|0.0.0.9 (latest)||July 25, 2017||886 KB||Increased timeout (for slow networks)
Removed “Are you sure” button before exit
|0.0.0.8||July 10, 2017||1.43 MB||Added host name column for better analysis||21cc36e60e661613f0c05e73b9496bf2d456931686b0693112842d91d7e64e78|
|0.0.0.7||July 6, 2017||1.43 MB||Some GUI fixes||7a08f7010402e2813830c77be1e992f6193f5c1ea97b76fbe706c2090ba66cb3|
|0.0.0.6||July 3, 2017||1.42 MB||Some GUI fixes||1e6fc5078edd00a8ecedcbd2e2054a769610bfacce81b22f1285a7e14dbeacb0|
|0.0.0.5||July 2, 2017||1.42MB||Vulnerability detection fix||952feb69a311e0a7602b65b0e981364bc2f0d79bb7af79ea342234c28b6df099|
|0.0.0.1-0.0.0.4||June 29, 2017||1.42MB||First versions||N/A|
Privacy & Reporting
Anonymous statistics are being sent to omerez.com every time Eternal Blues starts a scan or when it is finished. Your privacy is a top concern of mine.
Below described the information being collected (each new version includes all the previous collected data) –
- Eternal Blues version
- Random ID
- Generated with each new launch of the application. It is used for my own debugging – to see if a scan started but did not end (or ended with different number of hosts). Launching twice by the same user/host will result with a different random number
- # of scanned IPs
- # of vulnerable IPs
- # of responsive IPs
- 0.0.0.6 and later
- # of IPs with SMBv1 enabled
Some other metadata is being appended by default with Google Analytics, like time of scan & country.
I don’t know about your IP, don’t care about it and frankly, quite glad not to know anything about it in order to completely eliminate any unnecessary privacy/legal issues.
What’s not being collected?
User names, host names, IP addresses, domain name. It is really none of my interest.
Two scans taken by the same user & computer cannot be correlated (the only common data is the fact they share the same country)
Why collecting data at all?
Understanding how the world’s EternalBlue vulnerability (and SMBv1) posture really looks like, is a great interest to me and actually to many more in the cyber security ecosystem. I doubt if anyone has good visibility for that. Not sure even if Microsoft really knows the average ratio of hosts with SMBv1 enabled in a standard network is.
Stats are coming soon.
July 10 teaser: More than 7 million IPs were scanned so far. PowerBI is coming…