Hand my contacts list to a website? No thank you. When is letting a website have this a good idea, not just Linkedin, but ever?
The login form, unsurprisingly, looked very similar to the one suggesting that you give LinkedIn your email address plus you email account password. When I first noticed this, I thought that, for people who re-use passwords, this was an accident waiting to happen. I'm sure people must have been caught out by this.
I was very tempted to submit this to darkpatterns.org, but the first part of the pattern (frequent re-authentication) doesn't happen any more.
However, mobile apps have a much easier time of it. Looking at the contacts stored on one's phone is just one of the many permissions they request, and users are conditioned to just click past that screen anyway.
Did I? Can I undo it? No idea. Linkedin is quiet about it, and it looks like it can't be undone.
- If you gave your email password to Linkedin or Facebook, did you change your email password immediately afterward?
- Are you very confident that Linkedin and Facebook wouldn't retain your password for future use or do some other mischief?
- Would you do the same thing again today?
An email client has a good use for it. A chat app may too. In the general case, no. It's definitely something to be very wary of.
I wasn't quite so security-conscious a few years ago.
This probably indicates a dark pattern at work ( http://darkpatterns.org/ ) - it was presented as a quick, default and normal action and/or of little consequence, when actually it's quite invasive.
You said that Linkedin would "scan your contacts to see if those people are on LinkedIn" and this is likely what it is presented as, but actually that information might be retained indefinitely and may be used for other purposes that are thought up later. But hey, it's just metadata, right?
(Granted, Google has to be pretty careful about how they act towards rival social networks)
It also has a separate username/password box for giving it access to your email address. I have never used this feature. However when I visit the site it fills in the second box with the same username and password.
If I used the same password for linkedin and my email account, saved my linkedin password, then all I would need to do is accidentally click the wrong button to send them my email credentials.
OAuth stands for Open Authorisation, not Open Authentication. While OAuth2 is often used for authenticating against other services, it is designed about authorisation, the ability to give other sites the ability to see info from your email account. Usually permissions are set at a modular level, so you could give sites to see who your contacts are, or your contacts and full name, etc.
Never.
I'm amazed how many people fall for it.
Look at every famous company and you'll find tactics that you don't agree with, and sometimes downright illegal (Path).
If you're not willing to do desperate things, to do what is necessary for user acquisition, good luck trying to build a successful business, because pure blind luck is exactly what you'll need.
Stuff like this is what really separates successful businesses from the failures. It was never about some grand vision, or some belief in connecting the world. It was about figuring out how to acquire users, retain them, and monetize.
The comments indicate that the typical HN class of user considers the line to be crossed. Does a service like linkedin really want to upset the HN segment of their user base? Up to them, naturally.
If you're not willing to do desperate things
Yeah, and when linkedin sells all our info because they're "desperate", the only people who will be surprised are fools.
Personally, I feel that if they're resorting to "desperate" measures to succeed, then they don't have a solid business model.
I'm sure the broken clock of HN opinion gets it right pretty frequently, but I wouldn't say it has strong predictive power for whether something bad actually occurred.
Most people here recognize that growth hacking is necessary for a startup to grow. The users complain only when the tactics employed do not result in a better experience for them. This was not the case when AirBnB, YouTube, etc executed their growth hacking tactics.
AirBnB: Their growth hacking tactic of posting to Craigslist resulted in a better experience for their existing users. YouTube: Their subtle permission to upload and watch copyrighted videos resulted in a better experience for their existing users.
LinkedIn though, seems to be misleading their existing users. That is why you see plenty of these comments. So, it is not a case of "nerds being nerds" (paraphrased) as someone commented elsewhere in this thread.
That's such a gem of insight and wisdom.
Really? There are plenty of companies who don't do "desperate things", and they are successful. At the end of the day, if a company must cross a moral threshold to do business, they should not do business at all. Businesses should not commit ethical violations in the society they operate in.
We operate on the basis of responsiveness, openness, honesty and trust with our members, business partners, employees and stockholders.
I won't quote other parts of it as it would simply hammer home the point - don't openly commit to things like this if your business practices do another.
Just stay quiet.
Ethically, it is comparable to food that tries to pass itself off as healthy, while treading the line on sugar and salt content, in order to appeal to unwitting customers. It may sell more, but it also deserves a bad reputation.
Each such optimization for the purpose of revenue has a social cost down the line. There is nothing hypocritical about attempting to lay that social cost on the vendor.
I find the innovator's dilemma happens when you aren't hungry, or paranoid, or willing to cannibalize your existing product or users.
Posit: There is no other dedicated professional social network that has scaled (>1M users) beyond one vertical/cohort (which excludes networks like HN, Spiceworks, Behance, etc.) except for LinkedIn.
How do you think they got there?
You may not like how the sausage is made, but I had a bacon-wrapped hot dog last night and it was delicious.
Second, I have been mislead the same way in both cases.
They babble about how FB decreases audience reach or how they hide their ad targeting instead of realizing the massive opportunity that is presented to the people who are willing to put the work.
They besmirch google for giving rapgenius preferential treatment instead of taking notes and using the precedent.
They revile linkedin for marketing tactics that serve them very well.
In short, the crowd here is mostly nerds with a misunderstood nobility sense, refusing the see the world they are living in for what it is.
Alternative in short - people here are workers, not businessmen.
You criticize that response like it's a bad thing.
They besmirch google for giving rapgenius preferential treatment instead of taking notes and using the precedent.
You say that like it's a bad thing.
They revile linkedin for marketing tactics that serve them very well.
You say that like it's a bad thing.
In short, the crowd here is mostly nerds with a misunderstood nobility sense, refusing the see the world they are living in for what it is.
You say that like it's a bad thing.
Alternative in short - people here are workers, not businessmen/marketers.
You say that like it's a bad thing... oh hold on. You're wrong.
It's not like ad-targeting, which normal people generally don't care about too much unless the retargeting gets really creepy.
It doesn't matter to LinkedIn whether these accounts are used or real, because they are judged on basic numbers like how many users they have. Since real money is involved and salaries and careers are riding on this number going up, they'll employ all kinds of perverse and intrusive tricks in order to inflate that number every quarter for as long as it is a measure of success.
This is the "ghost town" ruse all over again. It's weak sauce and demonstrably facile. You can bash Google+ all you want, but it's not going to impress people who enjoy using it very much.
http://bits.blogs.nytimes.com/2014/02/19/the-loyal-users-of-...
The g+ post just displays OP's confusion at "connect" really meaning "invite" in instances where contacts don't have a LinkedIn account.
Is there any evidence LinkedIn reports all members email contacts as LinkedIn users?
I have no idea if LinkedIn reports ghost users as real in annual reports but I'm sure they'll report users, and creating ghosts and deceiving users into thinking they are real will increase dramatically the number of signups for them, so it will help their overall stats, even if those people then do nothing with the account after they discover Robin didn't really invite them and should never have been on the site. This cult of collecting users as trophies or even faking them is both damaging to brands and user-hostile; in the long term it will fail and LinkedIn already has trust issues.
The g+ post just displays OP's confusion at "connect" really meaning "invite" in instances where contacts don't have a LinkedIn account.
The LinkedIn page is deliberately deceptive (showing a dead person as a member who can be added to someone's network), in an attempt to goose their stats and get more signups. There's no confusion here, and I'm surprised that you'd try to characterise it as that, deception might be a better word. If it means invite, it should say invite, and it should be presented as sending an email to a harvested contact, not inviting an already current LinkedIn member. This kind of dark pattern is where you end up if you trust certain metrics blindly and always make the modification which incrementally increases your metric (say user signups), regardless of other consequences. It is clearly designed to deceive.
LinkedIn claims X number of users
Suggested connections by LinkedIn can be generated for users that do not even have a present LinkedIn account.
Therefor, the number X must include those users.
Isn't this also true for most startups?
I don't know where LinkedIn got my contacts from but I suspect I must have missed a setting when I briefly installed the mobile app a few years ago. Some of the email addresses they have are out of date so that adds weight to my theory.
When I signed up I saw a bunch of people I had as contacts on a gmail account which I hardly ever use. I had NOT used said gmail account when signing up for LinkedIn (and no LinkedIn app etc.). They seemed to have somehow associated me with contacts for an email address I had told them nothing about by piecing together the contact lists of the small number of contacts I added on LinkedIn and linked the name in their address books to my unnamed gmail account. I simply don't trust them anymore.
It's cruel and exaggerated, but like most successful (?) jokes it contains just enough truth.
LinkedIn must have zero empathy for what loss does to people to use such tactics that can cause distress.
The idea that they are evil people is more appealing, though.
They really need to write something that tells you what the service does.
This is when I realized that linkedin in not about professional relationship but about recruiting folks and that recruiters will find it most useful.
As I can find a job without a recruiter, linkedin's value to me is close to zero.
What changed recently is that these fake profiles are also listed as having "shared connections" with me which is hard to believe considering those are not Linkedin profiles at all.
Sadly, those deleted contacts are still showing up in my "People You May Know" page.
Hence, I think it is safe to assume that LinkedIn are doing a "Facebook delete".
As I noted in my post, I am not in fact that surprised though.
* 2012 hack. 6.5M unsalted SHA1 password hashes leaked [1]
* 2013 Acquires Pulse, forces existing users to create a LinkedIn account. Users are pissed [2]
* 2013 LinkedIn Intro. In case you missed it, it was an iOS app that changed your mail settings to proxy your incoming mail through linkedin's servers in order to inject a frame with business-card-like CTAs. In the meantime, this naturally gave them instant access to all your emails. Massive privacy implications.
* 2013 LinkedIn Intro, 3 days after release. Jordan Wright shows a CSS-based phishing attack: security implications as well [3]
My personal experience with LinkedIn:
* My profile info is available to premium users without my consent
* Premium users can spam me without my consent.
* "Who viewed your profile" feature. Unbelievable.
* Constant contact requests from random people. I can't turn their email notifications off entirely (introductions are mandatory). EDIT: I was mistaken - <sarcasm>the process is very straightforward [5]</sarcasm>
* They seem to be in the business of intentionally misleading people (2011) [4]
So, personally I'm the furthest you can get from being a fan and I can't imagine what you were a fan of. They're top ranking on my shit list.
[1] http://blog.linkedin.com/2012/06/06/linkedin-member-password...
[2] http://www.theinquirer.net/inquirer/news/2306932/linkedin-in...
[3] http://jordan-wright.github.io/blog/2013/10/26/phishing-with...
[4] http://www.michielgaasterland.com/online-reputation/try-link...
[5] http://www.businessinsider.com/how-to-disable-all-of-linkedi...
I'm a fan of LinkedIn replacing the Rolodex. LinkedIn makes networking a whole lot easier. Maybe all your "technical" friends don't need to network, but I do.
Less cynically, all they seem to say is "ask this person to connect with you." That doesn't imply that they're using LinkedIn.
(Even more difficult to do when she's dead, although it's unclear whether LinkedIn has a way to know the living status of its real users).
In the career game, most of us have to be spies-- careful and immensely tactical with information-- in order to have success. A lucky few are so good at what they can do that they can shoot their mouth off (like I do) and tell the truth, for the good of the world. But most people will need to reinvent their histories at least once, and LinkedIn makes it harder to do that.
The upside: participation in a rather boring social network.
The downside: you can never reinvent yourself, because you've put too much information out there and people can find out that you actually were only a Director, not a VP, at that job in 2007, or that you spent 4 months at a shitty startup you've since taken off your resume.
But now it's almost socially unacceptable not to have a profile and actively play the game (so as to get double-digit endorsement counts in your specialties).
To me, LinkedIn seems to be a way for those in the slave class to polish their own chains.
This is one of the reasons I've been thinking about killing my LinkedIn account. Profile stalking with intent to discredit seems pretty damn common.
I'd always been aware of this, but only in the last five years or so have I apparently become influential enough (at work) to be a target of it.
Profile stalking with intent to discredit seems pretty damn common.
Precisely. Take start and end dates, which are often not well defined (consulting arrangements that become full-time, severance agreements). Then there is the issue of title. Sometimes you want to inflate it, but just as often you want to deflate one (to establish trend, or reduce one's role in an unsuccessful venture) and possibly to a previous title you held at that company, which few would consider dishonest. You rarely know, at the time, how you'll want to tell a story 5 years in the future.
However, to the Clueless, any whiff of inconsistency suggests poor integrity, while such people still get demolished by real unethical people and their long cons. Actual unethical people don't fudge their titles or dates or references, they extort their managers and companies into giving them accolades "legitimately".
I would rather hire the guy who lied about his executive title/role on his resume than the (more common) one who actually had it but got it (as most corporate executives do) through extortion.
Got another endorsement from someone else who also had no way of knowing my skillset in a particular area.
Was thinking maybe they accidentally clicked on that intrusive, dark pattern of a prompt that keeps appearing atop the site. Now, I'm not so sure.
This practice leads registered users to attempt to connect with people who are not using LinkedIn. In effect, LinkedIn uses its user base to spam non-users with requests to create accounts.
The lie (this person has an account already) leads to a potential increase in user numbers via the emails that are triggered by the request to connect.
Now, we come back in see in 5 years.
Here is a good speculation from xkcd on a related topic: https://what-if.xkcd.com/69/ With it in mind, how valuable would a database of the deceased be in 100 years from now, if we start gathering this data today? For example, mining the internet for history on relatives would probably become a business of it's own, and as a consequence, ancestor's deeds would be much less romanticized than they are today.
Let me tell you a story about John Sculley. Former CEO of Apple ( http://en.wikipedia.org/wiki/John_Sculley )
I met John 4 times. He contributed to a charity that I was working with. I didn't think there was any chance he would remember me. Years went by, then I got a linkedin invite from John wanting to connect.
John Sculley wants to connect with me? Really? This can't be real. I'm "famous" but I'm not that "famous" and I barely met John, no way, has to be fake. So I report it to LinkedIn. A second friend gets a similar invite, and she has never met John, but was a contractor for Apple, and at Pepsi when John was. I have her report it to Linkedin as well.
Linkedin rushes around, calls John, doesn't get anything but a generic voicemail. 72 hours later they remove the account. 4 days later John's wife gets back from a trip, and checks his email and sees that linkedin has removed his account.
Ooops. I have caused a legit person to have their account removed.
I'm not saying LinkedIn users are all "real" but they do seem to go out of their way to have what is described in this article not happen.
In that list just go through all users and check all that don't have little LI icon next to them (no LI profile). Click Delete button and you are all set. You can just delete all of them if you want. I clicked on "allow access LI to GMail" by accident once, when they gave me some tricky pop up during my roaming on LI. Very shitty behavior IMHO
What they are doing is using your contacts list to mislead you into believing that many of your contacts are already on Linkedin. Once they get you to connect with yet-to-exist accounts, then they can legitimately spam your friends saying that you want to connect with them. Interesting strategy, but it will earn them some backlash.
I don't understand why Reid Hoffman, who I think is a great Angel investor is doing that to the startup community.
And yet, among the "people you may know", LI had a few email addresses that I am sure don't have LI accounts, and would never have them.
So how did LI get those addresses? I was logged in to my GMail account in another tab; could it be some CSRF or such bug? I found it very creepy.
By and large I've found the website very useful.
I promptly uninstalled it.
