logoalt Hacker News

mysteriatoday at 2:32 PM2 repliesview on HN

From reading the official criminal complaint [1] it looks like Microsoft literally logs all web requests along with the GDID and sends it over as "telemetry". It basically associates the URL, the client's IP, and the GDID together.

Or I suppose it's possible that it only sends the domain and not the full URL, but that's enough for the police to go to the hoster and demand logs containing the full URL for said IP.

1. https://www.justice.gov/usao-ndil/media/1450651/dl?inline


Replies

llm_nerdtoday at 6:19 PM

Clearly a bunch of defensive Microsoft employees are hitting these threads. The official complaint directly cites Microsoft as the source of these logs. They refer to Microsoft as the source of the records for web requests, app usage, and so on.

nailertoday at 3:17 PM

> Microsoft literally logs all web requests

Nope. That would be unbelievable but also very well known. It was a Windows software licensing matter, see my post above.

show 3 replies