CP
cyberpings
PrivacyHIGH

LinkedIn - Secretly Scans 6,000+ Chrome Extensions

Featured image for LinkedIn - Secretly Scans 6,000+ Chrome Extensions
BCBleepingComputer
LinkedInBrowserGateJavaScriptdata collectionprivacy concerns
🎯

Basically, LinkedIn is checking what Chrome extensions you have to gather data about you.

Quick Summary

LinkedIn is scanning over 6,000 Chrome extensions to collect user data, raising significant privacy concerns. This could expose sensitive information about users and their corporate affiliations. Stay informed and protect your privacy.

What Happened

A recent report, dubbed BrowserGate, reveals that LinkedIn is using hidden JavaScript on its website to scan visitors' browsers for installed Chrome extensions. This technique allows LinkedIn to collect device data and link it to user profiles, raising serious privacy concerns.

According to Fairlinked e.V., an association of LinkedIn users, the platform checks for over 6,236 browser extensions. These include tools that compete with LinkedIn's own offerings, such as Apollo and ZoomInfo. This covert scanning enables LinkedIn to gather sensitive personal and corporate information without users' consent.

Who's Affected

The primary victims of this data collection are LinkedIn users, particularly those who utilize third-party browser extensions. Since LinkedIn accounts are tied to real identities and job roles, the implications of this data gathering extend to their employers and competitors.

What Data Was Exposed

LinkedIn's scanning script collects a variety of data, including:

  • Installed browser extensions
  • CPU core count
  • Available memory
  • Screen resolution
  • Timezone and language settings
  • Battery status
  • Audio information
  • Storage features

This data can be used to build unique browser profiles, potentially allowing for tracking across different websites.

What You Should Do

Users should be aware of these practices and consider the following actions:

  • Review your browser extensions: Be cautious about what you install. Remove any extensions that you do not trust.
  • Adjust privacy settings: Check your browser's privacy settings to limit tracking.
  • Stay informed: Keep up with privacy news related to platforms you use.

LinkedIn's Response

In response to the allegations, LinkedIn claims that the data collected is used solely to protect the platform and its users. They argue that the scanning is necessary to identify extensions that scrape data without consent. LinkedIn has denied any malicious intent, stating that the claims stem from a dispute with a developer whose account was restricted for violating LinkedIn's terms of service.

Industry Context

This is not the first instance of aggressive fingerprinting techniques being employed. Similar methods have been reported in the past, including instances where companies like eBay used JavaScript to scan for remote support software. Such practices highlight a growing trend in the tech industry where user privacy is often compromised under the guise of security.

In conclusion, while LinkedIn defends its actions as protective, the implications of such extensive data collection practices warrant scrutiny. Users must remain vigilant about their online privacy and the tools they choose to use.

🔒 Pro insight: The scale of LinkedIn's extension scanning reflects a troubling trend in user data collection practices, necessitating stricter privacy regulations.

Original article from

BCBleepingComputer· Lawrence Abrams
Read Full Article

Share

Related Pings

LOWPrivacy

Cindy Cohn - Join Privacy's Defender Events in New York

Cindy Cohn is hosting events in New York to discuss her new book on digital surveillance. Join her to learn about privacy rights and data security. Support the EFF and the fight for digital freedom!

EFF Deeplinks·
MEDIUMPrivacy

Inconsistent Privacy Labels - Users Left in the Dark

Data privacy labels for mobile apps are intended to inform users, but they're currently inconsistent and unclear. This leaves users unsure about how their data is being handled. It's crucial for developers to improve these labels to enhance user trust and security.

Dark Reading·
MEDIUMPrivacy

Privacy's Defender - Cindy Cohn Hosts Events in D.C.

Cindy Cohn is hosting events in D.C. to discuss her new book on privacy battles. Learn about digital rights and data security. Join the fight for your privacy!

EFF Deeplinks·
MEDIUMPrivacy

Blocking Children from Social Media - A Misguided Approach

Governments are trying to protect children from social media with bans. However, these age-based restrictions may cause more privacy issues than they solve. The focus should shift to open conversations and responsible platform design.

Malwarebytes Labs·
HIGHPrivacy

WebinarTV - Secretly Recording Public Zoom Meetings

WebinarTV is recording and publishing public Zoom meetings without consent. This raises serious privacy concerns for participants. Users must be aware of their digital footprint.

Schneier on Security·
MEDIUMPrivacy

Messaging Apps - Analyzing Permissions on Android Devices

A new analysis compares Messenger, Signal, and Telegram's permission requests on Android. Telegram has the least permissions, while Messenger has the most. This impacts user privacy significantly.

Help Net Security·