When companies get caught doing this sort of thing, the response is almost always the same: "we're using this technology to combat fraud," or "ensure positive user experience," or "save computing resources," or some other hog wash. The simple truth, there's no reason to be collecting data that can be used to identify a user across the web if they're not signed in to your service. The harm of companies like Experian or LinkedIn being able to correlate all of your web traffic back to you is not
  • scytale@piefed.zipEnglish
    15·
    1 day ago

    What if we use the extension (uBO) to block the scanning of extensions? /s.

    Anyways, it’s for Chrome users:

    The system responsible for this lives in some JavaScript code that LinkedIn runs in every Chrome visitors browser. The file is approximately 1.6 megabytes (it’s changed since browsergate’s analysis) of minified and partially obfuscated JavaScript.

    • KatherinaReichelt@feddit.orgEnglish
      5·
      1 day ago

      That behaviour shouldn’t be possible in a browser that has its users interests in mind. The browser could limit the extentions websites could monitor for to a sensible amount. Or disable that feature at all. Or block fingerprinting by default by providing false data. But if you have the worlds biggest spy company building your browser, you will get a browser that spies