Why not bundle them all as one membership? Pocket, Mozilla VPN, Relay, Monitor, and whatever services they can scrape up premium options and features for to give them value?
That would be cool; then I could unsubscribe from all of them with a single action.
Why is this branded "Firefox"? This is apparently a Mozilla project, unrelated to their web browser.
Now:
1) You give your real number to someone.
2) Somehow your real number goes into a list used by robo-callers.
3) A robo-call arrives on your real number, disturbing your peace.
After:
0) You give Mozilla 3.99 or 4.99 US$/month
1) You give your Mozilla number to someone.
2) Somehow your Mozilla number goes into a list used by robo-callers.
3) A robo-call arrives on your Mozilla number, that promptly relays it to your real number, disturbing your peace.
You cannot change your Mozilla number, so it is basically an "alias" number, where is the advantage?
Stopping paying so that the number becomes invalid?
But then you won't be reachable anymore by the people you gave that number to.
Without having hired a lawyer to dissect the TOS and Privacy Policy for Mozilla's new service here, I'm going to assume for the sake of argument that they will not sell the data to brokers. If that is true, then it's one more way to try and keep your true PII out of circulation. For instance, maybe you pair this with a high quality VPN offering, browser plugins or whole-network based stuff like pi-hole/etc along with also using aliased credit card numbers through services like Privacy.com or other similar offerings. Then when you "sign up for an account" or "make online purchase" you could use name like John Smith, private/aliased email, etc etc... This just puts distance between your activity and your true identity.
With all that setup you have at least _some_ chance of evading a decent amount of the persistent and invasive tracking that is beginning to be top of mind for many people.
You are trying to avoid wholesale scoops of info and automated credential stuffing. If your threat model is people specifically seeking out and targeting you: godspeed.
I personally only use prepaid cards so a service that makes them appear like post paid might be useful on its own though.
The fact that you only get one number and you can't change is seems to blunt some of the utility. Ideally you'd want a separate number for each service and to have them all turned off, to block identifying you as the same user of different services. Not quite as easy to do with finite numbers as with email address suffixes.
I wonder if you could use this like 5sim or other shady text verification services by just remaking a monthly account. I suspect that is not the idea here and probably forbidden, otherwise they'd let you change numbers.
> If you find yourself receiving too many unwanted spam calls or texts, you can easily turn it off for all phone numbers or select the specific ones you want to block.
So it sounds like if your aliased phone number has issues, you can block those specific ones. In theory, you can do that now from your phone, for individual numbers, but it isn't applied if you switch devices. So it's a very moderate improvement.
Additionally, your existing phone number is probably already overwhelmingly accessible to robo-callers, i.e. the cat is already out of the bag.
This is definitely just the first step; we've got lots of ideas for additional protections we could add, and are monitoring usage and feedback [1] to inform our roadmap.
What this first version gives you is a way to add a tier of trust to your phone number: your Relay number for untrustworthy partners, and your true phone number for important things. That means that data leaks of untrustworthy services can no longer be linked to the important ones through your phone number. Additionally, if you receive a phishing call to your Relay number, that's an extra red flag that it might not be who they say it is.
But again, there is more to come, so stay tuned.
[1] See also https://connect.mozilla.org/t5/discussions/firefox-relay-pho...
Yes, and I don't doubt in the least that it may become the third best thing in life after icecream and sliced bread, but right now its usage cases and advantages seem not clear.
Maybe it could be useful to people that lose/get stolen their phone/number, since this mask is "centralized" you change the connected "real" number to a new one only in one place instead of updating several places where the old real number is stored.
>Additionally, if you receive a phishing call to your Relay number, that's an extra red flag that it might not be who they say it is.
I still don't understand.
If I use this relay, giving this mask number to three different organizations for - say - 2FA or emergency recovery or similar, any call or SMS to that number must come from one of the three (untill it is leaked).
Once it is leaked it may still come from any of the three or from someone who is attempting a phishing call, what is the difference against a "main" number or a spare "burner" one?
I would give marketers my Google voice number, it had better interface (and on cloud instead on device) contact management. I could send non favorites to a voice identification prompt (voiding all slow recordings or agents making multi calls that have a pickup delay) and for the final small percentage voice transcripts that I could determine if important.
Or for craigslist, I could forward calls to a phone for a short period of time, then turn off forwarding.
Google does a really good job of filtering out the telemarketing calls so the rare message is usually valid.
Pretty much the only time I have to open the app is this one stupid company (coughWalmartcough) which insists on doing 2FA via text every single time I want to check the balance on my prepaid debit card.
It’s like the concept of a “burner phone” I think
> You only get one phone number mask at this time. Once you choose your phone number mask, you cannot change it later.
That makes it impossible to use as a "burner" number.
The moment you change or abandon the number (be it Mozilla or "burner") that someone won't be able to contact you anymore.
But if you keep it, with the burner at least that someone will still be able to call you at the end of the month (when the the robocallers will have already eaten the 50 minutes allowed by Mozilla).
I can already do that on my phone, and it is kind of useless due to caller-id spoofing that most robocallers use.
Also, probably wont work for services that require a phone number but don't accept VOIP numbers.
I wish the article addressed these issues.
>I can already do that on my phone, and it is kind of useless due to caller-id spoofing that most robocallers use.
Yes, I cannot see in which way this "black-listing" on Mozilla is different/better.
I'm running into an increasing number of these, and it's annoying because I use Google Voice as my primary phone number. Using VOIP is important for me because I travel frequently between the US and EU.
Aside from being inconvenient for me, I take blocking VOIP as a red flag that the service might want to misuse my phone number.
With a virtual cc number, I create a new number on demand for each service I need, and disable it after I don’t need it anymore.
With virtual email addresses, I create a virtual address and delete it after I don’t need it anymore.
Unless there is a phone number analog, a single number is only useful until that number is compromised. Which could be day 1.
If you want to re-co-found with me on marketing / sales, hit me up: maddie+hn[at]qnzl.co. I tried some pivots, sucked at marketing it, I occasionally get asked about where it went.
---
If anyone wants to run their own instance using Twilio, I open-sourced the basic structure of my previous service [1] so it should be fairly plug-and-play to do this cheaper ($1 per number + small usage fee) and for more numbers.
My caveat about this is some services will silently ignore you if you try to use a virtual number. It's more useful for IRL where you don't want to throw your real number around much.
The firefox service is priced well but 75 texts and 50 minutes of voice is fairly limited. The burner phone services that exist are too sketchy and too expensive for my taste.
I don't like marketing or sales but if you could market yourself as a privacy focused, Free/Libre solution that wasn't a sketchy fly by night operation and offered more than a closed source phone app I would subscribe.
Twilio itself seems to be oriented towards businesses and not individuals which is why I did not sign up with them.
Will stick with Simplelogin.io, which is included for free with Proton Unlimited.
"Since 2013, Hushed has offered consumers affordable private phone number solutions with fully equipped talk and text capabilities. With an expansive selection of phone numbers from over 300 area codes in the US, Canada, and UK, our goal is to provide a secure telecommunication experience for users around the world. Hushed offers mobile and local phone numbers from a variety of countries and area codes. We pride ourselves on the high-quality service we offer all our customers, and we believe that protecting your privacy is of the utmost importance."
// not affiliated
It looks like I might be able to do this with Twilio, but I'm not a developer, and quickly got frustrated trying to build what I wanted.
Is there a service that will do this for me at a reasonable price?
(my company resells these with some add-on services on top, but for your use-case you're better off just going to the source directly)
I think there are other options like Fongo and probably a dozen other similar services that already have been doing this for some time. Not really seeing the value proposition of going with the Mozilla option here. Am I missing something?
So you pay $4-5 per month and you're still limited? I was expecting there would be some free amount and after that it's paid.
Will this SMS work for account verification?
What these burner numbers are great for are rewards programs. I sign up for every one I can with my GV number!
I doubt it. It looks like they're using twilio under the hood, and those are most definitely detected as VOIP numbers.
Doesn't feel necessary to me really. I've never ever been in the need for an incoming call, just for sms. And I'd much rather have them sent to an email rather than my actual phone too (and then I wouldn't need to share my phone number with this service either). That would be a real use-case for me. But paying a monthly subscription for that twice a year sms isn't that great either.
I currently have a pre-paid sim and an old phone for this usecase. It kind of sucks and I don't have access to it when I'm not home (sure, there are ways to sync this but haven't felt a big enough need for it yet).
Your number is your permanent cross-app, cross-company tracking identifier. It is a lookup key for your name, address, income bracket, email, spam history, etc.
This is why so many apps require it during signup.
Bummer. Before reading this, I was so excited, since robocalls and sketchy SMS messages with malware payloads have plagued my phone for years, and now it's not available to me (I'm in the EU).
The slower they are to realize they need to do all that to stay relevant, the faster Firefox's market share shrinks
Fastmail referral url: https://ref.fm/u26310488
Privacy.com referral url: https://privacy.com/join/JCPFN
They could still so easily regain much of their lost trust by sincerely apologising for their cock-ups (dodgy studies/data-collection, addons-fiasco, etc) and their political shilling; and yet, they do not.
The sewage they keep pumping out on their blog, and spaffing money on expensive rebrands, is turning-off the users who keep Mozilla alive.
Given how much they're doing for Google's market-share with this blatant self-sabotage, you'd be forgiven for thinking Mozilla is being run by Google.
Can the ability to have multiple relay numbers tied to 1 real number be added relatively easily by scaling your technical architecture, or is there some non-marginal underlying cost to each additional relay number that would make such a feature too expensive to support at this price point?
Same for email - the idea would be to have a phone/email for public consumption and then a separate address and number for my inner circle of family/friends.
I haven't implemented this idea yet, but what stops us from just buying Twilio credits, getting a number through them and then writing a bit of glue code to their API to pull down SMS messages (for things like 2-factor codes, etc) and route them wherever we find personally convenient? Maybe Twilio is also selling our customer data paired with these numbers to data brokers, though, IDK. It's just a fleeting idea I've had.
Go wild. Gets you like 90% of the way there.
I was considering exactly this, or potentially getting a second mobile number via eSIM on my phone (which feels a bit more "permanent" but that might be delusion...)
Also LinkedIn will give away your contact details.
Your Bank or any service important to you may get hacked and your phone number leaked.
Not that they don't share your email to other persons working for the same company (I've had some name I never heard of from RecruitCorp email me seven years after I last talked to someone from RecruitCorp), or I could imagine they keep their contacts when moving into / out of self-employment, but that's a far cry from public.
The only way to really prevent it is to allowlist specific numbers you know will call the number and send "Number disconnected" signals for the rest. Eventually, the number gets quieter until it can be reached again.
The ideal setup would be to have a private number that you never give out that denies anyone not on your allow then use throwaway numbers you can turn on and off as you need them.
I used to have it where I would give numbers out then only have them 'active' when I was expecting a call.
My original hypothesis was that the numbers were harvested, my new one (and likely correct) is that numbers are randomly dialed.
Gmail might block the same 1.3M unwanted emails every... minute?
Forward your phone number to a different number through gvoice. For email, add a '+' symbol to your email address and filter them out if they get abusive.
It's still trivial to parse your real email address from this. With Relay your real email address is completely obfuscated.
slow clap
I am all for privacy, but many so-called privacy-centric tech “solutions” are simultaneously crime-enablers. Things need to be fixed at the legislative level, not by opening more pandora’s meta-crypto-app-boxes.
i can't see any option when i log on from the uk.
> Currently, this feature is available in the U.S. and Canada. As we roll out this feature, we will explore how we can expand this offering to outbound calls and texts, as well as to other regions.
(Edited to add:) And I feel your pain - I'm a Relay engineer in the Netherlands, and I can't even use this myself... But unfortunately, it's not easy to offer this elsewhere at a reasonable price, so we're still figuring that out.
Why would someone pay for this? Just to stick it to google?
