Stories
Slash Boxes
Comments

SoylentNews is people

LinkedIn Emails Exposed Via Browser Add On

posted by NCommander on Thursday April 03 2014, @12:32AM   Printer-friendly
from the how-is-this-possible? dept.

lhsi writes:

The BBC is reporting that the email addresses of LinkedIn users can be exposed via a web browser add on. A LinkedIn spokesman told the BBC "We are doing everything we can to shut Sell Hack down. On 31 March LinkedIn's legal team delivered Sell Hack a cease-and-desist letter as a result of several violations"

NCommander adds: Sell Hack is a plugin for Chrome that allows you to retrieve emails from LinkedIn itself. The article goes on to say that Sell Hack is complying with the cease and desist, but actual details remain somewhat light. If anyone is familiar with the inner works of this plugin, I'll amend this article to include the details.

This isn't LinkedIn's first battle with third party services

 
This discussion has been archived. No new comments can be posted.
LinkedIn Emails Exposed Via Browser Add On | Log In/Create an Account | Top | 14 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Interesting) by chebucto on Thursday April 03 2014, @01:00AM

    by chebucto (36) on Thursday April 03 2014, @01:00AM (#25277) Journal

    Also works with Firefox and Safari (a href [sellhack.com]).

    It's not clear exactly how their extension worked, but it seems like they just trolled the net & made some educated guesses; it doesn't look like they exploited security-by-obscurity flaws on the part of Linkedin:

    http://blog.sellhack.com/post/75825344472/why-we-b uilt-sellhack [sellhack.com]
    "SellHack is an browser extension (Chrome for now) that uses magic and JavaScript to render a ‘HackIn’ button on a Social Profile’s member’s profile page next to the Connections, Message or InMail buttons below the profile picture (depending on your relationship to that person). The magic happens when you click the ‘HackIn’ button. You’ll notice the page slides down and our system starts checking publicly available data sources to return a confirmation of the person’s email address or our best guesses. I love getting an email verification, but even when we can’t verify the email address, SellHack still saves me a ton of time. I don’t have to manually create the different permutations of what the person’s email address could be (ryan@, ryano@, rodonnell@ etc). There is always an option to copy our best guesses to your clipboard where you are free to check these against Rapportive or send your intro email to the addresses we provide as BCC."

    Starting Score:    1  point
    Moderation   +3  
       Interesting=2, Informative=1, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 4, Funny) by linsane on Thursday April 03 2014, @06:41AM

    by linsane (633) on Thursday April 03 2014, @06:41AM (#25356)

    So it does a formatting lookup based on other examples from the company the person is at? Doesn't sound like it is abusing an api to me, I do that regularly when stalking people...

    • (Score: 0) by Anonymous Coward on Friday April 04 2014, @08:05AM

      by Anonymous Coward on Friday April 04 2014, @08:05AM (#26090)

      ..strictly for the lulz, ofc.