LinkedIn is spying on you, and you agreed to nothing

In this episode of Smashing Security, hosts Graham Cluley and Dave Bittner dive into a controversial revelation about LinkedIn's hidden data collection practices. A German privacy group, Fairlinked, published the 'BrowserGate Report,' exposing that LinkedIn injects a 2.7MB JavaScript snippet into Chrome-based browsers on every visit, silently fingerprinting users by harvesting CPU details, screen resolution, battery status, language settings, and over 6,000 browser extensions—including those related to religion, politics, ADHD, and dyslexia. This data is tied to users' real identities, raising serious privacy concerns under GDPR, despite LinkedIn denying malicious intent and claiming the scanning is only to detect data-scraping extensions. The hosts critique LinkedIn’s lack of transparency and explore workarounds like switching to Firefox, Brave, or Safari. The episode also covers a chilling real-world case of 'wrench attacks' in California, where crypto holders were physically assaulted by fake delivery drivers to extract cryptocurrency passwords, highlighting how physical threats can bypass even the strongest digital security. The hosts reflect on the irony of tech-driven protection being undermined by old-school coercion. The episode closes with a lighter 'Pick of the Week' segment: Graham celebrates the rediscovery of two lost 1965 Doctor Who episodes, while Dave shares his nostalgia for vintage robotic chess computers, particularly a modern robotic arm version reviewed on the Techmoan YouTube channel. Both segments underscore the enduring appeal of retro tech and cultural preservation. The hosts emphasize the importance of privacy, digital hygiene, and community support, urging listeners to subscribe, review, and join Smashing Security Plus for ad-free access and early episodes.