That LinkedIn not violate one of the simplest, most fundamental notions of security: never ever give your credentials to a third party.
Part of being a semi-decent citizen of the internet is also not encouraging users to give third parties their credentials
It is a neat hack. I'd love this if it was "here's how we integrate LinkedIn into our email clients internally". It is novel and it does use CSS in weird and new ways. It should also not be a shipping public product. MITM is bad shit.
To be fair, they specifically mention that they use OAuth for Gmail/GApps.
It seems like they're aware of this but it's hardly their responsibility to avoid building a hack such as this just because Google are the only provider to allow IMAP access with OAuth. If more e-mail providers would allow such authentication, I'm sure LinkedIn would be happy to extend the support.
How about "the world isn't perfect and whilst it would be great to live up to our every ideal, our primary responsibility is running a business and providing a great experience for our users who, ultimately, in the vast majority regularly engage in such egregious violations of sensible security protocol that most-anything we do is unlikely to affect them and in cases where it would, said users are usually sufficiently literate to wish to avoid this anyway".
Part of being a semi-decent citizen of the internet is also not encouraging users to give third parties their credentials
It is a neat hack. I'd love this if it was "here's how we integrate LinkedIn into our email clients internally". It is novel and it does use CSS in weird and new ways. It should also not be a shipping public product. MITM is bad shit.