Someone‘s probably just using those ports wirelessy!

While this is definitely a great read and an interesting attack vector, I think the term „deanonymization“ is stretching it here.

As far as I can see, this attack would only let you determine which Cloudflare datacenter the target has been accessing. This would, in most cases, be one near the target, but it wouldn‘t get you a precise position or any personal information about the target. You‘d just get a pretty unreliable and very large radius of where your target might be.

It‘s also worth mentioning that Monitor anonymizes your data before checking it for breaches.

So there shouldn‘t be any serious privacy issues.