TL;DR: I get a "confident in his ignorance" vibe from your post and don't feel like defending what is widely agreed upon among those who are actually knowledgable. I've cited some sources and you can take up any issues with them. Enjoy having the last word because I don't have any more time for this.

33 bits of uniquely-identify information is all you need and, back in 2010, they successfully managed to match NetFlix users with their accounts on other sites purely based on similarities in their ratings.

I could cite more, but I've got better things to do with my time.

By probability instincts, I mean that, a woodpecker's intutive sense of "What are the odds that I'll find a bug if I keep trying this tree vs. moving on to a new one" is much more in line with actual reality than our intuitive sense of how probability works. (See, for example, Gambler's fallacy and Birthday problem.)

I'd give a link for the woodpecker part, but I read it in print and I can't remember whether it was in Mean Genes, The Third Chimpanzee, or one of my other heavily-cited books by professors.

*facepalm* I'm honestly not sure how to begin here, given what a fundamental misunderstanding of my argument it represents.

advanced search algorithms and time: With nothing more than the most basic of indexing and search that you'd be a moron not to have in your big data setup, I could easily grab data I'd hate to see used by people who just want to muddy the waters and introduce reasonable doubt and I don't consider myself uncommonly smart or knowledgeable.

time and security clearance: Or they might just need to be in the right place to exploit a hole in the system, as Edward Snowden was when he took advantage of Hawaii being exempt from the NSA's anti-leaker security because their Internet situation compared to the continental U.S. kept triggering lockouts.

I'd rather not take the risk.

I'm having trouble coaxing my browser history to cough up the most authoritative URLs I read regarding the "correlating for advertising" part, but here are some relevant ones I did manage to dig back up:

* How many mobile phone accounts will be hijacked this summer? (and his earlier post)
* SMSRouter README (See "DISCLAIMER" and "SMS / SMPP limitations")

1. Having my own cloud is orthogonal to whether I divide my services up between different providers. (eg. I have accounts at more than one VPS provider)

2. There are cases like Google Talk, which don't federate. I can't self-host those.

3. Some things, like hosting my code on sites like GitHub/BitBucket/GitLab/etc., are specifically about not self-hosting because I want to minimize the chance of downtime after my death.

Sorry for the suuuuuuuper late response.

1. no, i would't ---- there's a neat little tool that eff developed, which you may have heard of, called Panopticlick, that provides a glimpse of this sort of thing (BTW, Always Be Bayesian)
2. no, Google can probably map it to a real person pretty much every time
3. ok, except for the paranoia (almost never ok, by definition, and, in this case, not warranted, IMHO)
4. well, that's a theory, but it doesn't account for why you can choose alternate methods of setup (besides, sms can be routed over the internet, and you can always create a temp number----almost no one will, but, for people who are either sufficiently paranoid or have a good reason to hide their identity, sms isn't a serious hurdle)

I'm not arguing that Google couldn't determine who you are (name/SS#/whatever), but I don't really see why they'd care so long as they can extract maximum data from your presence, and, again, it's in Google's best interest to keep their data as secure as possible (they are also not known to be one of the companies that so readily rolls over for a badge).

Yup. What makes the service useful is the infrastructure, data and UX (possibly in that order).
Opening these services wouldn't provide much benefit without the community around them and the data they already have.
The rise of "AI" isn't going to make this any easier, though.

Fair enough. To some extent, I think I might have been using "you'd be surprised" as a rhetorical device.

Doesn't mean I can't try.

That's why I said "a little paranoia"... because what is paranoia is defined by the overton window and, before the Snowden leaks, anyone who even approached what they showed would have been called paranoid.

Maybe you're using different services than I am, but I see a lot of services where the only option offered is "give us your SMS number and we'll text you the next step".

My nick is my domain name. It's not as if I'm trying to play at being a spy. My goal is just to not give them a free lunch by tying everything into a single ID cookie for them.

This looks to be largely semantic ("a little paranoid"=cautious about leaking identity) and a matter of expectations (for the most part, I don't really care what they know about me as long as they keep it secure; I also have no reason to believe any human at Google has ever seen my personal info and connected with my identity---again, they shouldn't care about that, and not knowing it gives them a few advantages: plausible deniability and less chance for identity being matched to personal info).
Google, for instance, doesn't appear to require SMS for two factor (https://www.google.com/landing/2step/#tab=how-it-works).