[Info-vax] SAMBA and Ransomeware
Scott Dorsey
kludge at panix.com
Mon Jul 17 18:52:13 EDT 2017
Craig A. Berry <craig.a.berry at gmail.com> wrote:
>On Monday, July 17, 2017 at 3:52:02 PM UTC-5, Scott Dorsey wrote:
>> Michael Moroney <moroney at world.std.spaamtrap.com> wrote:
>
>> >Naive question: Are the protocols fundamentally broken, security wise, or,
>> >in theory, could a good VMS programmer given the SMBx spec and no existing
>> >code as a bad example, write a secure SAMBA implementation from scratch?
>>
>> Unknown, since nobody has actually seen the SMB spec outside of Microsoft,
>> and SAMBA exists entirely due to reverse-engineering of the protocol.
>
>So you're quite sure no one outside of Microsoft has read any of the following documents?
>
><http://www.snia.org/sites/default/education/tutorials/2012/fall/file/JoseBarreto_SMB3_Remote_File_Protocol_revision.pdf>
Oh, I have read that. It's a _lot_ more detailed than the previous specs,
but I wouldn't call it anywhere NEAR a complete protocol spec.
--scott
--
"C'est un Nagra. C'est suisse, et tres, tres precis."
More information about the Info-vax
mailing list