You must log in or # to comment.
Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions.
Still wrong, but but not quite as scary as “searches their computer for installed software” which makes it sound like it broke out of browser sandbox
Jokes on them, I never use chrome, and never go to Link’in. I guess they’ll never know who I really am, by extension.
Isn’t that what most mainstream sites try to do anyway?
To me, this seems like a security flaw in Chromium. Websites should not be able to access any of it (yes, even just the extensions) regardless of what code they’re running.
Not great for LinkedIn, but a critical failure of Chromium.
Reminds me of how any app in Android can see all the other installed apps. Great for fingerprinting.
Isn’t this what every major social media site does? It’s certainly what security and privacy experts have been warning us about for years.
Once can hope LinkedIn pays a heavy price for this, but they’ve probably done it intentionally knowing the value 100x exceeds the likely penalty. This will probably end up with all of us being offered to join a class action where our settlement is a free month of LinkedIn premium.
What penalty? What illegal thing are they even doing? If the browsers allow this, they should expect it to happen. Prevent it, or expect it. Websites shouldn’t be able to “scan” for these extensions in the first place.
At best, they might get a slap on the wrist fine they pay to the FTC or FCC, and admit no fault.
laughs in linux
People run Chrome on Linux.
So this is a more in depth explanation of what it actually does. In the end it only searches a specific number of extensions from chrome extension store, encrypts it and sends it off to 3rd party.
https://browsergate.eu/how-it-works/
But i also don’t use chrome based browser and don’t visit LinkedIn. Il live
deleted by creator
