lwc wrote:while only truly devoted professionals pay to get anonymous cell phones.
I can just tell you that one of my Google AppEngine accounts is confirmed using SMS confirmation. And yep, they did accept anonymous cell phone. They didn't either block account registeration from known Tor node. Which also could be blocked, because tor-node list is public.
From options that I listed, only that official authentication system is hard to beat. Because people take good care of their accounts and it uses OTP. So you need sopisticated spyware to get accounts. And even after that you should abuse that authentication in real time and tell user properly that they should use "next" authentication code. And if it's careful user they'll notice that something is now very wrong. Which of course would happen in only 1-2% of cases, most of people are stupid enough not to get the point that if OTP password is "used" even if it didn't grant access to somewhere there is something very wrong. And most probably if you call authenticator, they don't even get immediately that something is wrong. They just think that it's stupid user that forgot to mark that OTP password has already been used.
Anyway, getting access to these accounts would be worth of more than misusing Facebook. Because those are usable for "legal agreements". Like getting online loans and accessing back accounts, stock market etc.
Edit... One of local online auction shops use that official authentication system. It's very useful in case of fraud, because people can be identified with great trust. Unless...
Accounts are hacked. And in this case it's more probable that auction site accounts are hacked due bad passwords, than the actual authentication system for assigning persons identity to account.
Back listing domains or IP addresses is totally pointless, because domain registration is way too easy and you can use many methods for getting "alternate IP".