LinkedIn's New "Intro" Service Is A Catastrophic Security Failure Waiting To Happen
Here's the backstory. Apple locks down its iOS Mail program tightly. This isn't just because Apple loves a walled garden, though it does, but because giving developers too much access to such a vital part of the platform could compromise malware security. LinkedIn has published a lengthy breakdown of how they've defeated this process and made your email service fundamentally less secure in doing so, all in the name of bringing you clickable profiles within an email address, like so:
Man in the Middle:
Here's the problem. What LinkedIn does is redirect all email you receive across its own IMAP servers, as shown below.
The company is at least up-front about this, writing: "Normally your device connects directly to the servers of your email provider (Gmail, Yahoo, AOL, etc.), but we can configure the device to connect to the Intro proxy server instead."
Note that this isn't just a service for LinkedIn users communicating over LinkedIn's proprietary email service. If it was, there wouldn't be so much of a problem. The idea here is that LinkedIn can cross-reference and inject profile information about people communicating with you who also happen to have LinkedIn profiles. The company explains a little more in the same post, writing: "The Intro proxy server speaks the IMAP protocol just like an email provider, but it doesn’t store messages itself. Instead, it forwards requests from the device to your email provider, and forwards responses from the email provider back to the device. En route, it inserts Intro information at the beginning of each message body — we call this the top bar."
What LinkedIn is describing here is a classic man-in-the-middle attack in which an organization intercepts data between Points A and B by secretly positioning itself to snoop on the data stream. Granted, LinkedIn isn't doing this in secret -- but that's still the fundamental security flaw. If you use your email for anything remotely confidential, LInkedIn is now sitting in a position to retain a copy. And since their own server is now the pass-through point for your authentication credentials and security data, you're going to have a hard time keeping anything private.
This is a terrible idea. Do not sign up for an email service with a company that already engages in shady "recruitment" tactics and scans open browser windows without your consent. Don't trust the security of a company with massive password breach issues. And don't tell corporate IT that you think this sounds like a fine and dandy idea unless you're trying to make your Sysadmin drop dead of a coronary.