The Low Down
The Low Down
The GDID Controversy: Is Microsoft Tracking Your Every Move?
0:00
-1:05:34

The GDID Controversy: Is Microsoft Tracking Your Every Move?

Welcome to The Low Down, the best show on the internet for hackers

The Low Down is presented by Maze.

LinkedIn: https://www.linkedin.com/company/mazehq/

X: https://twitter.com/Maze_Security

Follow Us!

https://www.instagram.com/lowdown.pod

This week we're diving deep into one of the most viral cybersecurity controversies in recent memory: Microsoft's Global Device Identifier and what it means for privacy, tracking, and operational security.

Today we're talking about:

The Scattered Spider Arrest & Court Documents

Breaking down the arrest of a young Scattered Spider hacker and the court documents that revealed how law enforcement tracked them down. From diamond "Hack the Planet" necklaces to Discord flexing, we examine how poor OPSEC led to their capture.

Microsoft's GDID: The Controversy Explained

What is the Global Device Identifier, how does it work, and why did VX Underground's 1.2 million view tweet spark massive debate? We break down the forensic reality of this hardware identifier and whether it's truly undocumented or just misunderstood.

Hardware Identifiers Meet Web Activity Tracking

Exploring how Microsoft tied hacking activity to specific individuals through GDID, PUID (Passport Unique Identifier), and telemetry data. We discuss the marriage of hardware identifiers with web activity, gaming profiles, and Microsoft online accounts.

The Privacy Implications: How Deep Does It Go?

Is Microsoft collecting every website you visit, every program you execute, and every online account you access? We separate fact from fiction, examining what telemetry actually collects versus what law enforcement pieced together through multiple warrants.

VPNs, OPSEC & Marcus Hutchins' Warning

Marcus Hutchins weighs in with a stark warning: if your OS install has ever connected to the internet without a VPN, it's a matter of time. We discuss whether VPNs truly protect you when telemetry can see VPN software execution, keying material, and destination IPs.

The Forensic Reality Check

Cybersecurity professionals explain this is standard forensic technique, not some secret backdoor. We compare this to the moment normies discovered EDR capabilities and realized their IT departments can see everything on corporate devices.

Allison Nixon on Tracking The Comm

Threat intelligence expert Allison Nixon shares her perspective on tracking these threat actors, why "Scattered Spider" is a marketing term, and what The Comm really represents in the cybercrime ecosystem.

Discussion about this episode

User's avatar

Ready for more?