If you use one of the mentioned drives, disconnect them from Internet access.
Quoting from https://www.westerndigital.com/support/productsecurity/wdc-2...
"Western Digital has determined that some My Book Live and My Book Live Duo devices are being compromised through exploitation of a remote command execution vulnerability. In some cases, this compromise has led to a factory reset that appears to erase all data on the device. The My Book Live and My Book Live Duo devices received its final firmware update in 2015. We understand that our customers’ data is very important. We are actively investigating the issue and will provide an updated advisory when we have more information."
I have two My Books but they do not say live on them. Just MyBook.
I keep one attached for automatic backups from my computer and the other one I attach once a month to do a monthly update and then disconnect it.
Is the one I keep attached to my PC considered attached to the internet since my PC is attached to the internet?
I have not unplugged it but do you think I should.
I have three WD MyBook drives, not WD MyBook Live. I assume my drives are not affected, but I wish Western Digital would post more info on the products affected and those not affected.
The three MyBook drives were purchased June 2017. They use spinning hard drives.
Don’t take this as gospel but from what I can learn the “Live” drives date from around 2011 (or earlier) and resemble a paperback book that stands on edge. Thus the internals are likely the old “spinning platter” type of drive as opposed to the newer external drive that uses a SSD for the internals.
There is a picture in the article at https://gadgets.ndtv.com/laptops/news/wd-my-book-live-duo-da...
A MyBook Live drive is an NAS, Network Attached Storage, using an ethernet connection. I assume being on the network leaves it exposed to the internet without the protection of any anti-malware running on the PC.
The MyBook drive has a USB3 connection. It is an external drive. I assume the PC anti-malware protects it with a firewall and other software.
If you are behind a firewall (almost all modern routers provide a firewall) you need to block access to/from the WD Live. That allows you to still use it while connected from the internal network.
Technical support stopped 6 years ago for these models. I guess there's not too much to worry about not using an old external drive. You can replace it with newer/be3tter/faster models for less than $100.
I have the Live Duo and it's been offline (internet access) for about 2 years. Still works great as a network drive for media to my TV and laptop but I haven't been able to access it from my phone or while away over the internet. I guess I should look at my router (TP-Link)to see how to bloke it from the internet properly. Due to it's lack of internet access, I was thinking of replacing it with a newer version with bigger drives.
Can you provide the instructions on how to do this?
I have a MyBookLive, and have never enabled remote access because something like this was bound to happen sooner or later. It is useful for keeping files that I can access on my home network - desktop, laptop, tablet, etc. This occurs behind my router, and is separate from letting the drive access the internet.
I hardly ever post in here, apparently there's no way to post an image. I have a screenshot of the relevant setting, but it's pretty simple to describe: Login to the drive web interface with a web browser, go to "settings", then go to "remote access" along the top row menu. Then simply uncheck "enable" on the top line. As long as "enable" is not checked, the other settings below - web access, mobile access, etc. - will be grayed out and not available to configure.
Thanks for the write-up that was what my wife done, just finding out how the hard way.
I have a screenshot of the relevant setting, but it's pretty simple to describe: Login to the drive web interface with a web browser, go to "settings", then go to "remote access" along the top row menu. Then simply uncheck "enable" on the top line. As long as "enable" is not checked, the other settings below - web access, mobile access, etc. - will be grayed out and not available to configure.
There's a snapshot of what you described at the following:
I know the appeal of internet connected storage, but I don't trust hard drive manufacturers with using this approach.
For now, I just don't buy drives that have internet features, or I just disable them.
WD's My Passport portable external hard drives and other WD models, which connect to one PC at a time using a USB cable for backup or file storage, are not affected by this problem. The difference with the WD My Book Live drives that can be remotely attacked and erased by bad guys is that they connect directly to a *router* with an Ethernet cable for network backup of multiple devices, if they're not behind a firewall; those are the vulnerable WD drives.
I've got one gathering dust. Before its RAID controller died, i had it connected to my LAN but with access blocked to the outside world. Now, it is waiting for me to get rid of/destroy since it has passwords and financials on it that i can't access. Mine was a 1TB that had two 500MB spinning drives RAIDed together.
Unrelated but related. My printer has network connectivity. In fact, it supports printing from google and likely apple. When I first connected it to wifi, I set bogus values for the gateway (0.0.0.0) and same for dns, effectively severing its ability to go out beyond the local lan.
I don't print from my phone and have need need whatsoever for the printer to go beyond the local network. Who knows what telemetry it wants to send back to the mothership.
terms | privacy | contactCopyright © 2006-2023