Microsoft is running one of the largest corporate espionage operations in modern history. Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm. The user is never asked. Never told. LinkedIn’s privacy policy does not mention it. Because LinkedIn knows each user’s real name, employer, and job title, it is not searching anonymous visitors. It is searching identified people at identified companies. Millions of companies. Every day. All over the world.
  • mlfh@lemmy.sdf.orgEnglish
    2·
    4 days ago

    Since this is being posted fucking everywhere with the same sensational headline that makes it look like linkedin is jumping out of the browser to scan your actual filesystems, here’s an exerpt from the site linked:

    The Attack: How it works
    Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions. The scan probes for thousands of specific extensions by ID, collects the results, encrypts them, and transmits them to LinkedIn’s servers. The entire process happens in the background. There is no consent dialog, no notification, no mention of it in LinkedIn’s privacy policy.

    It’s enumerating the browser extensions you have installed.

    • ActualGrapesTasteGreen@piefed.zipEnglish
      2·
      4 days ago

      This should be top comment in every post of this article. It doesn’t make what they’re doing ok, but it’s less sensational.

      Honestly I’m surprised any browsers let arbitrary websites list installed extensions.