Wednesday, May 18, 2016

But my LinkedIn network was hacked



According to many news sources LinkedIn emails and passwords are up for sale to the highest bidders.   Many news reports, NOT including the one above, fail to mention in their headline that this was from a hack in 2012, not from a present day vulnerability.

As such it's a classic case of bad technical reporting, I suppose for reasons of copy. Sensationalist and inaccurate journalism often sells, and again I'd like to re-iterate this article above from TechCrunch is NOT one of them.

This  whole episode drove Marcus pretty much crazy and here is why:


Knowing Journalistic Misrepresentation
As above.   Barstards.

Who Needs It
Discretion prevents me from revealing, but some country, National Job agencies make it a condition that you sign up with LinkedIn and check your profile.  I can't disclose the examples, but I feel if I am unemployed this should be my choice and not the Government's


Is it Recommended
Like Facebook,  use of LinkedIn is now pretty mandatory.   Not having a LinkedIn profile means there is something just a little bit odd about you, in the same way that not having a Facebook profile fingers you as some sort of social misfit.

Is it Useful
Yes, I do use it.  But not for job searches, but for people validation.  When I want to check whether somebody is bogus or for real this is part of my Identity toolkit.  And, I can tell you, it is pretty good.  In other words useful, but not for the creators intended purpose

More LinkedIn Misdemeanours
LinkedIn is also useful to Recruitment Agents.  If you are dumb enough to add any Job Agent or recruiter to your /Connections/ then they can see all of your Business contacts, find out information about them, and poach or otherwise try to solicit them.  What a bloody nightmare.  Why not review your contacts now! And make removals as necessary.

Security
I've spoken earlier about a lifelong policy of password separation. To me the words or idea of /single signon/ is tantamount to gross stupidity. If you can guess my LinkedIn password you will compromise just LinkedIn and nothing else

The 2012 Hack
If you have not changed your password by now, 4 years later, then you are a total dumbass.


Two Step Verification
Two factor or two step authentication means you need your password and something else to logon to.  And the second thing is usually a random code sent to your mobile.  So a potential LinkedIn hacker would have to have stolen your telephone too, thus reducing to zero the chances of a remote internet hack.



For all the above reasons the excuse to a potential employer /But my LinkedIn network was hacked/ is no excuse at all.  It would just highlight to me that you were unsuitable for employment at my company.