30 comments

[ 2.4 ms ] story [ 81.7 ms ] thread
Why would you want to accept every friend request?
I suppose there's the argument that "the bigger your social network, the greater the possibilities". In my experience, that argument is a fallacy.

In my experience, by having a lot of contacts you dilute the value of every single one of them. A prospective employer (or co-founder, or investor!) won't be able to easily discern the hay from the chaff.

My main concern with auto-adding people is you end up exposing your real contacts' details to all these random people. Spambot812a83 is suddenly a friend-of-a-friend from your trusted contacts.
"In the worst case your LinkedIn account may be compromised. You will have to weigh this against the convenience of not having to log in to LinkedIn." This doesn't convince me.
While I appreciate their honest and upfront response to the question, I'd argue this makes the idea better suited to an application that the user runs locally.
Agree. There is no reason to launch a service for this. Sounds a little suspicious to me.
any idea why they need to save it in plain text? no encryption mechanism provided in the world of open source?
"...we need to be able to rederive the plaintext"

The use of the word rederive sounds like it may be encrypted to me.

In order to log into a user's LinkedIn account with the password, they need to be able to give LinkedIn the password in plain text.

So yes, they can and most likely do encrypt it in some way, but in order for their server to be able to decrypt it when using it, they must naturally have to have the decryption code/passkey/etc stored on the server.

I suppose this might have some utility to some, but you are trusting a hacked over a weekend site with your Linkedin password?

The trend to give out passwords to 3rd party sites needs to stop, because security risks eventually become too great.

Interesting that you mention that. This is the first site I've ever seen that is upfront on their home page with the risk and implication of giving them your password.

I won't (and wouldn't) do it - I don't even trust OAuth providers - but refreshing that they're promoting informed consent.

I couldn't agree with you more. But perhaps the parent's comment reflects the thought process of the masses? If you give people this honest, upfront view of the risks, they probably wont take them. If you play like everything's ok, and nothing could possibly go wrong by giving them your pw, even when that's not 100% the truth, they'll prob cough up their password. There's some interesting social engineering to be learned here.
That's just as interesting. Security these days is driven by two things - economics and psychology.

If you're interested in that sort of thing get a copy of Ross Anderson's book Security Engineering. He even covers the TSA.

Also, I'd expect that giving your password to a third-party service would likely be in violation of LinkedIn's terms of use. And I wouldn't be surprised if LinkedIn tries to shut down LinkedOut for storing LinkedIn users' passwords.
Can't I just not have a linkedin account? Seems to work for Facebook.
I have tried this approach and have been using it successfully for over 9 years now. No complaints so far.
Not bad.

Since LinkedIn is 90% recruiters this is what I'd really like to see from an app: Fill in a few of your skills and it autogenerates a profile with keywords that recruiters search for.

Good idea for people like me who think LinkedIn is great in theory but has turned out to be pretty useless.
How is this better than just not using Linkedin? I used the Linkedin network (even the recruiters-- it only takes two good ones to balance out a hundred junk spammy ones) great effect in landing my last two jobs, even while the site itself is kamikaze nose diving into the toilet with its every trashier design evolutions to boost "engagement" and "stickiness" and "ad impressions" that no one wants. But if Linkedin, has nothing you, why not just leave?
" ... This means you never have to log in to LinkedIn."

Thank you!

I respect their honesty, but honestly this kills the idea imho. I would rather "have to" login to LinkedIn to accept someone, or just wait until im logged next time (it will show me remaining invitations) instead of shoving my LI credentials into just another hole, increasing probability that my LI credentials will leak/be stolen.
This is one of those ideas that should have been left on the drawing board.
Wow. I thought for sure the first comment would be one of the cool kids bitching about another Bootstrap site.
Built an app with the same name last year, also running on Sinatra: http://linkedout.jupo.org/

Very different purpose though. The original (snark) LinkedOut app lets you export profiles as clean PDF resumes.

I thought that is a builtin feature of Linkedin.
They embed their logo (as they should), apply a bunch of formatting, and most importantly haven't kept the export up to date with new features that have been added, such as skills. LinkedOut also takes the free-form formatting people tend to use in large text blobs, and tries to turn them into bullet lists and headings where applicable.
This reminds me of a friend of mine who talks about wanting to post his linked in credentials to his blog.
In addition to concerns raised by other posters, bonus points for the invalid SSL cert. This site must be a honeypot to name and shame the criminally stupid. Eventually the official raison d'etre--that your colleagues care whether you Linkedin-connect them--seems designed to trawl for idiots.
Accepting every connection on LinkedIn pretty much defeats the purpose. I only add people that I could ask for personal introductions to others ensuring my LinkedIn network is actually useful.

I suppose if you've never gone through the backdoor in order to meet someone, LinkedIn could seem like a big waste of time. For me though, the network graphs of who I know that I can ask for an introduction are quite valuable.

From the site's FAQ: "Who should use this service? People who want to stay on good terms with their colleagues without having to log in to LinkedIn."

I think this pretty much means it is for people who don't really want a linkedin account, but don't want to their coworkers to feel shunned. I don't see much point in this beyond that.

If you actually cared about using LinkedIn to build a social graph around yourself, you wouldn't use this, IMO.