Could be using Edge (Account syncing), or using Bing while signed in (Considering they were signing into private accounts while on the VPN, seems possible)
This seems the most likely… but still I want clarity on the mechanism. An identifying token defined in the registry is being sent over the wire. That mechanic is pretty substantial, and I’m surprised a bigger fuss hasn’t been made about that. This is pretty far beyond conventional header fingerprinting.
Could be using Edge (Account syncing), or using Bing while signed in (Considering they were signing into private accounts while on the VPN, seems possible)
This seems the most likely… but still I want clarity on the mechanism. An identifying token defined in the registry is being sent over the wire. That mechanic is pretty substantial, and I’m surprised a bigger fuss hasn’t been made about that. This is pretty far beyond conventional header fingerprinting.
Yep. Assume the worst, imo