Unfortunately it does this by modifying the iOS mail connection profiles and pointing them all at a LinkedIn's IMAP proxy, thus intercepting ALL your email. This means that LinkedIn suddenly have access to all your email accounts and also every email that your iOS device has access too and of course they'd never do anything sinister with all this data (forget the NSA and GCHQ tapping emails, this is LinkedIn doing it with your permission).
Of course LinkedIn strenuously deny that they're doing anything dubious and their IMAP proxy is heavily secured (including connections to and from it using SSL/TLS), however it must suddenly be a great target for hackers as within the proxy itself all emails will be at some point held in clear-text.
Various mail providers are already looking at blocking LinkedIn's IP blocks to their mail services (listed below).
199.101.161.0/24
199.101.162.0/24
199.101.163.0/24
216.52.242.0/24
69.28.147.0/24
8.22.120.0/24
2620:0109:C00D::/48
2620:109:C00D::/48
And for the geeks, their AS number is AS20049.
Nice try, just be scared.
No comments:
Post a Comment