Slack just backtracked on the worst idea ever

Slack connect dms backtrack
(Image credit: Shutterstock)

Slack has now reversed its controversial decision to let users message anyone else via Slack, even if they aren’t part of the same private channel.

Or more accurately the company has fine-tuned the Slack Connect DMs feature to minimize the risk of harassment and abuse. Users will still be able to invite outsiders to join them in a private conversation, but now there’s no option to send any messages beforehand.

Slack Connect DMs is an invite system that enables cross-channel communication. That means people could communicate with each other through Slack, despite not being members of the same private channel, but only if they both agreed to it first. That’s not changing, as far as we can tell.

Initially, however, those invites could go out with a written message. Naturally, this could easily be exploited to harass people at work or send them abusive messages. Particularly since Slack does not include tools to block other people or report abuse. 

So Slack has admitted its mistake and backtracked on the initial messaging feature.

“After rolling out Slack Connect DMs this morning, we received valuable feedback from our users about how email invitations to use the feature could potentially be used to send abusive or harassing messages. We are taking immediate steps to prevent this kind of abuse, beginning today with the removal of the ability to customize a message when a user invites someone to Slack Connect DMs,” Jonathan Prince, Slack’s vice president of communications and policy, told The Verge.

“Slack Connect’s security features and robust administrative controls are a core part of its value both for individual users and their organizations. We made a mistake in this initial roll-out that is inconsistent with our goals for the product and the typical experience of Slack Connect usage. As always, we are grateful to everyone who spoke up, and we are committed to fixing this issue.”

There’s more to worry about than abuse

Of course, there are still other concerns to worry about. Some of them have already been debunked online, like the risk of people able to see which Slack channels a user is part of when they accept an invite. Slack has confirmed to The Verge that users receiving invites will only be able to see which channel they’re being invited to, and nothing else.

There’s also the problem that whole individual companies will be able to opt-in to Slack Connect, individuals have no such power. It’s also not clear whether it’s possible to disable the feature for individual members of an organization. So users may find themselves bombarded with Slack Connect invitations, with no way to turn them off.

Those messages may not come with abusive messages attached, but they could prove to be a serious distraction if the wrong person (or people) decided to exploit those tools.

Plus there’s the problem of which channel admins have access to what. Slack Plus plans store everything, without encryption, and make it accessible by channel admins if they wish. In a situation where two members of different organizations are sending messages via Slack Connect, there are two different admin teams that may be able to see what they’re saying. We’ve asked Slack to clarify this point.

Then there’s the risk of exposing sensitive company information. It’s bad enough if outside admins could potentially see this, but companies do talk about sensitive stuff in Slack. In fact, last year’s Twitter hack, which led to verified accounts tweeting out the same cryptocurrency scam, only happened because the hacker managed to infiltrate Twitter’s Slack account and gain access to company tools.

Slack Connect DMs are what the name suggests, and just let people send private messages between Slack channels. But it is a potential security hole, and hackers are an intrepid bunch. Who knows what they might be able to get up to.

Fortunately, Slack seems willing to listen to criticism and will make changes to Slack Connect where needed. Reducing the risk for abuse is very important, but it’s still only a surface-level problem. There are other issues underneath that need to be addressed as well. Let’s just hope it will happen soon, and without someone claiming to be Elon Musk while trying to fleece you out of Bitcoin.

TOPICS
Tom Pritchard
UK Phones Editor

Tom is the Tom's Guide's UK Phones Editor, tackling the latest smartphone news and vocally expressing his opinions about upcoming features or changes. It's long way from his days as editor of Gizmodo UK, when pretty much everything was on the table. He’s usually found trying to squeeze another giant Lego set onto the shelf, draining very large cups of coffee, or complaining about how terrible his Smart TV is.

Read more
Slack
Slack was down — latest updates on massive outage
How to tell if you've been blocked on WhatsApp
The best WhatsApp alternatives in 2025
Slack
ChatGPT could soon work with Slack and Google Drive to make office life a bit easier
An illustration of a person holding a smartphone with a padlock in front of speech bubbles on the screen
The best encrypted messaging apps in 2025
Elon Musk holding chainsaw at CPAC
Musk's DOGE faces massive backlash and 12 data privacy lawsuits — how safe is your data?
Discord on a phone and a laptop
Reported Discord data leak disputed by third-party service RestoreCard
Latest in Instant Messengers
How to delete TikTok
8 TikTok alternatives — where to go if the app gets banned
How to tell if you've been blocked on WhatsApp
New WhatsApp green screen bug is making the app unusable
The WhatsApp logo on a screen in front of a laptop
WhatsApp starts rolling out Events planning feature for group chants — here’s how it works
The WhatsApp logo on a screen in front of a laptop
WhatsApp looking to add AirDrop-esque feature to iPhones — what we know
The WhatsApp logo on a screen in front of a laptop
WhatsApp drops surprise design update — it's rounder and darker now
WhatsApp logo on iPhone
How to rejoin a group chat on WhatsApp
Latest in News
A first look at Amazon's Fallout TV series coming to Prime Video
‘Fallout’ season 3 plans are reportedly being made — while season 2 is still filming
Surface Laptop 7 from the front
Amazon just gave Surface Laptop 7 a 'frequently returned' label — here's what's going on
New emojis with iOS 18.4 beta release.
iOS 18.4 beta brings 8 new emoji to your iPhone — here's all the new options
23andME box
23andMe has declared bankruptcy — here's how to delete your data now
half-life alyx
Latest Half-Life 3 rumors point to a 2025 release — and maybe pigs will fly
NFL Sunday Ticket logo for YouTube
NFL Sunday Ticket 2025 pricing revealed — and it's bad news