Fun fact, Microsoft Defender MAPS was previously named SpyNet.
https://en.wikipedia.org/wiki/Microsoft_Active_Protection_Se...
The GDID identifier seems software in nature though. They could be more aggressive and tie it to the baseboard's serial number the way some games do. Then the hardware is tracked throughout its entire lifecycle, not just per instance of Windows install.
Terr_•52m ago
It's unclear what the mechanism is, but I'd wager their "telemetry" is constantly revealing your installation ID, your current IP, and domains that were recently resolved.
pogue•37m ago
I feel like using wireshark to look at what's being sent back and forth from Windows telemetry, when using Edge, Chrome & etc should reveal what's being sent and recieved. Using MITM SSL spoofing should be able to intercept the packets.
[1] https://github.com/SmtimesIWndr/gdid-reversal
Terr_•32m ago
cromka•23m ago
pogue•15m ago
echelon_musk•28m ago
Reminds me of Google Safebrowsing.