It was LinkedIn that opened my eyes to contact sniffing. I have never given LinkedIn access to my contacts. However, when I first used LinkedIn, I was continuously amazed that it knew all of these people I’d worked with – some for just a single project. When I was “linked” with a previous blind date, I realized that this smarts from LinkedIn was because my email address was in contacts shared (probably unwittingly) by others I have known over the years. Since then, I’ve assiduously avoided anything that asks me for access to my contacts (and prayed that Apple would make its productivity tools better).
1 Like
Actually, It’s probably because somebody once searched for you on LinkedIn, or you searched for somebody, or you listed the time frame you worked for a company, when and where you went to school, memberships in organizations, etc.
Though it has had some problems, LinkedIn had much fewer and they have been less scary. Their privacy settings are quite good, and their privacy policies are better than Facebook, etc. LinkedIn is essential and invaluable to my work, and I use it very carefully. There’s also a secure browsing mode that you can turn on in airports, and when not in the era of Coronavirus, coffee shops. I never joined Facebook, Twitter, or other social networks, I was an early member of LinkedIn and have not regretted it. The only thing I don’t do even they keep nagging me is post my photo. Just check out their privacy policies and set your preferences.
This was many many years ago when LinkedIn was first getting going. I concede it’s possible the person in question searched for me, but the only other connection would have been email addresses because I had no other connection – work or personal.
In any case, I think it wise to suspect everyone. Until there is comprehensive privacy legislation and good tools for ensuring it, I’m going to continue to be extremely careful.
1 Like
I haven’t logged in to Linkedin for a few months, but at least pretty recently, every time it would ask me for my Gmail password, presumedly to harvest my Gmail contacts. I don’t remember the exact wording, but something like, “let us help find your contacts”.
I can easily see how someone not paying attention, or not savvy, would allow LinkedIn access to the user’s email address book. All it takes is one person…
edit:
Logged into LinkedIn on my iPad, and this was the second screen. Notice the “Continue” button is more prominent than the “X” cancel button. I’m sure plenty of people just click continue, and zoopsie-doopsie, there goes one’s entire contact database.
1 Like
That’s simply because the others aren’t as popular and have not undergone anywhere close to the scrutiny that Zoom has. The security experts I listen to say that there are such issues with many of the other vendors, so unless I magically find the time and tools necessary to examine those others, I’ll continue to listen to them.
There’s no question that Zoom has been at least sloppy with regard to security and user privacy. Just about every vendor tries to maximize profits unless they are benevolent and independently wealthy and Zoom clearly crossed the line, but I have to believe that they aren’t alone in what they have done.
Sent from my iPad
-Al-
I have been using Skype for ever, way before Microsoft bought it. I find their interface very poor.
I never ley Skype access my contacts, however one day I found all my contacts in Skype, most don’t use Skype or I’m not aware if they did
1 Like
Signal is the only one which gets my grudging co-operation and respect. Grudging as Signal does require a cellphone number (why?) and because Signal in principal can know who all your contacts are and with whom you message (Switchboard function). The actual message, photo or video content theoretically goes directly to the recipient with no actual data on Signal’s servers.
Signal is a US company and subject to the very invasive USA national security laws. The three letter agency guys are okay with Signal as if they see a switchboard pattern they don’t like, they hijack your phone. Signal also must be downloaded from either the Apple store or Google Play Store so the alphabet soup guys just make your next update a compromised version of Signal and/or any other application on your smartphone.
This does mean your devices has to be personally targetted. Most TidBITS readers don’t have to worry about being targetted (middle aged tech guys with little interest in politics aren’t individuals of interest or the most part).
Skype for instance is much worse as everything (and I mean everything) is stored forever in Utah (Microsoft has always been the NSA’s best friend, hence even though they lost at anti-trust in 1996, G.W. Bush absolved them of any penalty by executive order). Facebook is no better. Zoom seems run by near security incompetents and as an American company is certainly compromised.
Signal is one to one communication but it’s as good as it gets without a lot of trouble.
Jitsi Meet is very good open source. You can just try it by setting up a conference and talking. https://jitsi.org/ RocketChat includes Jitsi within their open source chat software. What about privacy? Well you can see who is at your meeting and create your own URL. Nothing is recorded by Jitsi themselves (they say) so if there’s no strangers at your meeting, then the meeting is private.
LinkedIn is trying to coax its users into providing email login information. This is the number one security no-no in the world. There’s no reason on earth to trust LinkedIn or Reid Hoffmann. They are contact and email pirates.
1 Like
I appreciate all the info that has been shared here. My church council was considering how to hold our monthly meeting and had discussed Zoom. After reading what you all have shared, I told them to count me out.
And if you don’t trust them, and you have some Linux install savvy, you can spin up your own Jitsi Meet server and keep everything under your own control.
1 Like