I'm not familar with windows details, but Microsoft says about DejaBlue that enabling Network Level Authentication mitigates the worst impact, so I read up on it. https://en.wikipedia.org/wiki/Network_Level_Authentication … This sounds very reasonable and is available since Vista. Why is this not the default?
-
Show this thread
-
This is unfortunately a recurring theme... "We have this thing which is not very secure, so we replaced it with a better thing. But we have to keep the old thing forever because we never make any deprecation plans."
3 replies 1 retweet 4 likesShow this thread -
-
Replying to @BEWNIAC
I have no idea, but the microsoft blogpost doesn't sound like "this is very dangerous, but only if you enable this really really old thing that noone should ever enable"
1 reply 0 retweets 1 like
NLA is enabled by default on Windows 8 and Server 2012. With the still-supported Windows 7 and Server 2008, it is left up to the user to make the right decision.pic.twitter.com/OxuZPcRgVh
3:59 AM - 14 Aug 2019
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.