LinkedIn app’s oversharing via Bluetooth sparks alarm

Geez, LinkedIn, you are one pushy app! If you’re not spamming users’ contacts (and getting sued for it), you’re pawing our Bluetooth – even after we thought you’d gone home for the night!

News of LinkedIn’s latest market-the-beejezus-out-of-us stunt came on Thursday, when security researcher Rik Ferguson spotted a proclamation from LinkedIn about wanting to make data available to nearby Bluetooth devices, “even when you’re not using the app”.

Ferguson tweeted a screenshot of the mobile app change notification, accompanying it with a “You want to do WHAT?!” message:

Ferguson said that the pop-up sprang up following an update that billed itself as only offering “general bug fixes and performance improvements”.

According to people who responded to his thread, both iOS and Android users were replicating the message. That’s in spite of LinkedIn’s claim, in a statement sent to the Register, that the prompt was sent out in error, to just to a handful of iOS users:

In order to help our members more easily connect with one another, we’re exploring an opt-in “find nearby” feature that will help them find other members nearby.

This will be an opt-in experience and members will have control of when their location is used for this feature. A prompt to enable Bluetooth on our iOS mobile app went out in error to a small group of LinkedIn members. We are working on a fix immediately and we apologise for any confusion.

A small group, eh? An “error”, you say? Ferguson said that that fish didn’t smell quite right:

Plenty of people on Twitter were able to replicate and I replicated it on three phones all running 9.1.25 of the app. … as if by magic, it looks like 9.1.26 came out this morning.

Should we care that LinkedIn, which did say it was working on a fix for the issue, wants to let us see other Linkees nearby? It is, after all, opt-in. The business networking app says it’s all about getting in more elbow rubbing when we’re at a conference, for example, or out getting some grub at the pub.

Opt-in or no, we’re always a bit leery of always-on Bluetooth, or near-field communication (NFC), for that matter. They’re great for connectivity, enabling us to use accessories such as wireless keyboards and headsets, or to make payments with a wave of our smartphones.

But it does open a door to your device and to your data, so we recommend either switching such features off or putting your device into “not discoverable” mode whenever possible.

Also, be careful when pairing: never accept requests from unknown devices.

You might want to check out our 10 tips to secure your smartphone, or our practical advice for handling smartphones in the workplace.

Oh, and LinkedIn? It’s great that you mea-culpa’ed your ham-handed “I will schmooze via Bluetooth even when I’m not running” message. After all, some of us were interpreting that message in a very UnLinkMe way: