Archive for Western Digital

« Older Entries

Review: Western Digital My Passport SSD 1TB

Posted in Commentary with tags on June 27, 2024 by itnerd

This review started off in a weird way. A client of mine bought this at Best Buy because he saw some of the marketing claims on the box and figured that the Western Digital My Passport SSD in the 1TB size must be fast. But when it didn’t “feel” fast to him, he asked me to look at it because he figured that it was him and not the drive. Well, the short answer is that it’s the drive. But before I get to what I mean by that, let me give you a look at the drive in question:

In the box you get the drive (you do get to choose between 5 colours), a USB-C cable, and a USB-C to USB-A adapter. This is a good start as USB-C is used on the drive which means that getting replacement cables will be easy. On the drive itself is backup software which is likely more useful for PC users than Mac users who should use Time Machine instead. Though they will have to format the drive before that as the drive comes out of the box formatted for ExFAT. The drive itself is light despite being made of metal and feels solid enough. It claims to be shock resistant up to a 6.5 foot drop. Though I did not test that. And when I tried transferring files to it, it got warm to the touch. Which is fine as I have seen SSD drives get hot to the touch. This drives also supports 256-bit AES hardware encryption for those who are paranoid about keeping their data safe.

Now over to the testing part. Here’s a picture of the box that it came in so that I can show you the speed claim that Western digital makes:

Note the part that it says “Up to 1050 MB/s”. Flipping the box over and reading the fine print, they’re referring to read speed. And looking at the Western Digital website the company also says that it has up to 1000 MB/s write speeds. Those are very bold claims. But here’s what I got when I plugged the drive into my M1 Pro MacBook Pro which has Thunderbolt 4 via the included USB-C cable:

So I was able to confirm that Western Digital was correct on the write speeds as it hit 967.38. But the read speeds was significantly slower than what Western Digital claims. As in around 25% slower. I repeated this test on a PC with Thunderbolt 3 via the included USB-C cable and got similar results. So that suggests that it’s not the computer or the cable that’s responsible for those read speeds. Or lack thereof. It’s the drive that’s responsible. But to be fair to Western Digital. They did say “up to” so just like ISP’s who use that term to cover themselves when the Internet connections aren’t up to the speeds that they advertise, Western Digital has covered themselves. But this explains why the client felt the drive was “slow.” A 5% or even a 10% difference in read speed would likely not have been noticed by most people. But 25% will be noticed by most people. Also to be fair to Western Digital, this speed doesn’t suck. But it doesn’t measure up to the claims on the box.

Now does that mean that you should not buy this drive? As long as you’re not expecting the drive’s read speed to match what’s on the box, go ahead. It’s MSRP is $100 CDN so it’s not a lot of cash to spend. Just make sure you buy it direct from Western Digital or shop around as buying it from Best Buy will cost you $30 more for no good reason.

Leave a comment »

The Western Digital WDDA Controversy MAY Not Be As Shady As It Seems…. But Western Digital Needs To Fix How They’ve Handled This

Posted in Commentary with tags on June 14, 2023 by itnerd

I’ve been tracking a story about Western Digital for the last few days that broke via via Ars Technica. The story goes something like this:

As users have reported online, including on Synology-focused and Synology’s own forums, as well as on Reddit and YouTube, Western Digital drives using Western  Digital Device Analytics (WDDA) are getting a “warning” stamp in Synology DSM once their power-on hours count hits the three-year mark. WDDA is similar to SMART monitoring and rival offerings, like Seagate’s IronWolf, and is supposed to provide analytics and actionable items.

The recommended action says: “The drive has accumulated a large number of power on hours [throughout] the entire life of the drive. Please consider to replace the drive soon.” There seem to be no discernible problems with the hard drives otherwise.

Synology confirmed this to Ars Technica and noted that the labels come from Western Digital, not Synology. A spokesperson said the “WDDA monitoring and testing subsystem is developed by Western Digital, including the warning after they reach a certain number of power-on-hours.”

There’s a couple of ways to look at this.

Let me start with the cynical view. I have zero issues with a hard drive giving you a warning if the drive is about to fail. Especially if you use it in a Network Attached Storage box or NAS like the ones that Synology makes as that is mission critical use case. And drives have had technology built into them to warn you of a potential failure for years. That tech is called SMART or Self Monitoring Analysis And Reporting Technology. But Western Digital’s tech that seems to be designed to throw up a warning after three years of usage. Which by some strange coincidence is around the time the warranty on a lot of these drives expire. That seems a bit “sus” to me. It’s almost as if Western Digital is trying to scare people into replacing drives to drive their revenue upwards.

Here’s the charitable view. There’s a figure called MTBF or Mean Time Between Failures. This is a statistical model that estimates the average life span of a hard drive. A lot of this depends on how you use the drive. The generally accepted MTBF figure that I’ve always seen is three to five years in terms of what users should expect. In a NAS environment, you’re likely to be closer to that three year end of the spectrum. Which means Western Digital warning you about the fact that the drive is over three years old may be a good thing as a surprising number of people have a tendency to not only install and forget about NAS boxes, but they don’t back them up either. Which means a drive failure can be catastrophic.

Pro Tip: You should back up your NAS either to an external drive on a frequent basis (as in at least monthly if not more frequently) and store that backup off site. Or you should use a service like BackBlaze to back up your NAS to the cloud.

If you want my personal opinion, I don’t think that Western Digital is doing anything wrong here. Though there is a part of me that thinks that this is still a bit “sus”. But what I do think is that they did a horrible job of explaining what WDDA does and why it’s potentially valuable to end users. Having said that, these issues would have likely gotten in the way of explaining that:

In short, it is possible that even if Western Digital did a better job of rolling WDDA out, nobody would trust them anyway because of the above issues. And that reflects poorly on Western Digital which in my mind means that they need to address not only this specific issue, but the trust that users have of their brand overall as clearly it’s pretty bad at the moment.

Now some people have recommended against buying Western Digital drives because of this. At the moment, I am continuing to recommend those drives to my clients. But I have to admit that when I replace my NAS later this year, I’ll be looking at installing Seagate drives because while I have not had any of my personal Western Digital drives fail, and only one client over the last decade or so has had a Western Digital drive fail, this whole controversy has made me broaden my horizons. And if I have a good experience with Seagate drives, I will likely start recommending them to my clients as well. Which I suspect is the last thing that Western Digital wants. But given the state of play at the moment, until they come out and address this head on and transparently, that’s what they are likely to get. I say that because I am unable to find any example where Western Digital has said anything about this in public. Perhaps they’re hoping that this issue simply goes away? Who knows? But I do know that companies that don’t deal with issues head on end up with a bad outcome at the end of the day. And Western Digital has to decide if that’s what they want.

Your move Western Digital.

Leave a comment »

Western Digital Got Pwned…. And Customers Cannot Access Their Data In Western Digital’s Cloud

Posted in Commentary with tags on April 6, 2023 by itnerd

Something that I tell clients all the time is that “the cloud” is just someone else’s computer. Which means it is subject to all the problems that one can have with a computer. Including the fact that it can get pwned by threat actors. A case in point is the fact that hard drive manufacturer Western Digital has been pwned by threat actors three days ago. Though they might have been pwned earlier:

On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems. In connection with the ongoing incident, an unauthorized third party gained access to a number of the Company’s systems.

Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities.

The Company is implementing proactive measures to secure its business operations including taking systems and services offline and will continue taking additional steps as appropriate. As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services. Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data.

While Western Digital is focused on remediating this security incident, it has caused and may continue to cause disruption to parts of the Company’s business operations.

And as a result of that pwnage, a bunch of Western Digital services were shut down. You can see the list here. There’s currently no word on when these services may come back up. But that’s not the worst of it. From what I can tell, thousands of people are without their files and Western Digital’s customer service department isn’t keeping its customers updated about what is happening or the progress.

You can read more about what people are experiencing here. But here’s the bottom line this isn’t a good look for Western Digital.

I personally have recommended their hard drives for years. They’re reliable and they haven’t caused myself or any of my clients issues. Their cloud service on the other hand is something I have never recommended. Instead, I direct people towards a service like Blackblaze which is purpose built for backing up your data off site. And I do that because I have never been 100% convinced that what Western Digital is offering would be safe and robust. I believe that I might have been proven right on that front. That’s not to say that Backblaze couldn’t get pwned as well. I guess what I am saying that I have a lot more trust in Backblaze than I do with Western Digital.

1 Comment »

Another Exploit Involving Western Digital My Book Live Drives Is On The Streets

Posted in Commentary with tags , on July 1, 2021 by itnerd

Western Digital My Book Live NAS drive owners have a new problem to worry about. After having some of these drives remotely wiped last week, it now seems that these drives were subject to attacks from two different hacker groups who have a “beef” which each other. What’s worse is that this has brought to light a second exploit that was previously unknown.

Initially, after the news broke on Friday, it was thought a known exploit from 2018 was to blame, allowing attackers to gain root access to the devices. However, it now seems that a previously unknown exploit was also triggered, allowing hackers to remotely perform a factory reset without a password and to install a malicious binary file. A statement from Western Digital, updated today, reads: “My Book Live and My Book Live Duo devices are under attack by exploitation of multiple vulnerabilities present in the device … The My Book Live firmware is vulnerable to a remotely exploitable command injection vulnerability when the device has remote access enabled. This vulnerability may be exploited to run arbitrary commands with root privileges. Additionally, the My Book Live is vulnerable to an unauthenticated factory reset operation which allows an attacker to factory reset the device without authentication. The unauthenticated factory reset vulnerability [has] been assigned CVE-2021-35941.” 

Analysis of WD’s firmware suggests code meant to prevent the issue had been commented out, preventing it from running, by WD itself, and an authentication type was not added to component_config.php which results in the drives not asking for authentication before performing the factory reset. The question then arises of why one hacker would use two different exploits, particularly an undocumented authentication bypass when they already had root access through the command injection vulnerability, with venerable tech site Ars Technica speculating that more than one group could be at work here, with one bunch of bad guys trying to take over, or sabotage, another’s botnet.

Western Digital has advised users to disconnect these drives from the internet. And they are also offering data recovery services beginning in July, and a trade-in program to switch the obsolete My Book Live drives for more modern My Cloud devices. All of which they hope will limit the number of people who sue them. Which to be frank they deserve as Western Digital has really dropped the ball on this one.

Leave a comment »

Western Digital Says Remotely-Installed Trojans Responsible For Wiping ‘My Book’ Storage Devices

Posted in Commentary with tags , on June 28, 2021 by itnerd

Last week I brought you the story of people who have Western Digital My Book Internet connected hard getting them remotely erased by unknown threat actors. Well, Western Digital have put to a statement. And here’s what they had to say:

Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability. In some cases, the attackers have triggered a factory reset that appears to erase all data on the device.

We are reviewing log files which we have received from affected customers to further characterize the attack and the mechanism of access. The log files we have reviewed show that the attackers directly connected to the affected My Book Live devices from a variety of IP addresses in different countries. This indicates that the affected devices were directly accessible from the Internet, either through direct connection or through port forwarding that was enabled either manually or automatically via UPnP.

Additionally, the log files show that on some devices, the attackers installed a trojan with a file named “.nttpd,1-ppc-be-t1-z”, which is a Linux ELF binary compiled for the PowerPC architecture used by the My Book Live and Live Duo. A sample of this trojan has been captured for further analysis and it has been uploaded to VirusTotal.

Our investigation of this incident has not uncovered any evidence that Western Digital cloud services, firmware update servers, or customer credentials were compromised. As the My Book Live devices can be directly exposed to the internet through port forwarding, the attackers may be able to discover vulnerable devices through port scanning.

But what’s interesting is that this statement references this CVE number: CVE-2018-18472. This was something that I mentioned in my original report on this issue as I speculated that this could be the cause of this incident. Western Digital has seemingly confirmed that. Which means that by not patching this issue when it was first disclosed, Western Digital has in effect created this problem for themselves. That’s something to keep in mind when users who were affected by this issue start suing Western Digital. Because you know that the lawsuit is coming.

Leave a comment »

Owners Of Western Digital My Book Live Hard Drives Are Having Their Drives Erased By Unknown Hackers

Posted in Commentary with tags , on June 25, 2021 by itnerd

Reports from a variety of sources are telling a very scary story of owners of Western Digital My Book Live hard drives are having their drives being erased remotely by unknown hackers with a very low chance of data recovery. Western Digital  has confirmed that the attacks are occurring, and has advised owners to immediately disconnect their drives from the internet. Which implies that Western Digital has no clue what’s going on and how to stop it.

There is a remote code execution vulnerability that dates back to 2018 under CVE-2018-18472 that is likely the source of the attacks. The fact that this has been out there for three years without being fixed is pretty bad and Western Digital has some explaining to do as to why it wasn’t fixed. I am sure that Western Digital will have an explanation when the inevitable class action lawsuit is filed.

In the meantime if you have one of these drives, you need to unplug it from the Internet right now. For bonus points, I would also suggest backing up the data and move it to another drive that doesn’t expose itself to the Internet. That way all your data remains safe.

2 Comments »

Review: Western Digital My Passport 4TB Portable Drive

Posted in Products with tags on April 2, 2018 by itnerd

I was having some issues with my NAS and I needed an external drive with at least 3TB of space to back up the contents so that I could erase it and set it up from scratch. Thus it was timely that my local computer store had a sale on the Western Digital My Passport 4TB portable drive as that would more than satisfy my need to back up 3TB of data.

4K%ZV8mMRC+wF60653U7iA

It is a USB 3.0 drive with a stylish exterior (which has the added bonus of being available in multiple colors, but its finish is a bit of a fingerprint magnet) that fits in your pocket. Though I would recommend getting a case for it to ensure that it survives any bumps that it might be subjected to.

Western Digital does include some software in the box in the form of backup software, a drive utility that will check the status and secure-erase the drive, as well as encryption software for dealing with sensitive data. Further to that, the encryption is hardware based which won’t slow it down. I should note that the drive utility software works on both Mac and PC. Ditto for the security software. But the backup software is PC only.

So, how does it perform? It isn’t the fastest drive around if you’re copying large amounts of data such as 300GB disk images like I was last week. But for most people that won’t matter as I found the performance to be pretty good when copying things like MP3s and movies which are far smaller in size.

So what does this drive go for? You can pick up the 4TB version for $120 USD which is a pretty good deal. It is also available in 3TB, 2TB, and 1TB versions as well if you don’t need that amount of storage or don’t want to spend the cash on a 4TB drive. One thing to consider is that it has a 3 year warranty which makes it an even better value. Not that you’ll need to use that warranty as from my experience Western Digital drives are extremely reliable. And in my mind it should push it to the top of your list if you’re looking for an external hard drive.

Leave a comment »

#PSA: Western Digital My Cloud Drives Have A Hidden Backdoor… Update Them NOW!

Posted in Commentary with tags on January 8, 2018 by itnerd

A while back I posted a story on a vulnerablity with Western Digital My Cloud drives that was kind of, well, horrific. Today I have another one for you. It appears via a security researcher that Western Digital My Cloud NAS drives have a hardcoded backdoor, meaning anyone can access them and pwn you. The backdoor has the username “mydlinkBRionyg” and the password is “abc12345cba” (without quotes).

Now you’re likely wondering why is the word “dlink” in the username as that should be a competitor to Western Digital. There’s a good reason for that. It appears that the WD NAS devices once shared code with D-Link “Sharecenter” devices. Interestingly, these D-Link devices were issued patched firmware in 2014 and no longer contain the backdoor. Speaking of patches, this backdoor was disclosed to Western Digital six months ago and the company apparently did nothing until November 2017 when it issued firmware 2.30.172. That’s an epic fail and shows that Western Digital isn’t keeping its eye on the ball when it comes to security.

What I recommend to users of the following drives is this:

  • MyCloud
  • MyCloudMirror
  • My Cloud Gen 2
  • My Cloud PR2100
  • My Cloud PR4100
  • My Cloud EX2 Ultra
  • My Cloud EX2
  • My Cloud EX4
  • My Cloud EX2100
  • My Cloud EX4100
  • My Cloud DL2100
  • My Cloud DL4100

First, verify that you’re running firmware 2.30.172. If you’re not, unplug this drive and stop using it until you have upgraded to that firmware. But keep in mind that this issue has been out there for so long, you may have already been pwned and not know anything about it. Thus you may want to question why you want to have a hard drive connected to the Internet in the first place.

Leave a comment »

Review: Western Digital My Passport For Mac

Posted in Products with tags on September 1, 2017 by itnerd

People don’t think about backing up their computer when they travel. Thus when disaster strikes in the form of a dead hard drive, dead laptop, or the computer being stolen, they’ve lost all their data. That’s why I’ve always made it a policy to travel with a portable hard drive that is packed separately from my computer which I use to back up every night.

During the road trip across Canada that my wife and I just completed, I used an new portable hard drive from Western Digital called the My Passport For Mac:

IMG_0714.jpg

Normally, I don’t get the Mac specific version of any portable hard drive because they cost way more for no good reason other than the fact that it’s formatted for Mac out of the box. Western Digital must have heard that from their customer base as the 1TB model cost me $80 CDN which is the same cost as the PC version. The company also makes 2TB, 3TB, and 4TB models as well.

So, what do you get for your cash? Well, quite a bit actually. The drive itself is very small and thin which makes it easy to pack. It’s also a USB 3.0 drive (which includes a cable by the way) which makes it speedy for those who have don’t have a USB-C computer. It will work with Apple’s own Time Machine backup software and it will work with whatever backup software that you choose to use. In my case, that’s Carbon Copy Cloner. But if you don’t have backup software, Western Digital offers up their own software called WD Backup. For bonus points, the drive has 256-bit AES hardware encryption that you can enable and tweak with the included WD Security software. That way your data stays safe.

The drive was quick to do my nightly backup taking less than 15 minutes to complete the job which was just a touch faster than the previous Western Digital drive I have been using for this purpose. So clearly Western Digital have made a few tweaks to get slightly better performance. It’s also rugged as I popped it into the outside pocket of a suitcase that was tossed in and out of cars for almost 2 weeks without any sort of protective case around it…. and it lived. But in case your drive dies, it comes with a three year warranty. Though, if I were Western Digital, I would have tossed a case into the box.

One note: The drive looks stylish. But it only comes in black. The PC versions of this drive come in three or four other colors. That’s kind of strange.

Backing up your data is important at home and when you’re on the road. In the case of the latter, Western Digital has a compelling offering in the form of the My Passport For Mac that makes this easy for Mac users. This is a must get if you travel and you care about your data.

1 Comment »

Got A WD My Cloud Box? Unplug It NOW

Posted in Commentary with tags on March 8, 2017 by itnerd

If you’re the proud owner of a Western Digital cloud box, I’d advise you to unplug it right now. Why? Apparently, they can be easily hijacked from across the internet or network and there’s no fix for this at present. If that’s not bad enough, the firmware of these devices also has cross-site request forgery vulnerabilities. In English, that means that a malicious webpage can potentially make a victim’s browser connect to a My Cloud device on the network and compromise it. Once that happens, the device and the data on it is pwned.

Here’s a video of the pwnage in progress:

Affected devices include the following:

  • 2.21.126 (My Cloud)
  • 2.11.157 (My Cloud EX2)
  • 2.21.126 (My Cloud EX2 Ultra)
  • 2.11.157 (My Cloud EX4)
  • 2.21.126 (My Cloud EX2100)
  • 2.21.126 (My Cloud EX4100)
  • 2.11.157 (My Cloud Mirror)
  • 2.21.126 (My Cloud Mirror Gen2)
  • 2.21.126 (My Cloud PR2100)
  • 2.21.126 (My Cloud PR4100)
  • 2.21.126 (My Cloud DL2100)
  • 2.21.126 (My Cloud DL4100)

News of this #EpicFail came from SEC Consult Vulnerability Lab which published an advisory on Tuesday after someone named Zenofex went public with full details of the flaws. Here’s the kicker: SEC Consult warned WD back in January that it had uncovered holes in the My Cloud firmware, and gave the vendor 90 days to fix the bugs before it would reveal its findings to the world. Clearly that never happened. But it’s a safe bet with all this negative press that Western Digital is going to fix this real bloody quick. Which is a shame as it should never get to this point before companies do the right thing.

1 Comment »

« Older Entries