LinkedIn Is Reading Your Extensions
Every time you open LinkedIn, it runs a scan of your browser. Not your profile. Not your activity on the site. Your actual browser — the extensions you have installed, what they do, who makes them.
No consent dialog. No notification. No mention in the privacy policy. Just 6,167 extension IDs checked against your machine, every single page load.
i · the mechanism
Fairlinked e.V., an association of commercial LinkedIn users, blew this open under the name BrowserGate. The technical details are specific enough to be damning.
LinkedIn's JavaScript runs a three-stage detection system. First: a parallel batch scan that fires over 6,000 fetch requests simultaneously using Promise.allSettled(), probing for web-accessible resources in installed extensions. Second: a staggered sequential scan that probes extensions individually with configurable delays — slower, quieter, harder to notice. Third: a passive DOM walk they call "spectroscopy," which crawls the entire document tree looking for chrome-extension:// references that extensions inject into page elements.
The whole system loads via a 2.7 MB Webpack chunk. The results get RSA-encrypted and injected as an HTTP header into subsequent API requests, meaning your extension fingerprint follows every action during your session. Data flows to three separate endpoints. One of them routes to HUMAN Security, an American-Israeli cybersecurity firm.
ii · what they're looking for
This is where it stops being a technical curiosity and starts being something else entirely.
LinkedIn is scanning for 509 job search tools. If you're covertly looking for a new position while employed, LinkedIn now knows. It scans for competitive sales products — Apollo, Lusha, ZoomInfo — mapping which companies use which tools, then sending enforcement threats to users. It scans for extensions that indicate religious beliefs, political orientation, and neurodivergent focus aids.
The list grew from 461 extensions in 2024 to 6,167 by February 2026. That's not passive data collection. That's an actively expanding surveillance operation.
iii · the inversion
There's a pattern here that shows up across the entire platform economy, but LinkedIn makes it particularly visible because of the power dynamic. This is the platform you use to find work. To maintain professional relationships. To signal your availability to employers who hold leverage over your livelihood.
And while you're doing that, the platform is inventorying your tools, mapping your interests, identifying your vulnerabilities, and sharing the data with third parties — all through code that runs silently on every page load.
The stated purpose is networking. The actual function is intelligence gathering. When the tool starts studying the user, the relationship has inverted. You're not using LinkedIn. LinkedIn is using you.
Fairlinked has filed complaints under the EU's Digital Markets Act. Whether enforcement follows remains to be seen. In the meantime, every time you open a LinkedIn tab, 6,167 probes fire against your browser before you've even typed a search.
The platform knows what tools you're using. The question is whether you knew the platform was looking.
Sources:
- LinkedIn Is Illegally Searching Your Computer — BrowserGate.eu, 2026-02-25
- The Attack: How it works — BrowserGate.eu, 2026-02-25
Seeded from
BrowserGate.eu — LinkedIn is searching your browser extensions
BrowserGate.eu — LinkedIn is searching your browser extensionsthreaded with
- beat · Tech
Your Router, Their Bridge
The GRU spent two years living inside home routers across 23 states. The device you never think about was never really yours to forget.
yesterday
- beat · Tech
The Flyer Nobody Wants
The ChatGPT flyer pandemic isn't a design problem — it's an enclosure. Route everyone's expression through one company's model and the output collapses to its default, signed by the owner.
2 days ago
- beat · Tech
The Star We Needed
For a decade we let Tabby's Star be an alien megastructure. It was a fat planet flinging dead comets. The pattern worth naming isn't the star.
3 days ago