logoalt Hacker News

lorislabtoday at 12:52 PM4 repliesview on HN

The interesting part is not really the existence of a machine identifier. Almost every modern OS has some equivalent. The bigger question is the boundary: which components can access it, and when does a local identifier become a remote tracking identifier? A machine-id sitting on disk is very different from an OS vendor correlating it with network activity.


Replies

J-Kuhntoday at 3:25 PM

Systemd (part of many major linux distributions) has for example machine-id[1], readable by anyone on the machine under /etc/machine-id.

[1]: https://www.freedesktop.org/software/systemd/man/latest/mach...

show 2 replies
dlenskitoday at 3:50 PM

Yeah, this is what's glaringly missing from the article.

Exactly how does Microsoft's device identifier get associated with the ngrok session (normally initiated via its closed-source CLI)?

I can't tell from the article whether Microsoft is doing something underhanded to inject its device identifiers into network traffic, or whether the ngrok client software (again, closed-source!) grabbed the device identifier… and might well do the same on any other OS, using /etc/machine-id on Linux for example.

Since ngrok uses a "freemium" model, it wouldn't surprise me at all if its clients send machine IDs to try to catch users trying to get around its free limits.

show 2 replies
Bendertoday at 4:04 PM

Adding another example of this is the NetworkID in about:networking#networkid in Firefox. There was a point in time that cause some controversy. Every AI has the wrong information about it's origin and use.

llm_nerdtoday at 2:15 PM

This is the part that isn't clear and is by far the most interesting. At what stage and what point did the GDID get correlated with a tool/web request. As is it almost sounds like Microsoft "telemetry" gathers everything and they did a bulk search for certain activity, pulling the GDID and correlating it with a user.

show 2 replies