zlacker

[parent] [thread] 2 comments
1. Lammy+(OP)[view] [source] 2026-02-02 04:32:35
Sorry for assuming you'd be able to extrapolate from one example. It could be at any level of the funnel from your local machine to the wider Internet. Closer to home: this sort of fingerprinting could defeat things like MAC randomization in a PSK-authed business/university setting if those IT departments had some reason to want to track you.

I once worked at a company where the Security team were very proud of this and all the other tricks they used to catch leakers by figuring out who was on campus, where, at what time, usually via fingerprinting personal devices carried alongside corporate devices.

replies(1): >>arcfou+G1
2. arcfou+G1[view] [source] 2026-02-02 04:49:52
>>Lammy+(OP)
Ah, so, in addition to turning off automatic updates (everyone knows patches are for wimps! The real threat is supply chain compromise, not 1-days!), you also have taken all of the other necessary steps to protect yourself from the NSA? What if they just compel Microsoft to backdoor Windows/WinGet against you?

And these updaters almost universally use HTTPS, which network-based adversaries can't see except for SNI, and even that's going away...?

replies(1): >>Lammy+Z4
◧◩
3. Lammy+Z4[view] [source] [discussion] 2026-02-02 05:24:27
>>arcfou+G1
> What if they just compel Microsoft to backdoor Windows/WinGet against you?

You are confusing cause with effect. Leaking this type of fingerprint data over time is what allows users of Palantir-like systems to decide you're somebody worth individually targeting.

[go to top]