1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Western Digital self-encrypting external hard disk drives have flaws that can expose data

Discussion in 'Network World' started by RSS, Oct 20, 2015.

  1. RSS

    RSS New Member Member

    The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.

    A team of three security researchers investigated how the self-encryption feature was implemented in several popular Western Digital My Passport and My Book models. Depending on the type of microchip used for the encryption operation, they found design flaws and backdoor-like features that enable brute-force password guessing attacks or even decryption of the data without knowing the password.

    In some cases they found that the encryption is performed by the chip that bridges the USB and SATA interfaces. In other cases the encryption is done by the HDD's own SATA controller, with the USB bridge handling only the password validation.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page