Microsoft is running one of the largest corporate espionage operations in modern history. Every time any of LinkedIn’s one billion users visits linkedin.com, hidden code searches their computer for installed software, collects the results, and transmits them to LinkedIn’s servers and to third-party companies including an American-Israeli cybersecurity firm.
That sounds… normal? and maybe even sensible, especially if LinkedIn does SSR, since that could allow the servers know how to tailor the content to the specific browser requesting a page.
In what fucking world is it “normal” or “sensible” to scan your browser extensions to decide how to render a page? Please explain.
I’ve been doing web development for 30 years (since the time when “SSR” was just called “building a web app”) and I have not once ever had the desire or need to do this.
I can only think of reasons that are meant to block you based on what you are using to augment your browsing experience.
The reason is fingerprinting. Verrrry old technique. Adtech stuff. You might collect browser extension, webgl information, CPU core count, screen resolution, IP address, reverse dns, locale, headers, user agent, akamai hash, etc. The reason is so that these metrics can then be enriched to build a consumer profile and used in analytics
Thanks, I worked in adtech for a number of years so I’m aware of this use case. I could tell some stories that would likely surprise you at how sophisticated that industry has been for a long time, even as long as 10-15 years ago.
But the parent post specifically said this was “sensible” and maybe “normal” to do this to decide how to render a page. My question was specifically how that claim makes sense at all.
That might have been a sensible argument 20 years ago. Mozilla has spent the last 5 or so slowly stripping most of that out for “anti-fingerprinting” without breaking website layout.
I have been doing web development pretty much since the web was created.
“Sniffing your browser extensions is normal to be able to render the page correctly” is not and was never a sensible argument. 20 years ago, neither Chrome nor the iPhone existed yet. Most people browsed the web on computers, and “works best in Internet Explorer” was widespread. Web developers were lazy and many of them literally only tested their sites in IE on Windows. Browser extensions themselves were much more of a niche thing since IE didn’t support them.
I will have to yield to your experience then. I mainly thought of it as a naive type of sensible argument, given people were not all that concerned about tracking and particularly browser fingerprinting. I guess back then, the main thing was web developers who used flash needed to check for it. But those people were anti-open web back then and deserved to be ignored by the browser makers.
I am guessing you were strongly in the open web camp back then. I am glad we sort of won that particular battle, even if we lost so many others.
Yeah, you’re right on that you needed to check for Flash if your site used it. But at the risk of sounding overly pedantic: Flash wasn’t a browser extension either; it was a plugin, which though named similarly were completely different implementation-wise. Browser plugins are not really supported anymore in 2026, due to them having essentially unrestricted access to the host machine.