- cley_faye@lemmy.worldEnglish2 hours
I was gonna comment something about Linux distro also having a machine ID, but then I remembered that it’s not in a big database, and it’s so well enforced I routinely have multiple machines with the same ID pop up :D
- Eximius@lemmy.worldEnglish3 hours
A genz hacker. In a world where “hacking” is writing prompts and calling IT help desks.
- lordziv@lemmy.nzEnglish2 hours
Tbf, some of the best hackers were social engineering their way into the backend just by calling up certain support numbers in the 80s
- EpicMuch@sh.itjust.worksEnglish3 hours
My laptop came with Win11, I’ve removed that drive a few months ago and replaced it with Mint.
Does this mean MS has my motherboard, WiFi, other hardware identifiers that would still tie that laptop to their database?
TeddE@lemmy.worldEnglish
2 hoursYup!
Motherboard, CPU, GPU models and serial numbers. Ram size and speed. Those were used during Windows activation as old as windows 95. But likely yes, a full list of every component connected.
Your Android phone collects every WiFi network it has ever seen and sends it to Google, so we should assume Microsoft does the same (Android can locate you without GPS by using your neighbors’ WiFi signals as position identifiers, and can triangulate you to a few feet using the relative networks’ signal strengths)
- cley_faye@lemmy.worldEnglish2 hours
If it was registered, probably. They use a mixture of that to allow re-enabling the same license on the same hardware.
- mystik@lemmy.worldEnglish4 hours
Ctrl-f NSAKEY (sees nothing) — it seems the internet has forgotten the NSAKEY debacle https://en.wikipedia.org/wiki/NSAKEY
- unemployedclaquer@sopuli.xyzEnglish3 hours
Yeah I played solitaire in 3.1. Even playing the asteroids avoiding game in C-64 I always assumed teams of people or aliens were observing my progress. Nothing to do with The Last Starfighter
- Semotto@lemmy.worldEnglish4 hours
He’ so stupid for sending ransomware and logging into snapchat/facebook from the same laptop without even using VMs
- Eximius@lemmy.worldEnglish3 hours
Ugh… How do you think they correlated the GDID to his social media?
- Windex007@lemmy.worldEnglish31 minutes
From the article:
Microsoft’s records showed that at that exact same minute, a Windows device carrying GDID g:6755467234350028 had visited the ngrok signup page.
Why does Microsoft have a record that includes both the GDID and a web addresses? I am confused by this mechanism.
- db2@lemmy.worldEnglish7 hours
So they’re saying that all these “secret” societies online, like the Peter Thiel psychopathy, are relatively easily identified and rounded up and prosecuted to the fullest extent of the law, and they’re just choosing not to do it? I’m shocked.
- 6 hours
If your system uses systemd, it has an etc/machine-id, which is used for a lot of different things. And changing it will break a lot of stuff, probably until you reboot. I guess you could write something to randomly shuffle it every time you reboot? But it is the go-to way for lots of programs (including browsers) to identify themselves. Which means (unless you have done the work to scramble your machine ID) you can be tracked on Linux as well.
- ozymandias117@lemmy.worldEnglish2 hours
Where in the source does Firefox expose machine-id to websites?
With a quick grep I’m only seeing it around audio?
treadful@lemmy.zipEnglish
4 hoursThe difference is that Linux isn’t sending telemetry to some central entity associating that ID to an IP.
Microsoft’s records showed that at that exact same minute, a Windows device carrying GDID g:6755467234350028 had visited the ngrok signup page. Three hours later, the same GDID visited the retailer’s own website, through the same Tzulo proxy address used to set up the ngrok account.
This article is super vague about this as well. How does Microsoft not only have the GDID->IP link, but they have Web history as well? Are they just exposing all this through advertising telemetry?
Fucking gross. And if you know of anything on Linux exposing/transmitting the machine-id, please do let everyone know because nothing should. Anything that does should be considered malware.
- hirihit640@sh.itjust.worksEnglish4 hours
It’s not just Windows tracking your web browsing history. GPU drivers do it too. Source: https://www.neowin.net/news/intel-windows-driver-to-now-collect-user-telemetry-data-like-website-categories-by-default/
treadful@lemmy.zipEnglish
4 hoursIt’s not just Windows tracking your web browsing history. GPU drivers do it too.
…on Windows. if you explicitly install their malware and agree to data sharing.
- Septimaeus@infosec.pubEnglish4 hours
Upvoting both comments for awareness, since Linux is the first of a multi-step process, not a privacy panacea.
But we must be clear that in both theory and practice there’s little comparison between systemd and modern Windows machine-user association.
Someone using Windows regularly has a gaping wound, is actively bleeding out. Switching to Linux is just a tourniquet, but every other treatment is at best no-effect until that tourniquet is applied.
E: transpose
systemd/Windows for clarity- DevDave@piefed.socialEnglish4 hours
Also as a life long programmer, I have this feeling it is possible to just go in and make some changes so I can have the system just make shit up about the TPM while indeed also doing the equivalent of having system-d decide to respond with random bullshit.
Don’t even need to be a programmer, just find a community of them that you trust that distribute their own “fixes”.
Definitely not doing that with anything else because its both hidden in compilation and buried like herpes across multiple components. Probably/hopefully not directly related but I really want to know what they changed to break the clipboard service.
- Septimaeus@infosec.pubEnglish3 hours
And you’d be technically correct, the best kind of correct.
To the inquisitor:
any distro that’s fully OSS can be fully compiled from scratch with any modifications you choose).
Though yes, if you’re still using Windows, the learning curve may look like a wall.
I really want to know what they changed to break the clipboard service
Guessing the X11 [X]Wayland migration KDE Plasma bug report? Should be fixed in 6.5.2.
- 4 hours
Please elaborate on what u are referring to with regard to systemd machine user association?
- Septimaeus@infosec.pubEnglish4 hours
I’m specifically highlighting that there is none though I acknowledge machine ID makes it easier.
ETA: edited original comment to be more clear
- 3 hours
Yeah, motherboard-level tracking is scary because even the OS won’t be able to detect it. The truly paranoid people (and security researchers) go as far as desoldering chips to ensure nothing phones home.
- bloogoose@lemmy.zipEnglish8 hours
No you don’t understand… I’ve spent the last 30 years investing in increasingly awful software companies to create “industry standards” and leaving these companies behind would require me to change and learn!!!
Wioum@lemmy.worldEnglish
18 minutesAt some point you just have to leave the software behind. That time is now!
M137@lemmy.todayEnglish
43 minutesSo many issues with the world boils down to that last part, people refusing to change and learn. I never understood it, I’ve always loved change and learning. I’ve seen so many people go from having that same openness to only caring about keeping everything the same and never learning, it’s really disturbing. Some are like that from a very early age, others fall into it at any other part of their lives and it’s never a good thing IMO.
dindonmasker@sh.itjust.worksEnglish
6 hoursI talked with the women i’m working with where we print our price lists about changing from adobe to something else and she told me it would be a bad idea since it would make both of our work much more buggy and time consuming with more chances of the end result being worse. So i’ll keep using indesing and the adobe suite for now but i did switch from sketchup to blender for 3D modeling and it’s a bit challenging and more messy then i’m used to but i get better rendering results from what i tried so far.
- the_riviera_kid@lemmy.worldEnglish7 hours
The level of naivete to think it’s a good idea using a microsoft account on a microsoft product for your illegal activity is astounding. Especially when you consider the amount of technical knowledge required to do such a thing.
I legitimately cannot make that connection, Microsoft has never been shy about tracking you or their tight relationship with 3 letter agencies. It doesn’t take a genius to know they are going to snitch, I figured that was a foregone conclusion.
Kids need to learn about OPSEC.
- 5 hours
Agreed, using the same device for illegal and personal activity is dumb.
- TemplaerDude@sh.itjust.worksEnglish5 hours
It is truly god damn unfortunate that Microsoft has spent decades fostering a level of technical ineptitude among the average person that they cannot even consider getting off their fucking shit ass platform that “just works”. Because that is the real problem. So many people on here will say “just use Linux!” But the vast majority of people cannot fathom where to even start with that and won’t even consider it because Windows “just works” and it has done so for so long that people just can’t be bothered.
- grinning_serpent@lemmy.worldEnglish4 hours
It’s easier than ever to use Linux these days and Lemmy certainly doesn’t lack for penguin faithful that’ll proselytize and condemn you to computer-hell if you don’t adopt their religion.
But the “”“problem”“” is that Windows works okay for the vast majority of users. Most of the annoying parts of W11 can be changed or disabled within the OS itself, without needing special tools or knowledge. And I think that the vast majority of users don’t even care enough to do that. We use stock W11 at work and while the “new” style right menus and shit are annoying, they still function fine.
Windows likely won’t lose serious market share until prebuilt PCs come with Linux instead of Windows installed. Especially the non-gaming prebuilts.















