Security Articles

  • Same Origin Method Execution Diagram

    Finding Same Origin Method Execution Vulnerabilities

    October 19, 2016

    This summer I had the privilege of interning on LinkedIn’s House Security team. During this period I was tasked to analyze the details of a relatively new class of vulnerabilities, and create a BurpSuite extension that would help identifying problematic sites. In addition to open-sourcing the extension, we want to shed some more light on Same Origin Method...

  • Open Sourcing URL-Detector

    June 30, 2016

    Today, we’re excited to share that Linkedin is open-sourcing our URL-Detector Java library. LinkedIn checks hundreds of thousands of URLs for malware and phishing every second. In order to guarantee that our members have a safe browsing experience, all user-generated content is checked by a backend service for potentially dangerous content. As a prerequisite for...

  • Project Altair

    March 21, 2016

    LinkedIn's infrastructure needs to seamlessly handle petabytes of data on a daily basis. Our data centers and infrastructure have grown by 34 percent on annual basis and almost half a billion people in more than 200 countries and territories rely on us. In order to reliably deliver our services to our members and customers, we have expanded our data center...

  • Rethinking Path Validation: Pt. 2

    March 16, 2016

    BGP, or the Border Gateway Protocol, is a widely-used protocol that allows very large networks, such as the Internet, to be able to...

  • ASN Graph

    Rethinking Path Validation: Pt. 1, New Requirements

    March 1, 2016

    BGP, or the Border Gateway Protocol, is a widely-used protocol that allows very large networks, such as the Internet, to be able to...

  • Who Are You? A Statistical Approach to Protecting LinkedIn ...

    January 22, 2016

    Can you can spot your LinkedIn password in the above image? Is your password on LinkedIn the same as another website? Have you been a...