LinkedIn 'hacking' tool Sell Hack no longer exposes user email addresses
One of the great things about social networks is that it is possible to connect with people without the need to share email addresses. This means that you can remain "friends" with someone on Facebook, but not get to the point where you're handing out your email address and worrying about checking your inbox. The same is true of LinkedIn, but the difference with this "professional network" is that you're probably connecting with a larger number of people you would rather didn’t have your personal contact details. This comforting level of security was wiped out by Sell Hack.
This free browser extension -- available for Firefox, Chrome and Safari -- could be used to expose the email address associated with any LinkedIn account, regardless of whether you are connected to the person you are, essentially, spying on. Perhaps understandably, this caused a degree of upset and resulted in LinkedIn sending a cease and desist notice to the extension's developers. Sell Hack adds a "Hack In" button to social network pages which, when clicked, reveals the email address used by the account owner to create their page.
At least this was the case. Sell Hack has bowed to pressure and has announced in a blog post that "SellHack plugin no longer works on LinkedIn pages". But it's far from being all bad news for the team. The media coverage has created a storm of interest, and on 1 April "we had more signups today than in our first 60 days combined".
The post also explains that "we are building a better product that does not conflict with LinkedIn’s TOS" and anyone signing up for a new account with the service receives an email that says "we received a letter from LinkedIn and decided to suspend the service until we are compliant with their terms of use. Don’t worry, we’re already working on a solution". To counter claims that Sell Hack is "sneaky, nefarious, no good, not ‘legitimate'", the developers insist that "we only processed publicly visible data from LinkedIn based on your profile permissions".
For the time being it seems as though Sell Hack has been stopped in its tracks, but it's unclear how long this will be the case. The level of interest surrounding the story is fascinating -- over the past 48 hours there have been countless articles and blog posts about Sell Hack. With Sell Hack's insistence that it only uses publicly visible data in its analysis, it's difficult to see quite where all of the upset comes from. Commenters have suggested that LinkedIn is upset because the tool "erodes its business model for LinkedIn premium".
In an email to BetaNews, LinkedIn said: "There were a few news outlets that erroneously reported that premium LinkedIn members get access to email addresses. That is false... There are a number of different premium subscriptions LinkedIn members can get. One of the things premium members get are InMails. [These] are one-to-one messages between LinkedIn members. Those InMails don’t give you anyone’s email address though. The reason we issued Sell Hack a cease and desist was because it was violating our Terms of Service and our User Agreement".
So what do you make of it? Is (or was) Sell Hack really a privacy concern, or has it been stamped upon for potentially stemming a flow of income for LinkedIn?