Is LinkedIn's New Intro App Similar To A Man-In-The-Middle Attack?
A new iOS app from LinkedIn is raising concerns among security experts.
Known as Intro, the app works with the Apple Mail app native to iPhones and iPads to embeds LinkedIn profile information into every message. This, despite the fact that Apple forbids any plugins for its native apps. Instead Intro is a proxy server sitting between the native Mail client and whatever email provider you use. So all IMAP and SMTP messages are now routed through LinkedIn servers on their way to and from your email provider in what is classically defined as a Man-In-the-Middle Attack
According to ThreatPost "LinkedIn says Intro doesn’t store email messages, instead it forwards requests from an iOS device to the email provider and does the same with responses from the provider to the device. In the meantime, each message gets an Intro bar inserted into it with a photo of the sender and a dropdown of more information from their LinkedIn profile."
ThreatPost quotes a blog from Bishop Fox analysts Vinnie Liu and Carl Livitt from which says "Intro works by pushing a security profile to your device; they’re not just installing the Intro app. They have to do this in order to re-route your emails. But, these security profiles can do much, much more than just redirect your emails to different servers. A profile can be used to wipe your phone, install applications, delete applications, restrict functionality, and a whole heap of other things.
“Most of your end users aren’t going to understand the impact of these changes, nor will they know how to reverse them if they wanted to do so,” Liu and Livitt said. “You are effectively putting your trust in LinkedIn to manage your users’ device security.”