this post was submitted on 08 Nov 2023
564 points (89.8% liked)
Technology
59436 readers
4442 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Thanks, it's rare to find a well thought out answer in here like yours.
I agree that LinkedIn always did shady things to increase their user base. They used dark patterns to get access to your address book even as they got constant criticism for that, both externally and internally. One of their top product managers was actually proud of that, and said that they would have done more if possible.
But I very much doubt they actually sold their customer's emails at any point. They have always been very protective of their customer's data, fighting scrapers and limiting APIs. There's no upside to selling your customers info. You're undermining your own business by doing so.
This there is the MO I was talking about.
I can't conclusively say whether or not LinkedIn intentionally sold my email, or whether they were just infected at the time. However, I feel like the former is at least as feasible, and even if it was the latter it's still reprehensible of them to be so lax in their security. Like I say, I've only experienced 2 websites that did that, and I've made up countless emails going on for years before then.
They don't have lax security. They use industry standard measures, including encryption in transit and at rest, salted passwords (they were caught without salt over a decade ago and fixed it), internal training on security, phishing simulations, the works. Your data is their business, they don't want to lose it.