The BBC is reporting that the email addresses of LinkedIn users can be exposed via a web browser add on. A LinkedIn spokesman told the BBC "We are doing everything we can to shut Sell Hack down. On 31 March LinkedIn's legal team delivered Sell Hack a cease-and-desist letter as a result of several violations"
NCommander adds: Sell Hack is a plugin for Chrome that allows you to retrieve emails from LinkedIn itself. The article goes on to say that Sell Hack is complying with the cease and desist, but actual details remain somewhat light. If anyone is familiar with the inner works of this plugin, I'll amend this article to include the details.
This isn't LinkedIn's first battle with third party services
(Score: 5, Interesting) by chebucto on Thursday April 03 2014, @01:00AM
Also works with Firefox and Safari (a href [sellhack.com]).
It's not clear exactly how their extension worked, but it seems like they just trolled the net & made some educated guesses; it doesn't look like they exploited security-by-obscurity flaws on the part of Linkedin:
http://blog.sellhack.com/post/75825344472/why-we-b uilt-sellhack [sellhack.com]
"SellHack is an browser extension (Chrome for now) that uses magic and JavaScript to render a ‘HackIn’ button on a Social Profile’s member’s profile page next to the Connections, Message or InMail buttons below the profile picture (depending on your relationship to that person). The magic happens when you click the ‘HackIn’ button. You’ll notice the page slides down and our system starts checking publicly available data sources to return a confirmation of the person’s email address or our best guesses. I love getting an email verification, but even when we can’t verify the email address, SellHack still saves me a ton of time. I don’t have to manually create the different permutations of what the person’s email address could be (ryan@, ryano@, rodonnell@ etc). There is always an option to copy our best guesses to your clipboard where you are free to check these against Rapportive or send your intro email to the addresses we provide as BCC."
(Score: 4, Funny) by linsane on Thursday April 03 2014, @06:41AM
So it does a formatting lookup based on other examples from the company the person is at? Doesn't sound like it is abusing an api to me, I do that regularly when stalking people...
(Score: 0) by Anonymous Coward on Friday April 04 2014, @08:05AM
..strictly for the lulz, ofc.