cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Bug/Security Vulnerability for shared drives on V3200M

TaylorM
Neighbour

We can add a shared network drive to this router (and perhaps others) by plugging an external drive into the usb port, and setting it up in the options.

 

However, it currently ONLY supports the SMB1 protocol. This is disabled by default in the next update for Windows, and already disabled by default for users in the 'windows insider' program. This is because of ransomware viruses exploiting the SBM1 protocol and it is a security update. 

 

In order to access the shared drive on Windows, we have to access the administrative settings in the 'Windows Features', which is not something we should have to do. We should not have to override our security settings in order to run a vulnerable, extremely out of date! file sharing protocol.

 

You CAN also use SMB2 or SMB3 protocols. Currently, the shared network drive is ONLY accessible through SMB1! I don't know if it is a licensing issue with Microsoft, but the current situation is going to be a disaster once the update rolls out to regular users.

 

For more information, see, e.g., http://thehackernews.com/2017/06/windows-10-redstone3-smb.html or other things from google. 

 

Quotation of the first few sentences:

  1. The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update.

    The SMBv1 is one of the internet's most ancient networking protocols that allows the operating systems and applications to read and write data to a system and a system to request services from a server.

    The WannaCry ransomware, which wreaked havoc last month, was also leveraging an NSA's Windows SMB exploit, dubbed EternalBlue, leaked by the Shadow Brokers in its April data dump.


    The WannaCry ransomware menace shut down hospitals, telecommunication providers, and many businesses worldwide, infecting hundreds of thousands of unpatched Windows servers running SMBv1 in more than 150 countries within just 72 hours on 12th of May.

    Although Microsoft patched the vulnerability in SMBv1 in March in MS17-010, the company meanwhile strongly advised users to disable the three decades old protocol completely.

 

We shouldn't ALL have to do this in a few months. Upgrade the sharing protocol software please! 


example.png
4 REPLIES 4

NFtoBC
Community Power User
Community Power User

Pretty sure the USB port on the Actiontec still only allows FAT32 formatted drives. There are better options for those wanting network drives or NAS.

 

NFtoBC
If you find a post useful, please give the author a "Like"

 


@NFtoBC wrote:

Pretty sure the USB port on the Actiontec still only allows FAT32 formatted drives. There are better options for those wanting network drives or NAS.

 


It works with NTFS now, actually. I think TELUS is actively working on it, as the shared drive functionality came in a firmware update and so did NTFS support. What I am saying, is that it will soon require tweaking administrative settings to even connect, after they reach an error saying that the network share only uses SMB1 and is not supported. Then they have to google it, read about ransomware and viruses, and then enable it anyway. At the very least, people are going to get frustrated.

 

And yeah, there may be better options, but those require purchasing and setting up another product. Some people just want to use an external drive they have for shared files, media, backups, whatever, to the network, without dedicating a specific computer or buying another device just to host it 

TaylorM
Neighbour

Is there a proper way to convey this information to the person who is in charge of the TELUS router firmware? How can I confirm that this information was passed forward to the appropriate people? It looks like it will just die away in this forum, without the information reaching the people who would want to know it

NFtoBC
Community Power User
Community Power User

You can post your suggestion in the Ideas section, which is routinely reviewed for suggestions. Other than that, there's no real way for us, as customers to contact particular individuals or teams within Telus to offer suggestions.

 

NFtoBC
If you find a post useful, please give the author a "Like"