This makes total sense.. Except who is the SMB in this case? It sounds like the person just downloaded this off the Internet, it wasn't pre-installed by IT. So it sounds like Huntress has full and complete access to whoever downloads their software to try it out/demo it... and aren't afraid to use this access for their own purposes/just do a bit of poking around because why not? When a hostname matches?

▲

viccis 3 days ago | parent | next [-]

Reminds me of when a Hostgator employee told me on reddit that he liked digging through peoples' websites and chatted with me about the stuff I had hosted on my website.

▲

Sophira 2 days ago | parent [-]

That's potentially different, to be fair. Websites are generally made with the intention of making them public, and unless you're digging through stuff that hasn't been made public, there's nothing wrong with browsing your customers' websites and talking about it. (Of course, maybe that's what the Hostgator employee was doing - in which case, shame on them.)

On the other hand, I'm pretty sure that the person who installed Huntress did not intend to upload any info at all, let alone to have that information made public.

	▲	viccis 2 days ago \| parent [-]
		No he was digging through my FTP contents that weren't publicly viewable.

▲

spogbiper 3 days ago | parent | prev [-]

yeah i don't know about the legality or morality of what huntress did here. i just know these types of products/this level of access are very common