one of the people that can actively make a difference. So yes. Many of us can't because we're not anywhere near any of these decisions.

It's somewhat puzzling to me. Do you really disagree with these practices? Because you are in a (relatively) unique position to do something about it.

Have you ever noticed something that is just wrong in society but couldn't really think of any plan of action to work against it? Maybe you live in one of those places where your vote doesn't really count, one way or the other. Know that feel? Or maybe you recognized injustice somewhere but it's just so far removed from your area of influence that you'd need to upend your life, change career or education to even begin pulling it right.

Of course you can always donate money or I guess, advocate, tell your friends, etc. But that doesn't really do anything (or very indirectly), and you know it in your heart.

This time you have an opportunity. So use it.

On this particular topic, all I can do is encourage you to act and make the world a little bit better. On other topics, I look out and try to notice such opportunities to better the world from my own sphere of influence, and try my hardest to be virtuous and do the right thing (we might not even agree on what is "right", as I don't know you), even if it's hard and it requires exposing myself to risk, going against the grain.

> I realize that the proper solution is to terminate my account and never attempt to log back in.... but I've had my account since 2006 and despite the company's terrible practices, I'm really not interested in disconnecting for good at this time

Well, that's the real problem, isn't it? If users aren't punishing Facebook by leaving the platform in droves, then what incentive does Facebook have to stop its consistently user-hostile business practices? Obviously it does not care about complaints alone: so long as engagement metrics are up, the users' opinions can be damned.

The good news (for those of us that don't like Facebook) is that it seems like users are leaving it—or at least that's the picture I get from stories/comments submitted here on HN.

I left Facebook. But mainly because I realised that it's a real poor way to keep in touch with anyone. Gives you the feeling that you are keeping in touch when in reality you are just sharing photos and quotes in a medium that's very noisy with adverts.

If you never comment on each other's posts, then you aren't interacting. However, it is a great way to "keep appraised" of how people are doing.

There are a ton of people I've met throughout my life and around the world, but only a handful with whom I want to interact regularly. FB, annoying as it is, at least let's me know if they are doing ok.

"apprised", not "appraised".

> FB, annoying as it is, at least let's me know if they are doing ok.

For some arbitrary definition of they. I've had a father of a childhood friend die and I didn't notice for two years. But that weird Australian friend of my former roommate that I helped through public transport from the airport last year? I get her drunk pictures. They didn't even like each other.

If you don’t like what you’re seeing, click the “hide stuff like this” option. I used to complain at end, then a friend forced me to use that feature and I rarely see something I don’t care about now (but still miss stuff I do care about as I don’t check FB that often).

> click the “hide stuff like this” option

I've clicked that button for plenty of sponsored links and hit "unfollow" for people I no longer seek input from. But there are hundreds more where they came from.

This is perhaps viable, like transparently maintaining multiple sets of subscribers to different types of posts is an option. Although the mental overhead of maintaining these sets, and the risk of addressing the wrong crowd, are both too big for me.

My current method of keeping an address book in a spreadsheet, and an active, short list of people that I wish to see, has, however, beat social media when it comes to intimacy and not wasting time.

Billions of dollars invested into machine learning and online tracking, and still I have to manually tell the thing about my interests.

> online tracking

Do the websites you visit define who you are (with zero context on why you visited it)? Do all the friends you have provide clear signal to what you want?

I don’t care how much $$$ is poured into ML, garbage in will always be garbage out. Something has to feed the model and if it’s all passive clicks with no strong signals from you, you get crappy results generally.

Those billions are focused on the company interests, not yours.

It lets you know how they say they’re doing, and nothing else. If they have a bot updating their status, maybe not even that much.

If you message them you can know

If you’re relying on active messaging, why bother with FB?

For me, it's basically network effects - FB is already set up, I can find people quickly (I don't have alternative contact details for some people), I know the recipients active use FB so will see it, and it's easier to send long messages on PC rather than a mobile device.

I also tend to need to message people at odd hours, and a Facebook notification feels less intrusive/urgent than, e.g., an SMS.

Because that's the only reliable way I can message my friends. I'm not sure what else would work, people change/lose numbers all the time. Email is the worst. Not really much solutions out there if you want to keep in touch with your friends.

I personally mostly use messenger.com, rarely use the news feed anymore.

Because everybody else is using FB for messaging? Network effect is a real thing.

Unfortunately, there are a lot of events/organizations that organize almost exclusively through Facebook. Unfortunately, there effectively no other free platforms with a critical mass of sign ups big enough to be used in that way.

  Unfortunately, there are a lot of 
  events/organizations that organize almost exclusively
  through Facebook
And there are services that require a Facebook account in order to use them. But you know what?

If your business, event, whatever relies on the fact that I have a Facebook account then fuck you very much! I'm not interested.

It's all good if you are in a position to say no.

Eg. I've seen some housing communities use FB for their mailing lists.

I think the best option is to create dummy throwaway accounts if there's something on FB you really need access to.

Except that I want to partake. I'm not willing to drop out of my hobbies just because of this, this isn't the hill I'm going to die on.

Of course there is Meetup which is certainly large enough for everything except the most niche event.

Meetup is one of the spamiest products ever

Never seen spam in Meetup. I hooked up my personal calendar with Meetup and it added quite a bit of events into my calendar which was a bit spammy but it's only because I had told Meetup I was interested in all that stuff and it was easy to shut off and filter out.

WeWork bought Meetup recently so I don't know if any of that will change now.

It isn't free to set up a meetup on Meetup.com though (which arguably helps keep the spam away).

Google Calendar/Hangouts/Maybe even plus?

Everyone has the gmail they probably created just to sign up for Facebook, since it seems this younger generation doesn't believe in email.

The younger generation seems to call Facebook by the name MomBook. Facebook is losing younger people by the millions.

I don't think that the problem is that there aren't suitable alternatives. More like, how would I force everyone who uses Facebook now to use something else?

Some of what I need to arrange can be done with calendar invites.

In my book this is more or less another proof that you should be vary of vendor lockin and that under no circumstances whatsoever use any such system for communication. It is bad enough to change phone number but you simply can't change facebook to something else and continue as usual.

I guess this leaves email, SMS and IRC as the main remaining options.

Somehow this needs to be communicated to the general public, but I don't have the slightest hope that this can be solved.

The future sucks.

I've been thinking about making an easy-to-use RSS client, so non-technical people can use it and post the stuff that they would otherwise put on facebook (before it got invaded by videos and ads) or twitter.

Have you tried mastodon?. Imagine Mastodon, but with a bloggy/(2008's facebook) vibe instead of a twitter clone.

There would be no ads, because it's decentralized, just like mastodon. The feed would be chronological, and the interface would desincentivize spamming (links wouldn't have thumbnails or previews).

The idea is to make a clean and simple blog interface with a profile section added, where you could put some contact information and a profile pic.

In fact I made a little preview of what I would like it to look like. What do you guys think? https://i.imgur.com/DSD1wE0.png

Also in that vision: * Manton Reece's Microblog, also build on feeds * Indieweb. No feeds, just webpages with Microformats.

Email, SMS, and actual phone calls satisfy almost all of my communication needs.

The only problem I have is about once every few weeks someone wants me to Skype/Hangout/Facetime/whatever-the-other-video-chat-options-are. I really wish video chat was handled by telecoms in the same way phone calls are. Standard and ubiquitous.

For small video calls (especially just 2 people), a WebRTC system like https://appear.in is good enough and avoids lockin.

On appear.in I get a message telling me I don't have access after allowing access to camera when I use Firefox, so seems to be another site who is Chrome only

Yep. As as a European WhatsApp has become as essential as breathing. Just the thought of coordinating all my contacts to switch over to another app is scary.

Unless WhatsApp ever charges money. That would get people to move.

> Yep. As as a European WhatsApp has become as essential as breathing.

Sorry to burst your bubble, but I am an European, and I have never used WhatsApp.

I don't use WhatsApp myself but I was surprised to find that members of my extended family (mostly in their 50s) had started using it to stay in touch rather than Facebook.

Also, from what I have read, WhatsApp is very popular in UK political circles (MPs, SPADs etc.).

I don't use WhatsApp myself but I was surprised to find that members of my extended family (mostly in their 50s) had started using it to stay in touch rather than Facebook.

They're still using Facebook, just one of its other shapes.

I think when people refer to Facebook they mean the social networking site, not a product of Facebook Inc.

If you genuinely consider a phone app as essential as breathing you should reevaluate your situation before it goes away or causes you issues. If your life and communications ever become hampered due to WA there's no one to blame but yourself. It's a large point of failure for people that rely on others so heavily.

WhatsApp charged money before they were bought by Facebook

> I guess this leaves email, SMS and IRC as the main remaining options.

But how are those not also vendor lock-ins?

Email and IRC are completely vendor-agnostic protocols. I'm not as familiar with SMS, but it's much less centralized than Facebook - any user on any SMS provider may contact any other user, not only ones with the same provider.

And in many countries, you can port your number to other providers, much like with email (if you have your domain).

You can text anyone on any network.

Anyone in your home country.

For me, and I don't think I am unusual in the US at least, texts to anywhere outside of the US, Canada, and Mexico aren't allowed without paying extra. Texts to many countries aren't allowed at any price.

Sucks to be at your Mobile Provider.

I can text literally any phone number, given I have enough money booked on the account. SMS is by nature not centralized, the data is exchanged between mobile providers.

If you were to start your own mobile provider, you could text anyone everywhere given you manage to get peering.

"...Well, that's the real problem, isn't it? If users aren't punishing Facebook by leaving the platform in droves, then what incentive does Facebook have to stop its consistently user-hostile business practices?..."

And the reason they're not leaving and don't want to leave? Where else are you going to connect up with old friends and remote family members?

I said it when Facebook started growing like gangbusters. Facebook is the frickin' devil. It uses your friends and family against you. For a free service, it sure costs like hell.

> Where else are you going to connect up with old friends and remote family members?

Wait, are you really suggesting that Facebook is the only way to keep in touch with old friends and remote family?

You can connect with them over email, SMS, or even not at all. Or you can use Facebook and experience the downsides that everyone is mentioning. This is a timeless story where a company provides a service, people get used to it, then complain when the company changes the service against their liking. You are and have always been free to communicate as if FB never existed. They owe you and your family nothing. But in many cases people prefer to pay the costs of using the service. They're not the devil just because you fail at communication without them.

people could start writing letters again, that would be interesting

Maybe you could find a way for people to even send mail electronically. Over the internet. Almost a sort of an e-mail type of thing, if one were to be so bold as to coin a new word for it. Us smart internet engineers could even probably come up with at least 5 well-defined protocols that no one actually adheres to. This could be fun!!!

we could call it pen-mail ... part of the protocol could be that only letters written with a quill pen at a desk in a room with a fireplace would be able to be digitized and transmitted through pen-mail

>And the reason they're not leaving and don't want to leave? Where else are you going to connect up with old friends and remote family members?

Pick up the phone. There's FaceTime, Skype, text messages, actual phone calls, going to visit, sending letters, sending emails.

Or, if you can't be bothered to do any of that maybe you should not even bother trying to connect?

> If users aren't punishing Facebook by leaving the platform in droves, then what incentive does Facebook have to stop its consistently user-hostile business practices

A huge GDPR face slap could definitely help. I'm really curious to see how this plays out.

While GDPR should be a privacy win for users, it is a giant pain for us as a small business. 1% of our customers are in the EU and the administrative overhead (as portrayed by our legal counsel) is unbearable at our price point. We decided to pull out of the EU, along with the other players in our niche.

May I ask what your niche is?

> The good news (for those of us that don't like Facebook) is that it seems like users are leaving it—or at least that's the picture I get from stories/comments submitted here on HN.

This is good news in the long term, but in the short- and medium-terms it means Facebook is going to get desperate and start deploying more and more dark patterns like the one the GP is talking about. Considering their reach, I shudder to think of what a desperate Facebook will look like for the Internet.

I think that’s actually the case. In the many years I used facebook I don’t think I received a single email from them (only from that shitty trip advisor fb app that was spamming me like there was no tomorrow). Like many others here I got annoyed by my facebook feed and simply deleted the facebook app from my smartphone which means I now only connect once a week or less. Almost immediatly I started receiving a lot of facebook spam on my email. Clearly they have an algorithm “shit this user is leaving, let’s try to get him back” (algorithm which effect was only to aggravate my annoyance level). They must be worried about that.

the fewer that people use the network (FB) the less valuable it will be

HN crowd is a quite special case.

Elsewhere in the world, FB is assumed as to be the standard. My romantic life has been very disappointing, so some time ago I tried creating a Tinder account (it is the only dating [yes you read it right, dating, not hookup] app that has entered the popular consciousness in this country and thus has a significant amount of female users). Last time I checked, they still required a FB account.

I think you can now sign up on Tinder with a phone number

The amount of people that complain about a service, product, or company, yet continue to be customers, astounds me. And then they wonder how they get away with their practices.

Post hate-comments on every Sponsored Post you see. I'm hoping eventually they will implement an algorithm to blacklist people like me from ever seeing ads.

Not really. Every user who experiences is going to accrue anger, resentment, distrust for the platform, and they'll treat it accordingly, and when an alternative arises, switch.

IMO Facebook should totally lay off security confirmations, account bans, and all that stuff because it just antagonizes people, unless the user actually does something significantly harmful to other users experience, ie largescale spamming (not just regular sharing), actual fake news propaganda (not just sharing a political story), actually abusing an account (not just using untrue details to protect their own privacy but otherwise using Facebook in an OK way).

Otherwise, yeah, I think everyone's going to jump ship at first opportunity, because they don't get treated that well as users.

They definitely are. And for users like me they certainly aren't getting their money's worth... I use FB purity, ublock origin, and have spent the better part of the last year using the 'on this day' feature to scrub historical information from the platform.

As a tool Facebook still has valid use cases for me. The benefits of keeping it edge out any negatives. So for now I will stay. Unless any egregious election meddling information comes out, in which I'll seriously reevaluate that decision

> to scrub historical information from the platform.

You know they never actually delete user data, right? They don't delete your data if you actually delete your account, much less if you just delete a post. They just stop displaying it then.

This is something I wonder about. I'm certain they never delete anything, because in aggregate all that data is surely very valuable and will be for years to come. However, I hope that by marking it for deletion, it becomes more likely that it gets stored on increasingly distant/cold media, increasing the likelihood that over the years it gets overwritten or corrupted or some drives fail. If times get difficult, maybe they'll mark my data as low priority, and let it get overwritten to save some money. Can anyone shed some light on this - is this just wishful thinking? Is storage too cheap?

Another thing I wonder about: perhaps if some companies want your facebook data, they might pay a rate and see all current information on your facebook. By deleting your data, you've denied these lower-tier companies from accessing it. I suspect that with enough money, they could buy access to deleted posts too. But such companies are probably fewer in number.

> is this just wishful thinking? Is storage too cheap?


In essence it’s cheaper to store than delete.

They're very serious about data preservation.


This is why I'm never giving them another piece of data for as long as I live. I haven't logged in for years and I blackhole Facebook emails to a folder I scan periodically just in case someone from years ago needs to get in touch with me.

Interestingly enough, these emails occasionally get past my inbox filter, and I have to update my regex. I imagine this kind of circumvention is someone's full time job, which just repels me further from the platform.

is_deleted: true

Okay we're done here, folks!

I don't want to delete my account either, because I use fb to stay in contact with friends spread around the globe. (Granted: Very rarely to post something in local groups also.)

But my bookmark points to facebook.com/messages and I practically never look on my feed. I guess (/hope) I'm about as valuable as a deleted account to facebook. Please feel free to correct me if you have some insights into this!

I just think you need to be cognizant of how Facebook is tracking you across websites as well. It's not just the information you have associated with your account, when you are logged into Facebook, you are tracked wherever you go. Now, there are certainly ways to limit this using plugins, etc.

Yikes- wow, even from my computer browser- not even from my cell phone? If I have facebook password autosaved, log in, check facebook, and close the window without logging out, is it still tracking me? Damn. I did NOT realize this.

I also recommend installing EFF's Privacy Badger extension. It shows you everything that is tracking you across the interwebs.

Look at any other website - is there a FB Like button saying "25 of your friends liked this"? Congratulations, FB now knows you visit that site.

Facebook reports of active users to their shareholders every month. You're an active user, you're valuable. The information you share via messenger, is equally valuable.

Use messenger.com instead of facebook.com/messages to get rid of the distracting notifications.

I do the same.only use it to message some people. I try to pull them into hangouts or signal because at least they are more or less jist a chat app so dont provide me useless notifications.

> then what incentive does Facebook have to stop its consistently user-hostile business practices

Once upon a time in the USA, and in some nations today, there was/is regulation in the public interest. Why not try it in the USA?

You aren't required to use Facebook. You can, in less than one second, stop using it.

It isn't electricity, roads, water. It's freakin' Facebook.

The point wasn’t that they have a monopoly, it was that they have unfair business practices.

You can file a TCPA complaint [0] against Facebook for spamming your mobile number after you've instructed them to stop ("revoked consent"). There are a number of stories about TCPA around the web [1].

[0] https://consumercomplaints.fcc.gov/hc/en-us/requests/new?tic...

[1] https://www.forbes.com/sites/legalnewsline/2017/09/05/tcpa-d...

(IANAL, this is not legal advice.)

What I found especially grating about that banner was the version that said "These friends all shared their number".

At least three of those stood out to me as the kind of person to never do that, so I asked, and they hadn't. Facebook was blatantly lying and trying to influence me by showing the people that I interacted with the most on their website at the time.

I had a similar experience around a year ago, with Facebook texting me a notification out of the blue to the number I had set up for 2FA. In a show of futile-yet-satisfying passive aggression, I texted back "go away" to the robot... which promptly posted it as a status update on my timeline, to the confusion and concern of my friends until I noticed and took it down.

What a brilliant dark pattern! Make people's assumed private snotty replies to them public and visible to their peers.

They out passive aggressived you like a ninja.

They have the advantage in the power balance of the relationship.

>I've had my account since 2006 and despite the company's terrible practices, I'm really not interested in disconnecting for good at this time

Having a Facebook account is like being in an abusive relationship. You've been together for a long time, and you keep hoping they'll change, but they never do, and it just gets worse and worse. The sooner you realize this this and get out, the less additional time and energy you'll waste.

To add to this... I also made my account sometime in 2006, right after you didn't need an .edu anymore. It was a great platform, because it combined my friends, photos, and events.

So I could find out about an event, go and meet people, and then find them later in the photos and friend them. It snowballed very quickly, and it helped that I was really into photography at the time. It really was the perfect social platform for me at the time. It contributed greatly to my life.

For me, the main motivation to stop using it and eventually leave was all the frontend changes that made the website clunky and tedious to use. It used to be a joy, and now it's just... Well, IYCSSN... Even m.facebook.com, and many of the features are broken on it.

I deleted my account a year or two ago, after a couple of failed attempts, since there was a 14-day cool-off period before they would actually "delete" your account.

I recently made a new one just for keeping up with a couple of event spaces, but that's basically all I do on it. That, and I friend all the spammer accounts that send me requests, because, why not? The more the merrier. I'm pretty sure that's where most of the growth is coming from at this point.

> I realize that the proper solution is to terminate my account and never attempt to log back in

I've had a "terminated" account that occasionally gets emails inviting me to "Log back in with one click". When I originally tried to delete the account, it told me it would be actually erased a month after. That was 6 years ago.

Yeah. It's no secret that they never fully let you disconnect. If you're serious about it, seems like you need to create a burner email account with an absurdly complex password, update FB to use this account, and you know the rest

I have a similar problem with email spam, except at the bottom of every email there is a link to "disavow_contact" - the problem is it does nothing

They do actually have a "delete" switch, but it's harder to find than the "deactivate" one. I've made this mistake before, then with a quick google for "deactivate vs delete facebook" I learned how to do it right.

Surely GDPR will force them to actually delete the account when you terminate it (+/- mandatory data retention requirements).

To have your account erased as opposed to "deactivated" (which doesn't really do anything) the surefire method is to spam gore images on popular groups.

I'm pretty sure even then they don't actually delete your data. They just make it impossibly for you to reactivate your account.

Interestingly I've read an anecdote that in the EU you can write them and say "Either delete my account or return my access to it.", and because they don't/can't delete accounts...

>I was constantly annoyed by the 'secure your account: add your phone number here' banner frequently displayed at the top of the page

Use uBlockOrigin, it's good at fixing these type of shit.

The most underrated comment of the whole page.

I like writing hate comments deriding advertisers for their horrible products and waste of ad spend on every sponsored post I see. Facebook wants me to be the product they sell to advertisers - so I want to be a negative-value user.


Investment Product -> "WORSE THAN A PONZI"

Anything -> "Only an idiot would buy this."

Not sure you can win at this game. I wouldn't be surprised if facebook pushes engagement notifications to you friends saying 'Person X commented on product Y with all caps comments! Exciting? Shocking? You decide! (After a short 45s pre-roll video ad)'

It's worth mentioning that you can be sued if the company can prove damages. In the UK, the burden on the plaintiff is even lower.

Better to make it appear to be your opinion, as opposed to a (false) statement of fact.

> but I've had my account since 2006 and despite the company's terrible practices, I'm really not interested in disconnecting for good at this time

This behavior does not encourage FB to self-correct.

Disconnecting is the best thing you can do for yourself. This company has manipulated you so much that you're actually addicted to it. Just look at what you wrote. You're too invested and addicted to leave a website that willfully and repeatedly violates your privacy? You're better than that.

I must say, his statement did remind me of my friends who smoke(d).

Anecdata: I deleted my FB account a few months ago, every few weeks I get an SMS asking if I need help signing in. Also get the same message emailed to original account email address and (!) my work email address - which I've never entered into Facebook.

The work address part is just terrible and totally unethical. Facebook might have gotten your work address from other people who have shared their device/services address books with it, but I thought this is used only for more profiling and targeting, not blatant misuse!

This is also why I vented about Facebook's new face sign-in for "security". It was extremely obvious and expected that Facebook will use that biometric data for much more than just security, and in fact I was sure that security was just a pretext, and not even a top 3 reason for doing it.

Facebook is right up there with Uber in terms of shadiness. You can't ever trust them - they've shown us that too many times to count at this point. And there's no "earning the trust back" with Facebook, not that they would ever try to genuinely do that.

Oh, and Google does this crap with the phone number, too. This is why I hated it when they pretty much forced you to use a phone number for 2FA a while ago. They also know very well what a terrible 2FA option the SMS code is at this point. But they keep it around so they can get your phone number for advertising reasons, which I guess trumps all.

If despite these practices and despite you realizing what a horrible breach of trust this is you still don't consider it the last straw and do not get your account banned (which erases all information about it forever, at least from the public view, as opposed to "deactivating" it which leaves all the information and posts there which makes it almost equivalent to simply not logging in), then you are a part of the problem. You are forcing the other users among your friends to remain on this user-hostile platform and you are responsible for its domination. You have to draw the line somewhere. Enough is enough. They are showing you that they consider your privacy worthless. Somebody has to be the first to leave the website.

Deleting Facebook is hard but it’s the moral thing to do.

  About TWO years ago I was constantly annoyed by
  the 'secure your account: add your phone number here' 
That and an obnoxious, flashing add "It seems you live in Wherever, please klick here if you live in Wherever!" were the actual reason I "deleted" my account about 3 years ago.

With all that shit they pulled during only that period it just proves that it was the right decision to make.

I never looked back.

It might sound harsh, but from your comment you know exactly what you were doing and the probable consequences.

At this point I'm not quite sure simply terminating is the best way forward, sanitizing a profile with disinformation ( or straight filling with garbage up to the brim) might work better?

Very good example of the importance of using open protocols only. By using proprietary protocols like facebook, you completely lack control, they can change whatever they want and you have to take it or quit for good, which can become difficult when you have so many contacts only over that proprietary protocol. If your e-mail provider pulled shit like that, you could simply change to a different provider, or even use your own mail server.

Of course there is some peer pressure to join those proprietary networks. But friends will also keep contact without those networks. I never had a facebook account, never joined whatsapp, never used twitter, and am still alive!

> I'm really not interested in disconnecting for good at this time

This is all they heard.

Not really, I think better solution is to get prepaid number specifically for 2fa. Get separate email for it and always use FB in incognito mode or in firefox container. I think you can minimize your exposure to FB and don't have to give up on it. Depends on how much you need it. I use it mainly for chat. So I have messanger lite on my phone and that is about it. I do not really post/like/commment on feed. I share photos with specific people that I think are interested not broadcasting on the wall.

Terminating is impossible. They made it that way and have told this numerous times.

Now you know how they get their info and now you can get creative with it. Info doesn't always have to stay the same.

The mobile number is the holy grail. You can buy all sorts of evil information from the carriers, and your number is sort of a public key representing you in other contexts.

I knew they would do something like this so I never put it in.

Jiffy Lube spammed their customers via SMS and got sued for $47m.

Source: https://www.tatango.com/blog/how-the-tcpa-impacts-text-messa...

I don’t know the details about FBs (mis-)use of SMS for this particular situation and IANAL, but perhaps they accidentally opened themselves up to this massive liablitly.

The problem is shitty defaults.

I recently added a new phone number to Facebook, and I had to specifically disable getting SMS notifications from FB, it's on by default.

I don't even know why they still offer them. I understand the utility of SMS notifications for FB 10 years ago, when smart phones weren't the norm but most people have the Facebook app installed on their phone, I don't need 2 notifications.

> I realize that the proper solution is to terminate my account and never attempt to log back in

I disagree with this point. Service providers, of any flavour, whether paid, or free†, should be regulated to only use your contact details for actions you have pre-approved.

† free - conditions apply, nothing is free

Oddly enough I did consent to receiving notifications and they kept turning them off on me.

Why not play the two big TechCos off each other? Use a Google Voice phone number on an account whose backup is "user@facebook"

That way you've decoupled those particular services and annoyances from the rest of your life.

user@facebook.com email addresses were killed, even in their reduced, forwarding-only form, on May 1, 2016.

So that's not going to work.

Well... drat.

I'm confused because I have never found dismissing the secure your account interface hard to close.

This is one of many reasons why GitHub is my only social network.

Primarily, I just don’t like being a product.

Things like this are the reason that when a company starts spamming me, I update my account with the company's own information.

I started when no matter how many times I tried to unsubscribe, Walgreens kept using my phone number (which is supposed to be used to verify that the right person is getting the prescription) to spam me flu shot notices, auto-refill offers, and more. So now those robocalls go to Walgreens HQ.

Most companies list an email address and phone number for their PR departments on their web sites, so these are what I use since they're not hidden and go to real people.

I know this doesn't work for 2FA, but it's certainly satisfying in other scenarios.

I do the same with B2B email spam. Just give another spammer's info, so company A spams company B, B spams C, etc.

I've got a small list with CEOs emails, numbers, etc.

Not legal, but I like it

For a while, you'd be asked for your post code when buying TV equipment (UK). Whilst it wasn't a legal requirement to provide, a lot of places would be really awkward about it if you didn't. I took a small amount of satisfaction in providing the Downing Street post code.

It's now no longer an issue as companies aren't required to ask for and forward that data to TVL so they don't ask (and I'm probably ordering online so they have it anyway).

I generally use webmaster@[their domain] so they get the SPAM instead of me.

It's not legal? What part is illegal?

When a website offers you a quote about water fountains/new printers/whatever, I doub't it's legal to say that you're company X and that you'd be interested in this particular quote.

I'd be interested in seeing a specific law or case where that sort of thing was illegal. Lying by itself isn't illegal (in the United States at least, i dunno about elsewhere)

It's pretty clear from some simple googling that he ended up somehow activating a feature called "Facebook Texts" (the key giveaway -- that replying to the texts posted to his wall):


I believe that he didn't set this up intentionally and it may very well be a bug that caused him to be signed up, but as bad as Facebook is I'll eat my shoe if they signed up every single person who gave a 2FA phone number to this service.

Not to detract from the fact that Facebook's nagging is indeed a huge problem.

> I'll eat my shoe if they signed up every single person who gave a 2FA phone number to this service.

Facebook doesn't have to sign up every 2FA person. It can pick a few hundred or thousand and see what happens. If engagement increases, then more 2FA people are brought on board.

If this isn't widespread, it may not be the user's fault. It may just be the camel's nose under the tent.

The evil of unrestrained A/B testing.

I've heard engagement increases if you give the impression a family member is going through a personal crisis, perhaps facebook ought to look into the technique, seems excellent for the metrics.

No. Look at the following tweet. He explicitly says that he hasn’t enabled this and posted a screenshot of his settings:


Update: Matthew Green just experienced the same thing, in the midst of tweeting about the security implications of abusing 2FA phone numbers this way:


It's a default that's checked when you add your phone number.

I'm not happy that it's a default, but when I added my phone number I had no trouble noticing it and disabling it.

My wife started getting these after she hadn't logged in for a few weeks. We thought it was them getting nervous about a lost user. Since she hadn't logged in, it definitely wasn't her accidentally checking a "please text me spam" button.

I found a similar thing with email notifications. If you regularly login to FB and look at your feed they will leave you alone. Delete the app from your phone or neglect logging in and you’ll start to get email notifications about the silliest things. Of course they don’t contain much more than “so and so shared a link” without any description of what was shared (trying to get you to login and look.) Not quite as bad as 2FA number, but irritating nonetheless.

Facebook has been steadily decreasing the usefulness of its email notifications in order to push more use of its app and website. The old notifications used to give you the content and allow you to reply through email, but not anymore.

The notifications are also dark-pattern hard to manage. If you don't want a type, you have to wait to receive an example of it to unsubscribe. Their central notification page only allows you to re-enable particular notifications, but give no way to disable them individually.

Facebook is a terrible product that can't die fast enough.

> Facebook is a terrible product that can't die fast enough.

For the sake of humankind, I'd rephrase it as "Facebook is a terrible company that can't die fast enough."

They may not realize, but they really badly reinforce why people leave.

If you try and deactivate, there’s a horrible series of hoops to jump through which just make the service feel so desperate.

If you minimize your usage, you get flooded with desperate emails trying to convince you to login.

If you’ve stepped away out of fear it’s becoming a low-grade attention merchant full of bad practices, these tactics just reinforce the idea that you really really are doing the right thing backing away.

Back when I had the Facebook app installed on my phone, if I didn't open it for a long period the "so-and-so posted an update" push notifications would eventually slow to a trickle and ultimately peter out altogether. But if I so much as touched Facebook, the floodgates would re-open and I'd be spammed with them throughout the day, until the process repeated and they died away again.

In a weird way Facebook ended up conditioning me to avoid using it.

I have blocked all of FB's allocated networks worldwide on my machine (via a look up of allocated IP space and fed into iptables / ipset).[0] So FB doesn't even get "phantom" traffic from me (indirect traffic from FB logos / js on random websites). I only log into FB a few times a year and only via a temporary VPS in another country and using an incognito browser tab.

So now FB has taken to emailing me complaining that they are missing me and that I should log in.


WAYNE: I don't own A gun let alone many guns that would necessitate an entire rack. STACEY: You know Wayne if you're not careful you're gonna lose me.

[0] https://news.ycombinator.com/item?id=15222936

EDIT: fixed link to go direct to the comment

I know a few people that completely block every IP range owned by Google, Amazon, or Facebook.

Most of that works fine, sometimes some shitty websites are on AWS or GCP or load JS frameworks from their CDNs, but the worst is:

You can't connect from Android to their WiFi anymore.

Android pings a Google server, if it can't open a connection, it immediately disconnects. In Android 8.1, there's no way around that anymore. You can try every setting in the WiFi settings, and it won't change a thing.

Can the response be faked?

Probably, considering that domain is HTTP only, but why is this even necessary?

Sometimes I do want to connect to a local network without internet.

Oh I agree, it is a very one size fits all fallacy kind of mistake.

I always enjoy a wee chuckle to myself every time I get down voted on HN for expressing humour; I feel like a modern common man G.B.S.

'My method is to take the utmost trouble to find the right thing to say, and then to say it with the utmost levity.'

> If you regularly login to FB and look at your feed they will leave you alone.

This is false. My nan has an iPad she basically only uses for Facebook, and her email is unusable because she has thousands of messages from Facebook. I have no idea why they send thousands of emails to somebody who logs in every day and never ever opens one of their emails but they do.

Also they reset your notifications settings regularly. I have disabled the email notification settings at least 5 times but after a while they keep coming again.

The social media behemoth has seen a decline in traffic in recent weeks along with millions of users leaving its platform [...]

Two years ago I said that Facebook will be dead by 2020 [1] and that line made me check the current situation, we are right on track and linear extrapolation still hits zero in mid 2020 [2]. As mentioned in the original thread, don't get fooled by the normalized numbers, the search traffic for Facebook is enormous and chances are good that any search term you consider popular will be indistinguishable from the horizontal axis if you add it for comparison. But »facebook« is already down from ten to four times »porn«. And yes, the trend can and possibly is at least partly due to other factors, some are also discussed in the original thread.

[1] https://news.ycombinator.com/item?id=11442935

[2] https://trends.google.com/trends/explore?date=all&q=facebook

Wishful thinking. Facebook may be struggling in 2020, but they certainly won’t be dead. I’d wager they’ll still have more than a billion DAU.

Edit: do you have an explanation for why this graph has been cratering for years while Facebook’s MAU and DAU have continued to climb?

Also, see Youtube’s search trend. Pretty sure it hasn’t been dying for years now.

This just isn’t a good signal, sorry.

My best guess is that the active user numbers are not representative. Once you have an Facebook account checking once a day if something interesting happened or sending a few messages makes you an active user, I guess, but in my book that does not mean you are really using Facebook.

I still visit Facebook almost every day, mostly to chat with friends, even though my feed has mostly become an uninteresting desert years ago and I rarely - less than once a month - post, comment or like something. So if I am not an exception, then looking at the number of users posting or commenting on any given day might vastly differ from the number of active users but I admittedly don't know how exactly Facebook defines those.

And if you look at the search traffic for MySpace, Google+, or the German StudiVZ and MeinVZ [1] it certainly tracked the rise and fall pretty exactly. Finally the YouTube search traffic is essentially flat for me since 2012 besides a step at the beginning of 2016 due to changed data collection methods.

[1] https://i.imgur.com/SGci58n.png

Ah, I see. So in this case, “dead” means billions of people who login multiple times per week and the accompanying tens of billions in ad revenue.

May we all have startups that suffer such a fate.

Seriously though, I’m not sure what your point even is. Facebook doesn’t care about how often you login or why, as long as ad revenue keeps flowing. And those numbers have grown like crazy over the period where you say their search traffic (and thus their userbase) has been cratering. I just don’t see it. Every meaningful metric for Facebook that you can find for the period in question points to the search trend not being a reliable predictor.

Also, my point with YouTube is that their search trend has been flat or declining since 2012, but YouTube as a platform has been anything but over that time period.

Not a useful signal.

Most people access Facebook through the app or directly to the website.

Google search traffic is not a good indicator of Facebook users or popularity.

That is not really a convincing argument, even if nobody used searching to get to Facebook, the search traffic would still reflect the general interest in Facebook. But given the huge search traffic it is not convincing that nobody uses search to access Facebook to begin with. So one has to at least argue that the decline in search traffic is due to user migrating from browser to app or something along that line. Also see the comments in the old thread.

Everybody uses power utilities, but what's the search volume for power companies?

Low but constant [1] and it is the constant volume that matters, not the volume on itself.

[1] https://trends.google.com/trends/explore?date=all&q=%2Fm%2F0...

Previously, the search traffic will have represented general interest plus people using it to get to the site. You'd expect a decrease as more and more people use the apps, or web browsers get better at autofilling the domain rather than it becoming a search, even if the level of general interest remains the same (anecdotally, circa 2011 most people I knew would use Facebook on a PC; now most use a mobile app).

There's probably a decline, especially given the myriad messaging apps that have come to prominence more recently, but not as sharp as the searches would suggest.

Are you sure about that?




Those graphs suggest that while the trajectory is bad on this graph, any other site doesn't come close.

Sure, the search traffic is huge but so is the rate it is falling at. If it stopped right now, it would still be a very huge site, but are there any indications that it does? Are there good alternative explanations for the decline in search traffic that would not indicate a decline in popularity of Facebook, for example can the decline be matched with users migrating from browser to app? I failed to find a satisfying alternative explanation.

Besides that, I noticed a decline of the popularity of Facebook among the people I know at least about 5 years ago. I only looked at the search traffic for confirmation years later when that trend was pretty obvious from personal experience because I was interested whether that was a general trend or only due to me and the people I know becoming older or something like that.

Add to that that I talked to some young teenagers last year that somewhat proudly told me that they don't have and never had Facebook profiles and for all I know Facebook really is on the way down. Whether everyone just moves over to Instagram and WhatsApp and what all that implies for the company Facebook is of course also a different matter.

Maybe in the U.S. I was in Asia few months ago and I came across people who were new to Facebook. Facebook still has a honeymoon period with those people who just discovered their 'new' platform. Given the massive population in Brazil and India that would be a sizable chunk of users.

But financially problematic for Facebook. They built an expensive cost base that relies on advertising for users with high nominal income. Advertisers pay far less for Indian and Brazilian users. That's why the decline in US users is so important, not because they lose traffic but because it's directly linked to revenues.

> Importantly, Lewis isn't the only person who claims this happened to him. One Facebook user says he accidentally told "friends and family to go [to] hell" when he "replied to the spam."

Wow. I deleted my FB acct. 8 or 9 years ago because it kept getting worse and worse. It's just sad to read about it now.

From my POV, Facebook is like a TV series that had an incredible first few episodes but quickly grew progressively and irreversibly worse, with a large percentage of its users only hanging on now with grim determination.

We've probably hit peak FB...or perhaps FB has jumped-the-shark using your TV series comparison...either way, any news about the decline of FB is good in my book.

Like most products it started as something pure and simple, but once all the various business strategy dips got a chance to put their hands on it, it was ruined.

Like so many things. It is so saddening that we nerds do this to ourselves, allowing the wonderful things we build to be ruined by foolish idiots, time and time again

I believe we just getting into a period of social networks phenomena, where everyone is sick and tired of the big Facebook, and soon a fresh new thing will pop-up... This network will be smoother, nicer and smarter approach to social networks than Facebook is and will serve same users, just more mature. Sure few years ago FB was such giant that noone could touch it. But since then the cost of Cloud-computing and serving millions of connections per hour went drastically down, and its never been a rocket science to design and program basic social network.

I just wonder if we already have such network and I just happened not to hear about it yet :)

Literally the "walking dead" of internet products

I suspect facebook is doing an even sinister version of this in India. It runs what is called an free mobile authentication service for startup called Account kit. A lot of apps use it to authenticate mobile numbers because it s free.

However, I suspect that facebooks intention behind this are not charitable at all. With this service facebook is able to get your phone number even if you dont give it to it. As long as you have installed any app on your mobile phone which uses Account kit to authenticate, facebook will be able to get your phone number and associate with your facebook account.

We talk about how Uber has lost the way, but somehow Facebook escapes all criticism. I think facebook is so lost at this point that they might as well shut the company down and go home.

Facebook Insider: That is nothing compared to how Facebook uses your phone number on a another persons contact list then aligns that with cookie activity on your computer to get friend recommendations to other accounts that are unrelated to your phone number. The use of your personal phone number internally at Facebook is perverse.

If you block Contacts access on your phone (iOS/Android) can Faceboook still access your contacts ? Are you aware of any loopholes that lets Facebook access someone's contacts ?

If some of your contacts have this enabled then they can rebuild the network.

There was a case not so long ago where unrelated patients of a psychiatrist were suggested as friend to each other. The only possible link is that they all had the psychiatrist in their contact or vice-versa. The friending suggestion by itself was an outing of private medical information.

My wife is a private practice speech therapist. She goes to great lengths to separate her personal social media from work social media. She has separate work and personal accounts for Facebook, Google, WhatsApp etc. Still she gets friend suggestions for her clients on her personal accounts. And it's not just once or twice, usually her suggested friends list is almost the exact same as her current client list.

Its creepy, and slightly disturbing to realise just how much effort they are putting in to mapping out your life and acquaintances even when you try to prevent it.

That's possible. People are probably giving Contacts permission to Facebook without thinking twice.

Although I recall a comment by a Facebook engineer about how they link users based on their IP addresses. So if you and your coworker are connected to the same WiFi at work Facebook can easily figure out that you both work at the same place.

WhatsApp says hello!


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact