If your system uses systemd, it has an etc/machine-id, which is used for a lot of different things. And changing it will break a lot of stuff, probably until you reboot. I guess you could write something to randomly shuffle it every time you reboot? But it is the go-to way for lots of programs (including browsers) to identify themselves. Which means (unless you have done the work to scramble your machine ID) you can be tracked on Linux as well.
The difference is that Linux isn’t sending telemetry to some central entity associating that ID to an IP.
Microsoft’s records showed that at that exact same minute, a Windows device carrying GDID g:6755467234350028 had visited the ngrok signup page. Three hours later, the same GDID visited the retailer’s own website, through the same Tzulo proxy address used to set up the ngrok account.
This article is super vague about this as well. How does Microsoft not only have the GDID->IP link, but they have Web history as well? Are they just exposing all this through advertising telemetry?
Fucking gross. And if you know of anything on Linux exposing/transmitting the machine-id, please do let everyone know because nothing should. Anything that does should be considered malware.
Upvoting both comments for awareness, since Linux is the first of a multi-step process, not a privacy panacea.
But we must be clear that in both theory and practice there’s little comparison between systemd and modern Windows machine-user association.
Someone using Windows regularly has a gaping wound, is actively bleeding out. Switching to Linux is just a tourniquet, but every other treatment is at best no-effect until that tourniquet is applied.
Also as a life long programmer, I have this feeling it is possible to just go in and make some changes so I can have the system just make shit up about the TPM while indeed also doing the equivalent of having system-d decide to respond with random bullshit.
Don’t even need to be a programmer, just find a community of them that you trust that distribute their own “fixes”.
Definitely not doing that with anything else because its both hidden in compilation and buried like herpes across multiple components. Probably/hopefully not directly related but I really want to know what they changed to break the clipboard service.
Yeah, motherboard-level tracking is scary because even the OS won’t be able to detect it. The truly paranoid people (and security researchers) go as far as desoldering chips to ensure nothing phones home.
No you don’t understand… I’ve spent the last 30 years investing in increasingly awful software companies to create “industry standards” and leaving these companies behind would require me to change and learn!!!
So many issues with the world boils down to that last part, people refusing to change and learn. I never understood it, I’ve always loved change and learning. I’ve seen so many people go from having that same openness to only caring about keeping everything the same and never learning, it’s really disturbing. Some are like that from a very early age, others fall into it at any other part of their lives and it’s never a good thing IMO.
I talked with the women i’m working with where we print our price lists about changing from adobe to something else and she told me it would be a bad idea since it would make both of our work much more buggy and time consuming with more chances of the end result being worse. So i’ll keep using indesing and the adobe suite for now but i did switch from sketchup to blender for 3D modeling and it’s a bit challenging and more messy then i’m used to but i get better rendering results from what i tried so far.
There’s a very easy trick to defeat this: use Linux.
If your system uses systemd, it has an etc/machine-id, which is used for a lot of different things. And changing it will break a lot of stuff, probably until you reboot. I guess you could write something to randomly shuffle it every time you reboot? But it is the go-to way for lots of programs (including browsers) to identify themselves. Which means (unless you have done the work to scramble your machine ID) you can be tracked on Linux as well.
Where in the source does Firefox expose machine-id to websites?
With a quick grep I’m only seeing it around audio?
The difference is that Linux isn’t sending telemetry to some central entity associating that ID to an IP.
This article is super vague about this as well. How does Microsoft not only have the GDID->IP link, but they have Web history as well? Are they just exposing all this through advertising telemetry?
Fucking gross. And if you know of anything on Linux exposing/transmitting the machine-id, please do let everyone know because nothing should. Anything that does should be considered malware.
It’s not just Windows tracking your web browsing history. GPU drivers do it too. Source: https://www.neowin.net/news/intel-windows-driver-to-now-collect-user-telemetry-data-like-website-categories-by-default/
…on Windows. if you explicitly install their malware and agree to data sharing.
That’s wild. Shit like this makes me distrust proprietary drivers
I distrust proprietary anything at this point
also there’s the TPM chip.
Upvoting both comments for awareness, since Linux is the first of a multi-step process, not a privacy panacea.
But we must be clear that in both theory and practice there’s little comparison between systemd and modern Windows machine-user association.
Someone using Windows regularly has a gaping wound, is actively bleeding out. Switching to Linux is just a tourniquet, but every other treatment is at best no-effect until that tourniquet is applied.
E: transpose
systemd/Windows for clarityAlso as a life long programmer, I have this feeling it is possible to just go in and make some changes so I can have the system just make shit up about the TPM while indeed also doing the equivalent of having system-d decide to respond with random bullshit.
Don’t even need to be a programmer, just find a community of them that you trust that distribute their own “fixes”.
Definitely not doing that with anything else because its both hidden in compilation and buried like herpes across multiple components. Probably/hopefully not directly related but I really want to know what they changed to break the clipboard service.
And you’d be technically correct, the best kind of correct.
To the inquisitor:
any distro that’s fully OSS can be fully compiled from scratch with any modifications you choose).
Though yes, if you’re still using Windows, the learning curve may look like a wall.
Guessing the X11 [X]Wayland migration KDE Plasma bug report? Should be fixed in 6.5.2.
Please elaborate on what u are referring to with regard to systemd machine user association?
I’m specifically highlighting that there is none though I acknowledge machine ID makes it easier.
ETA: edited original comment to be more clear
Yeah, motherboard-level tracking is scary because even the OS won’t be able to detect it. The truly paranoid people (and security researchers) go as far as desoldering chips to ensure nothing phones home.
No you don’t understand… I’ve spent the last 30 years investing in increasingly awful software companies to create “industry standards” and leaving these companies behind would require me to change and learn!!!
At some point you just have to leave the software behind. That time is now!
So many issues with the world boils down to that last part, people refusing to change and learn. I never understood it, I’ve always loved change and learning. I’ve seen so many people go from having that same openness to only caring about keeping everything the same and never learning, it’s really disturbing. Some are like that from a very early age, others fall into it at any other part of their lives and it’s never a good thing IMO.
I talked with the women i’m working with where we print our price lists about changing from adobe to something else and she told me it would be a bad idea since it would make both of our work much more buggy and time consuming with more chances of the end result being worse. So i’ll keep using indesing and the adobe suite for now but i did switch from sketchup to blender for 3D modeling and it’s a bit challenging and more messy then i’m used to but i get better rendering results from what i tried so far.
If that hacker only knew about tracking by Windows…