Privacy and security fears dog LinkedIn's new email service

LinkedIn wants its users to hand over their email experience, worrying many that security concerns have not been addressed.

Let’s say I work for your phone company. I call you and make an offer: most of your calls are from friends and family, but occasionally business contacts use your home number. If you want - and for no extra charge! - whenever that happens I’ll call beforehand to give you a biography of that person before connecting them to you. Y’know, so you’re better prepared. The only condition is that you need to let me screen all of your calls before they get to you, so I know when you’ll need me to call you first.

Interested? I’m guessing you’re not - it sounds like a reasonably large invasion of privacy for a negligible payoff. And yet it’s not far from the offer LinkedIn has made when it comes to your email, with a new service it calls Intro for its users who are on iOS:

What's happening under the hood: without Intro, your Mail app connects directly to the servers of your email provider (e.g. Gmail or Yahoo!) to download messages. With Intro, your Mail app connects instead to the Intro servers, which fetch messages from your email provider and then pass them back to your Mail app. As the messages pass through the Intro servers, we add the social context that helps you be brilliant with people.

For each of your emails, Intro tries to find the sender of the message on LinkedIn. If we find information, we include it at the top of the message, and you can tap to see more detail.

In other words, your emails go to LinkedIn, and then to you. If one of those emails is coming from someone with a LinkedIn account, it’ll stick a little bar at the top of the message containing a condensed version of that person’s LinkedIn account. And if you send an email to anyone else, it’ll have something similar at the bottom that links to your LinkedIn account. Here’s what it looks like (as mocked-up by LinkedIn):

It might seem like a lot of bother, but for LinkedIn it’s worth it if it means people choose to turn the iPhone’s default Mail app into a de facto LinkedIn app. The benefit for the user is that it makes it easier to sort the spam from the wheat, but for LinkedIn the benefit is that they get to define how someone experiences email. That’s a powerful way to get people to pay attention to your site - and LinkedIn is fully aware of just how many of its users ignore all those update emails it sends out all the time.

However, remember that LinkedIn is reading your emails to do this, in a way that exactly mirrors a man-in-the-middle attack. That’s a type of attack where someone slips in between two other computers on a network, intercepting each message that gets passed along and reading it as it goes. Sure, you might consent to it when it’s LinkedIn doing it, but it creates an attractive new target. The weakest point in the network isn’t you, or your email provider, any more - it’s LinkedIn. The site’s reputation as secure was damaged greatly by the hack of 6.5 million user passwords last year, so, perhaps understandably, people have been sceptical of how safe Intro is.

Blog posts like this one at security consultancy Bishop Fox lay out several perceived problems - such as that it appears to break cryptographic email, that it could mean you waive your legal right to attorney-client privilege in private correspondence, that it could violate your company’s security policy, and that LinkedIn is generally quite vague about the details of how Intro works - have forced LinkedIn onto the back foot.

Cory Scott, LinkedIn’s senior manager of information security, has written on the company’s blog to try and reassure users that Intro is nothing to fear. He writes:

Many things have been said about the product implementation that are not correct or are purely speculative, so this post is intended to clear up these inaccuracies and misperceptions.

When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios.

Scott claims that an outside security firm - iSEC Partners - has gone through Intro’s code “line-by-line”, and that Bishop Fox was incorrect to claim that Intro breaks cryptography.

However, take a look on social media, or through reddit, and you’ll see people making a point that it’s harder for LinkedIn to refute: even if Intro is secure now, social networks are notorious for updates that render things insecure, or things that were once private no longer being so. Not saying that LinkedIn would do this deliberately - obviously, they wouldn't - but mistakes happen. And for many, Intro looks like it could be a pretty terrible mistake in the waiting.

LinkedIn Intro rejigs how Mail works on iOS. (Photo: ekkiPics/Flickr)

Ian Steadman is a staff science and technology writer at the New Statesman. He is on Twitter as @iansteadman.

Getty.
Show Hide image

Andy Burnham and Sadiq Khan are both slippery self-mythologisers – so why do we rate one more than the other?

Their obsessions with their childhoods have both become punchlines; but one of these jokes, it feels to me, is told with a lot more affection than the other.

Andy Burnham is a man whose policies and opinions seem to owe more to political expediency than they do to belief. He bangs on to the point of tedium about his own class, background and interests. As a result he’s widely seen as an unprincipled flip-flopper.

Sadiq Khan is a man whose policies and opinions seem to owe more to political expediency than they do to belief. He bangs on to the point of tedium about his own class, background and interests. As a result he’s the hugely popular mayor of London, the voice of those who’d be proud to think of themselves as the metropolitan liberal elite, and is even talked of as a possible future leader of the Labour party.

Oh, and also they were both born in 1970. So that’s a thing they have in common, too.

Why it is this approach to politics should have worked so much better for the mayor of London than the would-be mayor of Manchester is something I’ve been trying to work out for a while. There are definite parallels between Burnham’s attempts to present himself as a normal northern bloke who likes normal things like football, and Sadiq’s endless reminders that he’s a sarf London geezer whose dad drove a bus. They’ve both become punchlines; but one of these jokes, it feels to me, is told with a lot more affection than the other.

And yes, Burnham apparent tendency to switch sides, on everything from NHS privatisation to the 2015 welfare vote to the leadership of Jeremy Corbyn, has given him a reputation for slipperiness. But Sadiq’s core campaign pledge was to freeze London transport fares; everyone said it was nonsense, and true to form it was, and you’d be hard pressed to find an observer who thought this an atypical lapse on the mayor’s part. (Khan, too, has switched sides on the matter of Jeremy Corbyn.)

 And yet, he seems to get away with this, in a way that Burnham doesn’t. His low-level duplicity is factored in, and it’s hard to judge him for it because, well, it’s just what he’s like, isn’t it? For a long time, the Tory leadership’s line on London’s last mayor was “Boris is Boris”, meaning, look, we don’t trust him either, but what you gonna do? Well: Sadiq is Sadiq.

Even the names we refer to them by suggest that one of these two guys is viewed very differently from the other. I’ve instinctively slipped into referring to the mayor of London by his first name: he’s always Sadiq, not Khan, just as his predecessors were Boris and Ken. But, despite Eoin Clarke’s brief attempt to promote his 2015 leadership campaign with a twitter feed called “Labour Andy”, Burnham is still Burnham: formal, not familiar. 

I’ve a few theories to explain all this, though I’ve no idea which is correct. For a while I’ve assumed it’s about sincerity. When Sadiq Khan mentions his dad’s bus for the 257th time in a day, he does it with a wink to the audience, making a crack about the fact he won’t stop going on about it. That way, the message gets through to the punters at home who are only half listening, but the bored lobby hacks who’ve heard this routine two dozen times before feel they’re in the joke.

Burnham, it seems to me, lacks this lightness of touch: when he won’t stop banging on about the fact he grew up in the north, it feels uncomfortably like he means it. And to take yourself seriously in politics is sometimes to invite others to make jokes at your expense.

Then again, perhaps the problem is that Burnham isn’t quite sincere enough. Sadiq Khan genuinely is the son of a bus-driving immigrant: he may keep going on about it, but it is at least true. Burnham’s “just a northern lad” narrative is true, too, but excludes some crucial facts: that he went to Cambridge, and was working in Parliament aged 24. Perhaps that shouldn’t change how we interpret his story; but I fear, nonetheless, it does.

Maybe that’s not it, though: maybe I’m just another London media snob. Because Burnham did grow up at the disadvantaged end of the country, a region where, for too many people, chasing opportunities means leaving. The idea London is a city where the son of a bus driver can become mayor flatters our metropolitan self-image; the idea that a northerner who wants to build a career in politics has to head south at the earliest opportunity does the opposite. 

So if we roll our eyes when Burnham talks about the north, perhaps that reflects badly on us, not him: the opposite of northern chippiness is southern snobbery.

There’s one last possibility for why we may rate Sadiq Khan more highly than Andy Burnham: Sadiq Khan won. We can titter a little at the jokes and the fibs but he is, nonetheless, mayor of London. Andy Burnham is just the bloke who lost two Labour leadership campaigns.

At least – for now. In six weeks time, he’s highly likely to the first mayor of Greater Manchester. Slipperiness is not the worst quality in a mayor; and so much of the job will be about banging the drum for the city, and the region, that Burnham’s tendency to wear his northernness on his sleeve will be a positive boon.

Sadiq Khan’s stature has grown because the fact he became London’s mayor seems to say something, about the kind of city London is and the kind we want it to be. Perhaps, after May, Andy Burnham can do the same for the north – and the north can do the same for Andy Burnham.

Jonn Elledge edits the New Statesman's sister site CityMetric, and writes for the NS about subjects including politics, history and Daniel Hannan. You can find him on Twitter or Facebook.