Windows 11 hidden identifier and how to reduce tracking

Teenager Peter Stokes, accused of hacking a luxury jewelery chain, used VPNs, ngrok tunnels and rotating IP addresses across Estonia, New York and Thailand to cover his tracks. However, none of that helped him. The FBI requested telemetry data from Microsoft and discovered a single 64-bit string of characters – g:6755467234350028 – that accompanied his Windows installation.

This identifier is called a Global Device Identifier (GDID). It exists on every computer the same way it exists on yours. Most of the 1.6 billion Windows users have never heard of this code before. That is, until it recently surfaced in public court documents, raising serious concerns about surreptitious surveillance at the level of the operating system itself.

What exactly is GDID and why is there no option to turn it off

Court filings show that GDID persists within Microsoft services without any ability for the user to control or shut it down. The US Department of Justice describes this code as a persistent device-level identifier. It is designed to uniquely identify the installation of the Windows operating system on a physical machine or virtual environment. It also successfully survives system updates, and the only way to reset it is to completely reinstall the system.

However, analyzes by security experts show that if you reinstall the system and sign in to the same Microsoft account again, the activation data and synchronization with the OneDrive service can very easily re-associate your identity with the new code.

READ ABOUT:  Pause Windows 11 updates or simply skip them

Completely removing or disabling this identifier is not an option, as experts from the Windows Activation community have concluded that deleting this code completely breaks system licensing and disables Universal Windows (UWP) apps. Before this case became public, Microsoft only documented GDID in one place. And that in the complex technical documentation for Azure developers, while it is not mentioned in the privacy materials intended for ordinary users.

How you can reduce the amount of data connected to your device

While you can’t remove the digital footprint itself, you can take steps to reduce the amount of personal data associated with it.

The first and most important step is to use a local user account instead of a Microsoft account. When installing and setting up the system, skip signing in to a Microsoft account, as any connection to it allows the system to associate your GDID with services such as OneDrive, Outlook, Xbox and others.

Also, it is necessary to reduce the diagnostic telemetry as much as possible. Within the system’s privacy and security settings, under diagnostics and feedback, switch data collection to minimum and turn off the sending of optional diagnostic data.

The next step involves turning off activity history in the same privacy section. Although this will disable some functions or the operation of the Phone Link application, it will prevent your activities from being constantly recorded on different devices. For sensitive Internet browsing, avoid the factory Edge. Analyzes show that it sends data about visited addresses directly to Microsoft registers associated with your unique identifier. Instead, use Firefox or custom versions of the Chromium browser that don’t require signing in to a Microsoft account.

READ ABOUT:  See how Googlebook looks in action, a combination of Android and Windows 11 systems

Finally, if you opt for a clean OS install, you’ll get a brand new unique GDID code. However, this will only make sense if you avoid logging into your old Microsoft account again on that same hardware. Otherwise, the new identifier will reconnect you to the old profile.

Why a VPN can’t protect you from this tracking

Relying solely on a VPN for privacy on Windows can be compared to wearing a mask in a store that has already scanned your fingerprint at the entrance. A VPN successfully hides your real IP address from the websites you visit. However, a VPN does absolutely nothing to prevent Microsoft from logging combinations of your unique GDID code, current IP address, and visited Internet addresses at the operating system level.

In the case of the aforementioned hacker, the same GDID identifier appeared when accessing his accounts on Apple, Facebook and Snapchat platforms from different countries. It completely matched the times and locations from his public tourist photos.

READ ABOUT:  In a document for investors, OpenAI was classified by Microsoft as a risk, not a partner

Security researchers report that GDID acts more like a hidden tracking beacon than a common identifier for advertising, concludes GadgetReview.

For journalists, activists or anyone who has serious reasons to worry about their digital security, the expert’s advice is clear. Do not use Windows for sensitive data and/or work. The Linux operating system does not use closed, controlled device identifiers that continuously send data to corporate databases. Apple and Google at least allow users to reset advertising identifiers themselves in the settings. Windows does not offer any alternative or control option for GDID, and this is a rather unpleasant truth for many…

Source link