Privacy and security fears dog LinkedIn's new email service

LinkedIn wants its users to hand over their email experience, worrying many that security concerns have not been addressed.

Let’s say I work for your phone company. I call you and make an offer: most of your calls are from friends and family, but occasionally business contacts use your home number. If you want - and for no extra charge! - whenever that happens I’ll call beforehand to give you a biography of that person before connecting them to you. Y’know, so you’re better prepared. The only condition is that you need to let me screen all of your calls before they get to you, so I know when you’ll need me to call you first.

Interested? I’m guessing you’re not - it sounds like a reasonably large invasion of privacy for a negligible payoff. And yet it’s not far from the offer LinkedIn has made when it comes to your email, with a new service it calls Intro for its users who are on iOS:

What's happening under the hood: without Intro, your Mail app connects directly to the servers of your email provider (e.g. Gmail or Yahoo!) to download messages. With Intro, your Mail app connects instead to the Intro servers, which fetch messages from your email provider and then pass them back to your Mail app. As the messages pass through the Intro servers, we add the social context that helps you be brilliant with people.

For each of your emails, Intro tries to find the sender of the message on LinkedIn. If we find information, we include it at the top of the message, and you can tap to see more detail.

In other words, your emails go to LinkedIn, and then to you. If one of those emails is coming from someone with a LinkedIn account, it’ll stick a little bar at the top of the message containing a condensed version of that person’s LinkedIn account. And if you send an email to anyone else, it’ll have something similar at the bottom that links to your LinkedIn account. Here’s what it looks like (as mocked-up by LinkedIn):

It might seem like a lot of bother, but for LinkedIn it’s worth it if it means people choose to turn the iPhone’s default Mail app into a de facto LinkedIn app. The benefit for the user is that it makes it easier to sort the spam from the wheat, but for LinkedIn the benefit is that they get to define how someone experiences email. That’s a powerful way to get people to pay attention to your site - and LinkedIn is fully aware of just how many of its users ignore all those update emails it sends out all the time.

However, remember that LinkedIn is reading your emails to do this, in a way that exactly mirrors a man-in-the-middle attack. That’s a type of attack where someone slips in between two other computers on a network, intercepting each message that gets passed along and reading it as it goes. Sure, you might consent to it when it’s LinkedIn doing it, but it creates an attractive new target. The weakest point in the network isn’t you, or your email provider, any more - it’s LinkedIn. The site’s reputation as secure was damaged greatly by the hack of 6.5 million user passwords last year, so, perhaps understandably, people have been sceptical of how safe Intro is.

Blog posts like this one at security consultancy Bishop Fox lay out several perceived problems - such as that it appears to break cryptographic email, that it could mean you waive your legal right to attorney-client privilege in private correspondence, that it could violate your company’s security policy, and that LinkedIn is generally quite vague about the details of how Intro works - have forced LinkedIn onto the back foot.

Cory Scott, LinkedIn’s senior manager of information security, has written on the company’s blog to try and reassure users that Intro is nothing to fear. He writes:

Many things have been said about the product implementation that are not correct or are purely speculative, so this post is intended to clear up these inaccuracies and misperceptions.

When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible. We explored numerous threat models and constantly challenged each other to consider possible threat scenarios.

Scott claims that an outside security firm - iSEC Partners - has gone through Intro’s code “line-by-line”, and that Bishop Fox was incorrect to claim that Intro breaks cryptography.

However, take a look on social media, or through reddit, and you’ll see people making a point that it’s harder for LinkedIn to refute: even if Intro is secure now, social networks are notorious for updates that render things insecure, or things that were once private no longer being so. Not saying that LinkedIn would do this deliberately - obviously, they wouldn't - but mistakes happen. And for many, Intro looks like it could be a pretty terrible mistake in the waiting.

LinkedIn Intro rejigs how Mail works on iOS. (Photo: ekkiPics/Flickr)

Ian Steadman is a staff science and technology writer at the New Statesman. He is on Twitter as @iansteadman.

Photo: Getty
Show Hide image

After Richmond Park, Labour MPs are haunted by a familiar ghost

Labour MPs in big cities fear the Liberal Democrats, while in the north, they fear Ukip. 

The Liberal Democrats’ victory in Richmond Park has Conservatives nervous, and rightly so. Not only did Sarah Olney take the votes of soft Conservatives who backed a Remain vote on 23 June, she also benefited from tactical voting from Labour voters.

Although Richmond Park is the fifth most pro-Remain constituency won by a Conservative at the 2015 election, the more significant number – for the Liberal Democrats at least – is 15: that’s the number of Tory-held seats they could win if they reduced the Labour vote by the same amount they managed in Richmond Park.

The Tories have two Brexit headaches, electorally speaking. The first is the direct loss of voters who backed David Cameron in 2015 and a Remain vote in 2016 to the Liberal Democrats. The second is that Brexit appears to have made Liberal Democrat candidates palatable to Labour voters who backed the party as the anti-Conservative option in seats where Labour is generally weak from 1992 to 2010, but stayed at home or voted Labour in 2015.

Although local council by-elections are not as dramatic as parliamentary ones, they offer clues as to how national elections may play out, and it’s worth noting that Richmond Park wasn’t the only place where the Liberal Democrats saw a dramatic surge in the party’s fortunes. They also made a dramatic gain in Chichester, which voted to leave.

(That’s the other factor to remember in the “Leave/Remain” divide. In Liberal-Conservative battlegrounds where the majority of voters opted to leave, the third-placed Labour and Green vote tends to be heavily pro-Remain.)

But it’s not just Conservatives with the Liberal Democrats in second who have cause to be nervous.  Labour MPs outside of England's big cities have long been nervous that Ukip will do to them what the SNP did to their Scottish colleagues in 2015. That Ukip is now in second place in many seats that Labour once considered safe only adds to the sense of unease.

In a lot of seats, the closeness of Ukip is overstated. As one MP, who has the Conservatives in second place observed, “All that’s happened is you used to have five or six no-hopers, and all of that vote has gone to Ukip, so colleagues are nervous”. That’s true, to an extent. But it’s worth noting that the same thing could be said for the Liberal Democrats in Conservative seats in 1992. All they had done was to coagulate most of the “anyone but the Conservative” vote under their banner. In 1997, they took Conservative votes – and with it, picked up 28 formerly Tory seats.

Also nervous are the party’s London MPs, albeit for different reasons. They fear that Remain voters will desert them for the Liberal Democrats. (It’s worth noting that Catherine West, who sits for the most pro-Remain seat in the country, has already told constituents that she will vote against Article 50, as has David Lammy, another North London MP.)

A particular cause for alarm is that most of the party’s high command – Jeremy Corbyn, Emily Thornberry, Diane Abbott, and Keir Starmer – all sit for seats that were heavily pro-Remain. Thornberry, in particular, has the particularly dangerous combination of a seat that voted Remain in June but has flirted with the Liberal Democrats in the past, with the shadow foreign secretary finishing just 484 votes ahead of Bridget Fox, the Liberal Democrat candidate, in 2005.

Are they right to be worried? That the referendum allowed the Liberal Democrats to reconfigure the politics of Richmond Park adds credence to a YouGov poll that showed a pro-Brexit Labour party finishing third behind a pro-second referendum Liberal Democrat party, should Labour go into the next election backing Brexit and the Liberal Democrats opt to oppose it.

The difficulty for Labour is the calculation for the Liberal Democrats is easy. They are an unabashedly pro-European party, from their activists to their MPs, and the 22 per cent of voters who back a referendum re-run are a significantly larger group than the eight per cent of the vote that Nick Clegg’s Liberal Democrats got in 2015.

The calculus is more fraught for Labour. In terms of the straight Conservative battle, their best hope is to put the referendum question to bed and focus on issues which don’t divide their coalition in two, as immigration does. But for separate reasons, neither Ukip nor the Liberal Democrats will be keen to let them.

At every point, the referendum question poses difficulties for Labour. Even when neither Ukip nor the Liberal Democrats take seats from them directly, they can hurt them badly, allowing the Conservatives to come through the middle.

The big problem is that the stance that makes sense in terms of maintaining party unity is to try to run on a ticket of moving past the referendum and focussing on the party’s core issues of social justice, better public services and redistribution.

But the trouble with that approach is that it’s alarmingly similar to the one favoured by Kezia Dugdale and Scottish Labour in 2016, who tried to make the election about public services, not the constitution. They came third, behind a Conservative party that ran on an explicitly pro-Union platform. The possibility of an English sequel should not be ruled out.  

Stephen Bush is special correspondent at the New Statesman. His daily briefing, Morning Call, provides a quick and essential guide to British politics.