Security News Google releases a Samba client for Android, only supports the vulnerable SMBv1 protocol

[LASER_oneXM]

...some quotes from the article:

A couple of days ago, out of the blue, Google released an open-source Samba client for Android, bringing users the convenience of being able to easily mount and access files over a network using the SMB protocol.

In its description, Google states that the app is a “direct port of the Samba client,” and thus supports its entire feature set. Unfortunately, Google fails to mention that the app only supports the extremely vulnerable SMBv1 networking protocol.

As tested by Android Police’s Corbin Davenport, the app simply refuses to connect if a Samba share has SMBv1 disabled.

SMBv2 and SMBv3 versions of the protocol do not share these same vulnerabilities and offer quite a few extra (and perhaps necessary) security features as well.

While Google has been quite enthusiastic about pointing out “crazy bad” flaws and vulnerabilities in software other than its own, it seems that the company has neglected its own software. This comes at a time when organizations are moving away from SMBv1, with Microsoft going as far as creating a list of old and new software that still relies on the vulnerable protocol.

 

[orthonovum]

It is nice of them to finally offer this feature but if you are already using solid explorer it has SMB functionality already.