logoalt Hacker News

midtaketoday at 9:44 AM1 replyview on HN

To me this indicates that Microsoft has some sort of traffic analysis performed on endpoints, then linked to GDID. I'd guess this is part of Defender's real time protection or MAPS.

Fun fact, Microsoft Defender MAPS was previously named SpyNet.

https://en.wikipedia.org/wiki/Microsoft_Active_Protection_Se...

The GDID identifier seems software in nature though. They could be more aggressive and tie it to the baseboard's serial number the way some games do. Then the hardware is tracked throughout its entire lifecycle, not just per instance of Windows install.


Replies

reactordevtoday at 11:04 AM

that's the idea behind SecureBoot and the TPM chip is to provide the GDID based on hardware fingerprint. Some games already do this as "anti-cheat" measurements (tracking you) and Microsoft has been doing it since Windows 7 days. It's just that the TPM now gives you that hardware authority.

show 1 reply