Hacker News new | past | comments | ask | show | jobs | submit login
I would rather drink piss like Bear Grylls than log in with Facebook (dickbrouwer.com)
237 points by melissamiranda on Feb 17, 2012 | hide | past | web | favorite | 125 comments

I don't care about apps using my Facebook data (what little there is). I don't trust Facebook not to use data from/about apps that I use. That's why I would never use my Facebook ID to log in to anything.

Actually I can come up with a better summary: I don't trust Facebook

Just curious, why don't you trust Facebook? Did you trust them at one point in time? What made you lose your trust?

I'm a designer so it's interesting to me what's behind all the Facebook hate.

There are two general reasons not to trust Facebook:

1. The reason not to trust {big company X} is that there's no reason to trust them. Their interests are not your interests. They are big enough that loss of one client is nothing for them. They have more lawyers than you have dollars, so short of overt crimes they would be able to do anything with your data and you could do nothing to them. They are popular enough that if they don't screw up something major they can live with significant number individuals pissed off about them and not care the least.

2. Facebook management's position, which they expressed a number of times publicly, is that anonymity is harmful and privacy has no value and should not exist on the internet. Here's but one example: http://www.readwriteweb.com/archives/facebooks_zuckerberg_sa... If I had to choose one company that should not be trusted with my private info that would be the one whose founder publicly states that privacy should not exist. In short, consider any info going into Facebook as if it were to be published in New York Times. If you're not OK with that - keep it to yourself.

Thanks for the links. Seeing 1 from '07, one from '08, and one from last year, seems that it's been building up for 5 years. Yeah, I see your point.

Thanks, point more than proven.

Mark Zuckerberg's perceived public figure does not inspire confidence either. His first actions with Facebook and the story around The Social Network have tainted Facebook for good.

Note this might be far from his real personality. People I know at Facebook love him.

>Mark Zuckerberg's perceived public figure does not inspire confidence either.

I haven't seen that movie, but let me just say that I simply can't help but deeply mistrust a person who considers privacy "obsolete" (which he has stated multiple times in the past) and, through his creation, effectively works to reduce it for everybody.

I'm deeply scared of a future where you need a Facebook (and/or Google) account to do anything meaningful on the web, and I hope that we will never arrive at such a future. I won't join Facebook under any circumstance short of a gun pointed at my head.

I'm not sure that's true, I think The Social Network actually spun him in a positive light. I found public opinion of him improved overall.

I think that may just be because "normal" people finally got a real person to associate with the faceless (ha!) entity that is Facebook. Shifting from "I've never heard of this man" to "his moral character aside, this man is responsible for Facebook" can be seen as an improvement.

mmm... never thought this way. You're actually right.

I don't trust Facebook. I don't even have Facebook. It may not be due to some current form of business practice (selling data) but the potentiality of all my attributed aggregated data being released/sold/made available. Doing facebook only auth only shows the company doesn't share the same privacy values as me and therefor I cannot trust them either.

Thanks for sharing this. I had no idea people felt this strongly about their data. In user testing, I picked up that people are afraid of apps publishing to their walls, or worse, friends' walls behind their back. I got that people don't trust developers with their Facebook credentials because of the abuses in the past, but what you're saying is that you don't trust Facebook itself. Thank you - now I know this going forward.

Another perspective: people wear hats. We cater the hat to the audience we're addressing. This isn't just a web phenomenon - we've crafted our identities in the real world for thousands of years in order to manipulate the target audience in some fashion or another. For that reason, it's not a smart idea to link a single human to a unified web presence.

Facebook login makes sense in its convenience, but in reality, it grates against something that's pretty important to a lot of people: how they present themselves in front of an audience.

True. The flip side is the ability to craft and re-craft your identity everywhere you go, which lets people misbehave because no one can figure out who they are. Abuse, profanity, hate are all easier if you wear a mask.

"Abuse, profanity, hate are all easier if you wear a mask."

Maybe, and it may in fact be that relative anonymity is a net loss for a community. But I find that it's rare for a conversation to rise in quality above "Okay" if I know everyone I'm talking with. This is part of why discussions over web forums and the like are so interesting. If everyone can say what they really think, then everyone can talk about more than just surface issues.

Sure theres the people who try to use their mask to hurt others, but theres plenty of people who don't. And some degree of anonymity is required to get those outlier conversations that make you wish they'd go on longer, regardless of how long you've been talking.

EDIT: Of course, the first rule of Internet pseudo anonymity is that people you haven't talked to for a non-trivial length of time don't get webcam privileges, ever.

I like your edit, well put.

What we found in opening up Tiny Review to other login options was actually pretty civil. We haven't seen much offensive content at all, nor spam. It might be that we're still small yet, but I think I agree with you. Letting people refine their identity for a particular site usually frees up their expression and you get good results. While you're small, it's not a problem. Once you scale enough to have a large userbase, you normally have the time and resources for content moderation.

In addition to everything else, they've been saying that their new advertising model involves sponsored stories showing up on your newsfeed, and arranging and highlighting the timeline so that paid stories show up (and in fact, they already have paid stories labelled as such showing up on their pages occasionally).

I don't trust a company that turns my friends into shills. It's slimy.

I use facebook because it's convenient for keeping in touch with friends and keeping up to date with events. I don't like it or trust it much.

Any company offering a free service has to make money somehow, and since they know 5% of internet browsing is on the Fb newsfeed, it's actually not surprising.

I wonder, would you pay a $5 subscription so that Facebook doesn't show you ads and lets you own your data? Someone else suggested it.

I would not pay that to get rid of ads. However, ads don't bother me. The "social placement" advertising that (ab)uses my friend's content to turn them into shills is what I find a significant turnoff, combined with the other invasive and slimy methods of data collection mentioned elsewhere in this thread.

I don't care if Facebook does advertising. However, the slimy methods used burn any trust I have in them, and as a result, I'm not going to hand them any extra data if I can avoid it.

I am curious why this is not a more popular option across the board. Free with AD's or pay for no ads and no tracking. I would gladly pay for some of the free services if I could get these options and wont even use them for free while the tracking is in place.

Then you have the New York Times: pay and they still display ads.

And real newspapers. And magazines, cable tv, movies, etc...

I dont know how much of value I can bring here, but I can tell you what would make me love Facebook (love opposite to hate).

If they would charge me $5/month for an account BUT give me fair, solid and reasonable TOS that I own my data and they DONT make money off of my eyeballs and clicks under some sort of a penalty. And throw an Independent Board of Facebook Policy-makers so its not that one hacker own majority of the vote.

You can try to revert this and get your answer out of it.

"If they would charge me $5/month for an account BUT give me fair, solid and reasonable TOS that I own my data and they DONT make money off of my eyeballs and clicks under some sort of a penalty. And throw an Independent Board of Facebook Policy-makers so its not that one hacker own majority of the vote."

I would not use Facebook if they did all that and paid me $5 per month to use it. Or even $50 per month.

The site is spyware incarnate, and it'll take a lot more than a TOS (not even a piece of paper) and an "Independent Board of Facebook Policy-makers" to make me trust the site enough to use it.

It would have to be totally revamped technologically to be fully anonymous -- and peer to peer, so that the only people who get my data in the first place are my friends. Not some corporation (no matter what promises it gives), but just my friends, and only my friends.

Super interesting. I wonder what would happen if Facebook would implement a subscription service that shows no ads and lets you own and control your data. It's not a bad idea- I'll see if a friend at Fb will ask Zuckerberg if they've ever considered this.

no need to -- I will answer you. Its not feasible in FB current situation. IF they make $100 per year per user already on showing ads/tracking/selling/analyzing/whatever they do to make a buck, then going down to $5/month/user and shifting from paying advertiser to paying user would make it a ghost town. Bottom line: I think most people enjoy what they get out of FB even if they data is being used/sold and they are, up to some point, aware of it.

1) They don't make $100/user/year, not even close. They have 800M users and made 4.27B$ last year. That's $5.33 per user per year.

Even considering their number of active users is bunk, there's no way they've reach anything close to $100/user/year - that would mean they only had 42M users.

2) I don't think the suggestion was for them to shift to another revenue model, I think it was to give the option of subscribing. Much like many other sites e.g. Slashdot, Reddit, etc. Most people would probably still choose the free option.

1) you're missing a few figures and the whole picture, by the conservative estimation Zuckerberg will make 16 billions with the ipo so he personally made ~20 bucks per registered user. Selling ads is pocket money, at the end of the day the wealth is in the mega database of the user data. See, paying users can choose to take their dollars elsewhere so you have to give them what they want, if it's gratis people flock on the service and lack the incentive to go away if the service is somewhat unsatisfying so you can impose whatever you want to them.

2) they can't offer such an option, facebook is a machine designed to collect, store, hold and aggregate user data and they built a business model out of it. Putting the user in control of its data is the opposite of what facebook wants. You can't really compare the subscription of news aggregator websites and an hypothetical subscription on facebook. Facebook is unique in the fact that it holds user personal data and has a strong grasp on it through heavy vendor lock-in, you can easily leave slashdot or reddit and get your news elsewhere from an alternative but you can't leave facebook easily because they have your data, data you need in your daily use and there's nowhere to go to to find an equivalent.

you are right I had this information wrong, apologize.

I see some things that I'd consider subscribing to, but they only have "real world" subscriptions for hardcopy.

I guess I could send that to a school or hospital or some such. But it'd be neat if they realised that some people are happy to pay for good reporting.

Maybe there's a need for some simple online-only sub, with feedback buttons of "good quality" or "poor quality" on each article.


So you dislike Facebook making money of your eyeballs and clicks so much you'd pay money every month to prevent that. I don't understand this attitude at all. I couldn't care less how much money anyone else makes from my eyeballs and clicks. What am I missing here ?

What if according to facebook, the brands you like correlate with mortgage default? And they sold that data to your bank, so now you can't get that house you wanted?

That's what you're missing.

I trust facebook for doing every wrong thing and the other that I can imagine. It's their business model and whole reason of existence.

I don't appreciate the repeated attacks against personal freedom (they like to call it privacy) and against the internet and open web. I dislike the methods and techniques of manipulation they used.

For someone who had some experience of the internet it was quite obvious what was going to happen, history repeats itself, except that when microsoft tried to bypass the internet and build a microsoft network a.k.a. msn, included in windows, they failed hard.

Now with the critical mass and sheer momentum, everyone and their friends are asking to have the closed and proprietary facebooknet preloaded in their mobile device. But I won't be part of the effort to destroy the open internet, so I quit google and its free services and block everything facebook.

"I'm a designer so it's interesting to me what's behind all the Facebook hate."

I don't trust FB, but I don't hate it. Not trusting someone does not mean you hating them.

I don't trust a rapist to have a friendship relationship with my niece but this does not mean I hate them, I 'm just not going to let it happen. I visit them at jail and they are not monsters, they just feel a urge to rape.

I don't trust my sons playing with fire either(single digits years old) but I don't hate them, I love them.

I don't trust FB with my personal info because it is none of their business. Or should I say it is because their business is selling personal info to third parties.

That you don't see what they do with your data does not mean that it does not exist(out of sight, out of mind).

(Edited PS) What people HATE is being forced to use something they don't want to use in order to do something they want to do(like use this service).

Its amusing how quickly people seem to have forgotten about Beacon - seems like we've set ourselves up for another privacy disaster of similar scale - or perhaps worse.

Who's forgotten about it?

I adblock at the request level everything from the facebook or fbcdn domains in my primary browser. I don't let FB get anything from my normal browsing.

Make sure you get both the .com and the .net varieties of those domains.

What do you use to do that?

Adblock plus, most likely, coupled with Antisocial filter and custom rules.

It sounded more like RequestPolicy than ABP, but there's nothing stopping you from using both, which is what I do.

What do you use for that?

What's so special about beacon ? It's no more business as usual at facebook, with the additional twist that it caused public uproar.

I don't have a ton of data on this, but recently I tested using register with Facebook for my site. It chopped our conversion rates by over half. My audience is very non-tech savy. Personally, I see that as a good sign.

I think they're evil too but half the web accepting the same login? Sign me up! (No pun intended.) Account creation has been the single worst thing about using the internet for the past ~20 years.

I don't use FB but I have a fake account specifically for this purpose. They are more than welcome to my alter ego's (who is 30+ years older than me and lives in a different state) opinion on pizza crust recipes, bike parts purchases, etc.

Your browsing history will tell FB everything about you, even if your profile says something different. When all your accesses come from IP addresses in one state, it's not going to matter what the profile says.

Before blaming the 50% drop-off on Facebook, you should measure the drop-off of the ID/password approach and compare the two. I would expect the drop-off for any login method to be relatively high on mobile apps. Anyone has data they can share?

i know the stats of some websites(or webapps if you like to call them as such) which started years ago with user/pass and after integrating fb got a major better sign-up rate. most logged-in users now use the site via fb.

either mobile is majorly different, the tinyreview adopter group is majorly different, their product is majorly different or their analysis is flawed (as you have pointed out correctly)

FYI, here is another perspective on FB Connect signup: http://damurillo.tumblr.com/post/9214057988/disappointment-w...

You're right, although I expected a much lower drop-off. We'll post follow-on data soon(ish).

Actual Headline: "Tiny Review and the Perils of Facebook Login"

Realistic Headline: "Tiny Review and the Perils of only offering Facebook Login"

Agreed, the headline comes from a real email from one of our users. It's just one of many pretty direct responses to (only) fb auth (I'm the author)

What always shocks me is that if you have a traditional sign-in method, people will be more likely to Facebook Auth. Well, that's been the case for me. People enjoy the ease of logging in with Facebook, but are weary of its repercussions.

Also, I would love to see more sites that Facebook Auth to just asking for e-mail address permission and that's it. Just simply as a log-in tool..

I wouldn't be surprised if people think that offering only FB login means you're trying to exploit on FB specifically, but if you have self-login as well it means you're not trying to force them into it.

This is how I perceive Spotify. I can't sign up for it because I deleted my FB account. FB as the only option makes me think they must want to datamine me as hard as possible.

I don't really understand what Spotify is thinking with the FB-only login. I get that it's free advertising and data for them, but it seems like there's probably a very large percentage of potential users who are uncomfortable with spamming each one of their FB friends every time they listen to a song (not to mention "guilty pleasure songs" that people would be embarrassed to listen to knowing that everyone will see it).

Spotify and Facebook partnership pre-dated the ticker and timeline. I don't think that at the time they decided to work together, they knew how or if Timeline/Ticker posting would be perceived as spam (Facebook didn't even know that). Probably just seemed like a good opportunity to partner with Facebook to increase visibility and virality during their US launch.

I was under the impression that you could turn this off; and that the people who actually care whether they're spamming their friends or not would go to the trouble of doing so.

Ah, if that's true I didn't know. I think I sort of assumed that if it could be turned off, pretty much everyone would (and I've only ever seen technologically competent people posting these ticker stories), but I guess not.

> I think I sort of assumed that if it could be turned off, pretty much everyone would

There's no incentive for me, as a college derp, to turn it off - after all, it's not impacting my experience on Facebook. Sure, everyone else's feeds are annoying, but it's like a mix of the prisoner's dilemma and the tragedy of the commons.

Not to mention, you can hide truly annoying feeds - but again, most people don't care.

My solution is no longer visiting Facebook. I keep my account because it's still the least inconvenient way to plan events.

You can choose not to grant Open Graph permissions to Spotify or revoke them at any point. Publish permissions are completely separate from authentication. Publishing can also be disabled from Spotify and there is also a private session mode that you can enable if you want to not publish one or two songs.

Disclaimer: FB engineer who uses Spotify all day every day.

So make a new account and don't put any information on it. It would be exactly as painful as setting up a spotify account.

Initially we had a 2-step process: ask for email permissions only during signup, and for post permissions later when you actually wanted to share something. Unfortunately this confused our users even more - they didn't understand why they had to FB-auth twice. I guess that many don't actually read the list of permissions (although a short list is better than a long list).

Are there any over all stats as to how the general public feel about all this?

Its cool that all us techie types knowing all about these issues, but does the average mug user know, or know enough to care? Most of the "normal" people I know don't even consider this sort of stuff, they just go along with it. "Yeah, whatever", seems to be the usual response. You can see them glaze over and mentally shut down if I dare try to explain it. That sort of go in to "conspiracy nut" mode.

I'm currently building a social media news aggregation site, and was considering the merits of using a Facebook/Twitter only login/comment services. Do you believe most potential users would be opposed to this? If using these services we would be very clear about privacy issues and options,giving our users the option of restricting their activities to our network, and not sharing the information with facebook/twitter if the user would choose not to. Also in our service agreement and in practice we would restrict our use of our users information to strictly what they share with us, not datamining them, which in my opinion violates peoples privacy. There is a lot of upside in my opinion with using the Facebook/twitter login. They are the 2 dominant social media platforms, in which our potential users are bound to have their strongest ties. If they choose to share their activities on our site with their social media network of choice, it would be their way of advertising a service they are using (and presumably enjoying if they are participating on the site), which would help our service attract users. Would appreciate any feedback and advice, especially pointing out where im wrong :)

I can't speak for everyone, but please just take my email address. There is no Facebook or Google Plus in my life, and I don't use my old Twitter account. I only keep up with a handful of people--something I can do with email and phone; I don't want to give glorified marketers another tool for spying on me. For me personally, the web is just a means to gain and exchange useful information to aid in my academic life; I like to stay "disconnected", if that makes sense.

Everyone uses the web differently. I understand that other (much larger) demographics have no problem with single sign on and that you can perhaps get to market faster without implementing a dedicated sign up system. I respect that.

I do like "social" (I hate that word) news sites; a tool to help cull non-interest items, prioritize on key interests, and introduce novel information from users who share similar interest graphs would help me out enormously.

I don't want to derail the topic, but has anyone given a thought as to whether aggregation (and distribution and reader functionality) could work in a decentralized, p2p manner? Without relying on a central authority of any kind?

I would love a scaled-down, low-bandwidth bittorrent-type app that delivers news items (with highlighted commentary) to my devices, already wrapped in an readability like interface, collected from among my "interest graph peers". That way, the mining/ML algorithms and processing overhead can be implemented and tweaked by me.

I don't want to derail the topic, but has anyone given a thought as to whether aggregation (and distribution and reader functionality) could work in a decentralized, p2p manner? Without relying on a central authority of any kind?

I think that's Usenet (cue George Santayana's quote).

It doesn't have a centralized authority, it's delivered in machine readable formats (so you can easily process it), it has plenty of readers, etc.

Requiring Facebook/Twitter/etc integration - even just for authentication - is a deal breaker no matter what your privacy policy says. I don't trust any company to manage my identity, nor do I want any company trying to do so.

Obviously many people are willing to use their Facebook or other accounts as credentials, but you will lose potential users/customers by making it mandatory. I don't know how many, but it's something you should consider.

Probably depends on your user base. The general public see Facebook Connect & similar services as a way to avoid needing to remember passwords.

I hate it though. It appears other, more technically inclined, folk do too.

Why limit yourself to only those options? Put them in a prominent position if you want, but provide some way to login with user/pass, Google, OpenID (my favorite) or whatever.

Personally, I like StackExchange's model: http://i.imgur.com/7iAgB.png

It gives you some default options, but it still has that "Show more login options …" link for people who don't like them.

There is something sleazy about Facebook that extends beyond privacy failures. I don't like the idea of blending a new community I'm about to join with the filth on my Facebook friends list. I think this mostly applies to younger people who ended up adding everyone they knew through high school: my Facebook friends are mostly just an accumulation of people I don't really care about.

If I wanted to join a network separate from Facebook, why would I want that network to have access to my Facebook?

I use Spotify and Songkick reluctantly only because they are great services. Facebook is a great way to get your name out there, but I'd rather fill out a few text fields than have a service I want to use depend on Facebook.

People join new networks to get away from Facebook, not extend it into every sector of their lives.

If I wanted to join a network separate from Facebook, why would I want that network to have access to my Facebook?

Possibly because that network offers thing that FB doesn't, even if you don't have a problem with it.

People join new networks to get away from Facebook, not extend it into every sector of their lives.

Are you sure you aren't attributing your own personal opinions to others? Not wanting to login using FB has other possible explanations, like not trusting the new site/app not to spam your friends. It's not necessarily trying to "get away" from Facebook.

What gets me is it's 2012 and we still have to keep solving account management over and over. It's a big bucket of word dealing with multiple signup methods, resetting passwords, profile pictures, etc.

I wish there were an open source project that unified best practices (in various tech stacks).

Open ID tried and failed. What I see now is more developers creating their own registration auth. Even if they lose on signup conversions vs. 1-click Fb or Twitter, they avoid duplicate account mixups.

Most of the discussions on HN surrounding privacy and FB usually have several mentions of a creation of a 2nd acct (as you've seen), but also mention Mozilla's BrowserID project: https://browserid.org/

Why OpenID failed? I see more and more services - including ones I use literally every day - using it.

Having to deal with registration and account management is a choice, not a necessity. From bugmenot to mytrashmail, examples of websites not having to solve account management are numerous.

The registration is often a barrier preventing people from using your service, and it's not even mandatory to have user management [1].

[1]: https://jobpoacher.com/blog/blog/2012/02/13/what-craigslist-...

I have found a compromise that works well for me when I'm asked to login with facebook. I have created an account that exists solely for situations like this. That way I can use whatever site or app I want and its not connected to me.

It might not be connected to your other personas, but there's still someone at facebook who can piece together what apps and sites you use that require facebook logins, and potentially abuse that data.

Chances are it is connected to the other personas and facebook has a more complete than you think profile, heck they don't even need you to be registered to have a profile on you, from being in registered people's addressbook to going to web page featuring a facebook button they can piece together a profile.

Interesting. Anyone else out there have a second Fb account just to login?

Me. I never use my real facebook account to login other sites.

Me, but they have your data anyway cause of your ip. It's more so that they won't suddenly start posting my spotify playlists or whatever.

If they did tracking based on IPs, they'd get some pretty screwed up results. My university alone has hundreds of FB users behind a dozen IPs or less. Even my home alone has two.

Yeah, but you're probably the only one who's account is connected to both of those and some other places you've been at various times. Or? (I don't really know what I'm talking about.)

Of course not; it's all about real identity, innit?

1. I think the on-boarding process to an app is probably more crucial the app itself. This is purely anecdotal, but as an early adopter whenever I go through the trouble of downloading an app which greets me with “Create An Account”, I'm almost always immediately turned off. In some cases I've just excited the app and hit un-install. The last thing I need is another account, with a service I may not use for more than 15mins.

I think the best process is to give users a feel for your product without an account being necessary. Maybe it's just in READ mode with the ability to WRITE enabled upon signup. Or just simply ask for an email address which is then used as a unique identifier for your account. Oink did this awhile back.

2. I think the Facebook hate is miss-placed. Do you really hate Facebook (provider of a tool) or those who spam you via Facebook (users of the tool)? If you're so worried about Facebook tracking you offsite, why have an account at all? They're in the business of collecting, optimizing, and monetizing the social graph. If their platform has more 'cons' than 'pros' I think you should ditch it and keep your tin foil hat on. I myself use it, with my tin foil hat on, but don't go through the hoops to block it as some of you are doing.

>2. I think the Facebook hate is miss-placed. Do you really hate Facebook (provider of a tool) or those who spam you via Facebook (users of the tool)? If you're so worried about Facebook tracking you offsite, why have an account at all?

I think it is right on. Both because the tool shapes the usage (if your only tool is hammer, all problems look like nails). I don't have one.

There are no doubt a lot of users like me: I don't have a Facebook account, and I will _never_ have a Facebook account. The result of my personal policy and utter dislike of Facebook is that as soon as I see a Facebook login popup on a new app, I immediately close the tab. Then again, perhaps you don't want customers like me!

Same here and sometimes I wonder if those who provide facebook only login would consider answering the phone 1 out of 10 times by saying "fuck off" and hanging up a good business practice, because that's basically what they are doing.

"hey we have this fantastic service offering this and that, but we don't want you to use it (unless you register to a third party whose sole purpose is to collect as much personal data on you as possible and has a long history of privacy issues)". Best sales pitch ever.

We had the same exact experience with out app. It was Facebook login only, and we got a 50% drop in conversion, bad app store reviews, and some of the people who tried to login couldn't because Facebook login either didn't work or was really slow.

I never register a facebook account and there's no way I will regsiter to facebook just to use an app even if its the killer app.

I trust facebook for snooping in on the data provided by 3rd party apps, they've been doing all the dirty tricks of the book since they started.

why no facebook account for me ? because it was obvious from the beginning where facebook was heading with a business rooted in linking real world identities and online activities. They are basically building a closed facebooknet to compete with the open web and internet. There's no way I would be part or support a closed and proprietary internet.

The funny thing is that they've basically admitted that they didn't want to take the time to build a community system capable of dealing with anonymous users or users identified only by some number. The problem with these featureless micro-apps is that you have 20 different tools which cost you little to nothing but are garbage. Either abandon the idea of one-feature apps and incorporate your functionality in a not-quite-as-slick general platform, or double down and make your app work with anonymity.

Hmm good points. Also, what if you create an account with Facebook, and then later decide to deactivate your Facebook, what happens to that account you just created?

When I use Facebook Auth in my applications, I create a''User'' account with the clients e-mail address and a nil password. My users can then use "Password Recovery" to get a password for traditional login.

Smarty pants. This is a good way to think ahead.

Not much - you can always login by granting FB permissions again, and you'll return to the same account. FB just provides you with a facebook id that you use to lookup the user in the db.

I would too. I've not been on Facebook since 2007 and it annoys me to see a growing number of web-sites/apps using FB for login. (Same complaint for twitter)

Main problem with Facebook only login is that the 5% that care wi rate your app one star until they cows come home.

I usually use a fake Facebook account (with a couple of other fake friends) first. And only after I see how the app is behaving and if I see a real benefit to give access to my real friends, I might consider logging in with my real name and Facebook account.

Here's a proposal: use your email address. Period. No password. Take your average bulletin board--you're probably not going to use your email address as your nym anyway. Even if you do, what do you lose if someone impersonates you?

I'd be happy to log in with Facebook, but every single time I've tried to do it, Facebook informs me that the application wants to help itself to my contacts, my wall etc etc etc. Now I don't bother.

The funny part is that for a long time they just did it without informing you and no one complained. cough zynga cough

Create a fake, empty Facebook account, use it everywhere to log in.

Problem solved.

Not really. I don't want to have any kind of FB/Twitter/etc. account. I hate being forced to use it and that has kept me from using several apps/services

Ok, that makes 2 of you who have fake Facebook login accounts to login. Anyone else?

Two people out of (currently) 47 comments. The number of people using this technique is probably statistically significant (i know lots of my friends have multiple facebook accounts under pseudonyms for similar reasons).

My account is semi-fake, with a real pic and a few friends, but my birthday in 1920. It's great, except for those annoying "Never too old for love" and "Mature Singles" ads.

> nurture a community of real, authentic users.

This is utter BS and the author knows it. The last people you want to fill the role of early adopter are the people of Facebook. Nurture, foster, incubate. That's lazy business people speak for not actually doing any work of note and spending more time networking and that all-consuming fundraising so they can actually hire someone to do the work for them and pay them squat. You know, living the dream that made them go to B-school in the first place.

Facebook-only? That's what lazy people do.

Off base. Facebook login was implement to prevent a Chatroulette problem (nudity and profanity). The Internet Fuckwad theory: normal person + anonymity + audience = total fuckwad (http://www.quora.com/What-is-the-Greater-Internet-Fuckwad-Th...) explains why anonymity allows bad behavior.

The decision had nothing to do with laziness, and everything to do with encouraging real identity on the app.

John Gabriel's greater internet fuckwad theory is a joke about people playing video games online, it's not really relevant to the general internet. While chatroulette arguably offers anonymity but the very instant a website requires registration it's not anonymity anymore, it's pseudonymity, a totally different thing. Not using your real world identity but an online identity which according to context holds a certain value to users preventing them to behave as total fuckwad.

If you look at the famous example of the month of eternal september [1], the problem at hand showed a totally different picture, an artificially high number of newcomers overcharging the capacity of the community to properly teach them how to behave [2]. In short when your user base grows organically you have minimal bad behaviour.

Then again if you look at facebook itself you'll find more than the regular share of inane bs and bad behaviour.

[1]: https://en.wikipedia.org/wiki/Eternal_September [2]: http://www.albion.com/netiquette/book/index.html

Agreed that anonymity brings trolls. What about low-friction sharing that Facebook Auth brings? How did this play into your decision? You said earlier that you used to ask for that authorization AFTER asking for login auth?

Yes, asking for FB permissions twice was tripping over our users however. What seems to work right now: login with Twitter or username/password, and add FB auth later when a user wants to share. This apparently doesn't feel the same as allowing FB on signup. Makes sense?

No, it's not. Facebook is a ready-made constituency for anyone smart enough to figure out an OAuth plugin. I mean, why would you waste time recruiting and curating a community when you have a population of 500 million to choose from? It's generic and any explanation otherwise betrays the true intentions of the author.

You need to recognize it when you read it.

> The last people you want to fill the role of early adopter are the people of Facebook.

Could you elaborate on this?

Regular Facebook users who use that platform for their identity are the long tail. They're not the future.

What you don't see is that Bear Grylls travels with 5 support vehicles and a helicopter and spends his nights in a hotel. I'd be very surprised if he was actually drinking piss on camera, his whole schtick is fake.

Irrelevant. They aren't talking about Bear Grylls the person, they're talking about Bear Grylls the meme. The meme is well-established even if its origins are based on rumors.

You would prefer to see a grown man die on TV?

Your comment is wrong and false. He doesn't spend every night in a hotel, the shoots are between 5 to 7 days. Some he stays outside all night, the other supporting shots he stays in a hotel.

He risks his life in significant (and foolish) ways every episode. Climbing and swinging on rope vines over 1,000 foot drops are not faked. Hunting by hand, cleaning and cooking animals, or eating them raw is not faked. Sure he has assistance and safety precautions but that's reasonable.

What he does is dangerously misleading. Eating an animal raw knowing you are literally seconds away from a fully-equipped support vehicle if you get food poisoning is a world apart from eating an animal raw where you really are a week away from medical help. In the latter case, the balance of risk is very different and you might choose to go hungry (diarrhea -> dehydration -> death). You might as well watch Rambo for "survival skills" as that charlatan.

Just because you don't have a massive support crew doesn't mean you're going to die.

I'd recommend you check out a series called Survivorman: http://en.wikipedia.org/wiki/Survivorman

It's a guy who goes out into the wilderness to survive with nothing but some basic gear and a couple of cameras and tripods. Less flashy but way more realistic.

Two different shows, one is about showcasing techniques in extreme situation and feature an ex british special forces with a heavy background in adventuring while the other is about putting one guy alone in a survival situation for a few days featuring a regular guy who has personal interest in survival.

Though they're not with him, Les stroud also has a support crew and a way to contact them in case of life-threatening emergency.

No he doesn't. Most episodes he says that he has to get out on his own. If he missed his rendez-vous search and rescue teams kick into action to go out and find him.

There was one particular episode where he had to find some natives to get him out because he was dying of dehydration. He got sick and had diaharrea and no one was there to help him.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact