[tnolet]

I don’t get it. How can a browser extension mine data that otherwise is inaccessible? This should be covered by basic RBAC. Or are they just convenient scrapers, saving time but otherwise not accessing privileged information. If so, the LinkedIn story about “protecting our users” seems a bit shaky.

[superfrank]

The extensions are basically bots to collect info for the user with the extension installed, not steal info from that user. Most are either scraping email, names, and job titles as quickly as a bot can, or mass sending out messages to users based on some criteria.

Here's a video for one of the extensions https://www.youtube.com/watch?v=2XvtuZjblCc (Warning: loud music)

[peteretep]

> The extensions are basically bots

No, most appear to be plugins for ATS/CRMs, which allow recruiters -- having found a lead on LinkedIn -- to then add them to their CRM. This is profoundly differently.