When Windows provisions a device against a Microsoft Account, a system service called wlidsvc talks to login.live.com and gets back what Microsoft calls a Device PUID, a Passport Unique ID, inside the server’s SOAP response. Server assigned. Windows never computes it locally from anything on your PC. It receives a string and stores it.
The PUID lands in your own registry hive, in plain text, at HKCU\SOFTWARE\Microsoft\IdentityCRL\ExtendedProperties under a value named LID. From there, the Connected Devices Platform, the same background service (cdp.dll, running as CDPSvc) that powers Phone Link, cloud clipboard, and Nearby Share, reads that PUID and registers it into Microsoft’s Device Directory Service, which is the identity graph behind all of Microsoft’s cross device features. There, the number gets a lowercase g stuck in front and gets written as g:decimal. Delivery Optimization then reports that same value back to Microsoft’s servers as UCDOStatus.GlobalDeviceId every time your PC shares or downloads update data peer to peer.
It likely uses the motherboard's burned-in TPM module API to generate the unique hardware ID on, and associate with the account/license.
It's quite interesting to compare the percent these civilian-scoped features are actually helping and not used for tracking and control of masses, since every accountable fraudster/killer/thief/professional knows about these and could not care less about it.
Yes, it may help for telemetry, and is great to have for an accountable business, which is understandable, but there's a hope these are not used against the civilian, too, respecting the personal lives and the right of human choice out there...
Ave Linux, the transparency, indeed...
The following is a related piece of information, yet I am sorry, but I am not sure about the accountability and accuracy of the paper, since it was written by the sorrowful LLM Claude:
- https://github.com/SmtimesIWndr/gdid-reversal
When Windows provisions a device against a Microsoft Account, a system service called wlidsvc talks to login.live.com and gets back what Microsoft calls a Device PUID, a Passport Unique ID, inside the server’s SOAP response. Server assigned. Windows never computes it locally from anything on your PC. It receives a string and stores it.
It likely uses the motherboard's burned-in TPM module API to generate the unique hardware ID on, and associate with the account/license.
Bruv... it literally says exactly on the statement you quoted that the ID is generated by Microsoft, and explicitly that its not generated on the device. Why would you then go on to speculate that its generated on device by the TPM...?
AFAIK the TPM doesn't generate anything, its role is for storing cryptographic information - not creating it.
It likely uses the motherboard's burned-in TPM module API to generate the unique hardware ID on, and associate with the account/license.
It's quite interesting to compare the percent these civilian-scoped features are actually helping and not used for tracking and control of masses, since every accountable fraudster/killer/thief/professional knows about these and could not care less about it.
Yes, it may help for telemetry, and is great to have for an accountable business, which is understandable, but there's a hope these are not used against the civilian, too, respecting the personal lives and the right of human choice out there...
Ave Linux, the transparency, indeed...
The following is a related piece of information, yet I am sorry, but I am not sure about the accountability and accuracy of the paper, since it was written by the sorrowful LLM Claude:
- https://github.com/SmtimesIWndr/gdid-reversal
Bruv... it literally says exactly on the statement you quoted that the ID is generated by Microsoft, and explicitly that its not generated on the device. Why would you then go on to speculate that its generated on device by the TPM...?
AFAIK the TPM doesn't generate anything, its role is for storing cryptographic information - not creating it.