Bruno Miguel17h ago

"Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm.

The user is never asked. Never told. LinkedIn’s privacy policy does not mention it."

https://browsergate.eu/

LinkedIn Is Illegally Searching Your Computer

Microsoft is running one of the largest corporate espionage operations in modern history. Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm. The user is never asked. Never told. LinkedIn’s privacy policy does not mention it. Because LinkedIn knows each user’s real name, employer, and job title, it is not searching anonymous visitors. It is searching identified people at identified companies. Millions of companies. Every day. All over the world.

BrowserGate
Show threadGrant_H15h ago

@brunomiguel

Avoiding Chrome (Chromium?) browsers seems a possible start to mitigation?

Show threadBruno Miguel
@grant_h maybe. But given this on Chromium-based browsers, there's a chance that something similar might exist for other browsers, too
7:06pmWeb
Show threadTorf und Schnee14h ago
@brunomiguel @grant_h details matter, though. Especially as the info tells about browser extensions rather than software (which browser normally should not even offer access to).
Show threadBruno Miguel14h ago
@torf @grant_h browser extension info can be useful for a malicious actor
Show threadTorf und Schnee12h ago
@brunomiguel @grant_h still, there is a significant difference in the access level.
Show threadNeil14h ago

@brunomiguel @grant_h I agree. If they don't have something like that for Firefox and other browsers, they'll make it.

And don't think for a moment that they're the only ones doing it.

Show threadNoa12h ago
@brunomiguel @grant_h it does. It's called "fingerprinting". This is the norm for large websites that advertise. They do this to assign digital IDs to everyone so they can build advertising profiles & sell all the data. "Age Verification" will make this problem worse because it'll link these profiles to a government ID.
Show threadDantali0n  4h ago

@brunomiguel @grant_h all browsers suffer from this, its a javascript call implemented by all major browser to query installed fonts that can be abused (iirc but its been a while)

Use an extension like CanvasBlocker to spoof these requests: https://github.com/kkapsner/CanvasBlocker

GitHub - kkapsner/CanvasBlocker: A Firefox extension to protect from being fingerprinted.

A Firefox extension to protect from being fingerprinted. - kkapsner/CanvasBlocker

GitHub