LinkedIn scans visitors' browsers for 6,000+ extensions in 'BrowserGate' tracking

LinkedIn has been found injecting JavaScript that stealthily scans visitors' browsers for 6,236 Chrome extensions and collects detailed hardware telemetry, according to a security analysis reported by Tom's Hardware. The fingerprinting script runs on every page load without explicit user consent, probing for installed browser add-ons that could reveal user preferences, security tools, or competitive products. The practice, dubbed 'BrowserGate' by researchers, extends beyond typical analytics to gather device-level data including screen specifications, memory, and processor information. Privacy advocates argue the technique violates principles of data minimization and informed consent under regulations like GDPR, potentially exposing users to targeted profiling or security risks through extension enumeration. LinkedIn, owned by Microsoft, has not publicly addressed the findings. The discovery adds to scrutiny of platform surveillance practices as regulators increasingly challenge the legal basis for extensive browser fingerprinting.