Rebane
the linkedin fingerprinting you and scanning your extensions thing is a pretty good example of just how much js leaks about your browser
https://browsergate.eu/how-it-works/
The Attack: How it works

Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions. The scan probes for thousands of specific extensions by ID, collects the results, encrypts them, and transmits them to LinkedIn’s servers. The entire process happens in the background. There is no consent dialog, no notification, no mention of it in LinkedIn’s privacy policy. This page documents exactly how the system works, with line references and code excerpts from LinkedIn’s production JavaScript bundle.

BrowserGate
Apr 4 at 9:15pmWeb
Show threadRebane1d ago
i feel obliged to add some context to the link i shared:
https://bsky.app/profile/william-oconnell.bsky.social/post/3mil3dtznwc2u
William O'Connell (@william-oconnell.bsky.social)

I've seen this LinkedIn "BrowserGate" site posted a few places online. LinkedIn is "searching your computer"! It's a "mass breach of personal data"! It sounds illegal, and maybe it is, but you should know what this is really about, and who's behind it. 🧵

Bluesky Social
Show threadaura [INOP]1d ago
@rebane2001 reminds me of the old "try loading a remote resource (via css if you're sneaky) and see if it gets served from cache based on timing" fingerprinting tricks.
Show threadStefan Lindbohm1d ago
@rebane2001 @bovine3dom Chrome specifically though. Most other browsers have better privacy protections.
Show threadOliver Blanthorn1d ago

@stefanlindbohm I'm pretty sure the DOM walking works in all browsers. Less sure about fetching extension resources

of course, apps are a million times worse...

@rebane2001

Show threadPixel Dunn6h ago
@rebane2001 me with firefox: