• Windex007@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    10 hours ago

    This is where I’m really fuzzy on the mechanics.

    Any authentication is to establish an identity. At what point does that involve getting a unique id associated with an OS installation instance?

    My original question is how the hardware id and ngrok get associated at all.

    So, after getting frustrated and just going to sign up for an account myself, it looks like ngrok has options to sign is as a Google account, or sign in as a github account.

    I’m guessing they picked github, and that’s why Microsoft had any visibility at all on the fact that they accessed a site that isn’t owned by Microsoft.

    It still doesn’t answer the question of how the browser knows this id which is set at the os level. It still begs the question of what github authentication looks like differently between operating systems. Obviously a osx or Linux machine wouldn’t have that id at all. Is it part of the initial authentication request? Is there some kind of challenge and response?