RE: https://infosec.exchange/@beyondmachines1/116340430386264988
The story here focuses on LinkedIn, who should definitely be held accountable for what they’re doing with our data, but the real question is “Why does Chromium allow this?”
If Chromium allows this, then anyone—not just LinkedIn—can do this.
Most certainly, Google already knows all of this if you use Chromium. Meta probably does this. I’m sure others do, too.
@ramsey seen this? Story was somewhat overblown.
https://social.treehouse.systems/@vantiss/116336811478744261
since that browsergate site about LinkedIn seems to be gaining traction I figure I should mention: - yes, LinkedIn does do what's being claimed (though, it's that it probes for *specific* extensions you're running, using features in chrome's API - it doesn't "search your computer") - it does seem to have been doing this since at least as far back as [2017](https://github.com/dandrews/nefarious-linkedin), and there has been intermittent reporting on it over the years - I'm fairly confident the copy on the site was generated by (or at least went through) an LLM, so idk that this site is the best way to spread the issue around edit: and as [someone else noted in the replies](https://not-brain.d.on-t.work/notes/akl6hp4gjqcp8d7h), looking through the list of extensions of scans for... they're [pretty much all "AI"/scraper/automation plugins](https://browsergate.eu/extensions/). so, should LinkedIn be doing this, or even *able* to do this in Chrome? no! but also, it does seem like the stuff they're scanning for is all extensions that shouldn't exist to begin with tbh edit 2: please see [this follow-up post](https://social.treehouse.systems/@vantiss/116342005257886265) which proves this is just a shitty campaign by people who made an addon called "Teamfluence" that got blocked by LinkedIn
@muddle looks like in this case, LinkedIn isn’t doing it as much to fingerprint their users (though that was possibly a nice side effect for them), but rather to actually protect their brand and their users against known scrapers
… and about that, the “whistle blowers” here were apparently the developers of such a scraper that got banned, so they’re just looking to even out the competition
https://fosstodon.org/@webaware/116343475348499438
So yeah I’m all for re-evaluating such permissions that were granted early on and have since stopped making sense
This also goes for the ability to change your number when making a phone call, and so many others
@muddle hahaha that’s funny: I don’t agree that they should do this!
I’m just pointing out that as a company that’s a thing they do, generally speaking and LinkedIn in particular, because there are ways to extract monetary value out of it
And we may have gone full circle to Ben’s first post, if I’m not mistaken
@ramsey I say this with a heavy sigh and a place of sadness, not arrogance.
Chrome / Google has won. The utter vitriol and hatred of the main viable competition (FIrefox) baffles me. They're the underdog, and have to make desperate decisions to survive.
FF could *absolutely* be better. But with Manifest v3 neutering ad blockers, FF+uBlock is a much better choice even for non-technical users.
Idealist tend to forget that in war, you sometimes retreat and choose the least bad option.
blabaere ✋🔼🤚
Ben Ramsey
Ross McKay
muddle
Guillaume Rossolini
listless