LinkedIn harvesting addresses from Contacts, Thunderbird?

[knottulf]

I am steadily getting more convinced that LinkedIn has the ability to read information from my private account in my own mac. In my experience I can tell this has happened when LinkedIn proposes me to connect to people whom I only have been in touch with by mail (Thunderbird), and LinkedIn being opened in Firefox.
However, other people confirm the same thing to happens via Safari and Mail.app.
In both cases the user answers NO to all LinkedIn's requests to access his/my private resources in search for possible contacts.

How does this happen?
Shouldn't OSX have restrictions to prevent a webpage from accessing information on the harddisk?
When LinkedIn can do this, can I trust my computer files to be secure at all?
How could I prevent it from happening? Migrate to Linux?

(osx 10.9.5)

 

[ron7624]

It is definitely getting information from somewhere in iOS or Apple systems in general. I receive invitations from people that I know and have told them that I don't participate. They have sworn to me that they did not send the invitation. So it is coming from LinkedIn impromptu.

 

[knottulf]

How come OSX permitting this? Isn't it a major security hole?

 

[nebo1ss]

I was a member of linkedin for exactly two hours. During that time I received three phone calls from people asking me why I sent them invitations to join linkedin.
I immediately cancelled my membership.

 

[knottulf]

OK, LinkedIn sucks.

But still, this is mainly an Apple issue. How come osx permit intrusion into our private files like this?

 

[maflynn]

How come OSX permitting this? Isn't it a major security hole?

I'm mostly an inactive member of linkedin and I'm not real fan, but I've not experienced what you posted. I don't have any issues with it getting my contacts.

 

[lowendlinux]

I'm a member of linked in and use Firefox and Thunderbird on my Linux boxes and have not had the issues you've had.

 

[rdowns]

I use LinkedIn and have never experienced this.

 

[knottulf]

I must assure you, I am sure that linkedin somehow harvests email addresses from thunderbird on my mac. There is no other explanation. This should not happen, but it does.
How to prevent it? Anybody?

 

[lowendlinux]

In Linux there's this program called firejail I'd imagine osx has something like it since firejail itself is ported over from BSD

 

[dan1eln1el5en]

not OS X but on iOS in the settings tab there is a place you can not allow it to get contacts, it's usually on from people I get crazy invites from.

are you on 10.10 by any chance ? if so check your "internet accounts" tab in system settings, OS X seems to have a service for various online services where it automagically sign you in and perhaps give access to contacts

 

[Mr_Brightside_@]

not OS X but on iOS in the settings tab there is a place you can not allow it to get contacts, it's usually on from people I get crazy invites from.

are you on 10.10 by any chance ? if so check your "internet accounts" tab in system settings, OS X seems to have a service for various online services where it automagically sign you in and perhaps give access to contacts

It's either this, or you entered your email password at some point while using LinkedIN, and it's scanning your emails this way.
I use Linkedin and it asks me for my email password constantly, which I'm not cool with.

 

[Negritude]

Related:

A LinkedIn employee with measles potentially exposed Bay Area transit riders, officials say

http://www.washingtonpost.com/news/...xposed-bay-area-transit-riders-officials-say/