NEW YORK, (
) -- After its
shares have cooled off considerably as investors take a more sober view of the social media shop.
In addition to concerns about valuation and the profit taking by flippers banking some hot IPO cash, there was also a claim that LinkedIn may be
LinkedIn was down more than 8.5% Monday, 9% below its $94 closing price Thursday when the company launched its IPO.
Though there seem to have been no reported breaches, one self-appointed security expert said that he uncovered flaws in so-called cookies that store LinkedIn users' login information. One potential problem is that the cookies don't expire immediately even when a user logs out, and the log-in key can remain active for a year, according to Rishi Narang, author of the
Hackers could theoretically collect the cookies and hijack users' accounts.
The company urged people to use secure networks and said it was "evaluating" some of its secure socket or encrypted log-ins.
"LinkedIn takes the privacy and security of our members seriously, so we currently support SSL for logins and other sensitive Web pages," a company rep said in an email.
WTFuzz's Narang suggests in his cookie report that LinkedIn could close the vulnerability by changing the log-in expiration parameters in its system.
--Written by Scott Moritz in New York.To contact this writer, click here: Scott Moritz, or email: firstname.lastname@example.org.Follow Scott on Twitter at MoritzDispatch