I’m no expert on this topic or near it but i am kinda confused whats going on with my Fw and os5
i have (2) mycloud 4TBs. Each has its own static ip. one shows Fw v 4.xxxx etc and the second 5.xxx etc. I’ve managed run os5 on the second. it seems from the WD info my Fw v4.xx device cant do OS5 - so that device is orphaned??? And if i continue to use it will be at risk for the hacks that caused OS5 to be produced. Gee thanks. Ive seen a post for the patch but it needs to run at every reboot. but i am not sure how to accomplish that. Am i missing something here?? WD knowledgebase seems to be talking past tech pedestrians like me.
Secondly it seems that “when both devices are connected” on my home network the content and space availability of the second (Fw5. xxx os5 device) shows the space availability from the (?orphaned?) first device (Fw v4.xxx) . if i disconnect the first (Fw v 4.xx)t then the correct content is presented. what gives here??
i have no data yet on the second device as i recently bought it. but when i go into it via ip address it thinks its filled up as the first device. Go figure??
i would have thought that if it scans for these devices and sees 2, it should somewhere allow you to chose which one you want to get to, I dont understand why its “borrowing the fill /availability” from the other device. It will show its really empty when when i connect only the second device.
Seems i gotta only have one of the bibles connected at a time to get accurate content info.
Any explanation why tit seems the Fw v4.xxx cant get to Fw for os5 and
why am i seeing mismatched content when both devices are connected
So the older FW 4.xxx device is an older device. It has older, less capable hardware than the device that has been updated to OS5. The long and short of it is that the older device simply can’t effectively run OS5. . .and if you tried it would likely choke on the code and become bricked
I say this because some of the less-capable OS5 compatible models do become bricked in the upgrade process. . . . . OS5 has some HORRIBLY inefficient subroutines.
The older device is not unusable. . . it’s just orphaned and should continue to operate a standalone NAS. It’s not clear from your post. . .but the two NAS units do have distinct unique IP addresses and distinct unique device names right? (If they are both called “MyCloud” or both have the same IP address. . .things might act odd just like you are describing)
Finally. . .OS3 is old software that wasn’t exactly tight from a security perspective. There are known backdoors and other security vulnerabilities. So having an OS3 device on your network is a security vulnerability. (OS5 is not perfect. . .but some of the known OS3 flaws have been fixed).
PS: WD has stated that there will be a final firmware update to “turn off” OS3 cloud services. (It is NOT advertised as a security update). I would avoid that final firmware update like the plague.
PPS: I have three OS/3 devices on a network. That network is secure, as it does not have internet access. (and is NOT attached to the network I am using to write this post). I did run one box on OS/5 for about a year. . . and then I decided to hack the unit and reload OS/3. I did this because of privacy concerns related to OS/5.
they each have their own unique static ip address and each has a name that has the ip suffix (last 3 digits) of the ip to discriminate one from the other.
From what you say, I should only use the fw v4.xxx device for home network only and forget about remote (outside my home network) access.
Luckily i don’t need that exo home network access feature.
Still hope to learn about the incorrect used/unused space issue. but then i know it happens and would disconnect one to get tru space stats on each device.
We will see if WD come out with a final patch try on os3.
Please post a screen shot showing what you are indicating is the OS5/v5.x firmware My Cloud showing the available space from another My Cloud. What program or application is showing this? The OS5 My Cloud Dashboard? The MyCloud.com web portal?
Ummmm. . . .Yes. . . only use the device on your home network.
HOWEVER; merely turning off “cloud services” on the device is NOT ADEQUATE. These network devices have open ports. . . .and it is through these open ports that your NAS can be hacked.
If you want the device to be secure, you need to block the device from the internet FROM THE ROUTER. This takes the security of the device out of obsolete NAS software. . . the security is provided from the router.
Note: VPN access is seperate topic. But bottom line: in my router; if I block the NAS from the internet; the VPN access gets blocked as well (VPN ends up on different subnet from the NAS. . .and is blocked)
Note: Ransomeware vulnerability is a seperate topic. . .
I will try to do a screen shot of the confused content/space for the 2 mycloud devices when i get them hooked up tomorrow.
on your second request -
here is a copy of the reboot patch txt.i did batch files in DOS days but understand this is not what i do, and i havent tried to use it .
I found a URL to it on the WD site by a poster and just copied it to a Word file.
#!/bin/bash
echo “> weekend_destroyer_patch: patch for 0 day sploit by”
That poster was likely me. The thread in question deals with one specific vulnerability that was aimed at OS3 My Cloud units (particularly v2.x units). It is not clear if that specific vulnerability even affected the older v4.x firmware single bay My Cloud units.
The OS3 My Cloud firmware likely has a number of security vulnerabilities not just the one mentioned in that thread discussion. The OS3 firmware also has some (many?) outdated modules or portions of code including using an old “beta” version of Twonky Media Server apparently. There are ways to run scripts or call scripts such as that one, at OS3 My Cloud bootup. For example using the file /etc/rc2.d/S98user-start (if it exists on one’s My Cloud) is one method or option.
One way to limit the exposure of the various security vulnerabilities of the OS3 My Cloud units is to block broadband access to the My Cloud at the router firewall. Most consumer routers include the function to block internet/broadband access to a specific network device. Simply turning off Remote Access/Cloud Access in the My Cloud Dashboard > Settings isn’t enough, some of the vulnerabilities may still be exploitable which is why its best to also block broadband access to the My Cloud at the router firewall.
so now that i have expanded the device name to something more descript than "mycloud " with a 4TB and the last digits of the ip address for each device. it no longer get the same used/unused space on both units. I think the expanded name change and a reboot did solve “machine” confusion.
As i had just bought that second mycloud Fw v 4.xxx that cant be updated to FW v5.xxx and when i ran the utilities it hung at 90% and tried several times with same result. i questioned WD about it- they just got back to me today. i did what they asked but when i again ran the on-board scan utility, it crashed at 40% and i made a log file of it. so it looks like this" bible" is going back to its Maker. dont know if they will just refund me or send me one that will do the 5OS update. waiting to hear.
This has been a little education. but now i know i need to use the setting to block net access in the device.
thanks for your help
whoops i just found that the second drive still thinks it has the files of the first mycloud.
it happened while on my macbook, went into network in finder, saw the 2 mycloud devices and looked at the files on one then the supposedly empty second device - but no it has the files listed as if they are on the second drive as well.
go figure
The thread in question deals with one specific vulnerability that was aimed at OS3 My Cloud units (particularly v2.x units). It is not clear if that specific vulnerability even affected the older v4.x firmware single bay My Cloud units.