The Last Straw for LinkedIn

This is an pretty old post from my blog, which has been preserved in case its content is of any interest. You might want to go back to the homepage to see some more recent stuff.

LinkedIn Intro in action (picture from LinkedIn blog)

If you’ve been paying attention to technology-related news recently, you may have noticed that social network LinkedIn has released a new app for iOS devices called “Intro”. It’s a handy tool for people who do a lot of work-related email on their iDevice, as it embeds information from LinkedIn into your emails so you can get a summary of who you’re talking to.

Unfortunately it does this not by making Intro a mail client with the extra feature of retrieving this information, but by rewriting your mail settings to send and receive mail exclusively through LinkedIn’s servers.

In these times where online privacy and security are the subject of worldwide headlines, it shouldn’t come as a suprise that the app has been widely condemned for the complete loss of privacy it entails for its users.

But this is just the latest in a long line of dubious methods used by LinkedIn to find connections between its users. It has been accused of sending email on users’ behalf without permission — indeed, handing over the password to your GMail and Hotmail accounts (ostensibly to harvest your address book) is one of the steps it recommends when you sign up. LinkedIn also uses names and photos in advertising by default, and comments on Reddit even say that LinkedIn is recommending people connect with former residents of their apartment based on their common IP address.

LinkedIn requesting to connect to GMail

Added to that list of privacy failings, the 2012 breach of LinkedIn’s database revealed a major security failing, in that user accounts were stored as unsalted SHA-1 hashes, many of which were easily compromised.

Although the Intro app does not affect me in any way — I don’t use it, and don’t have an Apple device to use it on anyway — it makes it abundantly clear that LinkedIn still do not care about their users’ privacy or security. No privacy-conscious Internet users, myself included, should support a company like that.

Make no mistake, by having accounts on LinkedIn we are supporting them. We are not paying; we are the product.

Given that the only thing I have received through being a LinkedIn member has been regular nuisance calls from recruitment agencies, I think it is high time I deleted my account. I would encourage all of you to weigh up what you gain from the service against what you lose by handing over your personal information to a company that is highly likely to abuse it.


Add a Comment