Sigh, so LinkedIn is trying to boost their numbers and you didn't fall for it. Good on you! Why the hate? If you want to get a ton of unsolicited links to connect just put 'VP' in your title. Amazing. I've only got two policies on LinkedIn, one I only link to people I actually know and have worked with already, and two I don't allow { recruiters | sourcers | HR } types to link to me after having a bad experience of one of them trolling all my contacts with "Hey I'm working with Chuck and would like information about what you're up to ..." emails.
But a lot of people really dislike the service and I completely support that choice of theirs, but so far I haven't seen a lot of discussion about the service the people wanted when they joined but didn't get. Is it
'view only' (as in I want to view other people but no one
can view me!) or maybe (no contact) as in only my contacts
can email me?
The complaint wasn't about marketing tactics, or about LinkedIn's quality of service. The complaint was specifically about LinkedIn asking for the passwords to their users' email accounts.
As the author points out, LinkedIn doesn't have a very good track record on security, plus giving out your email password isn't a very good practice in any situation. Unfortunately, because of LinkedIn's clout among professionals, many people are unwittingly putting their online identities at risk.
In the end, the author doesn't close his LinkedIn account because of recruiters, but rather as a protest against this bad practice.
I still have to do a double-take when LinkedIn asks me to "login" with my email address and password. I'm already logged in; they mean my email provider's password.
"The complaint was specifically about LinkedIn asking for the passwords to their users' email accounts."
Fair enough. He didn't enter his password, it isn't required to use the service. It is only useful for discovering more people via your contacts (and perhaps to spam them as you, that would be bad).
So they implement a feature poorly. Why the hate? The automatic climate control on my Subaru sucks dead gophers through a hose, but I don't translate the fact that Subaru let an crappy design get of an auxiliary feature get into production with "the car sucks, I'm selling it." Especially if my use of it doesn't require a lot of climate management (which it doesn't in California). I might think differently if the car wouldn't start unless the windows were up and the climate control engaged on automatic, that would cause me to sell it.
You and I are educated enough about web security that we know not to type one site's password into another site.
Many people aren't. Phishing is a real problem.
When "legitimate" sites start doing slimy, insecure things like asking for third-party passwords, three things happen. One, those "legitimate" sites have the power to do things that most users don't really want them to, like spam their entire contact list as them. Two, it becomes harder for unsophisticated users to distinguish legitimate sites from phishing sites. Three, it means that if a criminal breaks into a "legitimate" site, there's more valuable information there for him to steal.
Completely agree, the confusing bit then is the call to action, instead of "Help me educate LinkedIn" its "I'm deleting my account."
Does the author want to fix LinkedIn? Do they want a different service (or the same service done differently?) or a nearly the same service? It is easy to be dismissive of this form of rant, and sometimes that is actually the best response. But if there is something to learn here[1] that would be good too.
I suspect I'm overthinking it and the author was just venting.
[1] I get the 'here is another exemplar of stupid design' thought as well.
He says pretty explicitly why he deleted his account:
> They should know better than to put their marketing plans ahead of their users' security. They're not going to learn about security until it costs them users. So, scratch one user.
I think this is a reasonable justification, and I imagine the point was to get others to do the same.
I've given up on LinkedIn. They had a high-profile breach less than a year ago and they're still doing insecure things like this. Either they don't know or they don't care. So I'm setting the permanent bozo bit on their company.
Do I expect this to accomplish much? Not really. But I'm no longer part of the problem.
But a lot of people really dislike the service and I completely support that choice of theirs, but so far I haven't seen a lot of discussion about the service the people wanted when they joined but didn't get. Is it 'view only' (as in I want to view other people but no one can view me!) or maybe (no contact) as in only my contacts can email me?