Hello, welcome to the Thursday, July 11th, 2019 edition of the Sansonet Storms, Stormcast. My name is Johannes Ulrich, and that I'm recording from London, England.

In yet another sign of S&B version 1 going away, the latest preview release of Samba. Samba 4.11 has disabled SmbB version 1 by default.

With Samba being an open source implementation of Smb that is often used on Linux systems,

it was sort of one of the holdouts when it came to SMP version one. And one of

the reasons that some organizations still keep it enabled, in particular since many network

storage devices are using Samba. Now Samba, of course, has supported new versions of SMP for a while,

but has kept SMP version 1 enabled,

even though Windows has further and further moved away from it.

Also, with this latest update,

the Samba team is requesting feedback

regarding the complete removal of S&B version 1 from its code

and it is requesting that users who require S&B1 support will please file a bug report.

And remember how about a week ago I mentioned that public key servers have issues with spam signatures.

The problem here was that individuals are downloading popular keys from these key servers, signing them, then re-uploading them with their signatures and this way attaching

thousands of signatures, which then in turn can lead to a denial of service condition if

someone happens to download this key and import it into their key ring.

Well, to respond to this problem, the latest version of KnewPG, version 2217,

will have a new option self-6 only that is enabled by default

to no longer import any signatures from public key servers.

Instead, only the own self-signature

of the key will be imported. So in some ways, this is a big move away from the Web of Trust

that is really sort of the foundation of the idea of PGP.

...