• treadful@lemmy.zip
    link
    fedilink
    English
    arrow-up
    52
    ·
    1 day ago

    The difference is that Linux isn’t sending telemetry to some central entity associating that ID to an IP.

    Microsoft’s records showed that at that exact same minute, a Windows device carrying GDID g:6755467234350028 had visited the ngrok signup page. Three hours later, the same GDID visited the retailer’s own website, through the same Tzulo proxy address used to set up the ngrok account.

    This article is super vague about this as well. How does Microsoft not only have the GDID->IP link, but they have Web history as well? Are they just exposing all this through advertising telemetry?

    Fucking gross. And if you know of anything on Linux exposing/transmitting the machine-id, please do let everyone know because nothing should. Anything that does should be considered malware.

    • Trainguyrom@reddthat.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 hours ago

      This article is super vague about this as well. How does Microsoft not only have the GDID->IP link, but they have Web history as well? Are they just exposing all this through advertising telemetry?

      My interpretation was that they had an IP that they suspected was the perp’s home network, and subpoena’d some major platforms to confirm beyond a shadow of a doubt. Given the perp’s sloppiness in using the same machine for both personal and illicit computing activities, they could even have some network traffic in the capture to indicate which platforms they should subpoena

      Or if we want to be more conspiracy-minded, maybe they installed a trojan on his computer and this is the parallel evidence trail that law enforcement created so they don’t have to admit to hacking the hackers

    • hexagonwin@lemmy.today
      link
      fedilink
      English
      arrow-up
      4
      ·
      16 hours ago

      i think i remember hearing the dbus machine-id being read by google chrome on linux. it could be used for privacy violation with proprietary software, though i personally consider linux machines with chrome or equivalent software installed compromised.

      • treadful@lemmy.zip
        link
        fedilink
        English
        arrow-up
        29
        ·
        1 day ago

        It’s not just Windows tracking your web browsing history. GPU drivers do it too.

        …on Windows. if you explicitly install their malware and agree to data sharing.

        • hirihit640@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          52 minutes ago

          I should have clarified, but yes it’s the windows GPU drivers. Though even on Linux, it’s hard to know what the proprietary GPU drivers do, but from what I read they don’t collect telemetry by default. Luckily Nvidia is developing official open source drivers now so we won’t have to worry about these things.

          Also note that for the Windows Nvidia drivers, it’s fairly annoying to disable all telemetry. It’s not just an option in the installer. You have to use unofficial third party tools.