cross-posted from: https://piefed.world/c/tech/p/1246200/pdf-a-hacker-s-arrest-reveals-microsoft-can-track-users-ip-history-even-with-vpn-full-we
You can read about it yourself here on page 12 (or page 8 of affidavit), then page 33 and down (page 29 of affidavit)
First one to notice this: Security researcher, VX-Underground.


Any “hacker” that thinks it’s a good idea to use Windows for their activities is really just a hack
Script kiddy or social engineering
The truly paranoid hackers will even unsolder the motherboard-level tracking hardware that the manufacturer adds. Cuz that shit runs below even the OS, and will track you even when you’re using something like TailsOS.
Even basic BIOS settings can be easy to miss, like Dell/HP/etc using Absolute Persistence/Computrace tracking. That one is particularly common with refurbished corporate fleet machines, because corporate IT will enable it to be able to track employees’ laptops. Then IT will upgrade the office computers, sell the old ones off to an refurbisher, and then the refurbisher never bothers disabling it when they’re prepping the machines for resale.
And old corporate fleet machines are extremely popular with hackers, (ThinkPad and ToughBook, for example), because they tend to be decent hardware for super cheap. But it means that the machines are still phoning home to Dell/HP/etc regardless of what OS the new user installs on them. Even completely swapping out the drives (ensuring a clean OS install) won’t solve it, because it’s happening directly at the BIOS level. And because of Persistence, even wiping the BIOS isn’t a guarantee. Because it will simply reinstall itself back onto the BIOS as soon as you connect a drive that has Persistence embedded on it.
You can run Qubes and everything is VM
Absolute can remotely track (and can even remotely brick) the motherboard regardless of what you’re running on it. Even security-focused OSes like Tails and Qubes would be affected, because the tracking is running below the OS level.
And good luck running anything on a bricked motherboard. The motherboard will literally refuse to boot anything. You can’t even get to a BIOS menu to flash something new onto it. At that point, if you were determined to keep using the device, you’d be attaching probes to motherboard leads like a security researcher to try and reset individual chips.
Couldn’t one just slap open source firmware onto it?
oh wow that’s awful
it is possible that they used a bare metal machine for testing purposes, that or this person was just a skiddie.
Dude was really dumb, he was using the same install for all his personal social media stuff