114
LinkedIn Is Illegally Searching Your Computer (browsergate.eu)
submitted 1 week ago by floofloof@lemmy.ca to c/privacy@lemmy.world
12 comments fedilink hide all child comments

cross-posted from: https://lemmy.bestiver.se/post/1024319

Comments

all 13 comments
sorted by: hot top new old
[-] Feyd@programming.dev 72 points 1 week ago

Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions.

Still wrong, but but not quite as scary as "searches their computer for installed software" which makes it sound like it broke out of browser sandbox

[-] Atelopus-zeteki@fedia.io 17 points 1 week ago

Jokes on them, I never use chrome, and never go to Link'in. I guess they'll never know who I really am, by extension.

[-] null@lemmy.org 2 points 1 week ago

Isn't that what most mainstream sites try to do anyway?

[-] Nollij@sopuli.xyz 25 points 1 week ago

To me, this seems like a security flaw in Chromium. Websites should not be able to access any of it (yes, even just the extensions) regardless of what code they're running.

Not great for LinkedIn, but a critical failure of Chromium.

[-] Dave@lemmy.nz 6 points 1 week ago

Reminds me of how any app in Android can see all the other installed apps. Great for fingerprinting.

[-] French75@slrpnk.net 14 points 1 week ago

Isn't this what every major social media site does? It's certainly what security and privacy experts have been warning us about for years.

Once can hope LinkedIn pays a heavy price for this, but they've probably done it intentionally knowing the value 100x exceeds the likely penalty. This will probably end up with all of us being offered to join a class action where our settlement is a free month of LinkedIn premium.

[-] plz1@lemmy.world 5 points 1 week ago

What penalty? What illegal thing are they even doing? If the browsers allow this, they should expect it to happen. Prevent it, or expect it. Websites shouldn't be able to "scan" for these extensions in the first place.

At best, they might get a slap on the wrist fine they pay to the FTC or FCC, and admit no fault.

[-] HubertManne@piefed.social 13 points 1 week ago

Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions. The scan probes for thousands of specific extensions by ID, collects the results, encrypts them, and transmits them to LinkedIn’s servers. The entire process happens in the background. There is no consent dialog, no notification, no mention of it in LinkedIn’s privacy policy.

[-] StealthLizardDrop@piefed.social 3 points 1 week ago

laughs in linux

[-] solrize@lemmy.ml 3 points 1 week ago

People run Chrome on Linux.

[-] StealthLizardDrop@piefed.social 2 points 1 week ago

So this is a more in depth explanation of what it actually does. In the end it only searches a specific number of extensions from chrome extension store, encrypts it and sends it off to 3rd party.

https://browsergate.eu/how-it-works/

But i also don't use chrome based browser and don't visit LinkedIn. Il live

[-] altphoto@lemmy.today 1 points 1 week ago

Installed software! Oh installed software! Where are you! LOL! This guy is using scripts he wrote himself and the combination number #24356357954689 of possible software, desktop GUI and kernel. Okay let's drive our malicious scan!.... Oh sudo password, we need the root password to do anything malicious! Look at this, it even has a welcome screen asking for you to scan as much as it is possible in that image! Darn!

this post was submitted on 02 Apr 2026
114 points (95.2% liked)

Privacy

9540 readers
649 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 2 years ago
MODERATORS
iopq@lemmy.world