Tag Archives: LinkedIn

LinkedIn is Becoming LinkedOut

LinkedIn is becoming LinkedOut, at least in Russia.

Our friend Vladimir Putin passed a law in 2014 that said that any company that operates in Russia needs to store it’s user’s data in country.  Most U.S. companies protested against it, although it is believed that a few have an architecture that allows them to do that.

LinkedOut is not one of those companies, apparently.

Yesterday a Russian court ruled that LinkedIn violated this law and today Russian Internet providers have begun blocking LinkedIn.

Putin claims the reason for doing this is to protect their citizen’s privacy.  After all, Russia and Putin are known to have a keen concern for their citizens and, especially, for their citizen’s privacy.

An alternative reason might be to make it easier for the KGB to spy on and to hack into dissident’s conversations.  However, that would be at odds with Putin’s desire to protect his citizen’s privacy, so that can’t be the real reason.

In any case, LinkedIn is quickly becoming LinkedOut.

From a revenue standpoint, these social networks do not want to lose any users, so I am sure that are trying to figure out a way to deal with it.  Surely, the Kremblin hopes these companies come on their hands and knees, begging for another chance.

Some companies thought that Putin was just kidding, but maybe not.

The other thing that Putin is requiring is that anyone using encryption turn over his or her encryption keys to the government.  I am sure that is not sitting well with LinkedIn either.

On the other hand, LinkedIn only has around 6 million users in Russia so they might decide to tell Putin to Stick it.  It’s not clear.

This small size may have actually made linked in a target.  If other social media sites – ones that have tens or hundreds of millions of users – that might create a bit of a tense situation, but by taking down LinkedIn, they can pretend that they are actually implementing the law.

We have not heard anything from President Elect Trump.  Since he and Putin are best buds, I assume that he will fix this problem for LinkedIn as soon as he moves in to the White House.  Or maybe sooner.

Information for this post came from The Washington Post.

Facebooktwitterredditlinkedinmailby feather

Hacks, Hacks, Everywhere A Hack

Back in 2012, LinkedIn told its users that  it had been hacked – to the tune of 6.5 million users.  Well, it turns out, that was a tad bit shy of the truth.  It turns out that the real number was 117 million email and password combinations.  – roughly 18 times the number that they had admitted to.  LinkedIn told the 6.5 million users to change their passwords, but not the other 110+ million users.  The Fortune article has links to other sources if you want more information, but my recommendation is that you change your LinkedIn Password.

Tumblr says that it just discovered that hackers stole 65 million user email/password combinations in 2013.  That is a long time to figure that out.  I assume that is because hackers are now trying to sell those passwords.  Since people reuse passwords on other sites and don’t change their passwords, it is likely that many of those passwords still work.  The good news is that the passwords were hashed and salted, making it a LOT of work to decode them – but not impossible.  This is a perfect example of companies being hacked and not even knowing about it.  The only reason they found out is that someone is trying to sell the data.

On the lighter side, Katy Perry’s Twitter account was apparently hacked – or else she was having a REALLY bad day.  Her 89 million followers were treated to a series of inappropriate hacks.  This reminds me of the recent (a couple of years ago) hack of the DoD Twitter account.  This just means that protecting your (Twitter or any other) account with just a password is likely not at all secure.

On the “Gees, that is a big hack” side, Myspace (remember them?) data is now coming up for sale.  The dataset includes 360 million records, but only 111 million had users names in them.  However, many of them had email addresses (which could also be a user name for another site if the user reused their password) and passwords.  The total number of passwords in the dataset was 427 million.  While I doubt anyone still uses Myspace, if that email/ password combination is used elsewhere …..

What is the take away from this?

  • Even though it is tempting, do not reuse passwords on any account that you care about, even in the least (From Amazon to Twitter, banking to Email)
  • Use two factor authentication on important accounts (such as banking or any account that stores your credit cards and allows the user to use them)
  • Change your passwords periodically.  Notice that most of the news above is about old hacks where the data is being resold now.  If people changed passwords regularly (at least annually), then that data would be useless.

There is a web site called HaveIBeenPwned.com that allows you to enter JUST an email address to see if in their database of over a half billion breach records, that email address comes up.  It is safe because all you enter is your email address.

Information for the LinkedIn hack came from Fortune.

Information for the Tumblr hack came from Motherboard.

Information for the Katy Perry Twitter hack came from Techcrunch.

Information for the Myspace hack came from Fortune.

Facebooktwitterredditlinkedinmailby feather

LinkedIn “Reference Search” Is Legal

LinkedIn has a service called a LinkedIn Reference Search that allows someone to search for people who worked at the same companies that you did at the same time you did.  While LI does not give employers direct access to those people who worked with you, they do “recommend” that prospective employers use the LinkedIn tools to connect with those people to get information from them.

Some people weren’t too happy with LinkedIn about this and sued them, suggesting that what they were doing was providing a consumer report as defined in the Fair Credit Reporting Act or FCRA  (see LinkedIn is not a reporting agency says court).

The court took apart the claims about what LinkedIn does and said, basically, that it is not illegal.

One thing that LinkedIn does NOT do is tell you when someone runs a reference search on you, which would be nice.

So, the moral of the story is that networking has its positives and negatives and this might be a negative if you are looking for a job.


Facebooktwitterredditlinkedinmailby feather