Mastodawn

WARNING: LinkedIn has your profile. They have more from illegally spying on you.

“LinkedIn started injecting malicious code into the browsers of their users, without their knowledge or their consent. At the time of writing, this code downloads a list of 6,222 software products and brute-forces the detection of each one.”

More info:
https://browsergate.eu/executive-summary/

What you can do:
https://browsergate.eu/take-action/

🧵 1/2

#BrowserGate #LinkedIn #InfoSec #OpSec #Privacy #Crime #YouAreTheProduct #Microsoft

Show thread

Mark Wyner Won’t Comply

10h ago

The BrowserGate folks have provided an evidence pack, proving the scraping of data from your computer.

This includes a sworn affidavit by LinkedIn’s Senior Manager of Software Engineering and Machine Learning, Milinda Lakkam. It’s an admission of guilt. Under oath.

https://browsergate.eu/the-evidence-pack/

🧵 2/2

#BrowserGate #LinkedIn #InfoSec #OpSec #Privacy #Crime #YouAreTheProduct #Microsoft

The Evidence Pack

Everything on this page is independently verifiable. The source code speaks for itself. Its own engineer, under oath, admits it. Exhibit 1 — LinkedIn’s JavaScript bundle File: 5fdhwcppjcvqvxsawd8pg1n51.js Size: ~2.7 MB (13,159 lines of minified JavaScript) Webpack chunk: chunk.905 This is the file LinkedIn serves to every Chrome user who visits linkedin.com. It contains a hardcoded array of 6,222 Chrome extension IDs, each paired with a specific internal file path that LinkedIn engineers mapped for detection.

BrowserGate

Show thread

Morgunin 9h ago

@markwyner

This makes me incredibly glad to have gotten away from that hellhole of a website.

Show thread

Jarrod Urban 7h ago

@markwyner Did you read the affidavit? From what I can gather, your statement is not true.

Show thread

Demokritus Jorik

6h ago

@jarrodu @markwyner please elaborate.

Show thread

Jarrod Urban 6h ago

@serigala_tropis @markwyner They use machine learning to infer users using scraping tools. This is what the affidavit says. It does not mean they are scanning people computers.

They also say why they are doing this. It is a defensive move to reduce traffic that violates their terms of service and that can lead to service outages.

It is worth reading. It is just a few pages long.

https://browsergate.eu/downloads/Lakam-affidavit-redacted.pdf

Show thread

Demokritus Jorik

6h ago

@jarrodu @markwyner boosted so I hope more people can see your post.

Show thread

Mark Wyner Won’t Comply

Thank you for this.

@markwyner good thing i have been using linkedin on @duckduckgo
I sure hope this is safer route.

Show thread

Mark Wyner Won’t Comply

7m ago

@sergiodomeyko

That’s the thing. If you’re not on Chrome and don’t have one of those extensions installed, the issues seems moot.

@duckduckgo

Show thread

Michael Gale 9h ago

@markwyner woooow

Really hectically messed up shi

Show thread

Dźwiedziu 9h ago

@markwyner
Exercise caution about this revelation:
https://mstdn.social/@rysiek/116337205401370428

@darth_hideout

Michał "rysiek" Woźniak · 🇺🇦 (@[email protected])

There is a fresh thing going around about LinkedIn scanning extensions installed in Chrome/Chromium: https://browsergate.eu/ The website claims "LinkedIn is Illegally Searching Your Computer", and implies the purpose is to find "religious beliefs, political opinions, disabilities". tl;dr: - yes, LinkedIn is scanning through a list of 6k+ extensions on Chrome; - yes, this is bad; - but the website is disingenuous in making unnecessarily overblown claims. 🧵 #LinkedIn #BrowserGate #Privacy

Mastodon 🐘

Show thread

Mark Wyner Won’t Comply

10m ago

@dzwiedziu

Thank you for that. 🙌🏻

@darth_hideout

Show thread