Skip to main content

Microsoft Can Track Users Via a Windows Device ID

1 day 15 hours ago
A criminal complaint against alleged Scattered Spider member Peter Stokes revealed that Microsoft can associate Windows activity with a persistent "Global Device ID," which investigators used to link his PC to online activity connected to a hack. While unique device IDs are common, the case has raised privacy concerns because the identifier can apparently persist across updates, has no simple opt-out, and may allow Microsoft to connect a Windows installation to activity on third-party services. PCMag reports: Last week, the U.S. announced it had extradited 19-year-old Peter Stokes from Europe for allegedly being a member of the notorious hacking group Scattered Spider. But the case stands out because Microsoft played a key role in linking Stokes to the suspected hacking crimes, according to an unsealed criminal complaint. Stokes allegedly hacked an unnamed luxury jewelry retailer in May 2025 while using a VPN. The 39-page criminal complaint shows the FBI used Microsoft records to discover that his IP address was associated with a Microsoft device identifier known as Global Device ID (GDID). "According to a Microsoft representative, a Global Device Identifier in the Windows ecosystem is a persistent, device-level identifier designed to uniquely identify an installation of a Windows operating system on a device, either a physical device (e.g., a mobile phone or laptop) or virtual machine, across certain Microsoft services and scenarios," the complaint explains. The global device ID isn't exactly surprising, given that it's standard practice to assign a unique ID to each account or device so a tech provider can recognize and distinguish between them. But the complaint reveals Microsoft can associate the GDID with third-party services and the timing as well, giving Redmond a way to theoretically track a user's online activity. In other words, Redmond might be able to track the online activity of your Windows PC without third-party browser cookies. Stokes was discovered exploiting a web development tool called ngrok to bypass the jewelry retailer's network defenses. The complaint says Microsoft had records showing that on May 12, 2025, at 19:21 UTC, the GDID associated with Stokes' computer "accessed, among other ngrok pages, 'https://dashboard[.]ngrok.com/signup,' the ngrok page to set up an ngrok account." The document adds that Microsoft records also showed the GDID accessing "multiple sites" from servers at Tzulo, a web hosting provider, to help pull off the hack. Hence, the fact that federal investigators used the Microsoft identifier to nab a suspected hacker is raising concerns that it could be abused for other surveillance purposes. "Microsoft Windows is surveillance software," cybersecurity expert Matthew Hickey alleged in a tweet.

Read more of this story at Slashdot.

BeauHD

KDE Plasma 6.7.1 Released with Stability Fixes, UI Improvements, and Better Wayland Reliability

1 day 16 hours ago
by George Whittaker

The KDE Project has officially released KDE Plasma 6.7.1, the first maintenance update for the Plasma 6.7 desktop environment. Rather than introducing major new features, this point release focuses on polishing the desktop with a broad collection of bug fixes, translation updates, and performance improvements aimed at making Plasma 6.7 more reliable for everyday use.

As with previous Plasma maintenance releases, KDE developers have concentrated on resolving issues reported by the community soon after the launch of Plasma 6.7, ensuring users receive a smoother and more stable desktop experience.

A Maintenance Release Focused on Stability

KDE Plasma 6.7 introduced numerous new capabilities, including per-display virtual desktops, Wayland session restore, improvements to Plasma Bigscreen, and a refreshed theming system. Plasma 6.7.1 builds on that foundation by addressing early regressions and fine-tuning the overall desktop experience.

The update primarily delivers:

  • Bug fixes across core Plasma components
  • Updated translations
  • Performance refinements
  • Improved desktop reliability
  • Better overall user experience
Improvements Across the Desktop

Several of Plasma's core applications and components receive fixes in this release.

Notable improvements include:

  • Better reliability in the Kickoff Application Launcher
  • Fixes for Discover, KDE's software manager
  • Improvements to the KWin window manager
  • Various panel and desktop behavior corrections
  • Better handling of notifications and user interface elements

While most of these changes are relatively small on their own, together they help eliminate many of the rough edges users may have encountered after upgrading to Plasma 6.7.

Wayland Continues to Mature

Wayland remains the primary development focus for KDE Plasma, and version 6.7.1 continues refining the experience.

The update includes fixes affecting:

  • Window management
  • Session stability
  • Input handling
  • Display behavior
  • General compositor reliability

Over the past several Plasma releases, KDE developers have steadily shifted their attention toward making Wayland the best possible experience while continuing limited maintenance for X11.

Translation Updates for Global Users

Like most KDE maintenance releases, Plasma 6.7.1 incorporates a fresh batch of translation updates contributed by volunteers from around the world.

These updates improve:

Go to Full Article
George Whittaker