[st3fan]

"When the LinkedIn Security team was presented with the core design of Intro, we made sure we built the most secure implementation we believed possible."

I think that is the problem. The security team should have said: "Stop. This is an insanely stupid idea. No matter how we implement it, let's just not do this."

Instead they tried to make the best of it.

I feel sorry for those folks. I bet in their heart they all know it is an utterly stupidly designed product that should never have seen the light of day.

[skybrian]

Maybe they did, but they aren't going to tell us how the internal debate played out. That's not how it works. Security teams can make recommendations and can escalate to upper management if need be, but they don't make the final call on new products. Ultimately it's the CEO who decides whether a risk is worth taking.

[wglb]

This is the essence of application, or any security: the tension between features and security.