LinkedIn defends extension probing as necessary measure against platform abuse

A recent investigation into LinkedIn’s "resource probing" practices has led security experts to label the controversy a "nothing burger."

The practice involves LinkedIn’s JavaScript checking for the presence of over 6,000 browser extensions when the platform is accessed via Chromium-based browsers.

Tyler Reguly, Associate Director of Security R&D at Fortra, conducted an independent assessment and confirmed that while the probing occurs, it does not involve malicious code or a full scan of the user’s computer. Instead, it is a simple technique used to determine if specific extensions are active.

Reguly’s testing of a 10% sample of the flagged extensions revealed that many were "the worst of the worst," featuring intrusive behaviours such as altering homepages, adding unsolicited bookmarks, or even playing music automatically.

He noted that only about 2,000 of the 6,000 listed extensions are realistically detectable. His working theory is that LinkedIn utilises this data to defend against automated data scrapers and account anomalies rather than to build individual user profiles.

LinkedIn has defended the practice, stating the information is used to ensure extensions do not violate their terms of service or compromise account integrity.

While the security verdict is largely benign, legal experts like Ilia Kolochenko warn that the lack of user notification could pose risks under the GDPR.

Stealthy data collection for commercial or defensive purposes without explicit consent remains a murky legal area.

Nevertheless, Reguly suggests the published list of extension IDs could actually serve as a useful tool for IT managers looking to prohibit problematic software within their organisations.