135
you are viewing a single comment's thread
view the rest of the comments
[-] artwork@lemmy.world 25 points 2 hours ago* (last edited 2 hours ago)

When Windows provisions a device against a Microsoft Account, a system service called wlidsvc talks to login.live.com and gets back what Microsoft calls a Device PUID, a Passport Unique ID, inside the server’s SOAP response. Server assigned. Windows never computes it locally from anything on your PC. It receives a string and stores it.

The PUID lands in your own registry hive, in plain text, at HKCU\SOFTWARE\Microsoft\IdentityCRL\ExtendedProperties under a value named LID. From there, the Connected Devices Platform, the same background service (cdp.dll, running as CDPSvc) that powers Phone Link, cloud clipboard, and Nearby Share, reads that PUID and registers it into Microsoft’s Device Directory Service, which is the identity graph behind all of Microsoft’s cross device features. There, the number gets a lowercase g stuck in front and gets written as g:decimal. Delivery Optimization then reports that same value back to Microsoft’s servers as UCDOStatus.GlobalDeviceId every time your PC shares or downloads update data peer to peer.

Source

It likely uses the motherboard's burned-in TPM module API to generate the unique hardware ID on, and associate with the account/license.

It's quite interesting to compare the percent these civilian-scoped features are actually helping and not used for tracking and control of masses, since every accountable fraudster/killer/thief/professional knows about these and could not care less about it.

Yes, it may help for telemetry, and is great to have for an accountable business, which is understandable, but there's a hope these are not used against the civilian, too, respecting the personal lives and the right of human choice out there...

Ave Linux, the transparency, indeed...

The following is a related piece of information, yet I am sorry, but I am not sure about the accountability and accuracy of the paper, since it was written by the sorrowful LLM Claude:
- https://github.com/SmtimesIWndr/gdid-reversal

[-] pulsewidth@lemmy.world 2 points 36 minutes ago

When Windows provisions a device against a Microsoft Account, a system service called wlidsvc talks to login.live.com and gets back what Microsoft calls a Device PUID, a Passport Unique ID, inside the server’s SOAP response. Server assigned. Windows never computes it locally from anything on your PC. It receives a string and stores it.

It likely uses the motherboard's burned-in TPM module API to generate the unique hardware ID on, and associate with the account/license.

Bruv... it literally says exactly on the statement you quoted that the ID is generated by Microsoft, and explicitly that its not generated on the device. Why would you then go on to speculate that its generated on device by the TPM...?

AFAIK the TPM doesn't generate anything, its role is for storing cryptographic information - not creating it.

this post was submitted on 11 Jul 2026
135 points (100.0% liked)

Privacy

4784 readers
259 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 3 years ago
MODERATORS