27/10/2013

LinkedIn Intro, one mailbox to rule them all

Last week LinkedIn introduced a new iOS app called Intro. It seems a really good idea by scanning your email and showing how the person sending the email is connected to you, their LinkedIn details etc.

Unfortunately it does this by modifying the iOS mail connection profiles and pointing them all at a LinkedIn's IMAP proxy, thus intercepting ALL your email. This means that LinkedIn suddenly have access to all your email accounts and also every email that your iOS device has access too and of course they'd never do anything sinister with all this data (forget the NSA and GCHQ tapping emails, this is LinkedIn doing it with your permission).

Of course LinkedIn strenuously deny that they're doing anything dubious and their IMAP proxy is heavily secured (including connections to and from it using SSL/TLS), however it must suddenly be a great target for hackers as within the proxy itself all emails will be at some point held in clear-text.

Various mail providers are already looking at blocking LinkedIn's IP blocks to their mail services (listed below).

    199.101.161.0/24
    199.101.162.0/24
    199.101.163.0/24
    216.52.242.0/24
    69.28.147.0/24
    8.22.120.0/24
    2620:0109:C00D::/48
    2620:109:C00D::/48

And for the geeks, their AS number is AS20049.

Nice try, just be scared.

Post a Comment