Do you use LinkedIn’s mobile app on your iPhone or iPad? If you do, then you need to hear this. The New York Times is reporting that the LinkedIn mobile app for iOS is transmitting calendar entries, which may include details of meeting locations, dial-in information, passwords, meeting notes and more, to LinkedIn’s servers – all without the user’s knowledge. Two mobile security researchers Yair Amit and Adi Sharaban found out that the mobile app has an opt-in feature which allows users to view calendar entries within the app. But the crux of the problem happens when users will opt into the feature. That’s because, according to Yair and Adi, LinkedIn automatically transmits their calendar entries to its servers.
The researchers said that LinkedIn grabs details for every calendar on the iOS device, which may include both personal and corporate calendar entries. “In some cases, grabbing users’ sensitive data might be O.K. It is never right to do so without a clear indication. It is far worse when the sensitive information is not really needed in the first place. This is what we found in LinkedIn,” Sharabani said. The two researchers reportedly informed LinkedIn about the problem, but a fix hasn’t been issued by the company. The pair is expected to present their findings at a security workshop at Tel Aviv University tomorrow, Wednesday.
Next Story: Razer Taipan strikes with deadly precision
- 2014-04-21: LinkedIn Polls For Groups Will Be Shutting Down 15th May
- 2014-04-01: LinkedIn Email Addresses Exposed Via Browser Plug-In Software
- 2014-01-15: LinkedIn Volunteer Marketplace Launched
- 2013-11-05: Twitter Sees 500,000 Job Postings Published A Month, Expected To Rise To 2 Million
- 2013-10-23: LinkedIn Flexes Its Mobile Muscles
- 2013-08-05: LinkedIn Now Allows Mobile iOS, Android Users To Apply For Jobs
- 2013-06-19: iOS 7 Expected To Offer Deep Integration With LinkedIn [Report]
- 2013-02-07: Apple Patent Suggests Image Identification Security Measure On iOS, Mac
- 2012-07-24: Apple to make its first appearance at Black Hat 2012
- 2012-04-06: Security flaw discovered in Facebook app for iOS and Android