[recursivecaveat]

This is all premised on his windows user account name being identifying no? I have a hard time believing that to be the case for someone who was clearly extremely painstaking about privacy. Even I set mine to some nonsense because I know I'll accidentally leak it.

[edelbitter]

Should not set it to nonsense, but rather low-entropy. If its unique, someone with access to old (browser, probably) crash reports might be able to cross-reference. Plus, not too long ago browsers did not care to sanitize the path for input[type="file"], so some websites remembered your account name somewhere in their database.

[verzali]

His account name could just be 'satoshi'. Or similar.