Reply to post: Re: Never say never

Windows' authentication 'flaw' exposed in detail

david 12 Bronze badge

Re: Never say never

The reason Windows has support for NTLM (v1) authentication is for backwords compatiblity with systems which have no support for anything more modern. For years, this was primarily SAMBA installation: (Win98 had an update available) SAMBA itself was, naturally, late to support Kerebos and NTLMV2, distributors were later, and users were even later.

When MS turned off default support for NTLM authentication, there was /outrage/ from the community of SAMBA users (I don't speak for the developers).. M$ had /deliberately/ broken compatibility with Open Source community!!! Windows was /incompatible/ with Open Source software!!!

The fact that SAMBA still has support for NTLM authentication suggests that they still have users with clients other than Win95/98/SE/2K/2K3/XP/Vista/7/8/10 that are unable to authenticate using other protocols.

And for Windows, the reason is the same: NTLM (v1) authentication is still supported for use with old versions of non-Windows clients.

None of this, of course, has anything to do with the memory-capture flaw described here, which relates to the use of a stored hash, not NTLM authentication, and not even particularly the hash method: since the stored hash is captured from memory, it could have been hashed by any modern hash/encryption method, and the flaw would still exist.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019