Report: LinkedIn’s Intro App May Be Vulnerable To Hacks

Posted Oct 27, 2013

LinkedIn released a new app called Intro this past week.  This is not a native app for iOS, but it gives LinkedIn permission to pass your e-mails through their servers using the iOS Mail app.  Security experts are saying that the service adds professional context to e-mails, but this is at the risk of users.

LinkedIn’s servers scrape and analyzes the e-mails for the data, but this causes it to be at the risk of a “man-in-the-middle attack,” stated security consulting company Bishop Fox in a blog post.

According to LinkedIn’s privacy policy for the service, each e-mail is encrypted with a key that is unique to users and their devices.  “The servers themselves are secured and monitored 24/7 to prevent any unauthorized access,” said LinkedIn.

However, other security consultants believe that people should not be paranoid.  Bruce Schneier, a security expert, said that this is the same situation as every other cloud service provider including Yahoo!, Google, AOL, and other services.

Personally I have tried out LinkedIn Intro and I switched back to having Gmail as my default Mail app provider.  This is because there seemed to be a lag time between grabbing my e-mail and adding social media data to e-mails.  However, I do recommend using LinkedIn’s Rapportive web browser extension.  The technology used in LinkedIn Intro is powered by Rapportive.