Back to News
Advertisement
Advertisement

⚑ Community Insights

Discussion Sentiment

50% Positive

Analyzed from 632 words in the discussion.

Trending Topics

#microsoft#windows#edge#gdid#account#data#history#browsing#using#don

Discussion (17 Comments)Read Original on HackerNews

14u2cβ€’about 1 hour ago
> The ID is generated when Windows is set up with a Microsoft Account

So not only was this β€œhacker” using Windows and Edge, they singed in to windows with a Microsoft account. And then used that same computer for their social media. Nice.

crtasmβ€’about 1 hour ago
The ID is generated even if you only create a local user account. I don't know to what extent that affects tracking/telemetry though.
1970-01-01β€’19 minutes ago
>The Global Device Identifier (GDID) is a permanent ID assigned when Windows provisions against a Microsoft Account.

So again, the "make an account" is the part you ALWAYS skip. Local accounts or it technically isn't even a PC anymore.

londons_exploreβ€’about 2 hours ago
How exactly does Microsoft link their gdid to a hotel booking?

Hotels last I saw don't collect an obscure gdid...

Did this victim use edge and sync their browser history or something perhaps?

ndiddyβ€’33 minutes ago
Edge has a feature where it will periodically pull the bookmarks and browsing history from any other browsers you have installed, so they'll then get sent to Microsoft and associated with your Microsoft account. This was initially enabled by default without the user's consent, although I believe now you may have to opt into it if you do a fresh Windows install. I only realized this was a thing because one time my work PC rebooted to install an update, then Edge came up instead of Firefox, but with all my Firefox tabs. I guess this was part of some effort to try to trick old people who wouldn't notice the difference into switching to Edge. Here's a news article about someone else running into this when it started happening: https://www.theverge.com/24054329/microsoft-edge-automatic-c...
VerifiedReportsβ€’28 minutes ago
"Old" people? How about the vast majority of the public, which is not represented on HN?

Not to mention that one of the many major UI regressions in Windows is the removal of title bars from application windows, which is fundamental to this "trick." Try opening a PDF in Edge and also in Acrobat. Neither window has a title bar, and they are otherwise almost identical. You have to scrutinize the very few controls around the window to determine which app you're looking at.

Microsoft and its software are trash now.

CommieBobDoleβ€’about 1 hour ago
There's a blurb in the article:

>"Massgrave, the group behind Microsoft Activation Scripts, has noted that Windows setup sends hardware info to Microsoft and receives identifiers back that are later used for Store access and licensing. Blocking GDID assignment breaks both activation and UWP apps."

I think probably it sends the gdid back to Microsoft as part of telemetry/updates/MS account periodic re-auth, which lets them know the current IP address, and then once the government has Microsoft's logs and the various target websites' logs, they can correlate based on IP address. I don't think it's actually sending the gdid to the web sites. Maybe.

This serves to further illustrate that nobody should be using Windows for anything that involves the need for privacy. And doubly, triply, and morefold so, nobody should ever sign a Windows machine into a MS account for any reason.

crtasmβ€’about 1 hour ago
Edge seems likely. Its settings include:

>Send optional diagnostic data to improve Microsoft products [Includes how you use the browser, websites you visit, and enhanced error reporting. Determined by your Windows diagnostic data setting]

>Allow Microsoft to save your browsing activity including history, usage, favourites, web content, and other browsing data to personalise and improve Microsoft Edge and Microsoft services like ads, search, shopping, news, and Copilot [Includes your history, usage, favourites, web content and other browsing data]

mixdupβ€’about 2 hours ago
Probably had his laptop with him and they simply traced the gdid to a specific IP address that they determined belonged to the hotel
aniwalunjβ€’6 minutes ago
At it again!
yodonβ€’7 minutes ago
How is this not a the mother of all GDPR violations?
AlienRobotβ€’18 minutes ago
They caught a 19 year old hacker that uses Edge, and all it took was the privacy of 1.4 billion Windows users.
WalterGRβ€’about 1 hour ago
How does the GDID compare to the UDID (Unique Device Identifier) and serial number in iOS; and the Apple Hardware UUID and serial number of Macs?
PunchyHamsterβ€’32 minutes ago
well, mostly the name. And the fact MS gave away GDID - IP mapping to the govt.
drnick1β€’22 minutes ago
One more proof that Windows is malware.
globalnodeβ€’14 minutes ago
i wont even dual boot windows on my linux machine, dont trust them not to vacuum up my linux drive data when i boot into windows. also just recently discovered their attempt to hijack the entire pc industry with secure boot, they are consistent gotta give them that. why do i have microsoft keys installed on my motherboard when im not even using windows.
ChrisArchitectβ€’about 1 hour ago