There is no mention of suspicious activity. The only trigger I can think of is a recent modem reset that changed my Public IP, and my new IP doesn't appear to resolve to my old physical location in Google's geoip db.
Am I crazy or does this seem like an extremely cynical attempt to get more phone numbers? I don't even understand how giving them my phone number proves anything as I definitely did not ever give them one previously.
Unfortunately burner phones are not available in my country, so that's not an option.
The worst occasion I've ever had was the one time I was traveling. I was getting by with only wifi and, naturally, didn't have a phone number to confirm my account with. I didn't have a number bound to my account, either, making the whole process pointless.
How did I get into my account? I asked a random guy who walked by if I could login to my email on his phone (since at that point I'd left my wifi area and couldn't login with my own device). It was essential that I check an email at that point, so I didn't have a choice. It was anti-security--I literally gave full access to my email account to some man I never met before in a different country.
Google needs to stop pretending it's some security measure. It's not. It's data harvesting, plain and simple. I just wish they'd admit it.
He might not had an account then, but could create one in the future. So now if either of you messes up or does anything even remotely suspicious (in google's eyes) - say goodbye to your account.
There are a few things that make me wonder if I can trust a company. Security questions, stupid password restrictions, sending me a password in plain text via email.
I would mainly recommend posteo.de because of what the company stands for and its cheap pricing. Other options are runbox.com and mailbox.org. All these providers support IMAP too. So you can use any email client on any platform, or the web interface, to access email.
Protonmail, recommended by some others here, doesn't support IMAP for free accounts (so you can't take your mail out easily if you want to move elsewhere). For paid accounts, it has a "bridge" software that needs to be installed and running. This is available only on Windows and Mac. For Linux, the FAQ [1] still says at multiple places that it'll be available in "early 2018", while we're already nearing the fourth calendar quarter of 2018.
It’s an anti-spam, and anti-abuse measure. So they’re not giving away free resources that get used to harass their users.
Why would Google need you to give them your phone number to associate that with you? They’re on many of the phones in the world, someone you know has already done that for them, or you used your own phone to do the same.
Unfortunately, Google doesn't seem to have the best staff. Or even good staff.
Imagine those teens at school, that bought Chromebooks because they were more affordable, and now getting pried on like this.. :-( It is this generation that is going to lose the idea of privacy and suffer from these piece of shit corporations.
It's almost like watching a movie.
Those students are being tracked regardless of whether they provided their mobile phone number. ChromeOS is an entire operating system that tracks you from the moment you sign-in with your Google account.
Sure, you can use a guest account, but you won't be able to save anything because the entire OS is "cloud-based".
People rush to Google's defence and say that Google doesn't build ad or marketing profiles from student data. But even if the online activity from students is aggregated or detached from individual accounts, that still means Google holds the personal online behaviour of millions of students. They can now poke and interrogate that data in ways that even they probably haven't fully grasped. And as we've seen from Netflix and Spotify, aggregated data still lets you pull out precise details and behaviour from "anonymised" data (a meaningless term).
Tracking is so pervasive and so normalised that no-one even bothers to ask: why should students be tracked in the first place? Tracking online behaviour is in Google's DNA and no-one does it at such industrial scale.
The hypocrisy of the tech community who have nothing to say on the privacy implications of ChromeOS in schools is hard to understand.
Like when I search for a three letter acronym, google knows that I’m an engineer, and I see links for results about computer hardware, and not about a Jewish Torah studies group with the same TLA.
Google makes those models for individual accounts, which is why google can tailor results so well to what you’re looking for right now.
I'd also like to understand how this is possibly useful?
In my case I was travelling, so had no option but to enter the number of the nearest available random person willing to lend me a phone for the purpose, with no idea what it would be used for.
It is cynical to suggest it's to boost their network of connected phone numbers, but I can't think of a better explanation?
Adding it to existing accounts, though, makes less sense to me. Retroactively checking that an active account can cost proof seems like the most intrusive way of doing this, particularly as part of OS login - at this point you have so many signals that you should already be able to detect the user is a spammer or not.
If anything I think it's the opposite --- dedicated spammers have shown they can farm resources like accounts of various types, so phone numbers aren't out of their reach. It's the casual users who don't want to give away their phone numbers or setup a throwaway one which will be turned away.
They're doing it on Chromebooks because you're using Google's services. A Chromebook is just a Google Cloud Computer; users aren't expected to use one without using Google's services too.
Nope you are not crazy at all, that's exactly what they are doing. It's the same pattern in practice of online banks that are demanding you give them an SMS capable phone, it's so that they can in the backchannel identify you through AT&T, which is really teh corporate face of the NSA (don't argue with me, 33 thomas st. nyc), and the implications there is that they have many things tied together in fusion centers so they can use something like palantir to instantly profile you when you put in that number and it draws in via their backchannel apis your bank accounts into a single view along with your other information, like medical, civic, etc that's literally what fusion centers do. It's all hooked up for THEIR convenience, and its all keyed off now on google's gaia_id. They tether your phone number(s) to gaia_id and voila all these data sources get drawn in....it's all about the convenience to the five eyes/nato people to force you to use their free sandwich stuff and get everyone tied into the central hub of services that is google
So I agree with others: don't use a chromebook. I have an older friend who needed a laptop for work and I made the mistake of getting a chromebook. The f*cking thing didn't do TKIP correctly in WPA2 so it didn't work with my wifi without making major changes to security in a tactical frustration that made ME look like I didn't know what I was doing
It was a G d nightmare, but needless to say I will NEVER use a chromebook again, esp after hearing your issue with the phone
Just get a refurb lenovo from tigertits or newegg and put linux mint debian edition with xfce on it. The end
Its a fact and works exactly as he described.
Also the term conspiracy theory was created and popularized by the CIA as a function to install into the general population as a protection mechanism against their own true and active operations, which as stated, are treasonous to America and American citizens.
A useful tool for you might be to become self aware of your use of the term “conspiracy theory” and whenever you find yourself reaching for it as a knife, to instead reflect on the issue and to genuinely and independently compile a response to the topic at hand using basic logic, reason, and available known prior actions of the organizations that would profit from discrediting the topic.
Good luck.
FYI, no you do not have to.
> You are not required to have a social security number to open a checking or savings account.
Source: https://www.consumerfinance.gov/ask-cfpb/can-i-get-a-checkin...
Whats your "stack"? are you running linux and avoiding google services entirely - or using and mitigating their tracking?
Was time to get rid of this pos.
One of the reasons I use Linux on my MacBook.
After I have managed to restore it more than 4 hours later, I permanently deleted my account and Google immediately contacted me with apologies, asking me for the reason I did such thing.
They have tried to persuade me to restore my account with a couple of emails, but it was already too late.
I cannot trust them anymore.
I want to have absolutely nothing to do with Alphabet or Google; if a certain service that I currently use gets acquired by either of them, then I will delete that account too immediately.
Enough is enough!
Where are they sending those emails, to your Google account's backup account?
Also I am getting mail from a guy in India, and he is also getting my email. It's like our accounts got crossed over.
As usually, there is nobody at google to reach.
How did you get a hold of somebody?
Not to mention that I created both a custom question and answer with randomly generated strings that couldn't possibly have been known by anyone else, which they confirmed as correct during the lockout and still are demanding a phone number to 'verify'. I mean, really now, how on earth would giving any random phone number further verify I'm the account holder when I already know the correct randomly generated password, secret question and secret answer.
Gmail has similarly locked out various accounts with this despite no actual suspicious activity and having a completely unique password. It's a transparent effort by all these companies to gather more user details.
I don't mind giving Google my hone number to keep my data secure, and I'm in the majority, so this is a good thing IMO.
I assume you are giving your phone number to a lot of entities already (public administration, HR, service prodivers, delivery etc.). From there a simple phone call to your carrier will be enough to reset your contact dmail, SIM and/or have a new one activated.
From there it's a small step to reset passwords (SMS 2FA won't help here, as they also have your phone) to all online services you signed up for with that email.
Taking a step back, and responding to the other comment in response to mine as well, I was just speculating. I don't work in abuse, and I'm inclined to trust the Google abuse engineers over myself or random HN commentators to keep my Google account safe.
I don't use smartphones.
This has nothing to do with smartphones.
Last week I decided to create a Youtube account as their premium, ad-free service is now available in the UK. All was going well on my laptop until I hit the page demanding a phone number. Any number, smart or dumb.
Not having a burner-SIM to hand I just closed the tab.
Don't burners get their # recycled?
This seems like a pretty awful approach considering most of the sites I see demanding phone #s are doing so under the guise of improved security. It seems likely whoever controls that number will have some authority over the account.
All it would take is some stupid notification being sent to the phone number to inform whoever that is of something interesting being possible.
Combine that with the fact that burner phones are often utilized by criminals for variety of reasons...
I'm not sure if your Google account is tied to a Gmail address (it doesn't necessarily have to be), but I would advise anyone who uses (or must use) Google's services to use an email address from another provider so that if you lose access to the Google account, your email also doesn't disappear with it. Further, disentangling oneself from such providers and going with those whose business depends on your monetary support may be a better choice (where feasible). I also get that these suggestions may sound absolutely ridiculous.
That’s finished now.
I want my machine to be my machine.
Google can F off.
Yes it does. The normal Gmail interface I get now has a forgot password link which is by default activated after I enter the username. I have to explicitly jump over that to continue entering the actual password and thus to my mail box.
Anyway that has put me totally off using gmail. I rarely have a phone too, so using a phone number for secondary authentication is a PITA.
And there are more, no point in sticking with the big G.
Honest question: Let’s assume for a moment that google wants to do something evil, what kind of info will “providing a mobile number” give to google that the email, searches, possibly DNS queries, oauth2 authentication and browsing tracker will not?
A malicious Google with my phone number could easily sell my web searches to the phone company, for example. Or publicly expose my web searches, associated with my phone number (which my friends or employers would recognize).
It's basically one less layer of indirection, which means much less plausible deniability. It's not a hard line but there's definitely a gradient they're moving down.
Microsoft's excuse (lie) was that, my account had sent too many spam messages.
Got pissed and abandoned the account.
I have effectively lost access to them because of google.
Some people are posting here saying they got in using a stranger's number so I still don't understand how providing a number proves who I am.
I know this because I have a friend who's prone to getting himself locked out and I have become his personal tech support guy (not willingly).
(I am hesitant to give American companies my personal information because they are not beholden to my country's consumer laws).
As a side note, most likely Google already has your mobile, through a friend who uses an android phone.
Google's phone number policy is ridiculous.
Seems plenty enough points tjat it should have been there still.
To bypass that, set up MFA using OTP app, like FreeOTP, that should skip 'unknown device' nagging.
For those in the US, the approach I've taken is to create a Google Voice number. Yes, you need to give it your existing phone number. Then, you can give this number as a backup but the key is to use a two step authentication app like Google authenticator or authy. This is key because like any sane system, two step by SMS has rate limits in place. I don't know the details but it seems like rate limits apply even when an SMS never leaves Google (the SMS originates at Google and ends on your Google voice with no forwarding).
Long story short, if you want to fix your problem, try to get two step authentication using an app for your account(s). I think that should do it.
Also remember any form of 2-factor is better than none. Yes, GSM can be hacked and yadayada.. but even one extra factor always slows down. See even a senior Mozilla dev got hacked without 2FA: https://www.theregister.co.uk/2017/08/02/chrome_web_develope...
