Experts say LinkedIn's new Intro app comes with huge security holes

It's only been a day since we first introduced you to LinkedIn's new Intro app for the iPhone that gives emails a more professional edge - in a nutshell, all it does is provide Mail app users an extended introduction to a person sending them messages by showing their LinkedIn bio - but already, some security experts are calling shenanigans, claiming that the new product actually 'hijacks' your email.


According to security consulting firm Bishop Fox, LinkedIn Intro actually reconfigures your device so that all your emails go through LinkedIn's servers. 'Once you install the Intro app, all of your emails, both sent and received, are transmitted via LinkedIn's servers. LinkedIn is forcing all your IMAP and SMTP data through their own servers and then analyzing and scraping your emails for data pertaining to ... whatever they feel like,' the company wrote on their blog.


The post went on to enumerate a list of reasons why installing Intro is a big mistake, some of them related to the possible repercussions of unwittingly surrendering the contents of your email to a third-party participant. If you use your work email on your phone, you may be unintentionally violating your company's policy by using the plug-in; if you regularly correspond with people who usually offer confidentiality in correspondences - like your doctor, lawyer, or therapist - using the feature may relinquish certain legal privileges.


To address these security concerns, LinkedIn added an update to their blog post announcing the new service to ensure that people know at least two important things: That users have to opt into the service before any email encryption happens and that LinkedIn does not store any user emails on its servers.



Researchers were quick to refute LinkedIn's claims, saying that 'in order for LinkedIn to stick changes into an e-mail, they have to decrypt it and then encrypt it again en route to its recipient, adding a new layer of insecurity to e-mail in transit.'


Considering LinkedIn's seemingly bad reputation when it comes to user data security - 6.5 million usernames and passwords were leaked to a Russian hacker website, and they suffered a major lawsuit because of it - this latest development does not bode well for the social career site. Unless LinkedIn offers a more acceptable and transparent explanation of how Intro works that security experts accept, it almost doesn't seem worth it to enable the new feature - just go to LinkedIn if you really want to find out more about people on a professional capacity.


Comments

Post a Comment

Popular posts from this blog

5 Reasons iPhone 6 Won't Be Popular

Image
The majority of users are waiting for the next smartphone from Apple - iPhone 6 – this year. Unfortunately, the hype around iPhone began to gradually subside with each passing year after the 4th model launched. Therefore, it is possible that the sixth iPhone model of  will not be nearly as popular as it was in the beginning. Global audience perceived iPhone 4S and iPhone 5 much cooler than its early models New iPhones will not cause that “wow”-effect, which was in the beginning, when Steve Jobs' presentations caused a delight and admiration of every new Apple gadget. Some leaked photos of iPhone 5S prototype show that it does not differ from its predecessor at all. Therefore, all hopes for something radically new in design and features are laid on iPhone 6. And if Apple is no longer holds its standards, that seem to be a little bit old-fashioned already, it is unlikely that iPhone 6 will be interesting for people next year. 5 main reasons can be found to think like
Read more

Eset nod32 ativirus 6 free usernames and passwords

Image
                              Hi friends,after little long time I'm going to write again about eset nod 32 antivirus.As I told in previous post if you are user on windows 8 Eset nod 32 is the best antivirus for your personal computer.the latest product eset nod 32 antivirus 6 has special features with 100% really working.Not need to purchase full version from buying it.Download the eset nod 32 trial version and activate your est antivirus from below updated usernames and passwords. Firstly I would like to tell something about est nod32 antivirus 6. The latest product having: Eset smarter scan  Scan while downloading something Anti-Theft Idle-state scanning Clean and safe E-mail Removable media security system tools         Download Eset nod32 antivirus 6 Trial version Here     After downloading Eset nod32 Antivirus activate it using below usernames and passwords. Username: EAV-30326836                                       Password: ccka4dvsuv Expire: 16-10-2013 Username:EAV-79084
Read more

Apple's self

USA TODAY Apple's self-driving car racing toward reality, report saysUSA TODAYSAN FRANCISCO - Apple's self-driving car effort, code-named Project Titan , is more reality than rumor, according to documents obtained by the British newspaper The Guardian. Engineers working for the Cupertino-based tech hardware giant met in May with ...Apple Is Getting Closer to a Self-Driving CarTIMEApple is reportedly looking at places to test its self-driving carThe VergeApple eyes former naval base in California to test 'Project Titan' self ...Apple InsiderThe Independent -Business Insider -Cult of Macall 10 news articles »
Read more