On 25 Oct 2013 18:54, "Charles Marcus" <cmar...@media-brokers.com> wrote: > > Hello, > > I'm really hoping this is either a hoax or I'm seriously misunderstanding something... > > If it is true, how can they legally do this? And more importantly, how can SASL_AUTH attempts be blocked? Maybe block all SASL attempts from LinkedIn networks?
http://engineering.linkedin.com/mobile/linkedin-intro-doing-impossible-ios And as your link points out it probably makes the user break several laws, even if they aren't breaking any.. Simon It's not a hoax. > Anyway, article here: > > http://www.bishopfox.com/blog/2013/10/linkedin-intro/ > > "LinkedIn released a new product today called Intro. They call it > ?doing the impossible?, but some might call it ?hijacking email?. > Why do we say this? Consider the following: > > Intro reconfigures your iOS device (e.g. iPhone, iPad) so that all of > your emails go through LinkedIn?s servers. You read that right. Once > you install the Intro app, all of your emails, both sent and received, > are transmitted via LinkedIn?s servers. LinkedIn is forcing all your > IMAP and SMTP data through their own servers and then analyzing and > scraping your emails for data pertaining to?whatever they feel like." > > -- > > Best regards, > > Charles
