this post was submitted on 11 Jul 2026
361 points (99.7% liked)

Privacy

49803 readers
229 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] BigBoyShuanzee@aussie.zone 8 points 2 days ago* (last edited 2 days ago) (1 children)

My company is moving to Windows 11, I had one of my service desk teammates tell me that for an IT support person I'm very critical of change

Before Windows 11 I was critical of change because every change came with no new training for my team and a giant email to the company explaining very lazily about the changes and with the same text at the end of every email.. "Any problems call the service desk".

Now we've lost active directory.. Now I'm in a position where an incredibly incompetent IT security have restricted our access to intune and Entra and then the business wants me to still perform my daily duties as normal.

Upside is that same IT security is getting removed in the next few weeks.

Probably to be replaced by someone else even worse.

I just want to learn how to use Entra and Intune.. Everything Microsoft touches turns to shit.

Active directory just worked.. It was built when people at Microsoft actually knew how the operating system worked.. None of those people are still at Microsoft..

[–] BlackVenom@lemmy.world 2 points 2 days ago

If you enjoyed how AD worked, you'll love how I tune and AAD don't.

And the workarounds for them... Like local management... Only get harder.

Good luck.

[–] StellarExtract@lemmy.zip 77 points 4 days ago (4 children)

Something this article glosses over is the fact that Microsoft knew all of the web URLs he was visiting. I don't know if that's because he was dumb enough to sign into Edge with his Microsoft account or if they were collecting that a different way, but the GDID wouldn't have been nearly as useful without that info.

[–] Daryl76679@lemmy.ml 29 points 4 days ago (1 children)

And able to identify the specific accounts he was logging into. How are they able to do that?

[–] Brkdncr@lemmy.world 25 points 4 days ago

Edge can save passwords and creds, much like any credential manager.

[–] FineCoatMummy@sh.itjust.works 18 points 4 days ago (1 children)

IDK either. But so much is now like, ppl wanting privacy have to be right every time. The co's wanting our data, only once! A single hidden backdoor siphon to our data and we didn't protect ourself from it. A single telemetry that encodes every URL we visit. A single statistical way to fingerprint us.

That Sisyphus dude knows our pain.

[–] hitmyspot@aussie.zone 15 points 4 days ago (1 children)

Which is why open source is important. Holes can be found and software telemetry can be avoided.

A lot of the telemetry is sold to people as being in their benefit. Monitor installed software for updates, location data for weather etc.

If the companies had to document the amount they collected in cash for each user based on ads and send it as a mk though report, it might be eye opening. The source if the cash would also be good. So did companies pay directly or dodgy intermediaries and data brokers.

[–] Zarobi@aussie.zone 6 points 3 days ago (2 children)

I know people in real life that prefer targeted advertising because it's "more relevant to their interests". I think they drank the kool-aid

load more comments (2 replies)
[–] gila@hexbear.net 11 points 4 days ago* (last edited 4 days ago)

IIRC that's been a known function of Edge ever since its redesign around 5-6 years ago, regardless of whether you're signed in all URLs go to Microsoft in plaintext

[–] blackwall@lemmy.world 7 points 4 days ago (1 children)

I don’t think Microsoft recorded the URLs, just activity from a GDID and IP address at particular timestamps. The authorities would also have subpoenaed records from other accounts they knew were his e.g. Snapchat and Facebook. The GDID was just a way of assigning activity from his device to particular VPN endpoints at particular times. The point of the story is essentially that the GDID allowed them to track his device across multiple IP addresses. But this wouldn’t have been possible without at least some other pieces of the puzzle such as knowing which was his Microsoft account, or Facebook account etc. in the first place.

load more comments (1 replies)
[–] BlackLaZoR@lemmy.world 26 points 3 days ago (2 children)

Hacker

Uses windows

He got what he fucking deserved

Not only he uses windows, but a ms online account as well!!!

[–] 0_o7@lemmy.dbzer0.com 10 points 3 days ago (1 children)

Okay, buy the thing to take note here is what tech companies can hide.

You know they're tracking users but there are still things we'll never find out unless they reveal it themselves or are made to reveal in indirectly.

[–] BlackLaZoR@lemmy.world 7 points 3 days ago

On the other hand, open source software has everything revealed by default. It has no dirty secrets to hide

[–] Daryl76679@lemmy.ml 42 points 4 days ago (30 children)

Year of the Linux desktop anyone?

[–] whatiswrongwithyou@lemmy.ml 10 points 4 days ago (1 children)

The same user posted a thread in this comm about the Linux equivalent, device-id, which is possibly more problematic.

load more comments (1 replies)
load more comments (29 replies)
[–] mazzilius_marsti@lemmy.world 6 points 3 days ago

the fucked up thing is this GDID thing apparently also show up for VM. So that would mean any VM and even a Quebe?

Fuck microsoft

[–] MonkderVierte@lemmy.zip 12 points 3 days ago

Don't forget the unique identifier of Edge and Chrome.

[–] ramenshaman@lemmy.world 19 points 4 days ago (1 children)
[–] yogthos@lemmy.ml 43 points 4 days ago (4 children)

Imagine your computer has a secret ID number that Microsoft gives it when you sign in with your Microsoft account. This number is like a permanent nametag that your computer wears. Even if you use a VPN to hide your location, that nametag stays the same.

A hacker used a VPN to hide while breaking into a jewelry store's computer system. But Microsoft helped the FBI find him because his computer's secret nametag kept showing up everywhere he went online. They matched that nametag to his social media accounts and other stuff he did, and that's how they caught him. Most people didn't even know this secret nametag existed, and you can't turn it off without breaking your computer.

[–] umbrella@lemmy.ml 28 points 4 days ago* (last edited 4 days ago) (4 children)

how dumb can you be to use unhardened windows to hack valuable shit omg.

even if you didn't know of this system (i didn't) it's well known windows scans for even the color of your underwear.

[–] dieTasse@feddit.org 7 points 3 days ago

I think we are too exposed to the movie-villains-geniuses. The reality is that most criminals are dumb.

[–] yogthos@lemmy.ml 11 points 4 days ago

also to login with edge on top of that

[–] shneancy@lemmy.world 6 points 3 days ago (3 children)

the average lemmy user is much more tech literate than an average person

people really don't know that kind of stuff. to many a computer is a computer, it has internet, and plays games... what's an operating system?

[–] umbrella@lemmy.ml 3 points 3 days ago* (last edited 3 days ago)

damn, but even hackers capable of breaking into jewelery store systems?

like at this point the problem is extreme ignorance.

load more comments (2 replies)
load more comments (1 replies)
[–] MonkderVierte@lemmy.zip 12 points 3 days ago (1 children)

They were logged in while using it for crime? That's like posting about it on facebook.

[–] yogthos@lemmy.ml 4 points 3 days ago
[–] ramenshaman@lemmy.world 11 points 4 days ago (1 children)

Thanks! He should have used Linux

[–] krolden@lemmy.ml 4 points 3 days ago

Calling him a hacker is pretty generous if he let them catch him like this

[–] Bieren@lemmy.today 10 points 3 days ago (3 children)

Does MS track what you do in Edge and Windows, yes. Does Google track you in Crome and any app of theirs, yes. Does Apple track everything you do on their devices, yes. Does meta, twitter, all social media sites track the fuck out of you, also yes.

[–] jjlinux@lemmy.zip 41 points 3 days ago (3 children)

Does Linux track you? Does LibreWolf track you? Does GrapheneOS track you? Does Vanadium track you? Does SimpleX or Signal track you? Does...

Never mind, I think you get my point.

load more comments (3 replies)
[–] yogthos@lemmy.ml 9 points 3 days ago

tracking is a core function of pretty much all commercial software at this point

load more comments (1 replies)
[–] someone@lemmy.today 8 points 3 days ago (2 children)

why would a hacker use windows?

load more comments (2 replies)
[–] brillotti@lemmy.world 12 points 3 days ago (2 children)
load more comments (2 replies)
[–] Maeve@kbin.earth 20 points 4 days ago

The complaint quotes a Microsoft representative describing the GDID as “a persistent, device-level identifier designed to uniquely identify an installation of a Windows operating system on a device, either a physical device (e.g., a mobile phone or laptop) or virtual machine, across certain Microsoft services and scenarios”

A Global Device ID (GDID) is a permanent, unique digital fingerprint that Microsoft automatically assigns to your computer when you install Windows or sign into a Microsoft account.

[–] M1ch431@slrpnk.net 9 points 4 days ago* (last edited 4 days ago)

Then there’s activation. Massgrave, the group behind Microsoft Activation Scripts, notes that Windows setup sends hardware info to Microsoft and gets identifiers back, the same tokens later used for Store access and licensing: “It’s impossible to prevent Windows from getting a GDID without breaking activation and UWP app[s].” Anyone who lost a license after swapping a motherboard has already met a smaller version of this.

I guess this is why people always said it was impossible to remove the watermark that appears when you are not activated, when it was rolled out many years ago.

Defeating the reasons for activation might've lead the more tech-savvy to figuring out the nature of the identifiers being sent for activation and seeing where else they are sent.

load more comments
view more: next ›