Nicolas Vivant 1d ago

J'ai vérifié les allégations de https://browsergate.eu (LinkedIn scanne plus de 6000 extensions de Chrome au démarrage).

1. c'est vrai
2. Firefox n'est pas impacté

Vidéo du scan : https://video.echirolles.fr/w/2dqppRwX17JEdMWFRkHZhm

**Attention** : https://colter.social/@nicolasvivant/116347596162403178

cc @ploum @nitot

#LinkedIn #Browsergate

LinkedIn Is Illegally Searching Your Computer

Microsoft is running one of the largest corporate espionage operations in modern history. Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm. The user is never asked. Never told. LinkedIn’s privacy policy does not mention it. Because LinkedIn knows each user’s real name, employer, and job title, it is not searching anonymous visitors. It is searching identified people at identified companies. Millions of companies. Every day. All over the world.

BrowserGate
Show threadNicolas Vivant 1d ago
J'ai aussi récupéré le script chz0wee66axxwvysl0xusopqe.js et j'ai vérifié dans le code : effectivement, plus de 6000 IDs d'extensions sont testées, et elles correspondent à ce qui est indiqué sur https://browsergate.eu
LinkedIn Is Illegally Searching Your Computer

Microsoft is running one of the largest corporate espionage operations in modern history. Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm. The user is never asked. Never told. LinkedIn’s privacy policy does not mention it. Because LinkedIn knows each user’s real name, employer, and job title, it is not searching anonymous visitors. It is searching identified people at identified companies. Millions of companies. Every day. All over the world.

BrowserGate
Show threadJulien W.1d ago
@nicolasvivant as-tu pu vérifier les extensions en question ? Il semble que ce soit que des trucs de merde (scrappers, ai, des trucs comme ça)
Show threadNicolas Vivant 1d ago

@julienw

Pas toutes, mais j'ai pris quelques IDs au hasard dans le script, et ils correspondaient effectivement à ce que le site indique ici : https://browsergate.eu/extensions/

Scanned Extensions Database

6,222 extensions. Zero consent. Every time you visit LinkedIn, a hidden JavaScript program scans your browser for installed Chrome extensions. No notice. No opt-in. No mention in their privacy policy. The scan doesn’t just look for LinkedIn-related tools. It identifies whether you use an Islamic content filter (PordaAI — “Blur Haram objects, real-time AI for Islamic values”), whether you’ve installed an anti-Zionist political tagger (Anti-Zionist Tag), or a tool designed for neurodivergent users (simplify). Under GDPR Article 9, processing data that reveals religious beliefs, political opinions, or health conditions requires explicit consent. LinkedIn obtains none.

BrowserGate
Show threadJulien W.1d ago
@nicolasvivant j'ai cherché rapidement certaines extensions connues , rien de spécial... On dirait que ce sont des extensions qui scrappent LinkedIn pour fournir des services supplémentaires (pas forcément shady d'ailleurs ? code source des extensions à étudier...)
Show threadJulien W.
@nicolasvivant mais pas de ublock, privacy badger, dark mode, etc
Apr 4 at 12:43pmWeb