key
The firm said it would email affected members and force them to change their
password. It also pledged to apply more stringent security measures in
future, including storing passwords in a more secure form by “salting” them, which
makes it more difficult for hackers to crack them.
Commentators on both sides of the Atlantic then started to criticise
LinkedIn’s security practices.
“The passwords weren’t properly protected,” said a spokesman for Imperva, an
American security firm.
“Not salting is a bad practice. Salting, in layman’s terms, complicates the
process of a hacker cracking a password. Not only do you encrypt the
password, but append it with a random string of characters so even if those passwords
are revealed, they look like gobbledygook.”
Imperva also claimed that more than 6.5 million people who use LinkedIn could
be forced to change their passwords, because the list did not indicate how
many members used each one.
However, it is the response to the news of the LinkedIn hacking by technology
pundits and users alike which has been the most interesting.
In a nutshell – people don’t seem to care that much. Whenever Twitter or
Facebook experience any type of security breaches, the world is up in arms.
And yet when LinkedIn’s biggest security violation to date happens, the
reaction is muted to say the least.
I believe this is because the professional networking site has lost its way
and needs to up its game.
It is still the top site for recruiters posting jobs and people seeking jobs to
see new opportunities, according to a new survey from Bullhorn Reach, a US
company which makes technology products for employers and recruiters.
But where it falls down massively is how it facilitates meaningful connections
between the most important people: its users.
Many users tweeting about the hack have bemoaned how much trying to ‘network’
on the site is too much like work.
And indeed, many others have also complained about how very annoying
LinkedIn’s constant email barrages are reminding its users someone wants to
connect with them.
Perhaps, one user wrote, LinkedIn could have put its email skills to better
use by immediately informing its users of the security breach and advised
them on how best to protect their account.
Ironically LinkedIn, the networking site for professionals, failed to behave
professionally this week by choosing to stay silent for as long as it did
about the breach.
Loren Steffy, a US business columnist for the Houston Chronicle, phrased the issue
well in his article: “Everyday, LinkedIn continues to annoy me in a
way few other social media services do: it nags me about accepting invitations
from people, most of whom I don’t know, who want to link up with me
on LinkedIn. Don’t get me wrong, I’m happy to connect with people on social
media. I just don’t need the site to harass me about it.
“I’m generally ambivalent about the whole ‘LinkedIn experience’, but if it
wants to inspire confidence, the company should devote the same amount of
attention it currently places on badgering its members on tightening its security.”
And that’s just it – people seem to be ambivalent about LinkedIn – Facebook’s
and Twitter’s more boring social network sibling.
It rapidly needs to reinvigorate both its security and product so it actually
becomes a tool professionals actively use to properly network with each
other.
Otherwise, LinkedIn is in danger of just becoming a glorified jobs board.
Emma Barnett is The Telegraph’s Digital Media Editor. Follow her on Twitter @emmabarnett
Article source: http://www.telegraph.co.uk/finance/businessclub/management-advice/9322228/Think-Tank-LinkedIn-gets-hacked-and-nobody-cares.html