
Creepy visitor tracking using Linkedin - aatteka
http://andrisatteka.blogspot.com/2014/10/creepy-visitor-tracking-using-linkedin.html
======
dkarapetyan
If you don't have a linkedin account I highly recommend the experience of
setting one up. It is horrible. You are upsold at every step of the process.
Reminded at every step that you should import your contacts and just forced to
use horrible defaults every step of the way. After you have an account you'd
think the sane defaults would be to not spam you with every little thing that
happens on the site. Nope, you manually have to turn all the spam off in at
least 5 different places. Once you're done with the spam you now also have to
disable all the nonsense default sharing settings in another 5 different
places. The whole thing is just a usability nightmare and an example of what
dark patterns look like in practice.

I don't know about you but if there was some other network for professionals
to showcase profiles I would jump on that immediately. Linkedin is so horrible
that if you make something and market it as 'Not Linkedin' you'll have the
first few years of growth handed to you for free.

~~~
peteretep

        > I don't know about you but if there was some other
        > network for professionals to showcase profiles I would
        > jump on that immediately
    

XING?

~~~
dkarapetyan
Neat. Why is it limited to Germany?

~~~
Mithaldu
Full disclosure: I'm a german web developer.

Xing is made by a Perl company in Germany, specifically Hamburg. Having had
some experience with other web-related companies, most german software is
written with german content first, and little thought spent on localization,
since serving an audience outside of germany is risky in that it means a lot
of the company (support, etc.) has to be duplicated first, and it might end up
having little draw. On the flipside, most Perl web frameworks are build with
only one language in mind, English. Adding localization is extremely easy if
you start out with it in mind, and i've actually been working on tools to ease
that process, but after the fact it's a massive investment.

Due to all these factors the cost is simply too high for most german companies
to even try.

~~~
czottmann
AFAIK, it's actually a Rails shop these days. (I know people who work there.)

------
steven2012
I recently got access to a LinkedIn recruiter-level account, and it's
frightening how much information recruiters have about someone. Not only can
they look at anyone's linkedin profile, there are additional services (not
affiliated with linkedin... I think) that keep a copy of everyone's linkedin
profile, even if you delete it. They cross reference your linkedin profile
with meetup, facebook, etc, to get an ultimate cyberstalking profile about
almost anyone they want. I think it was called talentbin.com, but there are
other sites as well.

Very, very creepy and this isn't even the NSA we're talking about, this is a
recruiter.

~~~
mooreds
Do you know what the common key was between these services? I bet it was
email.

That's why I sign up for services with a custom email address, that is
linkedin@domainname for linkedin, meetup@domainname for meetup, etc.

~~~
ark15
Will work for now but you are still following a pretty straightforward
'pattern' that the algorithms can easily catch up with if algorithm authors
wanted them to. (i.e. if too many people start doing this)

I guess using random@domainname may work better?

------
ExpiredLink
> _So a little advice - if you prefer privacy don 't forget to sign out of
> your Linkedin account before browsing the Web._

... and, of course, also sign out of Google and any other online service you
are logged in!

~~~
grimman
It's usually around this time I plug Self Destructing Cookies
([https://addons.mozilla.org/en-US/firefox/addon/self-
destruct...](https://addons.mozilla.org/en-US/firefox/addon/self-destructing-
cookies/) ); it simply nukes any cookies that aren't whitelisted.

Edit: For Firefox

~~~
ExpiredLink
> _it simply nukes any cookies that aren 't whitelisted._

Probably not what you want in case of e.g. Google.

~~~
grimman
I don't see why it would be any different in the case of Google; but I don't
personally use the Google services to any greater extent these days, so
perhaps I'm just not feeling the ramifications ordinary users would.

------
Mithaldu
I'm not quite sure how valid such a complaint is, coming from a page that
tracks via:

    
    
      - Google Analytics
      - Google+
      - Twitter
      - whatever else my URL blocker preemptively neutered
    

Linkedin seems to do the same as GA, and only differs from G+ and Twitter in
that it shows the hit counts.

~~~
vidarh
Most other alternatives does not show you the names, resume and professional
network of a substantial percentage of everyone who have visited your site.

------
300bps
The worst part is that LinkedIn will sell this information to anyone. There
are several sites out there that allow you to put a Javascript snippet onto
your page and thereby know the real names and any other details LinkedIn has
for any "anonymous" website visitor to your site. One of my side programming
jobs is a company that does Internet marketing and he had me put the snippet
on all of his sites - it literally shocked me when I saw people's real names
coming through the stats, all because they remained logged in to LinkedIn.

I generally only log in to LinkedIn with Internet Explorer now. It's the only
site that I use Internet Explorer for.

~~~
nolite
mind sharing which service does this?

~~~
300bps
Visistat

------
weavie
With LinkedIn being as bad as people say, why do people sign up to it?

Is there really no alternative? What is it that makes it compulsory to use?

I have a very out of date profile, but rarely use it. For some reason I don't
seem to get spammed. I don't see any use for it, so I don't visit.

~~~
vidarh
I do "use" LinkedIn to get queries regarding opportunities and to keep in
touch, but I'm not a frequent user.

However my most interesting recent usage of LinkedIn was signing up to pay for
Inmail in order to be able to message a few high level executives at DHL to
complain when a delivery was stuck in limbo. One day later and two Senior VPs
(out of 3 I messaged) in different offices had told their staff to sort it and
I was Cc:'d on a flurry of message exchanges that started or ended with
pointing out that "SVP so-and-so wants to be kept in the loop".

Two days later the package that DHL for a month had told me they didn't have
(and had told the sender was on it's way back to them), and couldn't have
corrected the delivery address on even they did have it (it was accidentally -
my own fault - sent to our old office) turned out to be sitting in a depot 5
minutes away, and was promptly delivered (to our new office).

That to me highlights a benefit of LinkedIn: Everyone _can_ get access to
relatively high level people, in part because the barrier to hassling them is
high enough that it's not massively abused: If you're not in their immediate
network you can contact them directly only if you've paid, and only quite few
at the time. While it's annoying to have to pay, it's better than not being
able to reach these people on occasion.

I'm going to consider using InMail that way whenever someone annoys me enough
to be worth the cost of another month of InMail subscription from now on given
how well it worked with my DHL problem.

~~~
russgray
That's really interesting. I've noticed that complaining on Twitter often
helps things get moving when the telephone support is giving you the run-
around, but I always assumed that was because I was airing their dirty laundry
publicly. Seems like complaints via non-standard routes work even when
private...

~~~
vidarh
I think it worked because it still is unusual. The people I contacted
presumably rarely hear directly from customers, and are so less likely to be
"inoculated" against seeing those kind of complaints as normal.

Presumably most people want to do the right thing for their customers, but
frontline staff often don't have authority, and soon gives up escalating
systemic complaints (or even gets punished if the continue to bring it up), so
if you don't get help right away the solution is often to find a way of
bypassing the layer(s) that are powerless or have given up trying, and you
find people that often do care deeply when they get to hear about such
problems, but rarely do hear.

The moment something like this becomes common, these people will retreat from
LinkedIn, or LinkedIn will take measures to protect them (win-win for
LinkedIn: Let extra busy people make it more expensive to reach them)

I've used Twitter too, as well as my blog + Twitter. A few years ago I'd
problem cancelling my cable subscription, and ended up getting a call from an
assistant to the CEO of Virgin Media on the Saturday morning following a
posting on the Friday. But in the case of DHL, Twitter too was a dead end -
they seem to not care much about their Twitter feed.

------
vidarh
On one hand there are caveats with this, and on the other hand more
opportunities. Here's one caveat that doubles as a benefit to someone doing
this (assuming you want people to find your profile):

When looking at a profile, LinkedIn shows you lists of other profiles people
who have looked at this profile looks at. You should presumably show up there
far more often if your profile gets seen far more often. As a result your
numbers will be skewed - you won't be able to tell who visited your website
vs. came to your profile because it's suddenly showing up all over LinkedIn.

On other hand, that means actual human views of your profile is likely to go
up substantially too.

------
emmelaich
I get an email to invite me to connect to someone every time (only three times
so far) I merely _visit_ their LinkedIn profile. I thought at first they had
some premium feature but on second thoughts it was probably something like
this. I never have myself logged in to LinkedIn at the same time.

Backstory: An acquaintance of mine requested a connection soon after I met
them for the first time. I was a little wary so didn't accept before speaking
to them.

I found out later that it was a fake profile copied from his real one and they
were a victim of identity theft.

------
ruben_varnish
Well, same goes for sites using elements from Twitter, Facebook, Google (think
of their JS CDN)... For those sites you can use
[https://disconnect.me/](https://disconnect.me/)

~~~
seba_dos1
No. It's not about how Twitter, Facebook and Google can track users. It's
about how _you_ can use LinkedIn to track users.

------
campbellsoup
Very interesting idea. Where do the authToken and authType come from though?
Isn't it sufficient to have the classic LinkedIn profile URI
[/profile/view?id=98261032]?

~~~
aatteka
It doesn't work without a token (apparently it did some time ago
[http://blog.makensi.es/post/3679713636/fingerprinting-
your-v...](http://blog.makensi.es/post/3679713636/fingerprinting-your-
visitors-using-social-networks) )

You can get a token from Linkedin itself.

------
me_bx
The article shows that the number of visits leaks to linkedIn. Any idea
whether the identities of visitor can be know from the "Who viewed your
profile" page?

~~~
johansch
That's just a matter of bribing linkedin.

"With Premium, you can see who's viewed your profile over the last 90 days,
not just the last 5 viewers free members see."

