LinkedIn simultaneously impressed the technology industry and worried the cybersecurity community when it rolled out its groundbreaking LinkedIn Intro email service for iOS. Once installed, the new solution populates users’ iOS Mail apps with the LinkedIn profile information of anyone who contacts them.
The risks and rewards of LinkedIn Intro
In theory, LinkedIn Intro makes it much easier for individuals to screen and contextualize email. Because the service provides expandable details about each individual’s interests, position, connections and career history, it makes it easier to pair a real person with each message.
But LinkedIn Intro is not without its risks. The precise way in which the service reroutes incoming and outgoing messages to its servers means that Intro is essentially taking over the iOS Mail app. Even if one trusts LinkedIn not to harvest and sell sensitive personal data, the Intro configuration presents a golden opportunity for cybercriminals to conduct man-in-the-middle attacks.
Is outsourcing one’s inbox – often a repository for sensitive communications – to a social network a step too far beyond the boundaries of sound security and privacy practice? Although it would appear that users already do something similar when they use Gmail or Yahoo Mail, Intro is a unique case because of LinkedIn’s particular history and the unusual ways in which the service interfaces with iOS.
Also, unlike Google or Yahoo, LinkedIn is not technically a webmail provider, and it is difficult to know whether the company has fully taken stock of the risks facing email. Now that Intro is gaining popularity, LinkedIn should prioritize user safety over expanding the network’s reach. In the long run, ensuring that its customer’s information is safe will be essential to cultivating trust and contributing to safer data exchange across the Web.
LinkedIn Intro: Technically on the right side of iOS guidelines, but ethically questionable
LinkedIn Intro is not technically a mail app, and Apple does not permit third-party developers to control the stock Mail app or add plugins to it. The company also does not allow users to set any other app as the default handler for email.
LinkedIn Intro gets around all of these stipulations by behaving as a service that sits on top of the Mail app. It requires users to set up new iOS security profiles and to provide LinkedIn with access to their email accounts. Addresses ending in .org are not supported, and all messages routed through Intro must be 128 Kb or smaller, according to Apple Insider’s report on the issue.
Essentially, LinkedIn Intro is not breaking any rules, and the company has defended it by detailing its testing process and the different contingencies that it considered. Nevertheless, security researchers have been wary of the service’s technical features.
Moreover, LinkedIn Intro sits at the intersection of a huge social network user base – estimated at 238 million – and a nearly universal communication service in email, meaning that the security community’s concerns about a potentially devastating breach have solid grounding.
Researchers at Bishop Fox outlined many of the core issues surrounding LinkedIn Intro, including:
- Breaking cryptographic signatures – LinkedIn appends signatures to all messages that pass through the service, meaning that it is decrypting and rewriting email
- Mass metadata storage – LinkedIn Intro retains metadata from all communications, and it may use the information to suggest new contacts to users
- Violation of company privacy and disclosure policies – highly regulated industries such as law cannot use LinkedIn Intro in good conscience since the service does not guarantee that transmissions are private
While it may be intended to improve the experience of LinkedIn power users, Intro crosses a number of lines to achieve that goal. Its purview extends beyond any single account and encompasses every email on associate iOS devices, making it a much different animal from messaging systems like Facebook Messenger or Google+ Hangouts. What began as a social networking tool could turn into a data surveillance apparatus worthy of an intelligence service.
“Once you install the Intro app, all of your emails, both sent and received, are transmitted via LinkedIn’s servers,” stated Bishop Fox. “LinkedIn is forcing all your IMAP and SMTP data through their own servers and then analyzing and scraping your emails for data pertaining to … whatever they feel like,” stated the source.
The potential for abuse and cyberattacks
Retaining mass quantities of data and handling them with little transparency may the overarching flaw of LinkedIn Intro, but the service also exhibits a number of vulnerabilities to cybercriminal tactics like man-in-the-middle attacks.
Because LinkedIn Intro decrypts messages so that it can add extra signatures to them, it creates a prominent target for surveillance and interception. However, the alarming risks could get lost in the excitement over how Intro streamlines and contextualizes email, a common pain point for users and businesses.
“I worry LinkedIn is not going to treat this as the holy grail for people’s email, even though it is,” Mandiant chief researcher Richard Bejtlich told The New York Times. “The risk is that you essentially trust a box, run by LinkedIn, with your email. It’s a target for someone that wants to get to your email.”
LinkedIn’s history of playing fast and loose with user privacy
Trusting LinkedIn to securely handle email may be an ill-advised decision. In a way, the controversy over LinkedIn Intro has been years in the making and foreshadowed by past incidents involving the company.
While it took the takeover of user email to alert security professionals to LinkedIn’s unusual notions of privacy and security, the social network has often struggled to keep user data safe. A 2012 hack of LinkedIn’s servers may have compromised more than 6 million user passwords.
Similarly, digital marketing expert David Veldt commented on the service’s byzantine privacy controls that often confuse users. Individuals may end up sharing information with third-party applications so that LinkedIn can serve up more accurate suggestions and advertisements.
Social networks and especially LinkedIn have become inseparable from professional communications. However, business professionals and service providers have sometimes struggled to subject these new tools to the same security standards and scrutiny that they apply to email or phone calls.
LinkedIn Intro, by bridging the gap between email and social networking, may provide the opportunity for the security community to become more serious about addressing social media risks. Given the volume and sensitive nature of email, it is imperative that cybersecurity professionals continue to push LinkedIn to make its services safer.