Codebreaker

Security flaws at LinkedIn

John Moe May 23, 2011

Security flaws will eventually get around to everyone: Amazon, Google, Microsoft, Sizzler, Play-Doh, your grandma, Jupiter. This time up it’s LinkedIn, the official social network of your dad. Flush with cash from last week’s IPO and now they got worries The problem seems to be with the cookie that the site puts on your computer. Most cookies expire after 24 hours or often less. But LinkedIn’s cookies last for a full calendar year. That means that anyone who gets a hold of the specs on that cookie can hop into someone else’s account, screw around, attempt to scam/spam those contacts, scurrilously update resumes, whatever they like. The problem was first reported over the weekend by a security researcher in India. LinkedIn has not yet addressed the problem, either to admit or dispute, although it has issued the usual blah blah blah about taking security seriously.

We’re here to help you navigate this changed world and economy.

Our mission at Marketplace is to raise the economic intelligence of the country. It’s a tough task, but it’s never been more important.

In the past year, we’ve seen record unemployment, stimulus bills, and reddit users influencing the stock market. Marketplace helps you understand it all, will fact-based, approachable, and unbiased reporting.

Generous support from listeners and readers is what powers our nonprofit news—and your donation today will help provide this essential service. For just $5/month, you can sustain independent journalism that keeps you and thousands of others informed.