If you're on LinkedIn, and you use a smart phone...

Chris Hartley hartleyc at gmail.com
Fri Oct 25 23:43:10 UTC 2013


Anyone who has access to logs for their email infrastructure ought
probably to check for authentications to user accounts from linkedin's
servers.  Likely, people in your organization are entering their
credentials into linkedin to add to their contact list.  Is it a
problem if a social media company has your users' credentials?  I
guess it depends on your definition of "is."  The same advice might
apply to this perversion of trust as well, but I'm not sure how
linkedin is achieving this "feat."

On Fri, Oct 25, 2013 at 7:25 PM, Phil Bedard <bedard.phil at gmail.com> wrote:
> I saw some antectdotal stuff on this yesterday but reading their
> engineering blog entry makes me feel all warm and fuzzy inside.  Oh
> nevermind, that's just the alcohol.  This is perhaps one of the worst
> ideas I've seen concocted by a social media company yet.
>
>
> -Phil
>
> On 10/25/13, 6:56 PM, "George Bakos" <gbakos at alpinista.org> wrote:
>
>>next thing you know, Google is going to be offering free email so they
>>can do the same thing.
>>
>>On Fri, 25 Oct 2013 08:45:40 -0700
>>Shrdlu <shrdlu at deaddrop.org> wrote:
>>
>>> I hate to do this, but it's something that anyone managing email
>>> servers (or just using a smart phone to update LI) needs to know
>>> about. I just saw this on another list I'm on, and I know that there
>>> are folks on NANOG that are on LinkedIn.
>>>
>>> ++++++++++
>>> http://www.bishopfox.com/blog/2013/10/linkedin-intro/
>>>
>>> LinkedIn released a new product today called Intro.  They call it
>>> ___doing the impossible___, but some might call it ___hijacking
>>>email___.
>>> Why do we say this?  Consider the following:
>>>
>>> Intro reconfigures your iOS device (e.g. iPhone, iPad) so that all of
>>> your emails go through LinkedIn___s servers. You read that right. Once
>>> you install the Intro app, all of your emails, both sent and received,
>>> are transmitted via LinkedIn___s servers. LinkedIn is forcing all your
>>> IMAP and SMTP data through their own servers and then analyzing and
>>> scraping your emails for data pertaining to___whatever they feel like.
>>>
>>> ++++++++++
>>>
>>> Read the full article. If you're using LI via your smart phone, and
>>> you have already installed this app, you probably need to save off
>>> your contacts and data, and wipe the phone. I wouldn't trust
>>> uninstalling as enough, myself. In the long run, I'll be deleting my
>>> account.
>>>
>>> No, I don't use a smart phone to update any social media. No, I
>>> especially do not trust LI (never have, never will). BTW, they're
>>> currently adding back any contacts you've deleted. Thanks for
>>> reminding me that Joe Barr, Len Sassaman, and Jay D Dyson are gone
>>> from this world.
>>>
>>> --
>>> Life may not be the party we hoped for, but while we are here,
>>> we might as well dance.
>>>
>>>
>>
>>
>>--
>>
>
>
>




More information about the NANOG mailing list