Home / Technology / Slack quickly removes the ability to send messages to strangers with DM invitations over harassment issues

Slack quickly removes the ability to send messages to strangers with DM invitations over harassment issues



Slack became a public messaging platform this morning with the broader rollout of a new cross-organizational instant messaging feature, and now it is already taking steps to reduce the dangers of operating such a platform without well-thought-out moderation protection.

The company says that in response to concerns the feature can be used to send violent messages or harassment with relative ease, it now disables the ability to send a message along with an invitation. That way, if someone knows your email address, they can not spam your inbox with potentially violent messages.

After launching Slack Connect DMs this morning, we received valuable feedback from our users on how email invitations to use the feature could potentially be used to send violent or harassing messages. We are taking immediate steps to prevent this type of abuse, and today we begin by removing the possibility of customizing a message when a user invites someone to Slack Connect DMs, says Jonathan Prince, the company̵

7;s vice president of communications and policy. The Verge.

“Slack Connect’s security features and robust administrative controls are an important part of the value for both individual users and their organizations. We made a mistake in this initial rollout that is not in line with our product goals and the typical Slack Connect usage experience. As always, we are grateful to everyone who spoke, and we are committed to solving this problem. ”

The general concern, first raised by Twitter employee Menotti Minutillo, was that the feature did not have robust opt-out protection for individual users, and no way to easily prevent people from spamming you with email invitations. It appears benign on the surface; If someone wants to harass you and they have your email address, they can probably send you a harassing email. But Slack Connect bypasses the filter or inbox protection you can use, by sending you an email from the feedback@slack.com address with the DM invitation, with the email containing the message the sender decided to attach.

This means that if your organization uses this feature, you can not filter it out for fear of missing important Slack emails, and you also have no easy way to opt out. (It’s not even clear right now if the feature can be turned off for individual accounts.) TechCrunch reported this morning that the DM function would be opt-in for a company or the organization’s IT department to activate at its own discretion, but that does not mean that it would give the individual employee active control over who could DM them. And there was no filtering or monitoring in place that would detect if someone sent a hate message.

New concerns also arise, such as being able to see what Slack groups individuals are a part of – either paid or free – if that person accidentally accepts an invitation from someone using Slack Connect. And while Slack Connect is generally designed for enterprise users whose companies pay for premium features, a Slack Standard plan with Connect enabled costs as little as $ 8 per month per user (or $ 6.67 per month per user when billed annually). It suggests that some people can exploit these issues quite easily and cheaply if they choose to do so, even in the absence of the Slack invitation feature only disabled.




Source link