You can purchase access to phone numbers for the purposes of verifying accounts. While phone numbers are a method to prevent easy sybil attacks, it is not effective when dealing with a determined actor.
People shouldn’t be expected to give up their privacy and anonymity and put themselves at greater risk of identity theft because big tech can’t be bothered figuring out a different way to solve spam.
Just because the rest of the world doesn’t mind giving out their phone number, it doesn’t mean it’s harmless. I don’t know about you, but I don’t want to get sim swapped and have all of my bank accounts drained because some random company with zero security measures demands I provide my phone number to use their app.
I think you're misplacing your annoyance here. A lot of the world is not constantly affected by Sim swapping. Your phone number is not a secret either. The problem is the minimal verification that allows sim swapping to exist in the first place.
These companies don't expect you to give up privacy and anonymity. They expect you to pay $1 to rent a phone number. To these companies, a phone number is an externalized reusable proof-of-stake in the PSTN NFT market — nothing more, nothing less.
> More code, more complexity, plus the cost to actually rent the numbers
Not a big deal, there's sms verification services, they have APIs and premade libraries, cost is about ~$0.06/verification depending on which service you use, and less with bulk discounts.
And you can't use many from those services to actually register an account for a meaningful service. E.g. have you created Instagram account with them?
Seems like there is a determined will to blacklist as many as possible.
I believe you're thinking phone numbers from legitimate VoIP services like Twilio, or the "texting app" service-providers that build on top of them.
The GP is talking more about phone numbers from purpose-built (usually Russian) "secondary market for other people's credentials" marketplaces, where people sell the use of their own personal phone numbers (usually through cloud remote-control software they run on an old Android device with the SIM in it.)
A given practice does not need to be 100% effective in order to provide value. Simply imposing a financial barrier of any kind is often enough to reduce malicious activity by a considerable degree.
It's not perfect. I've gotten accounts suspended from phone verification services. I don't want to share numbers with spammers and drug dealers for this reason.
A lot of tech bros need to touch grass and realize that the rest of the world doesn’t mind giving their phone number to a chat app.