Summary
A recent report dubbed **BrowserGate** has revealed that **LinkedIn** is using hidden JavaScript scripts to scan visitors' browsers for over **6,000** installed extensions and collect device data. The report claims that this behavior is used to collect sensitive personal and corporate information, as **LinkedIn** accounts are tied to real identities, employers, and job roles. The company has confirmed that it detects specific browser extensions, but claims that the information is used to protect the platform and its users. This has raised concerns about **privacy** and **data collection**. [[linkedin|LinkedIn]] has been accused of using this data to identify users of third-party tools and send enforcement threats. [[microsoft|Microsoft]] has not commented on the matter. The incident has sparked a debate about the balance between **security** and **privacy**. [[browser-extensions|Browser extensions]] are a crucial part of the browsing experience, and users are concerned about the potential risks of **data collection**.
Key Takeaways
- **LinkedIn** is using hidden JavaScript scripts to scan visitors' browsers for installed extensions
- **LinkedIn** is collecting device data, including CPU core count, available memory, screen resolution, timezone, language settings, battery status, audio information, and storage features
- The company has confirmed that it detects specific browser extensions, but claims that the information is used to protect the platform and its users
- The incident has raised concerns about **privacy** and **security**, and has sparked a debate about the balance between **security** and **privacy**
- Users can take several steps to protect their **privacy** and **security** on **LinkedIn**, including reviewing their browser extensions and device settings
Balanced Perspective
The **BrowserGate** report has raised concerns about **privacy** and **data collection**, but it is essential to consider the context and motivations behind **LinkedIn**'s actions. The company may be using **fingerprinting** techniques to build unique browser profiles and track users across websites, but this may also be a necessary measure to prevent **scraping** and other malicious activities. [[data-privacy|Data privacy]] experts are calling for a balanced approach that takes into account both **security** and **privacy** concerns. The incident highlights the need for **regulatory clarity** and **industry standards** for **data collection** practices. [[regulatory-affairs|Regulatory affairs]] experts are weighing in on the matter, and some are calling for stricter regulations on **data collection**.
Optimistic View
The **BrowserGate** report has brought attention to the importance of **transparency** and **accountability** in **data collection** practices. **LinkedIn**'s actions may be seen as a necessary measure to protect the platform and its users from **scraping** and other malicious activities. The company's efforts to detect and prevent **unauthorized access** to user data may be viewed as a positive step towards **security** and **privacy**. [[cybersecurity|Cybersecurity]] experts are praising **LinkedIn**'s efforts to stay ahead of **threats** and **vulnerabilities**. However, the company must be transparent about its **data collection** practices and ensure that users are informed about the data being collected and how it is being used.
Critical View
The **BrowserGate** report has revealed a disturbing pattern of **data collection** and **surveillance** by **LinkedIn**. The company's use of **fingerprinting** techniques to build unique browser profiles and track users across websites is a significant concern for **privacy** and **security**. The fact that **LinkedIn** is scanning for over **6,000** browser extensions and collecting device data without users' knowledge or consent is a clear violation of **trust** and **transparency**. [[privacy-advocacy|Privacy advocacy]] groups are calling for **LinkedIn** to be held accountable for its actions and for **regulatory action** to be taken to prevent similar incidents in the future.
Source
Originally reported by BleepingComputer