Slashdot
Follow
Microsoft Can Track Users Via a Windows Device ID
A criminal complaint against alleged Scattered Spider member Peter Stokes has shed light on Microsoft's Global Device ID. Investigators used this identifier to link Stokes' personal computer to online activity related to a hack. While unique device IDs are common, concerns about privacy have emerged. The identified can persist across operating system updates and lacks an easy opt-out. This identifier may allow Microsoft to connect Windows activity with third-party services. The case involved the alleged hacking of a luxury jewelry retailer using a VPN. The FBI discovered Stokes' IP address was linked to Microsoft's Global Device ID, or GDID. According to a Microsoft representative, the GDID uniquely identifies a Windows installation across various Microsoft services. This persistent identifier, combined with its ability to be associated with third-party services and timing, theoretically allows Microsoft to track users' online activity. Investigators used the GDID to trace Stokes’ computer accessing ngrok signup pages and multiple websites. The use of this identifier by federal investigators has prompted concerns about potential surveillance abuse. Cybersecurity experts have labeled Windows as surveillance software due to these capabilities.