LinkedIn and Microsoft are illegally searching your computer.

https://browsergate.eu/

Microsoft is running a large espionage campaign via LinkedIn. They are scanning for over 6000 browser extensions in Chromium based browsers without user permission.

Here's a small piece from the article:

"LinkedIn’s scan reveals the religious beliefs, political opinions, disabilities, and job search activity of identified individuals. LinkedIn scans for extensions that identify practicing Muslims, extensions that reveal political orientation, extensions built for neurodivergent users, and 509 job search tools that expose who is secretly looking for work on the very platform where their current employer can see their profile."

Click to expand...

Horrific breach of our privacy by Microsoft. Amazing how people are so quiet about this one, but when systemd adds an optional field for a users birth date and they act like the world is ending.

Priorities people...priorities.

I hate to break it to you, but Chromium has an outward facing API that lets any site read your installed extensions without asking permission.

• chrome.management.getAll() to retrieve a list of information about all installed extensions and apps.
• Returned Data: Each result includes the extension's id, name, version, enabledstatus, and permissions.

You would be hard pressed to find a site that doesn’t read that data.

It’s worth noting that even if you don’t have an extension in place that monitors the management API’s any website can push known values and see what loads to check for specific extensions.

• Probing Web-Accessible Resources:Websites can use JavaScript to try and load specific files (like images, scripts, or CSS) that belong to a known extension. If the file loads, the website knows the extension is installed and active.

Be more concerned that Google and the likes can create unique browser “fingerprints” based on the browser and what specific extensions are installed with what specific permissions are on them.

It lets them assign that fingerprint to user buckets for identifying an individual on the net. It lets sites and providers track you even if you are clearing cookies and using some form of incognito mode.

Since when wasn’t Windows one giant piece of spyware with back doors preinstalled. They were even going to get copilot to screen record you (wasting system resources) and tried to gaslight you into thinking it was some great feature.

Vermillion said:

Horrific breach of our privacy by Microsoft. Amazing how people are so quiet about this one, but when systemd adds an optional field for a users birth date and they act like the world is ending.

Priorities people...priorities.

Click to expand...

That's because this only effects people using Chrome based browsers and visiting Linkedin, which are two things that are optional. Unlike age verification which is now required by law. Why you think Microsoft has no problem with age verification when they have to steal your info like age? Who still uses Linkedin in 2026? Chrome browsers I get, except we've been saying that people should move away from Chrome for a myriad of reasons. Things like Manifest V3 and adblocking. Some FireFox extensions that I still have installed in Chrome will just refuse to function. Video DownloadHelper in Chrome will refuse to download YouTube videos, while in FireFox it happily does it. Also you missed the most important part, "collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm". Why is it when something terrible happens, that country in the middle east is usually involved?

Lakados said:

I hate to break it to you, but Chromium has an outward facing API that lets any site read your installed extensions without asking permission.

• chrome.management.getAll() to retrieve a list of information about all installed extensions and apps.
• Returned Data: Each result includes the extension's id, name, version, enabledstatus, and permissions.

You would be hard pressed to find a site that doesn’t read that data.

Click to expand...

Except just pulling extensions is not what they're doing. They add a 2.7MB piece of javascript that literally scans the entire mass storage file system of the users computer looking for stuff. While siphoning all the data they flag items that are direct competition to a piece of Microslop software in order to add more to that users tracking profile.

People act like this is no big deal because it only happens when on LinkedIn and using a Chromium based browser.

1 billion people are on LinkedIn. I don't use it but I still have an account from years ago that I keep secure so no one can cyber squat it.
Chromium based browsers are used by ~90% of all desktops and roughly 70-75% for mobile. The 2.3% that may use Firefox is a minuscule number.

Huge invasion of privacy, but again it's not an optional systemd field so it gets swept under the rug mainly with the mentality, "well it doesn't affect me!".

And honestly the browser makers should be ashamed of themselves for even allowing something like this to happen via their software.

Why not both?

More reasons to love Microsoft.

yeah i run Vivaldi and does everything i need it to without extensions, highly customizable can pick what buttons you want and where and setup shortcut keys for any function. only one i was using for a while was the one to show youtube dislikes but i kept getting subbed to channels i never heard of. problem went away after uninstallation. i tell ya installing extensions is almost as bad as installing apps on a smartphone with the list of permissions you give them. not me, i enjoy my privacy too much. but yeah F. Microsoft and F. AI

Vermillion said:

Except just pulling extensions is not what they're doing. They add a 2.7MB piece of javascript that literally scans the entire mass storage file system of the users computer looking for stuff. While siphoning all the data they flag items that are direct competition to a piece of Microslop software in order to add more to that users tracking profile.

People act like this is no big deal because it only happens when on LinkedIn and using a Chromium based browser.

1 billion people are on LinkedIn. I don't use it but I still have an account from years ago that I keep secure so no one can cyber squat it.
Chromium based browsers are used by ~90% of all desktops and roughly 70-75% for mobile. The 2.3% that may use Firefox is a minuscule number.

Huge invasion of privacy, but again it's not an optional systemd field so it gets swept under the rug mainly with the mentality, "well it doesn't affect me!".

And honestly the browser makers should be ashamed of themselves for even allowing something like this to happen via their software.

Click to expand...

I also have a post about that…
The web accessible resource probe.

It’s used by a crapload of pages to create identifiable browser fingerprints to track people.

Chromium exists to siphon user data as a marketing resource.

If you are on the Internet you have no privacy.

Vermillion said:

Huge invasion of privacy, but again it's not an optional systemd field so it gets swept under the rug mainly with the mentality, "well it doesn't affect me!".

Click to expand...

It's a big deal, but it's just something that can be avoided. If this were an SCP, it would be considered a safe class since it can be easily avoided.

And honestly the browser makers should be ashamed of themselves for even allowing something like this to happen via their software.

Click to expand...

Most of them use Chromium as the base for their browser, and we happily use it. It's not like Microsoft advertises Edge as "Powered By Chrome".

d3athf1sh said:

yeah i run Vivaldi and does everything i need it to without extensions, highly customizable can pick what buttons you want and where and setup shortcut keys for any function. only one i was using for a while was the one to show youtube dislikes but i kept getting subbed to channels i never heard of. problem went away after uninstallation. i tell ya installing extensions is almost as bad as installing apps on a smartphone with the list of permissions you give them. not me, i enjoy my privacy too much. but yeah F. Microsoft and F. AI

Click to expand...

It's irrelevant that you're using Vivaldi since the problem is it's scanning the computer directly. The code on LinkedIn doesn't require extensions to do what it does, that's only a small part of it. Even with zero extensions, it can still scan the computer. If you're on macOS, all the browser stupidness still happens, but it can't scan macOS like it can Windows.

I'm am deeply shocked and saddened to learn that the company who makes Windows 11 is spying on me.

DukenukemX said:

Who still uses Linkedin in 2026?

Click to expand...

Sadly some people have to. Just like Facebook and Google (soon to be AI search) and many other services that basically are the internet to most people.

myzz said:

Sadly some people have to. Just like Facebook and Google (soon to be AI search) and many other services that basically are the internet to most people.

Click to expand...

Well they have around 300-400 million monthly active users ... so ... a lot of people use it ... which is what makes this headline so awful. I mean even if it was 10,000 people it's still bad, but the sheer magnitude of this data theft is staggering.

I read somewhere that companies now refer to what penalties they get as "taxes" and not fines. Just a (quite affordable) cost to doing business.

Here's something to ponder about, but one of the things Microsoft was looking for when searching is if you're an anti-zionist. That's a very oddly specific thing to be searching for with someone's computer.

myzz said:

I read somewhere that companies now refer to what penalties they get as "taxes" and not fines. Just a (quite affordable) cost to doing business.

Click to expand...

If they started being fined 500 billion dollars this would end immediately. But as you said, this is basically a write off.

Vermillion said:

Except just pulling extensions is not what they're doing. They add a 2.7MB piece of javascript that literally scans the entire mass storage file system of the users computer looking for stuff. While siphoning all the data they flag items that are direct competition to a piece of Microslop software in order to add more to that users tracking profile.

Click to expand...

How is it doing that? Javascript runs in a sandbox, it is not granted file system access. It must be explicitly granted by the user.

You guys still using Linkedin? And Windows?...

pioruns said:

You guys still using Linkedin? And Windows?...

Click to expand...

* I don't love LinkedIn but it's how I got my current job.
* I don't love Windows but my day job more or less has required it since at least 2008. Find me a good Dell laptop that runs Linux and doesn't cost more than my company-supplied one and can run Office365 well, and I'd switch in an instant. Probably quite a few people would.

Lakados said:

I hate to break it to you, but Chromium has an outward facing API that lets any site read your installed extensions without asking permission.

• chrome.management.getAll() to retrieve a list of information about all installed extensions and apps.
• Returned Data: Each result includes the extension's id, name, version, enabledstatus, and permissions.

You would be hard pressed to find a site that doesn’t read that data.

Click to expand...

I'd like to gloat and say this is why I don't use Edge/Brave/Chrome, but I wouldn't be surprised if Firefox and it's forks have the same flaw. I don't understand why people prefer these closed source apps built by Google, knowing that Google is evil. How much different is one browser vs another, anyway?

Lakados said:

It’s worth noting that even if you don’t have an extension in place that monitors the management API’s any website can push known values and see what loads to check for specific extensions.

• Probing Web-Accessible Resources:Websites can use JavaScript to try and load specific files (like images, scripts, or CSS) that belong to a known extension. If the file loads, the website knows the extension is installed and active.

Be more concerned that Google and the likes can create unique browser “fingerprints” based on the browser and what specific extensions are installed with what specific permissions are on them.

It lets them assign that fingerprint to user buckets for identifying an individual on the net. It lets sites and providers track you even if you are clearing cookies and using some form of incognito mode.

Click to expand...

I get a warning from Firefox that even enabling HTML5 based image uploads is a way companies use to fingerprint you.

I absolutely despise LinkedIn, but it's a borderline necessity in a lot of fields. Especially if you're exploring new employment opportunities.

sleepeeg3 said:

I'd like to gloat and say this is why I don't use Edge/Brave/Chrome, but I wouldn't be surprised if Firefox and it's forks have the same flaw. I don't understand why people prefer these closed source apps built by Google, knowing that Google is evil. How much different is one browser vs another, anyway?


I get a warning from Firefox that even enabling HTML5 based image uploads is a way companies use to fingerprint you.

Click to expand...

Firefox has a similar one, browser.management.getall() lets a plugin view the status and permissions of other installed plugins.
It would let an app report back what other apps are installed, should they want to.

The same Java scripts, CSS, blah blah blah methods work in Firefox as well as they do in anything else for checking against a known extension list.

But there are a handful of other methods websites can use as well, not talked about above, like DOM modification scanning, it can check how the browser loaded the page versus how it was intended to load it. It's a common method for checking for ad blockers and the likes.

Basically, any tool or method for troubleshooting or verifying a website loaded correctly can be used to snoop out data on the visiting system.


HTML 5 is it's own animal, Lazy loading interception can be used to track where your cursor goes on a specific site, on error injection can be used to inject and run JavaScript, it is meant to figure out why an image didn't load, because HTML 5 tracks image files, a known image or thumbnail can be loaded into the background behind everything else so the user never sees it and those images can be used to track browsing history based on the image existing in cache or not, and HTML 5 also allows for the injection of Tracking Pixels, you can load a 1x1 transparent pixel that when loaded loggs the users IP, browser, and the refferal URL that led to that page.

sleepeeg3 said:

I'd like to gloat and say this is why I don't use Edge/Brave/Chrome, but I wouldn't be surprised if Firefox and it's forks have the same flaw. I don't understand why people prefer these closed source apps built by Google, knowing that Google is evil. How much different is one browser vs another, anyway?

Click to expand...

Chromium is open source, which is what I assume other web browsers are using to build upon. Brave is also open source and built on Chromium. When people talk about Chrome based, they are talking about Chrome itself since most people are using it, and it is not open source.

But yea, use FireFox or learn why Google is not stopping being evil. I'm still transitioning towards LibreWolf. I still got too many FireFox tabs open I need to get through.

DukenukemX said:

Chromium is open source, which is what I assume other web browsers are using to build upon. Brave is also open source and built on Chromium. When people talk about Chrome based, they are talking about Chrome itself since most people are using it, and it is not open source.

But yea, use FireFox or learn why Google is not stopping being evil. I'm still transitioning towards LibreWolf. I still got too many FireFox tabs open I need to get through.

Click to expand...

I've been on Firefox + Arkenfox + uBlock Origin lately and I don't know if I can go back to Brave at this point.

I've learned a few new things here, thanks for posting the article and thank you for the replies.

So I have a new project I'm working on with Claude ... and it's to mirror Arkenfox's obfuscation profile for Firefox and similarity fingerprinting but in a Chrome extension I can use in Brave (basically a Chromium version of Arkenfox). I'm about 90% there and Claude is doing things in an extension it's not technically supposed to do and it's honestly a very exciting project. If this proves to be worthy of distribution I'm going to put it up on GitHub. Firefox is okay, but the letterboxing required in Arkenfox makes browsing annoying. I've already managed to spoof resolution without affecting the browser at all, among other things.

Most spoofing extensions are pure trash, but if I can get the spoofing to closely mirror Arkenfox as closely as possible in Brave, it will make Brave look like another hardened Firefox arkenfox user because it'll put Brave inside the same pool of users as Arkenfox, which greatly improves anonymity than standard spoofing.

This whole Microsoft thing is fueling this project. What a bunch of jack asses.