July 15, 2026
Windows: now with extra baggage
Microsoft Confirms Windows GDID Device Identifier That Cannot Be Disabled
Your Windows PC may be carrying a secret tag users say feels impossible to escape
TLDR: Microsoft says Windows creates a hard-to-avoid device tag tied to some account-based setups, and prosecutors say it helped track a suspect even while he used privacy tools. Commenters split between mocking the alleged hacker’s sloppy setup and blasting Microsoft for what they see as creepy built-in tracking.
Microsoft didn’t just confirm a hidden Windows device tag exists — it confirmed that this tag can stick to a PC set up with a Microsoft account and keep helping identify that installation even as it moves across updates, apps, and services. Prosecutors say that same tag helped the FBI follow an alleged Scattered Spider member across changing internet addresses, VPNs, and multiple countries. In plain English: even when the online disguise changed, the same Windows setup allegedly kept raising its hand.
And the comments? Absolutely feral. One camp instantly turned this into a masterclass in criminal self-owning, with people laughing at the alleged hacker for using Windows, Edge, a Microsoft account, and then the same machine for social media. The vibe was basically: you cannot be serious. Another camp went straight to full panic mode, dropping scorching lines like “Windows is malware” and calling the whole thing proof that modern PCs are way too chatty with their makers.
The real mini-drama came from people trying to connect the dots. One commenter demanded to know how on earth a Windows tag ends up tied to a hotel booking, wondering if browser syncing or account logins did the real linking behind the scenes. Others compared it to Apple and iPhone identifiers, asking whether this is shocking new behavior or just Microsoft finally getting caught saying the quiet part out loud. Even the classic internet hall monitor showed up with a dry “[dupe]” post, because no tech thread is complete without someone policing reposts while everyone else argues about surveillance.
Key Points
- •Microsoft publicly acknowledged Windows’ Global Device Identifier, a persistent device-level identifier tied to some Microsoft-account-based Windows setups.
- •The article says GDID is created through Windows services, stored in the registry, reported to Microsoft servers, and persists across updates but not a clean reinstall.
- •According to the article, the FBI used a specific GDID to track alleged Scattered Spider member Peter Stokes across VPNs, proxies, and multiple countries over about eight months.
- •Investigators allegedly correlated the GDID with activity involving ngrok, a Tzulo VPN proxy, and account data from Snapchat, Facebook, Apple, and Ubisoft.
- •The article says privacy researchers are concerned because GDID lacks a visible user consent or reset mechanism and may be tied to activation and UWP app functionality.