from the we're-sorry-we-got-caught dept.
LinkedIn apologizes for trying to sneak in a new update that informed some iPhone users, without further explanation, that their "app" would begin sharing their data with nearby users.
The update prompted outrage on Twitter after cybersecurity expert Rik Ferguson received a strange alert when he opened the resume app to read a new message: "LinkedIn would like to make data available to nearby Bluetooth devices even when you're not using the app."
That gave Ferguson, vice president of research at the cybersecurity firm Trend Micro, a handful of concerns, he told Vocativ. Among them: "the lack of specificity, which data, when, under what conditions, to which devices, why does it need to happen when I'm not using the app, what are the benefits to me, where is the feature announcement and explanation, why wasn't it listed in the app update details."
A mobile app asking for additional permissions isn't a novel occurrence, but broad requests are often met with skepticism from privacy advocates and security researchers. Many shopping apps, for instance, leave a user's bluetooth connection turned on, allowing marketers to track you as you enter a store and linger near certain products.
Reached for comment, LinkedIn said it's a mistake — that some iPhone users were accidentally subject to undeveloped test feature the company is still working on.
My take on how it would work is that whenever you come into the range of another computerphone with bluetooth active — which for class 2 is 10 meters (33 ft) — the LinkedIn app would pop up a quick summary of each other's resume.
Perfect for those times when you visit a big meeting with people A and their LinkedIn app show you just recently had a gig with corporation B that they really hate. As for apologizing, do remember that large corporations only retreat if the alternative hurts economically. For background information it might be good to know that LinkedIn was bought in 2016 by Microsoft, which happens to be very much in on the phone-home theme. Now if Tinder would auto-share in the same manner the various habits with any nearby phone during family gatherings, that would be a real hilarious circus starter.
(Score: 0) by Anonymous Coward on Monday April 24, @12:26AM (3 children)
Since job apps and dating apps are the same thing. Post an attractive headshot on your profile, list buzzwords you're passionate about. Get the hot gig or the hottie you're looking for. Be social. Don't not be social. Fake it until you make it. Be a poser but don't act like a poser. You don't want to fall off that career ladder to success. You don't want to be all alone. You don't want to ride the bus like me. ... sorry, I was channeling Mike Posner for a second there.
Swipe right to hire!
Swipe left to shitcan!
Code the fucking LinkInTinder app and every HR idiot will want it.
Reply to This
(Score: 0) by Anonymous Coward on Monday April 24, @12:34AM (2 children)
http://m4a-64.cdn107.com/30/65/41/3065414505387016017.m4a [cdn107.com]
Tell me which app I used and you don't earn a cookie.
Reply to This
Parent
(Score: -1, Flamebait) by Ethanol-fueled on Monday April 24, @12:59AM (1 child)
Your choice in music negates whatever lowly shit-nugget of hireability you once had, you Xanax-sucking bar-baby cunt.
Reply to This
Parent
(Score: 1, Funny) by Anonymous Coward on Monday April 24, @03:39AM
Your choice in music negates
Funny, that's what everyone always says! Seems to be the secret to making a successful music player is to never use it to play music because people are incredibly bigoted about music.
Reply to This
Parent
(Score: 3, Interesting) by its_gonna_be_yuge! on Monday April 24, @12:55AM (1 child)
LinkedIn _IS_ the mistake. I tried to get rid of my profile 12 years ago, but some bits of it apparently still exist (or maybe all of it). LinkedIn is a virus humping a malignant bacteria.
Reply to This
(Score: 2) by TheRaven on Monday April 24, @02:32PM
sudo mod me up
Reply to This
Parent
(Score: 5, Insightful) by Whoever on Monday April 24, @02:05AM (1 child)
Who would have thought that, just a few months after being acquired by Microsoft, LinkedIn would introduce a massive privacy breach.
I'm shocked!
Reply to This
(Score: 2) by bradley13 on Monday April 24, @05:55AM
As if LinkedIn was all-in for privacy before? It's one professional network I avoid like the plague. Their aggressive invitation spamming, etc. - no thanks.
Everyone is somebody else's weirdo.
Reply to This
Parent
(Score: 3, Interesting) by NotSanguine on Monday April 24, @03:53AM (3 children)
With this bullshit for everyone, not just iPhone users. So get ready for the new and improved LinkedIn.
I received the following email this past Friday (21 April, 2017):
No, no, you're not thinking; you're just being logical. --Niels Bohr
Reply to This
(Score: 0) by Anonymous Coward on Monday April 24, @04:24AM
Yep, got the same message today (Sunday), must be rolling it out to all of LinkedIn. I've been waiting for something like this, hoping that it wouldn't happen, but now it's time to close my account.
Reply to This
Parent
(Score: 0) by Anonymous Coward on Monday April 24, @05:51AM
Jesus christ, what part of human interaction will be real now?
Reply to This
Parent
(Score: 3, Interesting) by VLM on Monday April 24, @12:28PM
Linkedin reminds me of those late night infocmercials selling multi-tool pocket sized combo fishing pole soldering iron and kite string spool where all the individual products, when separate and optimized, are usable in their own context, but combined its just a puddle of regurgitated breakfast buffet no one wants no matter how much corporate hype is wrapped around it.
I see these comments about linkedin being the devil for spamming and social idiocy but I don't care because I use it as a really handy online resume editor. I can access it anywhere on the planet. Its got a decent pdf exporter. Thats ALL I do with it. I don't flirt with recruiters, get tindr or grindr dates, don't take technology training classes, don't hang out in the groups, like the dude on Hogans Heros "I see nothing I hear nothing I know nothing" I don't care about some mis-feature for an app I don't have installed on my phone.
Linkedin is one hell of a nice VLM endorsed online resume editor. Its the one and only thing I use it for, and it does a good job.
The main downside of using Linkedin as a resume editor is its pitiful and cringeworthy watching them squirm around desperate to find relevance. If you're the worlds best online resume editor, embrace it and flaunt it, don't act like the worlds biggest dork trying to hide your own super power.
Linkedin marketing strategy right now is like a sleazy pickup line Uh yeah babe about that whole resume editor thing, huh huh huh, yeah before you turn me down, thats totally not me, not anymore, I've totally turned my life around and I'm really a swiss army knife with a fish cleaning and scaling blade combined with toenail clippers, tick tweezers, and a hair comb and an emergency sewing kit to look good, you know, like for travel, to like hunting lodges and stuff, that's totally the real inner me, so uh how about it babe? How could anyone turn down a line like that?
You know what else I can tell from very far away? Linkedin marketing sucks but you can tell it was done completely by committee so there's no one to take the blame and no way to ever improve it without firing the higher up execs who implemented the committee. So they're kinda doomed.
Reply to This
Parent
(Score: 2) by aristarchus on Monday April 24, @05:08AM (3 children)
How could this be a breach, when the attack is coming from inside?
Reply to This
(Score: 3, Funny) by lx on Monday April 24, @05:55AM (1 child)
It's trying to escape!
Reply to This
Parent
(Score: 0) by Anonymous Coward on Monday April 24, @06:31AM
LinkedOut? Or "It's Alive"? [imdb.com]
Reply to This
Parent
(Score: 2) by VLM on Monday April 24, @12:56PM
Making the huge assumption the article summary ends up being correct:
My take on how it would work is that whenever you come into the range of another computerphone with bluetooth active — which for class 2 is 10 meters (33 ft) — the LinkedIn app would pop up a quick summary of each other's resume.
A ton of security both physical and cyber depends on people being mostly anonymous. Here's a script of how to gain access to a secured building using the new LinkedIn feature above
Bad dude, sits in the office entrance waiting area (now you know why many offices separate employee entrance from waiting room..) scrolling thru phone waiting for a linkedin user.
Victim McVictim walks thru the door carrying laptop case and briefcase and three bags of bagels for his department and his lunch and a winter coat and a bunch of other stuff, the well dressed bag lady look that many office workers wear.
Bad Dude says "Hey Victim long time no see hows it going? Remember me? I'm Bad Dude, we worked together at (scrolls phone) Initech for Lumbergh, ah remember Lumbergh what a guy, and now I work here in (scrolls phone) DevOps yeah they told me you work in frontend development and I should say hi so here I am, Victim, hi!"
Victim partially trusts bad dude now "Uh, Hi, I don't remember you too well, Bad Dude, did you maybe work with Milton or someone?"
Bad Dude "Oh no sorry Victim, remember (scrolls phone) I was the replacement for Samir when he left the company to go join ISIS, they wouldn't let him moonlight ha ha ha so I took over his role of printer maintenance, maybe that was probably about the time you left. Oh hey Victim you're carrying a huge pile of stuff you going camping in the office ha ha ha let me carry some of that stuff to your desk to help out a bit, while we catch up on old times."
Victim totally trusts bad dude now and hands him 5 bags of bagels and a briefcase, as they walk thru the security checkpoint Victim waves Bad Dude thru and uses Victim's passcode and Victim's fingerprint and Victim's precious bodily fluid DNA sample because clearly Bad Dude is carrying all the bagels and bagels always come first before security, every time.
Bad Dude helps carry handfuls of bags to Victims desk down the hallways "Ah yeah remember Micheal Boulton, yeah his music still sucks" "I miss going to Chotchkie's for lunch at 8am" as they laugh and after dropping off the bags at Victims desk, "Well Victim I'll see you around, bro, I gotta get back to the database dept"
Victim is like "Whaa Bad Dude, I thought you worked in DevOps"
Bad Dude almost got caught says "Oh yeah, you know, coordination meeting between devops and database team to plan the new TPS report headers, didn't ya get the memo? See ya later bro" and Bad Dude begins his real mission as he steals a red swing line stapler, all the fractions of a cent from all the transactions processed, and burns the entire data center down in an act of cyber-crime.
Frankly it would have made a better movie.
Reply to This
Parent
(Score: 1, Interesting) by Anonymous Coward on Monday April 24, @07:42AM (1 child)
So they apologized not for invading the privacy of their users, but for telling the users that they do?
Reply to This
(Score: 4, Touché) by MostCynical on Monday April 24, @08:11AM
Apology n. Corporate expression when caught doing something illegal, immoral, or just mean.
(Score: tau, Irrational)
Reply to This
Parent
(Score: 0) by Anonymous Coward on Monday April 24, @06:03PM
I think the subject sums it up. I recall when the news of Microsoft buying LinkedIn was revealed some were remiss to think they'd do exactly what they're now doing.
Something I recently was surprised to learn is that Bill Gates and Steve Ballmer had a major falling out [vanityfair.com] over Ballmer's resignation and the subsequent appointment of Satyr Nadella as CEO of Microsoft. Two grown men, seemingly mature, who refuse to speak to each other over this incident. Since then Bill Gates has been rapidly selling all his Microsoft stock. Some of Gates' anticompetitive practices were despicable, but Nadella has taken to the company to grand new lows very rapidly. I'm guessing Gates was not happy to see his life's work go this route.
Anyhow, I think anybody who stays with anything Microsoft gets their fingers into is just asking to get burnt. I say this as a professional developer whose primary tool for the better part of a decade has been C#. It's only a matter of time until Nadella's "vision" starts to the infect the developer side of things. Although to avoid pointing the finger entirely at Nadella, it has to be said that as long ago as 2005 Microsoft was considering purchasing Gator [wikipedia.org]. That spyware that was in everything and seems to have become Microsoft's inspiration for everything they're doing.
Reply to This
(Score: 1) by corey on Monday April 24, @11:15PM
I pretty much never use any apps. The only apps I have installed are alternative browsers, a star gazing app (the one where you hold up your phone and it shows a star map of the region), and a weather app.
Apps are a way for these companies to suck up info on you, that is all. I use linked in but only the website, and a browser I don't normally use. Why use an app when the website works just fine?
I run a freebsd server with squid operating as a transparent proxy so it intercepts all traffic. I was logging requests for a bit and I did a tail -f of the access log while opening a couple of apps on my phone. I saw the ads in the apps request their content but in the http request, it had all sorts of identifying info about my phone - make, model, imei, build version, installation id, etc. That was a http request too, some apps pull https ads which I don't intercept with squid just yet.
Reply to This