← Back to context

Comment by davikr

2 days ago

I'm guessing Ngrok gets subpoena'd, hands over the IP who created the account, page access timestamp, etc - FBI hands over to Microsoft, finds which Windows PCs were active with a certain IP on that time period, tries to correlate other characteristics such as OS version or anything to get a single hit, and then return other IPs used by that machine and everything else they have, like SmartDefender / Edge telemetry.

> finds which Windows PCs were active with a certain IP on that time period

.. and how do they do that?

While we're on the subject of telemetry, has anyone got a GDPR orientated writeup of what's known?