Security flaws at LinkedIn

John Moe May 23, 2011

Security flaws will eventually get around to everyone: Amazon, Google, Microsoft, Sizzler, Play-Doh, your grandma, Jupiter. This time up it’s LinkedIn, the official social network of your dad. Flush with cash from last week’s IPO and now they got worries The problem seems to be with the cookie that the site puts on your computer. Most cookies expire after 24 hours or often less. But LinkedIn’s cookies last for a full calendar year. That means that anyone who gets a hold of the specs on that cookie can hop into someone else’s account, screw around, attempt to scam/spam those contacts, scurrilously update resumes, whatever they like. The problem was first reported over the weekend by a security researcher in India. LinkedIn has not yet addressed the problem, either to admit or dispute, although it has issued the usual blah blah blah about taking security seriously.

As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.

Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.

Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.