Facebook Won't Use 2FA Numbers To Suggest Friends Anymore (inputmag.com) 20
Facebook won't use the phone numbers some users give it for two-factor authentication for its "people you may know" feature. From a report: The social network says the move is "part of a wide-ranging overhaul of its privacy practices." It previously used phone numbers to serve ads too but says it stopped doing that in June. Two-factor authentication is a great way to reduce the risk of accounts being compromised, so giving users reasons to avoid using it is vile, even by Facebook's admittedly low standards. When news broke last year that Facebook was misusing phone numbers in that way it was met with appropriate opprobrium from the media and privacy advocates.
And what of SS7? (Score:2)
Nevermind the fact that text messages for 2FA isn't all that secure.
Re: (Score:3)
Personally, I had a reused password compromised. I don't know which site I used it on that got hacked, but it's in the open now. So another account with Password123 and the same email as the hacked service got "hacked" as well. The "insecure" 2FA stopped them cold. The anonymous hackers in Russia (the failure passed the IP, so the
Re: (Score:2)
6*9+6+9=69
Re: (Score:2)
I'll admit - I just hate getting notifications for text messages and want providers to offer a less annoying alternative. I don't need to be notified about the auth code I'm already expecting. I also don't need to be immediately notified about the code a malicious actor can't access anyway.
Re: (Score:2)
This is hardly about two factor authentication. This is about Facebook invading your privacy, to attempt to force relations with other people, tied to their network, to keep you addicted. Ohh no, you better not leave Facebook or you will lose all your Facebook 'friends', so cult like, Facebook right in their monitoring all your social interactions, to control and manipulate them, to keep you addicted to their advertising network, as a product to be sold to others.
That people still remain with Facebook, sho
Re: (Score:2)
So I have to have one app per "authenticator" or texts, rather than having a single authenticator tied to every account.
All my work accounts are tied to MS, and everyone has a Google account.
Re: (Score:2)
I don't know which site I used it on that got hacked,
Here is one way to find out:
https://haveibeenpwned.com/ [haveibeenpwned.com]
but for Facebook, it will eliminate 100% of attacks.
Not if you're a celebrity.
If you're a celebrity, you'll want to select the "Login codes from a third-party authentication app." method when setting up 2-factor authentication on Facebook.
Re: (Score:2)
Not if you're a celebrity.
Not if you are a specific target of interest. Harvey Keitel is safe. He's a celebrity, but he's also is not a target of interest. Old, male, not unusually rich, not big in the news, not a political target.
I'm sure Kim Kardashian has her IMEI cloned, and all sorts of other directed attacks on her. But for 100% of people reading this, 2FA is 100% effective for securing your Facebook account (presuming Facebook correctly implements it, they usually do, but also have periods of errors, where 2FA simply doe
Re: (Score:2)
While switch level attacks are probably rare, phone level attacks probably aren't - apps can easily intercept text messages (which is required to ... write an app that does SMS for example). It's entirely easy to have a bunch of phones get infected with something that forwards text messages in order to capture SMS passwords. (I'm not goi
And what of /. ? (Score:1)
Oh great (Score:2)
How am I supposed to find my next victim now?!
thanks a lot, Zuckerberg.
The blob that ate the internet. (Score:2)
Technically, at that point, the Zuck isn't interested in ingesting new *single victims*.
He pretty well knows that facebook is old stuff (it's slowly going the way of MySpace)
He's now interested in ingesting *whole new networks* (providing him new steady streams of victims).
He successfully swallowed WhatsApp and Instragram, but Snapchat is bringing headaches as they are still resisting, and those pesky chinese managed to snag TikTok before Zuck.
Oh they have definately used this in the past. (Score:5, Informative)
A woman at my old job had an extremely violent ex boyfriend stalking her. The guy actuallly ended up in prison forbeating her so badly that the child she was pregnant with miscarried, this was over a year after they had seperated, and the miscarried child belonged to her new husband. Anyway he had apparently gotten his hands on her phone number but she had the number blocked. One day she gets a friend request on facebook on an account that was completely set up to be hidden, with no detail that could be found by searching for her. Mystified her. Then we worked it out. I signed up to facebook, and it suggested her *based on her phone number she had signed up, which it got from MY address book which the iphone had uploaded without asking me. Extremely disturbing.
Re: (Score:2)
.. which it got from MY address book which the iphone had uploaded without asking me.
I'm pretty sure facebook stated clearly that they upload your contacts. They might call it "allow you to find your friends" or something similar, and that is why you should always read the dialog boxes before clicking them away.
"Find your phone contacts on Messenger
Continuously uploading your contacts helps you find people to talk to and helps Facebook and Messenger provide a better service"
I know it was stated clearly, because I said no to have it!
The problem is, people do not like to stop, read and think
Facebook has no respect for privacy (Score:1)
If you haven't already (Score:2)
uninstall FB on your cell and never ever install it on any device you use more than once a year.
Re: (Score:1)
Well fancy that. (Score:2)