Windows paranoia - as well as Apple paranoia

87 views
Skip to first unread message

susan.eli...@gmail.com

unread,
Jul 7, 2026, 9:31:37 PM (6 days ago) Jul 7
to ntsysadmin
https://github.com/SmtimesIWndr/gdid-reversal?fbclid=IwY2xjawS6hzpleHRuA2FlbQIxMABicmlkETFwR2VseHFxbzN4ajVkOXVnc3J0YwZhcHBfaWQQMjIyMDM5MTc4ODIwMDg5MgABHmyKQmdE8MpFIh5dI21kNpx4WGVhmZvmCsgaXNEvqJc8z1KV6npgIX6GWupV_aem_MZb2cdT-pD1BQ8bHetbctg

What is a GDID?  And how it got a young man in trouble.

Meanwhile Apple does similarly:


A lot of you asked: Does Apple do the same thing as Microsoft's GDID?
Yes with similar function but different scope.
Here's what Apple has:
Hardware UUID
Generated from your Mac's logic board. permanent. survives OS reinstalls. it's the Mac equivalent of a hardware fingerprint. Apple uses it for licensing, iCloud, and device management.
DSID (Destination Signaling Identifier)
Apple's equivalent of a persistent account-linked device identifier. tied to your Apple ID. links your device to your account across services.
Advertising Identifier (IDFA)
used for ad tracking. you can reset this one. the others you can't.
Apple's equivalent identifiers are more tightly linked to your Apple ID. if you use a Mac without an Apple ID, your exposure is significantly reduced.
Practically speaking:
— if you have an Apple ID on your Mac, Apple has account activity logs
— if you use iCloud, Apple has location and device data
— if you use an iPhone, Apple has more than either
Neither Apple nor Microsoft has a published policy on when they proactively file criminal referrals.
It applies to both platforms. (source https://x.com/T3chFalcon/status/2074433243768836325


Michael B. Smith

unread,
Jul 8, 2026, 9:14:09 AM (5 days ago) Jul 8
to ntsys...@googlegroups.com

So…. Use Unix or Linux or *BSD. Or any other free and open OS. Alternately, use a Windows VM and in that VM disable diagtrack and dmwappushservice plus a Pi-hole.

 

Any commercial OS will track you.

--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/c4523a2a-5a01-4918-8ab8-f37371aa3550n%40googlegroups.com.

Philip Elder

unread,
Jul 8, 2026, 1:38:51 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

I am of the mind that _all_ operating systems would have a form of GDID within them. Even the chips themselves can be queried for unique IDs.

 

It’s actually a must since they need to identify themselves in a unique manner when pooled in a farm of some kind.

 

Philip Elder MCTS

Senior Technical Architect

Microsoft High Availability MVP

MPECS Inc.

E-mail: Phili...@MPECSInc.Ca

Phone: +1 (780) 458-2028

Web: www.MPECSInc.Com

Blog: Blog.MPECSInc.Com  

Twitter: Twitter.com/MPECSInc

 

Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.

 

Wright, John M

unread,
Jul 8, 2026, 1:49:25 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

Maybe my thinking is all wrong but I wonder:

 

  1. The Github article says using a local account doesn’t prevent a GDID but that the ID has an anonymous device path.  How much does that matter?
  2. Every device has some kind of identifier, starting with a MAC address.  Yes, I know you can use mac changer but it’s still an ID, and how many people change it?  So isn’t the important thing what these IDs are tied to?

 

I’m going to look further into this but it still seems like a local account would answer for much/all the privacy concerns.

 

--

John Wright

IT Support Specialist

1800 Old Bluegrass Avenue, Louisville, KY 40215

502.708.9953

Please submit IT requests to Hazelwoo...@bluegrass.org

24 Hour Helpline 1.800.928.8000

  

CONFIDENTIALITY NOTICE: This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.

 

From: ntsys...@googlegroups.com <ntsys...@googlegroups.com> On Behalf Of Philip Elder
Sent: Wednesday, July 8, 2026 1:39 PM
To: ntsys...@googlegroups.com
Subject: RE: [ntsysadmin] Windows paranoia - as well as Apple paranoia

 

EXTERNAL EMAIL - This email was sent by a person from outside your organization. Exercise caution when clicking links, opening attachments or taking further action, before validating its authenticity.

Secured by Check Point

Philip Elder

unread,
Jul 8, 2026, 1:54:36 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

All of this exposes the so-called “VPN” industry for what they are.

Lee Wilbur

unread,
Jul 8, 2026, 1:56:45 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

Linux generates unique IDs as well, but they are technically editable in most if not all distros without killing the system.  Live distros that boot off read-only media will often create a random one on boot.  So, for tracking purposes (privacy), I’d expect it’s far safer.

 

 

Lee Wilbur

A+, MCSA, MCTS, MS-MVP 2006-2018

Multiverse Enterprises Inc

Providing Technical Support for IT Professionals and SMBs

In the Long Island and New York City areas

516.901.2558   www.multiverseit.com

 

Please note: Although we may sometimes respond to email, text, and phone calls instantly at all hours of the day, our regular business hours are 9:00 AM - 6:00 PM, Monday thru Friday.

 

 

Twitter: MultiverseIT / ThatWindowsGeek

Facebook: https://www.facebook.com/pages/Multiverse-Enterprises/102713849814574

LinkedIn: http://www.linkedin.com/in/leewilbur 

Kurt Buff

unread,
Jul 8, 2026, 3:00:33 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com
WRT MAC addresses only...

About 2 months before I retired, we had a large multi-vendor 3rd party implementation team on-site, and they all congregated  in our largest conference room, which had weak wifi signals, because there was no WAP in the room itself, and the signal would get interrupted every time the door(s) opened and closed, or perhaps when random hydrogen molecules decided to gather, or something.

So, their phones (mostly apple) would disconnect and reconnect frequently. Rather quickly, they (and many employees also using the guest network) would complain about not being able to connect to the guest network.

You know where this is headed, right?

By default, Android and IOS set up a new randomized MAC addresses every time they connect to a network. The DHCP scope lease table filled in about two hours, every day. We dealt with the problem for about a week by dumping the leases several times a day, until we figured out what was happening, and ended running cable and putting a new WAP in the room.

Problem solved...

Kurt

Michael B. Smith

unread,
Jul 8, 2026, 3:46:01 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

You mean that they are relatively worthless? Yes, I agree.

 

More so, IMO, it exposes Microsoft’s telemetry is far more malicious (? Perhaps a poor word choice, but “BAD”) than previously known.

Michael B. Smith

unread,
Jul 8, 2026, 3:49:36 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

The GDID is tied to about 20 pieces of h/w information. However, that’s not really the problem.

 

The problem is that your Windows device “phones home” on quite a regular basis and updates Microsoft servers with quite a bit of data – including your IP address and, at some level, your connection history.

 

A local account does not prevent that.

 

However, as I wrote elsewhere (I’ve commented quite a bit on this topic today, I can’t keep it all straight), the data Microsoft keeps/acquires increases astronomically for devices that are registered with Azure/Intune.

Philip Elder

unread,
Jul 8, 2026, 3:51:27 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

Yeah, I reached the “all tech is evil” threshold years ago with zero trust across the board.

 

It’s one of the reasons I’m looking forward to finishing our on-premises AI build.

 

I have lots of curiosity questions that I’m sure the software can answer for me based on my conversations with some very smart people. Much smarter than I! 😉

Michael B. Smith

unread,
Jul 8, 2026, 3:54:58 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

Absolutely.

 

But I don’t think that the free/open OSes I mentioned phone home to corporate hq to store all the computer data for interrogation…

Nathan Woodcock

unread,
Jul 8, 2026, 4:12:14 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com
I once helped a business ID a wifi issue where everyone's connections would drop when the ceiling fan got turned on.

Philip Elder

unread,
Jul 8, 2026, 4:26:48 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

One of my To Do List items on the “I am a Luddite Because … “ list is to set up each OS in a firewalled setup where there’s only a DNS server serving the newly stood up OS.

 

I know Microsoft related subdomains light up like crazy but I’ve not taken the time to document them.

 

Then, there’s the Ubuntu ones as well.

 

That alone should give one an idea of what the OS is doing once it comes up.

Philip Elder

unread,
Jul 8, 2026, 4:27:14 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

Heh … the “hot” red wire was accidentally wired neutral? 😉

Michael B. Smith

unread,
Jul 8, 2026, 4:30:53 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

That’s why I also recommend a Pi-hole…

Philip Elder

unread,
Jul 8, 2026, 4:39:31 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com

Okay, have you put the Pi-Hole behind something else to see what it’s doing when it’s fired up?

Nathan Woodcock

unread,
Jul 8, 2026, 4:42:55 PM (5 days ago) Jul 8
to ntsys...@googlegroups.com
Beyond my pay grade - i just told them the story about the man who complained his pipes vibrated when he hit them with a book


John Scott

unread,
Jul 8, 2026, 6:12:04 PM (5 days ago) Jul 8
to ntsysadmin
Windows global ID didn't get the man in trouble, extorting corporations from the same computer he uses to flash cash on social media did. 

A separate well configured Linux installation used only for purpose would mean he would be free to keep committing financial crimes for years to come. I'm sure that's sinking in for him in prison now. 

Michael B. Smith

unread,
Jul 9, 2026, 7:23:05 AM (5 days ago) Jul 9
to ntsys...@googlegroups.com

No, it logs all queries. It has a great reporting package.

Philip Elder

unread,
Jul 9, 2026, 1:04:26 PM (4 days ago) Jul 9
to ntsys...@googlegroups.com

My question wasn’t worded very well relative to what was in my head.

 

Rephrase: When the Pi-Hole is set up is there something monitoring what it’s doing between it and the WAN?

Michael B. Smith

unread,
Jul 9, 2026, 1:22:11 PM (4 days ago) Jul 9
to ntsys...@googlegroups.com

Yes, there’s a firewall. By default in the Pi-Hole distribution, only DNS is open.

Reply all
Reply to author
Forward
0 new messages