back to article Microsoft's 'Samaritan' refuses help to hackers doing Win 10 recon

Microsoft hacker Itai Grady has created a tool to help prevent blackhat scouts from stealing Windows credentials, an effort the firm hopes will make network compromises harder to achieve. The SAMRi10 PowerShell script (it's pronounced as samaritan) eliminates the easy username information hackers seek in initial reconnaissance …

  1. Pen-y-gors

    That's nice

    The world needs more people like this.

    Although why MS couldn't have done it themselves, $deity_of_your_choice alone knows

    1. hplasm
      Devil

      Re: That's nice

      "The world needs more people like this."

      They are clever people.

      Which answers your second point, also.

    2. yossarianuk

      Re: That's nice

      There are plenty of people like this.

      They generally work on Linux/opensource projects however.

      1. Anonymous Coward
        Anonymous Coward

        Re: That's nice

        "They generally work on Linux/opensource projects however."

        To be fair, they are a lot more necessary in that space. Almost every time we read about some massive hack or credential loss, it's a big fat hole in an OSS product to blame...

    3. patrickstar

      Re: That's nice

      Uhm, they are the ones who did it... note that the link goes to technet.microsoft.com.

    4. TheVogon

      Re: That's nice

      >> Although why MS couldn't have done it themselves, $deity_of_your_choice alone knows

      If you actually read the article, you will see that they already did:

      "The Windows Anniversary update version changed the default security descriptor for the SAM access to limit the remote querying of SAM to local administrators only, even if the aforementioned registry key is not present. "

  2. Tom Paine

    #grammarnazi

    Microsoft hacker Itai Grady has created a tool to help protect blackhat scouts from stealing Windows credentials,

    Why, what do Windows credentials do to the blackhat scots? Why do they need protection from whatever it is?

  3. Anonymous Coward
    Facepalm

    Man writes PowerShell script

    "SAMRi10 is not known to work on any platform other than Microsoft's tougher Windows 10 platform, which has about 22 percent market share."

    SAMRi10 isn't necessary on any other platform than the leaky tub known as Microsoft Windows.

    1. patrickstar

      Re: Man writes PowerShell script

      No - for other leaky tubs like Linux, OS X, *BSD, Solaris, or [insert all major OSes used today here] you need other scripts.

  4. Nolveys
    Meh

    SAMRi10: it's pronounced as samaritan

    Oh God, this isn't a cyanide pill, it's just a tic-tac!

  5. RedPills

    Is it used in some remote management functions? That could be why it's there to begin with.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like