Codebreaker

Security flaws at LinkedIn

John Moe May 23, 2011

Security flaws will eventually get around to everyone: Amazon, Google, Microsoft, Sizzler, Play-Doh, your grandma, Jupiter. This time up it’s LinkedIn, the official social network of your dad. Flush with cash from last week’s IPO and now they got worries The problem seems to be with the cookie that the site puts on your computer. Most cookies expire after 24 hours or often less. But LinkedIn’s cookies last for a full calendar year. That means that anyone who gets a hold of the specs on that cookie can hop into someone else’s account, screw around, attempt to scam/spam those contacts, scurrilously update resumes, whatever they like. The problem was first reported over the weekend by a security researcher in India. LinkedIn has not yet addressed the problem, either to admit or dispute, although it has issued the usual blah blah blah about taking security seriously.

There’s a lot happening in the world.  Through it all, Marketplace is here for you. 

You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible. 

Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.