There's a reason I use an email alias if I sign up to places like that and why I do not place much information on these sites... There's a reason I maintain somewhere approaching 20 passwords in my head too and why the password I use for accessing my own systems will never be the password I use to access a system neither I nor my employer control. It's just common sense. Remember, the greatest threat to your privacy and security is YOU! How many of us go about detailing every aspect of our lives on facebook or twitter or something and, if someone is of a mind to comb through it, in the process self-disclose everything necessary for someone to basically become us? The hackers/corporate scrapers don't even really *HAVE* to try to thieve information anymore. We give it to them all without them even asking! -Wayne On Sat, Oct 26, 2013 at 02:16:05AM -0400, Jason Hellenthal wrote:
Well said
-- Jason Hellenthal Voice: 95.30.17.6/616 JJH48-ARIN
On Oct 26, 2013, at 2:06, Jimmy Hess <mysidia@gmail.com> wrote:
On Fri, Oct 25, 2013 at 6:43 PM, Chris Hartley <hartleyc@gmail.com> wrote:
Anyone who has access to logs for their email infrastructure ought probably to check for authentications to user accounts from linkedin's servers. [snip]
Perhaps a prudent countermeasure would be to redirect all POP, IMAP, and Webmail access to your corporate mail server from all of LinkedIn's IP space to a "Honeypot" that will simply log usernames/credentials attempted.
The list of valid credentials, can then be used to dispatch a warning to the offender, and force a password change.
This could be a useful proactive countermeasure against the UIT (Unintentional Insider Threat); of employees inappropriately entering corporate e-mail credentials into a known third party service with outside of organizational control.
Seeing as Linkedin almost certainly is not providing signed NDAs and privacy SLAs; it seems reasonable that most organizations who understand what is going on, would not approve of use of the service with their internal business email accounts.
-- -JH
--- Wayne Bouchard web@typo.org Network Dude http://www.typo.org/~web/