said by businessweek article :
LinkedIn required the members to provide an external e-mail address as their username on its site, then used the information to access their external e-mail accounts when they were left open, according to the complaint.
LinkedIn pretends to be that user and downloads the e-mail addresses contained anywhere in that account to LinkedIns servers, they said. LinkedIn is able to download these addresses without requesting the password for the external e-mail accounts or obtaining users consent.
Ok so a LinkedIn user creates an LI account using their email address as the login, and (hopefully) a different password than required to access that same email account. How does LI 'hack into' that external email account without the password? What do they mean by "when they were left open"?
might be right, LI users are uploading or otherwise giving LI access to their external address book, then complaining when LI takes advantage of all those newly discovered email addresses. That's not to say that what LI is doing is right, but I don't see how else LI can gain access to any part of a user's external email account with just the email address and no password... unless I'm missing something.
I have a LI account but seldom look at it. When I logged in recently to change some settings to reduce the amount of email reminders they were sending me, I noticed that in the section "people you might know" (or something like that) was a link to the profile of a retired AT&T technician who I didn't really know, but I communicated with by email last year when I picked up some schematics he was giving away. The emails were exchanged entirely outside of LI, and we have no other connection within LI to my knowledge. All others listed in the "people you might know" section were either strangers, or ex-coworkers who were associated with me by a common employer listed in my profile.