Or: How I Wasted Three Hours So You Don't Have To!

Hey friends! Happy Friday! I've had quite an adventure so far today and have learned a thing or two in the process, and what better place to share that than good 'ole steemit dot com!

The fast version: global cyberwarfare has escalated wildly in 2017, and NotPetya in particular spooked me into some protective measures that inadvertently blocked my access to my company's shared drive, resulting in hours of frustrated troubleshooting.

A screenshot from a Ukrainian police video of an armed raid on M.E.Doc after its role in the NotPetya ransomware epidemic

Background: Cyberwarfare's fuckin scary

Cyberwarfare. It's a fact of life these days. I've been following its development on and off since news of Stuxnet first broke back in 2010. Now, I practically grew up on the internet, so I've caught a few infections myself now and then due to unscrupulous internet practices, but never experienced anything a little diligence can't handle. The scale and impact of Stuxnet blew the doors off of what I thought was possible-- by surreptitiously altering the speeds of Iran's uranium centrifuges, the mysterious state actors behind the attack allegedly set Iran's nuclear program back two years. Stuxnet took cyberwarfare to a whole new level, and is generally accepted to be the world's first cyberweapon.

Now, I'm not running a nuclear enrichment program, so you'd think I wouldn't have much to worry about. The thing of it is, that's not how these attacks work. From Stuxnet to this year's WCry and Petya outbreaks, I always hear about scores of collateral infections in addition to the attacks' intended targets. And with the NSA stockpiling exploits and weapons and then failing to secure them, the number of outbreaks and the scale of their impact is on the rise.

So when early alarmists were hyping up the impact of last month's NotPetya outbreak, the situation crossed some sort of threshold in my mind, and I thought, "Sure, why not do some digging and find out how to avoid shit like this!"

One of many ways to disable SMB1, via Microsoft

SMB1: Fuck You

Turns out a lot of these exploits have been targeting an old network protocol called SMB1, which is easy to disable, thus immunizing your system from this round of cyberweapons. I hadn't yet disabled SMB1 (although I do keep my system up-to-date and secure, and so was probably decently protected-- but still! Ransomware sucks! Why not protect myself some more?!), and most of the articles I found implied that I was an idiot for not doing so.

So I disabled it, didn't notice any adverse effects, and didn't think twice about it! I'd never heard of it before, and I didn't miss it after.

Apple still hates PCs

Everything was fine and dandy until I tried to back up some content to my company's shared drive. I've been working on a lot of media production, which means big files that I don't want to risk losing (especially with all the ransomware going around these days!). My business partner happens to be an Apple fan, and ran out and bought an AirPort Extreme before I could convince him otherwise. This thing has often been the bane of my existence, due to relatively slow transfer speeds (15MB/s vs +100MB/s with other solutions) and general unfriendliness with my PC, but never like today.

After countless restarts, reinstalls, and deep dives into ancient forums to try to decipher the root of my issue, I found myself on the phone with Apple Support for the first time in my life (!!!). The tech repeatedly hedged that they can't offer much help to PC users (despite the fact that we make up over 90% of the internet???), and timidly walked me through a few power cycles and reinstalls before admitting defeat. Not a great first experience!

Essentially, I kept jumping through all the right hoops and typing in the correct password, only to be told it was wrong or that I was blocked.

It just wasn't adding up. I had to be missing something.

"SURELY APPLE ISN'T USING THE ANCIENT AND INSECURE SMB1 PROTOCOL TO ACCESS THEIR AIRPORTS," I thought to myself. "THEY CAN'T POSSIBLY HATE PC USERS THAT MUCH!"

Fuck Apple

Well, turns out I was wrong.

Not only has Apple not updated their Windows utility since 2012, they also force Windows users to have the ruinous SMB1 protocol enabled to access their shitty hardware.

I sure as hell couldn't find this solution out there, so I figured I'd write it up, in hopes that the next person in my shoes has a little better time at making things work than I did.

TL;DR: If you use Windows and haven't disabled SMB1, you should. BUT, if you have the misfortune of needing to use an AirPort from your PC, don't forget to reenable SBM1 (and then turn it right back off when you're done!)