Something this article glosses over is the fact that Microsoft knew all of the web URLs he was visiting. I don’t know if that’s because he was dumb enough to sign into Edge with his Microsoft account or if they were collecting that a different way, but the GDID wouldn’t have been nearly as useful without that info.
IIRC that’s been a known function of Edge ever since its redesign around 5-6 years ago, regardless of whether you’re signed in all URLs go to Microsoft in plaintext
I don’t think Microsoft recorded the URLs, just activity from a GDID and IP address at particular timestamps. The authorities would also have subpoenaed records from other accounts they knew were his e.g. Snapchat and Facebook. The GDID was just a way of assigning activity from his device to particular VPN endpoints at particular times. The point of the story is essentially that the GDID allowed them to track his device across multiple IP addresses. But this wouldn’t have been possible without at least some other pieces of the puzzle such as knowing which was his Microsoft account, or Facebook account etc. in the first place.
IDK either. But so much is now like, ppl wanting privacy have to be right every time. The co’s wanting our data, only once! A single hidden backdoor siphon to our data and we didn’t protect ourself from it. A single telemetry that encodes every URL we visit. A single statistical way to fingerprint us.
Which is why open source is important. Holes can be found and software telemetry can be avoided.
A lot of the telemetry is sold to people as being in their benefit. Monitor installed software for updates, location data for weather etc.
If the companies had to document the amount they collected in cash for each user based on ads and send it as a mk though report, it might be eye opening. The source if the cash would also be good. So did companies pay directly or dodgy intermediaries and data brokers.
Something this article glosses over is the fact that Microsoft knew all of the web URLs he was visiting. I don’t know if that’s because he was dumb enough to sign into Edge with his Microsoft account or if they were collecting that a different way, but the GDID wouldn’t have been nearly as useful without that info.
IIRC that’s been a known function of Edge ever since its redesign around 5-6 years ago, regardless of whether you’re signed in all URLs go to Microsoft in plaintext
I don’t think Microsoft recorded the URLs, just activity from a GDID and IP address at particular timestamps. The authorities would also have subpoenaed records from other accounts they knew were his e.g. Snapchat and Facebook. The GDID was just a way of assigning activity from his device to particular VPN endpoints at particular times. The point of the story is essentially that the GDID allowed them to track his device across multiple IP addresses. But this wouldn’t have been possible without at least some other pieces of the puzzle such as knowing which was his Microsoft account, or Facebook account etc. in the first place.
IDK either. But so much is now like, ppl wanting privacy have to be right every time. The co’s wanting our data, only once! A single hidden backdoor siphon to our data and we didn’t protect ourself from it. A single telemetry that encodes every URL we visit. A single statistical way to fingerprint us.
That Sisyphus dude knows our pain.
Which is why open source is important. Holes can be found and software telemetry can be avoided.
A lot of the telemetry is sold to people as being in their benefit. Monitor installed software for updates, location data for weather etc.
If the companies had to document the amount they collected in cash for each user based on ads and send it as a mk though report, it might be eye opening. The source if the cash would also be good. So did companies pay directly or dodgy intermediaries and data brokers.
I know people in real life that prefer targeted advertising because it’s “more relevant to their interests”. I think they drank the kool-aid
Yes, when ads companies did surveys to match ads with your interests, I’m like, no, irrelevant ads are even easiest to ignore.
“Clown College? You can’t eat that.”
And able to identify the specific accounts he was logging into. How are they able to do that?
Edge can save passwords and creds, much like any credential manager.