X
Tap here to go to the mobile version of the site.

منتدى الدعم

LinkedIn hacks my Gmail contacts when they're open in the same browser. Is there a way for Firefox to prevent this?

Posted

LinkedIn hacks my Gmail contacts without express permission by exploiting some vulnerability when they're both open in the same browser. (See a summary of the issue here: https://www.quora.com/Does-LinkedIn-access-your-email-or-contact-list). Is there a way for Firefox to prevent this?

LinkedIn hacks my Gmail contacts without express permission by exploiting some vulnerability when they're both open in the same browser. (See a summary of the issue here: https://www.quora.com/Does-LinkedIn-access-your-email-or-contact-list). Is there a way for Firefox to prevent this?

Additional System Details

Installed Plug-ins

  • Adobe PDF Plug-In For Firefox and Netscape 11.0.17
  • Adobe PDF Plug-In For Firefox and Netscape 15.17.20050
  • A plugin to detect whether the Adobe Application Manager is installed on this machine.
  • Citrix Online App Detector Plugin
  • Version 5.41.3.0
  • Google Update
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.101.2 for Mozilla browsers
  • The plugin allows you to have a better experience with Microsoft SharePoint
  • RealDownloader Plugin
  • RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In
  • RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In
  • RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In
  • RealPlayer Download Plugin
  • RealPlayer(tm) LiveConnect-Enabled Plug-In
  • Shockwave Flash 22.0 r0
  • Adobe Shockwave for Director Netscape plug-in, version 12.0.7.148
  • 5.1.50428.0
  • iTunes Detector Plug-in

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

More Information

Seburo
  • Top 10 Contributor
  • Moderator
855 solutions 6371 answers

Hi

Thank you for your question.

This issue should be addressed with the arrival of a new feature that is due to arrive in Firefox in the near future called "container tabs". You can see more about this upcoming feature here.

Please keep an eye out for it possibly arriving in a future version of Firefox (it is already in the test versions of Firefox 51).

Hi Thank you for your question. This issue should be addressed with the arrival of a new feature that is due to arrive in Firefox in the near future called "container tabs". You can see more about this upcoming feature [https://wiki.mozilla.org/Security/Contextual_Identity_Project/Containers here]. Please keep an eye out for it possibly arriving in a future version of Firefox (it is already in the test versions of Firefox 51).
jscher2000
  • Top 10 Contributor
8837 solutions 72222 answers

Hmm, it would be bizarre that a website in tab 1 could send background requests for data to a well designed website in tab 2 and actually get sensitive data in response. Otherwise, every marketer on earth would be constantly scraping your Facebook news feed, and we probably would have heard about that.

Two things I would check:

(1) Did you try changing your Gmail password to make sure that any login information you previously gave to LinkedIn is obsolete?

(2) If you check your Gmail settings, is LinkedIn currently authorized to connect?

In my account, this page lists the apps/websites/services allowed to access my Google account (not including the Gmail app, of course):

https://security.google.com/settings/security/permissions?pli=1

If that doesn't list apps, try the main page and look for the "Connected apps & sites" section:

https://myaccount.google.com/security

Hmm, it would be bizarre that a website in tab 1 could send background requests for data to a well designed website in tab 2 and actually get sensitive data in response. Otherwise, every marketer on earth would be constantly scraping your Facebook news feed, and we ''probably'' would have heard about that. Two things I would check: (1) Did you try changing your Gmail password to make sure that any login information you previously gave to LinkedIn is obsolete? (2) If you check your Gmail settings, is LinkedIn ''currently'' authorized to connect? In my account, this page lists the apps/websites/services allowed to access my Google account (not including the Gmail app, of course): https://security.google.com/settings/security/permissions?pli=1 If that doesn't list apps, try the main page and look for the "Connected apps & sites" section: https://myaccount.google.com/security