Security concerns abound over LinkedIn email app
Professional social networking platform LinkedIn recently announced that it would be launching an app called Intro for its users. The application uses technology developed by email provider Rapportive, acquired by LinkedIn not long ago, to connect user profiles to messages sent and read through the Apple Mail app on iPhones. The company boasted that recipients can now link directly to the sender's LinkedIn page when they receive an email from someone they don't know.
The app, however, has raised concerns about email security throughout many tech spheres. On his blog, security analyst Graham Cluley stressed that the new technology has a questionable operation at its core.
"LinkedIn Intro extends the standard iOS Mail app in ways that Apple never intended to be possible, injecting HTML code into the top of the emails you receive so you can view someone's LinkedIn profile alongside their message," Cluley explained.
Cluley went on to point out that Intro will add LinkedIn's servers as a third-party middle man between iPhones and email providers. He brought up the fact that the company's history of data protection mishaps should make those considering the app think twice.
Back in July 2012, LinkedIn's iOS mobile app was shown to be sending the details of users' Apple calendars to its own servers, Skycure reported. Every time the app was launched it would send to the LinkedIn all calendars, personal or corporate, stored on the device, the news source noted.
Around the same time, Naked Security reported that LinkedIn had lost over 6 million user passwords, which ended up online in an encrypted document that hackers then attempted to break into.
LinkedIn responded to criticism from Cluley and others, saying that it had ensured privacy protection by placing Intro in an isolated, secure network segment, and all mail that the app moves through its servers will only be held in an encrypted form.