Microsoft is running one of the largest corporate espionage operations in modern history. Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm. The user is never asked. Never told. LinkedIn’s privacy policy does not mention it. Because LinkedIn knows each user’s real name, employer, and job title, it is not searching anonymous visitors. It is searching identified people at identified companies. Millions of companies. Every day. All over the world.
  • Quacksalber@sh.itjust.works
    12·
    16 hours ago

    My question is how. Am I too naive to believe that the browser, Firefox in my case, would stop a webpage from crawling your computer?

    • DrWorm@piefed.blahaj.zoneEnglish
      7·
      13 hours ago

      It looks like the attack only works on Chrome (or Chrome based browsers).

      They have 2 methods for figuring out which extensions are used: asking the browser for files related to each of the 6000+ extensions they scan for, and checking the DOM for injected content

      But that doesn’t mean that Firefox couldn’t be targeted in the future.

      A good way to protect yourself is to use uBlock Origin or something similar, which will block the collected data from getting sent to LinkedIn

      • TheSlad@sh.itjust.works
        4·
        12 hours ago

        Extensions? It just said software above.

        Is it actually scanning for installed software on the system or just chrome extensions?

        • DrWorm@piefed.blahaj.zoneEnglish
          4·
          11 hours ago

          Yeah it’s a bit dishonest

          Instead of

          hidden code searches their computer for installed software

          I would say

          hidden code searches their browser for installed extensions