People on privacy / security forums such as Reddit - Dive into anything say that products such as the WD Passport Ultra should not be trusted because they have not been audited, or inspected, by a neutral third party. They’re closed-source and proprietary, not open-source, so it’s not possible for just anyone to verify that their encryption and security algorithms work properly and contain no backdoors for WD or the government.
Has the WD Passport Ultra been audited or verified in this way ? What assurances do we have that there are no backdoors or mistakes ?
The WD Passport Ultra’s encryption system has been certified by all appropriate parties involved in regulatory compliance. It is not open-source precisely to prevent the creation of back-doors. For additional information can try contacting WD’s Technical Support about this. You can do so either by phone or email.
What are the “appropriate parties involved in regulatory compliance” for encryption on the drive ?
I don’t see how making something open-source would make it vulnerable to having a backdoor. I’m not saying let users recompile and install new software on the device, just let everyone (or an auditor) see the software that WD installs on the device.
