15 November 2013

E-mail Scanning Tool Gets a New Name - LinkedIn Intro

Posted by Vasim Tamboli

It is a fact unanimously acknowledged that the growth of mobile e-mail is looming large. 5 years ago, hardly 4-5% of emails were read on mobile but now, it is rather surprising to note that more than half of all emails are read on a mobile device. So we have no other option but to set ourselves at par with the challenge, that of bringing the power of LinkedIn, the technology of Rapportive straightaway to the Apple Mail app on your iPhone. This is what is called LinkedIn Intro. Through LinkedIn Intro, you can see the LinkedIn profiles in the mail app on your iPhone. The business network LinkedIn always had plans to enhance and beautify the emails of the users on iPhones by adding some detailing through a proxy server. This has always been criticized as a security risk but the company has always replied back to such controversies calling them purely speculative.

LinkedIn recently outlined its plans of introducing the new ‘Intro’ service and said that this will help filter emails through a LinkedIn server before sending it to the user. Intro will also have the ability to identify and recognize LinkedIn users and embed their details into the emails through a different interactive box, which will appear at the top of every email. It is undoubtedly true that all those engineers who have invented Intro must be patting themselves but little do they know that this can have some ghastly implications. No, it’s not that the engineers have created Intro with some malicious intentions but security is not a part of the website’s DNA and this is what is troubling the experts. 



LinkedIn Intro - A middleman for emails

The LinkedIn servers require full access to their e-mail accounts and also require connecting directly with the email servers of the user in order to inject the Intro service into the top of the user’s email. The email server will then forward the forwarded mail to the iPhone by using a custom security profile that the users install on their iPhones. On the contrary, the critiques are of the opinion that they don’t see any security-conscious firm letting its employees handle LinkedIn to its emails as it just introduces yet another link within the privacy chain. This could be potentially exploited in the near future.

The LinkedIn security team has offered a reply to these contradictions by saying that these are totally incorrect and are nothing but speculations. They are of the opinion that the entire team was presented with this core design of LinkedIn Intro and they’ve made sure that they built the most secure implementation that was possible for them. According to them, they’ve explored different threat models and have kept challenging each other about the possible threats that they might come across.

The LinkedIn Intro is based on the technology acquired by LinkedIn after its purchase of email company Rapportive in the year 2012 and Rahul Vohra has described this service as all that one can need to add faces to names. Although there are discussions on the security risks, the LinkedIn Intro seems to be too useful on the surface.

2 comments :