Comment by davikr
2 days ago
I'm guessing Ngrok gets subpoena'd, hands over the IP who created the account, page access timestamp, etc - FBI hands over to Microsoft, finds which Windows PCs were active with a certain IP on that time period, tries to correlate other characteristics such as OS version or anything to get a single hit, and then return other IPs used by that machine and everything else they have, like SmartDefender / Edge telemetry.
> finds which Windows PCs were active with a certain IP on that time period
.. and how do they do that?
While we're on the subject of telemetry, has anyone got a GDPR orientated writeup of what's known?