Slack rolls back controversial messaging feature within hours of its introduction
Messaging platform Slack yesterday rolled out a new feature called Connect DM that made it possible to send direct messages to anyone using the service -- regardless of whether they are part of the same company or workspace.
We say "made it possible" in the past tense because Slack was very quickly forced into something of an embarrassing partial u-turn. The company somehow failed to notice the potential for such a feature to be abused, and it was down to users and media outlets to point this out. Within hours, a key change was introduced to Connect DM to help eliminate spam and abuse.
It's not quite clear how Slack somehow managed to overlook the fact that Connect DM could be used to spam and harass people. Although the feature was launched as an opt-in element (of sorts) of the platform, a flaw existed in that it was possible to send messages of up to 560 characters to strangers.
These custom messages were sent to the person being contacted, giving them the option of accepting or ignoring the communication request. But they would receive the invite in the form of a email, opening up the potential for a huge amount of unwanted -- and potentially abusive -- correspondence.
Within hours, Slack had seen the error of its ways. In a statement given to the Verge, the company vice president of communications and policy, Jonathan Prince, said:
After rolling out Slack Connect DMs this morning, we received valuable feedback from our users about how email invitations to use the feature could potentially be used to send abusive or harassing messages. We are taking immediate steps to prevent this kind of abuse, beginning today with the removal of the ability to customize a message when a user invites someone to Slack Connect DMs.
Slack Connect's security features and robust administrative controls are a core part of its value both for individual users and their organizations. We made a mistake in this initial roll-out that is inconsistent with our goals for the product and the typical experience of Slack Connect usage. As always, we are grateful to everyone who spoke up, and we are committed to fixing this issue.
The plugging of this hole within hours could make Connect DM in its original form one of the shortest-lived features ever.
Image credit: rafapress / Shutterstock