Re: This sure beats reading newspapers
And who the zarking fardwarks exposes SMB ports to the Greater Internet?
4 classes of people:
1 - Malware researchers (what's how the original off-switch domain was discovered)
2 - Home users who just plug their Windows PC directly (wired or wirelessly) into their ISP-supplied routers and imagine that the ISP has configured the router to be secure[1]. They then turn on SMB sharing because they want to get stuff transferred from an older computer and forget to turn it off.
3 - Small businesses that just use IT without having Someoe Of Clue[2] to look after it - either on a contract or regular basis.
4 - IT admins in public bodies, underpaid and overworked (or clueless[3] - I've met both varieties) who are being screamed at by someone higher in the organisation to do stuff that is fundamentally unsafe (in data protection & security terms). They do something that destroys security[4] without understanding why it's a bad idea and have no clue about how to fix it.
[1] Ha ha. Like the ISPs care. Any more than they care about SMTP traffic that ignores SPF domain validation.
[2] "My nephew can do it - he plays a lot of online games".. (yes - I've had that one).
[3] Sometimes all 3. In the days I had to deal with Trust IT departments it was a real, mixed bag. Some were really brilliant, professional teams, others were staffed by students, people who would never be able to get a job in a professional IT department and time-serving wasters.
[4] Like bridge between N3 and the Internet. Back when I had anything to do with it, N3 seemed to have an implicit trust model - traffic on the N3 side was assumed to be trusted and not requiring firewalling... That may well have changed now.
Biting the hand that feeds IT
