LinkedIn forcing me to disclose my phone number to log in? No thanks
I've used Linkedin for over two decades. Now I'm being forced to disclose my mobile number in order to log in.
Given their track record of being hacked, I'm reluctant to share it with them.
Moreover, I'm already inundated with spam phone calls, and I'm not looking for another source. This is a thinly veiled attempt to harvest my data so they can hide it in a page with six dozen toggles which will periodically make my phone number visible to people who buy it if I am not logging into check what they've changed every day. Have you seen how difficult it is to opt-out of email notifications using their website?
If they were actually concerned about my security, they would give me other 2FA options that are more secure, like a Yubikey or authenticator application.
No thanks. I'm done with Linkedin.
97 comments
[ 2.9 ms ] story [ 230 ms ] threadAnything in the stock market is government.
LinkedIn brings out the worst in people but in a really weird corporate PR packaging. Or some people really believe in their own marketing. I can't decide what's worse.
Ps I also hate all the sales people using LinkedIn to find my details and offer commercial services, usually totally irrelevant to my job. I block them and their companies immediately. But I wish I could report them to spamhaus or something. Microsoft 365 does nothing with the reports because most spammers are also their customers.
I had an account in 2013 for about a month. I was old back then and quickly got sick of entry level jobs in unrelated fields "recommended" to me along with the gagworthy "Boosters-Pep!" corporate religion articles.
Twitter used to be my way to keep in touch. Alas.
- I got all my jobs via Linkedin (e.g., either a recruiter reaches to me, or I reach a recruiter working for company X, or I search through their job ads, etc.)
- I do not use Linkedin for anything other than job search. So one can easily not look at their timeline nor stupid social posts (linkedin notifications are off, and I do not receive any notification via email)
So, yeah, it sucks if they start asking for phone numbers.
Well, we do, and it’s Device Attestation, but that’s just as bad, if not worse, honestly - at least with a phone-number we can use our own hardware.
There is id.me though (a non-governmental company, but effectively endorsed by the US federal gov), but because I highly value pseudonymity I don't want to use my on real, government-linked, identity for frivolous things - and I'm not aware of anyone like id.me nor any other identity-providers offering a "human-attestation-only" service that wouldn't share any actual PII like my real-name.
It's a shame that web-of-trust schemes never took-off (and I can't see how they could, honestly), I gather some schemes had a mode where a group of known people (in good standing) could collectively vouch for an anonymous person/node, but that system could be easily gamed too. Is this an intractible problem?
And it also does not have to reveal identity, just whether or not you exist in USPS’s database as a real person.
Because if anyone ever offered such a service, suddenly people would no longer be incentivized not to share their account with other people. Right now, the threat of PII exposure is what keeps people accountable and selling less of their accounts to the highest bidder.
If you exclusively belong to communities that don't have such measures, you will be dominated by third parties who create mass accounts instead of the platform.
Choose your poison I guess.
its a data harvesting exercise
In other words, some less-thinking Linkedin employee decides to do a thing without adequate consideration of all the information available (such as length of time of membership). Maybe Linkedin let some moron apply rules, or Linkedin is grabbing data for marketing/sales purposes, or there's an explanation we haven't realized yet.
Looking at the Reddit account they can be ten years old but with no activity at all in the last five or so years, then a sudden wave of these scam posts.
Those guys would enevitably get sappy and I would rope them onto a sales call with me as a bait and switch. I hated doing sales as well as myself and got out of it in a year.
Making a fake burner linked in was trivial.
Regardless, I use it to troll people on LinkedIn now. Especially CEOs who post nonsense.
Agree? (See what i did there)
another alternative (also minutes) is to use eSim, e.g. Google Fi - minutes to setup and many late model phones support multiple esims.
Are we just kidding ourselves? (I live in the USA.)
https://supportcenter.lexisnexis.com/app/answers/answer_view...
I don't yet have a good screen of the address on my driver license, as I get some perks where I live and want to keep that for now. I am using passport more domestically for ID because it does not have an address.
Basically, don't put any property or services in your name, and all mail uses the storefront address. I suppose rich folks have wealth management person at bank who recommends an attorney for these schemes. It wouldn't scale at reasonable price point to make a service for this, though I have considered it. Most people "don't have anything to hide" so they will not see value in such a service. If people won't opt out of TSA's voluntary full body scans, they won't be interested in privacy.
You can't screen everything overnight without help, so start small like put a car in a trust or LLC with address somewhere else.
The downside, or upside?, is that on paper you will have nothing. Definite upside is keeping controlling paperwork straight and replicated to people I trust.
[0] https://www.fincen.gov/beneficial-ownership-information-repo...
[1] https://www.federalregister.gov/documents/2022/12/16/2022-27...
https://news.bloomberglaw.com/bloomberg-law-analysis/analysi...
Also, that article from when the third leak happened points out they had three leaks in three years. It doesn’t mention anything after the 2020 leak. It’s definitely fine now.
They are going to squeeze us through banking, which they already have full visibility into.
In the US we need to abolish the income tax, corporate tax, and all of the other federal taxes, and add a VAT that scales higher for luxury items like houses over certain values and luxury items.
This would end up being far more progressive that the shit show we have today with the tax code. It would also lower stress levels 10x.
We also need to revoke the bank secrecy act and patriot acts. We can put in a streamlined subpoena process if law enforcement needs access to financial records for a legitimate investigation. We're not living in the 1970's anymore. The rules are archaic and overreaching and allow for total financial surveillance without a warrant. That's just too easy to abuse if you have access to these systems.
The first thing I would do if I was an evil person is put plants in government who have access these systems. The power they wield is enormous.
We've got to be more pragmatic about taxation, adhere to the KISS principle.
I took many vaccines and many of them are effective. My doctor signed a letter saying I had the 'rona, fully recovered, have bloodwork which shows antibodies, and those jabs are not recommended for me.
I choose to drink water from a well, and occasionally have it tested. No medical doctor has ever recommended that I ingest unmetered amounts of fluoride, though I occasionally eat foods that naturally contain fluoride.
NATO has persistently pressed toward Russia over the past three decades, Ukraine backtracked on their agreement to allow Donbas to vote, and nobody bothered to clean up the Nazis in that area after WW2.
I'm not important. I'm plain and simple. I have benefited from my privacy and shielding efforts, but that's for me to determine. And why feed good data to LexisNexis?
https://consumer.risk.lexisnexis.com/img/State_Use_of_Indivi...
https://consumer.risk.lexisnexis.com/freeze
https://optout.lexisnexis.com/
So that sounds like a big-F-me. "public facing"? So private is still OK? Bah! I don't know what I'm doing. :)
Please see our User Agreement and Professional Community Policies for more information.”
I am not able to talk or ask anyone at LinkedIn why I have been banned. Is it because I don’t use their app? I don’t know.
I can see that might be it - because it means LinkedIn would be seeing you logging-in from different IP addresses in different geolocations every time (though Apple doesn't let you virtually change-country, I understand in the US it does make it look like you've moved-state).
Auto-updating extensions, and software in general, is a huge risk that people still seem unconcerned about: popular extension authors get approached by scummy ads/data/"analytics" companies all the time to inject spyware or adware into their software (even me: I have a couple of Chrome extensions with only about 20k regular users and I get an email to Chrome Developer Dashboard address every couple of months, asking me to add a small bit of JS which in-turn loads in other arbitrary JS which could be doing anything to my users' browsers - I'm proud to say that I reply to each and every of those e-mails with feigned interest, as the only morally correct course of action here is to waste their time.
HR execs advertising for nonexistent positions have drawers full of burner phones.
I wish fraudulent job advertisements were prosecuted as felonies. The value is typically in the hundreds of thousands of dollars, but there are no prosecutions.
Cost used to be super high to advertise jobs, so you didn’t bother when you had no openings. Now, ads are relatively cheap, so more more goofy behavior to waste people’s time.
First get a prepaid phone number and the card for it using some backup phone you have.
Then port that number to Google voice or some voip text service.
For some reason, when you sign up with google voice or a voip service using their number allocation tool, services know that it's a voip number.
But when you port it, they never seem to find out. I think because the profile tag for the number on the exchange side doesn't change. Someone who knows how phone infrastructure works could probably explain how the backend works.
This is how I get around 2fa using Google voice if the service doesn't want me using a voip line.