A really dumb 18 year old exploit in Windows was never patched

[cesrai]

Its sent hashed, but there are rainbow tables for pretty much any hashing algorithm used, so... tough luck

Bitch please Brute-Force is the way too go.

[LukaP]

Bitch please Brute-Force is the way too go.

If youre doing it on a large scale (which you probably are, if youre doing it at all) then its a stupid waste of time, when it was already done, and all you need is to search the rainbow tables

[zappian]

 

Dual boot master race.

[Doobeedoo]

That's some strange exploit there. So I guess maybe Microsoft will acknowledge this internally and do something about it for Windows 10?

[Altecice]

 

 

So, an attacker only needs to intercept this HTTP request, which can be easily done using Man-in-the-Middle (MITM) attack, and then redirect the victim to a malicious SMB server controlled by the attacker.

 

Who the hell would be using SMB over a WAN not encrypted anyway?

If its just talking about local sharing and you get things stolen from you via MITM then you have a more serious issue in your network than this.

 

I cant help but think things like this are so over hyped. The likelihood of this happening in the real world is very small and if it does its likely your own fault for not having the proper security precautions in place.

[SIGSEGV]

Who the hell would be using SMB over a WAN not encrypted anyway?

If its just talking about local sharing and you get things stolen from you via MITM then you have a more serious issue in your network than this.

 

I cant help but think things like this are so over hyped. The likelihood of this happening in the real world is very small and if it does its likely your own fault for not having the proper security precautions in place.

At least 966,190 devices globally that have been indexed by SHODAN at the time of posting.

[Altecice]

At least 966,190 devices globally that have been indexed by SHODAN at the time of posting.

 

Yep so that proves my second point. 

'if it does its likely your own fault for not having the proper security precautions in place.'

[rashdanml]

Mostly adobe software. I mostly use indesign and photoshop. Unless I'm mistaken, I can't use those on Linux. There are few programs that I use that are cross platform, but I kind of need photoshop and indesign for work.

https://www.playonlinux.com/en/supported_apps-6-0.html

Older versions of InDesign work https://appdb.winehq.org/objectManager.php?sClass=application&iId=755Major features don't tend to change with new versions. 

[deviant88]

Here at linux there is no drivers support and few software for you,and on windows you can get security breach by a 12 year old.

Isnt the world just wonderfull,imagine if we all worked towards a common goal 1 Best OS that can adapt and run on everything.

[Bonn]

SMB Supports encryption anyway...

Additionally, SMB is stupid and shouldn't be used. 

[Dabombinable]

Here at linux there is no drivers support and few software for you,and on windows you can get security breach by a 12 year old.

Isnt the world just wonderfull,imagine if we all worked towards a common goal 1 Best OS that can adapt and run on everything.

No driver support? I've got every single pience of hardware from my ISA sound cards to my GTX 970 working under Linux.

[shirokado]

https://www.playonlinux.com/en/supported_apps-6-0.html

Older versions of InDesign work https://appdb.winehq.org/objectManager.php?sClass=application&iId=755Major features don't tend to change with new versions. 

Well, even if older versions of InDesign work... that doesn't really help me if I own the newest version. I don't pirate, and I don't feel like spending another chunk of change purchasing old software. Unless adobe wants to exchange my key for the older versions.

[shirokado]

the people behind wine reverse engineered most of the windows .dll libraries and compiled them for linux.

That sounds like a shit load of work. I'll look into it. Been wanting to get off windows for a while.

[HalGameGuru]

Now on the issue of Windows 8 and newer, does windows 8 use your microsoft account credentials for SMB? Wouldn't it pop up asking for credentials to use? Does it happen on any SMB share or only ones that respond they are password protected? Are open shares being given this info even without requesting it?

 

Is this a very specific case being brushed over a very large population?

[Kamina]

I don't even use an MS account.

[deviant88]

No driver support? I've got every single pience of hardware from my ISA sound cards to my GTX 970 working under Linux.

Yea well my asus xonar and my mouse says otherwise while they work by default without installing anything, they have no options/control panels,i cant set any settings or equalizer on my soundcard,i cant set any macros on my mouse or custom config buttons,nvidia control panel has very few options there.

Software options are quite limited,while you got good browsers choice theres almost no good video player like potplayer/mpc-hc + madvr just VLC basic stuff.

As for games most of what i play is online games,best games are online nowdays,very few to no online games are supported on linux.

Id love linux to have more support and everyone should build apps for windows/linux/mac but if only it were that easy

[Dabombinable]

Yea well my asus xonar and my mouse says otherwise while they work by default without installing anything, they have no options/control panels,i cant set any settings or equalizer on my soundcard,i cant set any macros on my mouse or custom config buttons,nvidia control panel has very few options there.

Software options are quite limited,while you got good browsers choice theres almost no good video player like potplayer/mpc-hc + madvr just VLC basic stuff.

As for games most of what i play is online games,best games are online nowdays,very few to no online games are supported on linux.

Id love linux to have more support and everyone should build apps for windows/linux/mac but if only it were that easy

Don't forget that Linux isn't as dumbed down as Windows, getting the most out of it actually requires you to learn how to use it. Just like in the late 80's/ early 90's when computers needed a lot of tweaking to run properly.