Welcome to The Low Down, the best show on the internet for hackers
The Low Down is presented by Maze.
LinkedIn: https://www.linkedin.com/company/mazehq/
X: https://twitter.com/Maze_Security
Follow Us!
https://www.instagram.com/lowdown.pod
This week we're diving deep into one of the most viral cybersecurity controversies in recent memory: Microsoft's Global Device Identifier and what it means for privacy, tracking, and operational security.
Today we're talking about:
The Scattered Spider Arrest & Court Documents
Breaking down the arrest of a young Scattered Spider hacker and the court documents that revealed how law enforcement tracked them down. From diamond "Hack the Planet" necklaces to Discord flexing, we examine how poor OPSEC led to their capture.
Microsoft's GDID: The Controversy Explained
What is the Global Device Identifier, how does it work, and why did VX Underground's 1.2 million view tweet spark massive debate? We break down the forensic reality of this hardware identifier and whether it's truly undocumented or just misunderstood.
Hardware Identifiers Meet Web Activity Tracking
Exploring how Microsoft tied hacking activity to specific individuals through GDID, PUID (Passport Unique Identifier), and telemetry data. We discuss the marriage of hardware identifiers with web activity, gaming profiles, and Microsoft online accounts.
The Privacy Implications: How Deep Does It Go?
Is Microsoft collecting every website you visit, every program you execute, and every online account you access? We separate fact from fiction, examining what telemetry actually collects versus what law enforcement pieced together through multiple warrants.
VPNs, OPSEC & Marcus Hutchins' Warning
Marcus Hutchins weighs in with a stark warning: if your OS install has ever connected to the internet without a VPN, it's a matter of time. We discuss whether VPNs truly protect you when telemetry can see VPN software execution, keying material, and destination IPs.
The Forensic Reality Check
Cybersecurity professionals explain this is standard forensic technique, not some secret backdoor. We compare this to the moment normies discovered EDR capabilities and realized their IT departments can see everything on corporate devices.
Allison Nixon on Tracking The Comm
Threat intelligence expert Allison Nixon shares her perspective on tracking these threat actors, why "Scattered Spider" is a marketing term, and what The Comm really represents in the cybercrime ecosystem.





