TFA explains it is looking for installed browser extensions (which sites are allowed to do)
reply"allowed" by the web browser, but almost certainly not by the end user. The law is pretty clear on this in the US:
reply> 'the term “exceeds authorized access” means to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter;'
The problem, of course, is that by clicking on a LinkedIn link, you agree to a non-negotiated contract that can change at any time, and that you have never seen. If that weren't allowed, then this sort of crap would correctly be considered "unauthorized access":
Allowed to do? Not prevented from by technical measures, but certainly not allowed to do.
replyConsidering the goal is to identify people, this is undeniably PII. As the article demonstrates, it also pertains sensitive information.
https://browsergate.eu/how-it-works/: “Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions”
reply⇒ which Chrome allows sites to do.
TFA goes into a lot of detail explaining why they "allegedly" aren't actually allowed to do so in the EU.
replyWell, they're able to do it; “allowed” to do it is an ambiguous enough phrasing that it's practically begging to have an argument whose crux is fundamentally about a differing interpretation.
replyThe author suggests a legal remedy instead of a technical one.
replyWhich is weird, because that is undeniably the hard way. Lobby Google to add protections to Chromium.
Putting bars on the windows is fine, but the bad actors still need to be punished.
replyCan you build a version of chromium where this will just return false always?
replyit can in the fantasy world of incorrect headlines
replyWhile you're at it, you should also find out why a website can scan your internal network...
replyThe title is clickbaity. The website scans the browser for installed extensions.
reply