LinkedIn Intro: A Dream for Hackers?



Last week LinkedIn announced a new service called Intro, a new feature for your iPhone mail app that will allow you to see the LinkedIn profile information of your email senders. It’s based on the awesome email plug-in called Rapportive, which LinkedIn acquired not too long ago.

If you remember it, Rapportive was a Chrome extension that allowed you to see information about the people you were emailing, such as their photos and where they worked, etc. I used it often when I was doing PR to check the accuracy of email addresses.

LinkedIn wants to bring that same sort of information to your email on your iPhone, but reaction to the announcement was intense and swift: Intro would be a hacker’s paradise.

Forbes ran a post titled, “LinkedIn Intro: Hack Here for Juicy Data.” Salon said, “Ten Reasons to Fear LinkedIn’s New Intro Service.” Venture Beat stated, “LinkedIn’s new Intro app is a nightmare for email security and privacy, say researchers.

However, LinkedIn is quick to assure everyone that the security risks are overplayed. In a blog post, they tried to combat the fears about privacy.

Many things have been said about the product implementation that are not correct or are purely speculative, so this post is intended to clear up these inaccuracies and misperceptions.

When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios.

LinkedIn goes on to list the many ways they’ve tested the security of Intro, and it looks very well tested from my position of not being an internet security expert. But then again, I’m also someone that uses Gmail for nearly all of my professional email, so I’m already aware of the issues surrounding privacy and email. So I’m not sure Intro really scares me all that much, although I will admit that mobile security is still a work in progress.

What do you think? Are you going to try it?



About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to for more details.
This entry was posted in Cell phone security, cyber, internet safety, Technology, wireless and tagged , , , , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s