Why is LinkedIn enumerating my browser extensions? – prompts for the machine at the center of the galaxy and other random blips (mostly security)
Why is LinkedIn enumerating my browser extensions?
Update: most likely related to
Why is LinkedIn enumerating my browser extensions?
Update: most likely related to
Why is LinkedIn enumerating my browser extensions?
Update: most likely related to
Why is LinkedIn enumerating my browser extensions?
13 Jul, 2026
Why is LinkedIn enumerating my browser extensions?
Update: most likely related to this. Old news. Womp Womp...
I built this browser extension because I wanted a quick way to see what websites are actually doing in the background without firing up an instance of burpsuite every time. The idea was to track what data is being sent to third parties, throw in some lightweight secrets parsing, and flag anything that looked weird or worth digging into.
While tasting the fruits of my labor, I started poking around some bigger sites and LinkedIn immediately stood out. The entire time I was on the site, I was seeing what looked like an active brute-force enumeration of browser extension identifiers happening in the background.
In the time I was there (just a couple of minutes), over a thousand enumeration attempts were logged (and it kept going). I didn't stay long enough to see exactly how many it was trying to fingerprint.
This is one looking for chrome-extension://acbkoglpbifchpodigkdamcmkakjenpk/popup/popup.html, for example:
url: chrome-extension://acbkoglpbifchpodigkdamcmkakjenpk/popup/popup.html<br>method: GET (fetch)<br>party: third-party<br>time: 2026-07-13T00:53:37.926Z<br>status: error<br>duration: 1 ms<br>error: Failed to fetch
I can understand a few queries for extensions that might be specific to the site you're on (e.g., Facebook appears to do this too):
But that's a scan for just a few, possibly related to some media casting functionality, not thousands in a quasi-sequential, brute-force fashion.
Maybe there's some legit internal reason for this, but from a privacy perspective, it sets off alarms. Why so many? Are they looking for malicious extensions related to their own property? So many questions, and I didn't bother to check the extension identifiers against publicly available extensions, but what is the purpose here? Most users have no idea how much fingerprinting, tracking, and background data is being passed to who-knows-where while they're just browsing a website. Unless you're actively instrumenting the browser and watching the traffic, this stuff is basically invisible.