LinkedIn runs an extension scan against a hardcoded list of 6,278 Chrome extensions on every visit. Detected results are packaged into encrypted telemetry and injected as an HTTP header into every subsequent API request during your session. This data can be used to identify your religious affiliations, tax-bracket, job search intent, and more.
I verified this myself and traced the implementation. Details and the technical breakdown in the article.
I guess that's what they're hoping for. With my admittedly biased opinion of the average linkedin user, about 99% will have the default set of extensions installed and so will not be very useful. Those users might have other identifiers of course, so who knows.
i just don't open the main page with the feed. i practically don't notice it's there. i have the messages view open, and i check notifications. i also don't follow anyone (except my contacts)
It's tough to generate revenue that isn't through ads.
That said, if the users could organize into special interest groups and create a walled-garden with default no ads, and then gate-keep advertisers to a permitted white-list.
"What is not a question is that a criminal investigation is now open."
Good. These companies deserve each and every stone thrown at them, and much more.
It isn’t exactly. They created a list of known extensions by their id and a file which is known to exist in that extension. The site iterates over each pair and tries to load that file, if it doesn’t error it knows the extension is installed. It’s a clever and difficult manual process, but it does bypass the security trying to prevent this kind of thing.
I read that their reasoning is it exists to block users that use known scraper extensions which bypass their terms of use. But don’t entirely buy that.
This is how I interpreted the original question and indeed it makes no sense, JavaScript from a website should not be allowed to interact with extensions like this.
Is that information available to websites? I figured they were doing some kind of novel hackery to self-detect extensions based on behaviour that would only happen if X extension was installed.
But that would be a lot of work for 6,300 extensions. Unless someone offers that as a service?
Is this a hallucination? I can't find this quote anywhere else.
> According to browsergate, Milinda Lakkam confirmed this under oath, saying, "LinkedIn took action against users who had specific extensions installed."
friends, WHEN you are asked to implement something like this at your job, which will you choose: object (& hold ground, loose job) OR comply (& keep job)
as practitioners, where do we hold the line between telemetry and surveillance?
I choose not to work at places like linked in, meta, or any place that accepts Saudi or Israeli funding. It makes it a little harder to find a job, but i sleep better at night.
Anyway, for those in this situation, an anecdote. I've outright refused to do questionable things and kept my job. In States where I should be easy to fire, even! I've also played incompetent so the sharks look elsewhere. Point being... options exist, don't negotiate [only] with yourself.
I wonder the same. Maybe it's made by people who feel like they wouldn't easily find another job and need the job for healthcare or financial reasons (living paycheck to paycheck)? And it's ordered by managers in similar situations, whose managers want to see increased revenue and don't care how? Somewhere in the chain it feels like there should be someone who says 'wtf are we doing'. It's strange
To answer your question though: I'd object of course, I'm very lucky to be well enough off that I can currently make that choice without serious repercussions. Do you think someone would come out on HN and say "oh sure yeah I have no morals!", at least without it being a throwaway where you'd have no idea if it's real?
This is re-posted article from the author's Substack that does a pretty bad job of explaining the situation. The second link in the article is supposed to take you to a "GitHub repository tracking the extension list" but it goes to a GitHub page for a plugin that hasn't been updated in 9 years.
It has a lot of hallmarks of LLM writings ("It's not this, it's that" and feeling like a lot of empty words rehydrated from an outline) while missing the real updates in the story like the German affidavit filed by a LinkedIn engineer who worked on these tools.
A key piece of information that this article omits is that the list of extensions being scanned for doesn't include anything you'd recognize or anything you'd even think to install. It's full of data extraction tools, scrapers, AI spam and recruiting tools (remember all those automated spammy LinkedIn messages you got?), and plugins masquerading as simple things that have been pulled from the extension store for violations.
A lot of articles have been trying hard to distract from this fact by highlighting that the list of extension includes things like a plugin designed to simplify web pages for neurodivergent users or an "anti-Zionist political tagger" to imply that they're trying to do fingerprinting based on those attributes, but they neglect to mention that those plugins were pulled from the extension store most likely because they were data exfiltrators dressed up as simple plugins to get people to install them.
But read that site carefully and actually try to click the links. In this section they're trying to direct your attention away from all of the AI spam and data extraction tools with this section:
> The scan doesn’t just look for LinkedIn-related tools. It identifies whether you use an Islamic content filter (PordaAI — “Blur Haram objects, real-time AI for Islamic values”), whether you’ve installed an anti-Zionist political tagger (Anti-Zionist Tag), or a tool designed for neurodivergent users (simplify).
But click the links. They've all been pulled from the store. Extensions like that are often bait to get people to install scrapers that will use your computer and LinkedIn login to extract data and send it back to their servers.
So regardless of where you stand on probing for the presence of these scammy extensions, you should at least understand the facts rather than the story that companies like this are trying to sell you to drive traffic to their product.
DDG searches say this is something for linkedin. - I had two tabs for linkedin open but left behind as I opened other tabs to research.
So I had not reopened these tabs in over 9 hours and they are still just humming along sucking down almost 10% of cpu and a couple gigs of ram for what?
This is firefox with ublock origin - quick searches saw malwarebytes browser guard considered it (protechts.net) malware for a bit and then took it off the list of things it blocked / warned about.
Not sure this is related to the scan mentioned, but it may be related to the overall concerns about data and unknown usage of resources.
I'm considering blocking this at the dns hosts level at this point.
Interesting, so would Safari prevent this? I tried moving to Safari and honestly loved everything except I use my google accounts now for authenticating with to many services and that was a pain compared to chrome.
I honestly kind of forget the exact annoyances because it has been some time. I want to say I had to reauth every time I wanted to SSO with my google account because it doesn't allow/deletes third party cookies.
> Update to our terms and data use As of November 3, 2025, we are using some of your Linkedin data to improve the content-generating Al that enhances your experience, unless you opt out in your settings. We also updated our terms. See what's new and how to manage your data.
Frankly, it is unacceptable to tell a user "oh we have been using your personal data for 5 months already and will continue to do so unless you explicitly opt out". Are there any transparent alternatives to LinkedIn (not the trust me bro variant)?
Wasn't this specifically some lame-ass attempt to combat some click fraud or something these extensions were doing? And aren't these articles specifically coming from the person doing the fraud (which is why they know about the extension scanning)?
To be clear, LinkedIn shouldn't be scanning your browser extensions, but still. The ultimate problem is that browser extensions are a powerful malware vector and there's a huge market of people buying little utilities off of solo developers to enshittify them.
> Wasn't this specifically some lame-ass attempt to combat some click fraud or something these extensions were doing?
No. That you believed that was just an unfortunate consequence of HN's kneejerk tendency to upvote middlebrow dismissals to the top comment, which resulted in people rushing to craft apologetics for what is in reality bonafide scumminess on LinkedIn's part, which itself resulted in confabulations like the claim that, "It was all extensions related to spamming and scraping LinkedIn last time this was posted"—which is simply untrue.
I verified this myself and traced the implementation. Details and the technical breakdown in the article.
Both are concerns, but sending interpretable data is a more serious concern.
I scanned through the article and did not see an example of the header it added.
I think 99% are identifiable
1. Doesn't have the spam
2. That doesn't look like it's from 2008
3. That only developers / engineers / tech folks can join
4. Doesn't try to log into your email to steal your contact list
5. That doesn't track you or your extensions / browser fingerprint
6. That doesn't have a bunch of fake "linkedinmaxxing" garbage content
7. that doesn't have marketers and recruiters, etc.
8. ...
We have the ability to vibe these things over a weekend, yet getting to the critical mass/tipping point of adoption is something else.
Whatever happened to: if you build it, they will come?
- A professional profile page
- Contacts
- Introductions/referrals
- Ask my (sub-)network?
Anything else?
Exportable format so I can leave if needed.
That said, if the users could organize into special interest groups and create a walled-garden with default no ads, and then gate-keep advertisers to a permitted white-list.
I dunno, I'm just spit-ballin
They’re basically the only reason I’m there.
I read that their reasoning is it exists to block users that use known scraper extensions which bypass their terms of use. But don’t entirely buy that.
But that would be a lot of work for 6,300 extensions. Unless someone offers that as a service?
> According to browsergate, Milinda Lakkam confirmed this under oath, saying, "LinkedIn took action against users who had specific extensions installed."
https://browsergate.eu/the-evidence-pack/
Edit: nice! I just notice indent-formatted text is now wrapping on mobile browsers. (Or at least ffm.) I wonder how long that's been fixed...Paragraph 4 Document: Eidesstattliche Versicherung / Affidavit. Declarant: Milinda Lakkam, Senior Manager, Software Engineering and Machine Learning, LinkedIn Corporation Filed: February 6, 2026, Mountain View, California Court reference: Anlage AG 4
as practitioners, where do we hold the line between telemetry and surveillance?
If that's the game you're playing tho, maybe time to find another job too ;)
Anyway, for those in this situation, an anecdote. I've outright refused to do questionable things and kept my job. In States where I should be easy to fire, even! I've also played incompetent so the sharks look elsewhere. Point being... options exist, don't negotiate [only] with yourself.
As they say, better to be a poor master than a rich slave.
To answer your question though: I'd object of course, I'm very lucky to be well enough off that I can currently make that choice without serious repercussions. Do you think someone would come out on HN and say "oh sure yeah I have no morals!", at least without it being a throwaway where you'd have no idea if it's real?
It has a lot of hallmarks of LLM writings ("It's not this, it's that" and feeling like a lot of empty words rehydrated from an outline) while missing the real updates in the story like the German affidavit filed by a LinkedIn engineer who worked on these tools.
A key piece of information that this article omits is that the list of extensions being scanned for doesn't include anything you'd recognize or anything you'd even think to install. It's full of data extraction tools, scrapers, AI spam and recruiting tools (remember all those automated spammy LinkedIn messages you got?), and plugins masquerading as simple things that have been pulled from the extension store for violations.
A lot of articles have been trying hard to distract from this fact by highlighting that the list of extension includes things like a plugin designed to simplify web pages for neurodivergent users or an "anti-Zionist political tagger" to imply that they're trying to do fingerprinting based on those attributes, but they neglect to mention that those plugins were pulled from the extension store most likely because they were data exfiltrators dressed up as simple plugins to get people to install them.
An updated list is available here: https://browsergate.eu/extensions/
But read that site carefully and actually try to click the links. In this section they're trying to direct your attention away from all of the AI spam and data extraction tools with this section:
> The scan doesn’t just look for LinkedIn-related tools. It identifies whether you use an Islamic content filter (PordaAI — “Blur Haram objects, real-time AI for Islamic values”), whether you’ve installed an anti-Zionist political tagger (Anti-Zionist Tag), or a tool designed for neurodivergent users (simplify).
But click the links. They've all been pulled from the store. Extensions like that are often bait to get people to install scrapers that will use your computer and LinkedIn login to extract data and send it back to their servers.
So regardless of where you stand on probing for the presence of these scammy extensions, you should at least understand the facts rather than the story that companies like this are trying to sell you to drive traffic to their product.
I suggest cutting through the ragebait journalism and reading more directly from a recent source, like this affidavit filed in Germany by a LinkedIn engineer familiar with the project: https://browsergate.eu/downloads/Lakam-affidavit-redacted.pd...
recently while trying to decipher why computer was at 98% memory and 65% cpu
one of the culprits is https://li.protechts.net taking 2GB ram and 8% cpu.
DDG searches say this is something for linkedin. - I had two tabs for linkedin open but left behind as I opened other tabs to research.
So I had not reopened these tabs in over 9 hours and they are still just humming along sucking down almost 10% of cpu and a couple gigs of ram for what?
This is firefox with ublock origin - quick searches saw malwarebytes browser guard considered it (protechts.net) malware for a bit and then took it off the list of things it blocked / warned about.
Not sure this is related to the scan mentioned, but it may be related to the overall concerns about data and unknown usage of resources.
I'm considering blocking this at the dns hosts level at this point.
repost of my comment 28 days ago
* I use Edge bcs of the vertical tabs — Safari's equivalent is a poor substitute. Firefox didn't seem to have vertical tabs last time I checked.
Chrome for some reason (still!) gives extensions static ids. Firefox has the id change per firefox instance.
Discussion: https://news.ycombinator.com/item?id=47613981
> Update to our terms and data use As of November 3, 2025, we are using some of your Linkedin data to improve the content-generating Al that enhances your experience, unless you opt out in your settings. We also updated our terms. See what's new and how to manage your data.
Frankly, it is unacceptable to tell a user "oh we have been using your personal data for 5 months already and will continue to do so unless you explicitly opt out". Are there any transparent alternatives to LinkedIn (not the trust me bro variant)?
To be clear, LinkedIn shouldn't be scanning your browser extensions, but still. The ultimate problem is that browser extensions are a powerful malware vector and there's a huge market of people buying little utilities off of solo developers to enshittify them.
Correct
Yes there are other problems in the world and we can JAQ the messanger too.
No. That you believed that was just an unfortunate consequence of HN's kneejerk tendency to upvote middlebrow dismissals to the top comment, which resulted in people rushing to craft apologetics for what is in reality bonafide scumminess on LinkedIn's part, which itself resulted in confabulations like the claim that, "It was all extensions related to spamming and scraping LinkedIn last time this was posted"—which is simply untrue.