On the weekend, I posted a story about the security and privacy risks in LinkedIn Intro, which is an app that works on your iPhone and in conjunction with your e-mail account to provide you with instant details about the people you’re communicating with. Now I’m not the only person to report on this and clearly this has gotten the attention of LinkedIn who have a response to this. In a blog post called “The Facts About LinkedIn Intro“, Cory Scott who is LinkedIn’s senior manager of Information Security according to his LinkedIn profile makes this argument:
When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios.
He then explains in some degree of detail what was done to make Intro secure. On top of that, he had this to say:
After having been a member of the security community for more than 15 years, I understand that healthy skepticism and speculation towards worst-case scenarios are an important part of the security discipline; however, we felt, in this case, it was necessary to correct the misperceptions. We welcome and encourage an open dialogue about the risks that are present in all Internet-based services that handle electronic mail and other sensitive data.
So. does this make you feel any better? To be honest, it doesn’t make me feel any better because to use this service my e-mail has to go through a third party. That alone makes it a #fail for me. It’s likely a #fail for anyone who values the security of their information.
Like this:
Like Loading...
Related
This entry was posted on October 28, 2013 at 11:59 am and is filed under Commentary with tags LinkedIn. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
LinkedIn Defends The Security Of Intro
On the weekend, I posted a story about the security and privacy risks in LinkedIn Intro, which is an app that works on your iPhone and in conjunction with your e-mail account to provide you with instant details about the people you’re communicating with. Now I’m not the only person to report on this and clearly this has gotten the attention of LinkedIn who have a response to this. In a blog post called “The Facts About LinkedIn Intro“, Cory Scott who is LinkedIn’s senior manager of Information Security according to his LinkedIn profile makes this argument:
When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios.
He then explains in some degree of detail what was done to make Intro secure. On top of that, he had this to say:
After having been a member of the security community for more than 15 years, I understand that healthy skepticism and speculation towards worst-case scenarios are an important part of the security discipline; however, we felt, in this case, it was necessary to correct the misperceptions. We welcome and encourage an open dialogue about the risks that are present in all Internet-based services that handle electronic mail and other sensitive data.
So. does this make you feel any better? To be honest, it doesn’t make me feel any better because to use this service my e-mail has to go through a third party. That alone makes it a #fail for me. It’s likely a #fail for anyone who values the security of their information.
Share this:
Like this:
Related
This entry was posted on October 28, 2013 at 11:59 am and is filed under Commentary with tags LinkedIn. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.