Is the USB port on "WD TV LIVE" really unprotected?


#1

Greetings to all,

After attaching a USB hard disk to the USB port, the “WD TV LIVE” becomes sort of a NAS and we can see all the data stored on the hard drive shared on the network. All fine as feature, but what about security? Anyone from the network can access now the data. Is there any way we can secure the folders on the hard drive with passwords? Ex: One folder for guests with their own password, one for each user with their own password, etc. Like on a real NAS.

Any hint from you will be really appreciated.

Thank you


#2

Any drive attached to the USB will be accessible by anyone on the network. There is no way to prevent that in the official firmware. If you want to install the custom firmware then what you want can be easily done.

custom firmware - http://b-rad.cc


#3

Don’t install B-Rad’s ■■■■ firmware.  Are you a shill for B-Rad ???

You are incorrect !  By default the WD Live device is *seen* by other computers on the network, as WDTLIVE.  Inside network settings of your WD Live, you can enable or disable WD Live sharing across the network.  Turning it off, will solve your problem, and you will not be able to access your devices attached to your WD Live from your network.


#4

Hello back,

Thank you for your suggestions: unsupported firmware (too wild for me) and turning off the sharing (I know about the on/off sharing button, but this is not what I mean). Before going to unsupported firmware, I was wondering what’s the point to share something on the network if you canot secure it? I mean, WDC, the biggest hard drive company, did not hear about personal data protection? How am I suppose to connect the family hard drive to this thing if all data will be visible to everybody? Am I forced to buy another hard drive just to make this player work? I am so dissapointed…

Thank you


#5

8ball2001

B-Rads firmware is the same firmware you already have except it enables telnet and SSH access to the box file system. 

It includes other things like torrent and nzb support, but you are free to turn those off .  People that are familiar with linux can then customize and add options. 

As to turning off  sharing across the network , why on earth would you do that when you just want to share it with some people and not others ? Guess you like the all or nothing approach. Turning it off would solve the problem like cutting off a finger will solve a paper cut, look ! no more paper cut !

OP,

I think the reason they did not include the option to password protect it is because the device is targeted to home users. Most people are not worried about other people in their home accessing files on other pc in the home.  I was trying to think of a solution that would not involve changing the firmware and really I’m stumped. You could make it harder for whoever you don’t want to see the data by using multiple folders on the drive and multiple levels of folders so people have to navigate through them to get to what you want to keep private. Someone with enough patience could find them , but unless they knew where to look it might take them quite a while. 


#6

You are obviously not at all familiar with the WD Live - What you claim is false.  I have extensively used the WD Live, and I can tell you that the WDLive works the same way as your computer in regards to sharing.

Keep in mind when you are networking you can SELECTIVELY share folders as opposed to complete drives, hiding all the unecessary folders.  I have done it and it works.

However, when attaching a hard drive DIRECTLY to the unit, it’s not networking, and your WD Live device will treat the hard drive the same way a computer would treat it, and allow view of all folders.

Hard Drives are very cheap now, why in God’s name would you use your family’s hard drive with your WD Live ? Buy a dedicated big enough HDD to put your movies and media files on it and use that with your WD Live.   OR use networking, that’s the best way and you can selectively access folders you want.  I have a 45m long cat 5e network cable running from the floors, from router to the WDLive and networked with my computer’s HDD, only the movie folders, and it works 10)0% !

If you are going to use an external HDD with your WD Live, why would you use your system drive or drive with data on it, that is not a smart thing to do.

Security is YOUR  responsibility.


#7

 

If you are going to use an external HDD with your WD Live, why would you use your system drive or drive with data on it.

 

 

I think there is a hidden agenda here, what Jumperman actually requires is age restriction.


#8

Wow,

a lot of ideas and brainstorming, i am impressed, and THANK YOU, you are a real community. if only WDC will see this, i mean, how many people care… for me things start to get clearer, the product is not even a home device, is a private device. and calling the respective setting “sharing” in the network is a shame to the networking concepts in general. they should call it: “attach it” to the network, “hook it up”, “extent it” or whatever, but not sharing it. for anyone in the networking business, network sharing means a totally different thing. sad that some companies will go so far to get some sales.

and I also start to understand that this is NOT a network device (because any network device is secured), is either a device that can access the network, either a device that can access a usb hard drive, but not both, as in mixed configuration your usb resource is completely unprotected. so imagine what, i will have to change cables every time i need it in network or usb connection. pretty ugly…

i will go for a hacked firmware and i will recommend wdc to hire smart people to program useful firmware, not marketing and sales teams. i bet the marketing team there is bigger than the programming team :wink:

anyway, a big thanks again for your time, highly appreciated here, and i guess that that’s what you get when you do not prospect more before buying, but i have a busy life and i tend to trust big companies… specially when, after actually reading the product manual; i can see on the page 65 “black on white” that this product has a Samba Server built-in. but i guess this is wdc special “handicapped” Samba Server version, and if so, they should call it different, not trashing the name of a respectable community that does a GREAT job for the networking world…

all the best


#9

If by age restriction you are refering to parental control this is something under review by WD - Meanwhile, instead of plugging the HDD directly to the unit through USB, use a network connection instead, there you can selectively share specific folder on your network and keep the other sensitive folders hidden and inaccessible.


#10

jumperman, home networking and security are not good frieds.

That’s a fact. Just think about Media Devices and wlan security.

Any wlan network can be cracked. It will take from seconds to hours. But it’s not bullet proof. Most of the time you will find open networks!

On the other hand, any TV that support DLNA it’s wide open.

What do you want? Security? Turn off all your computers! It’s best!

Easy to use? Hmmm.

Ok, WD could implement a crappy username/password protection for USB drive. It will take minutes to crack something like this, or hours if they buy the license for some better protection.

My advice: don’t keep your critical data on your home network and, by all means, not on USB drive attached to WDTV Live!

It’s that hard? I don’t keep even my pictures on WDTV. I don’t want to loose it if somebody will botter to crack my network!


#11

Hi, I’d have a quick question regarding security and would appreciate an answer a lot.

So I have connected WD TV Live to my home network (LAN/ethernet) and plugged in my external hard drive. I can access the files on my HD easily through WiFi (password protected, WPA) from every computer in my house. But as I live in an apartment building and would need to make sure that no one else can access my files. 

How does it go? Can other people living in the same building possibly access my files?


#12

streamaer wrote:

Hi, I’d have a quick question regarding security and would appreciate an answer a lot.

 

So I have connected WD TV Live to my home network (LAN/ethernet) and plugged in my external hard drive. I can access the files on my HD easily through WiFi (password protected, WPA) from every computer in my house. But as I live in an apartment building and would need to make sure that no one else can access my files. 

 

How does it go? Can other people living in the same building possibly access my files?

no, unless they have access to your WIFI network and you have media sharing enabled on your WD device.


#13

jumperman wrote:

Wow,

 

a lot of ideas and brainstorming, i am impressed, and THANK YOU, you are a real community. if only WDC will see this, i mean, how many people care… for me things start to get clearer, the product is not even a home device, is a private device. and calling the respective setting “sharing” in the network is a shame to the networking concepts in general. they should call it: “attach it” to the network, “hook it up”, “extent it” or whatever, but not sharing it. for anyone in the networking business, network sharing means a totally different thing. sad that some companies will go so far to get some sales.

 

and I also start to understand that this is NOT a network device (because any network device is secured), is either a device that can access the network, either a device that can access a usb hard drive, but not both, as in mixed configuration your usb resource is completely unprotected. so imagine what, i will have to change cables every time i need it in network or usb connection. pretty ugly…

 

i will go for a hacked firmware and i will recommend wdc to hire smart people to program useful firmware, not marketing and sales teams. i bet the marketing team there is bigger than the programming team :wink:

 

anyway, a big thanks again for your time, highly appreciated here, and i guess that that’s what you get when you do not prospect more before buying, but i have a busy life and i tend to trust big companies… specially when, after actually reading the product manual; i can see on the page 65 “black on white” that this product has a Samba Server built-in. but i guess this is wdc special “handicapped” Samba Server version, and if so, they should call it different, not trashing the name of a respectable community that does a GREAT job for the networking world…

 

all the best

 

 

 

You clearly have it hooked up to a network, otherwise you would not be concerned about it.

You could go into your router settings and secure your device from there.

You also can turn of the network sharing feature of the WDLive so your files can not be accessed from the network.

If you want to use the WDLive as a file server, you have picked the wrong product. For that you need a WHS or similar machine.


#14

the concern is valid

But the focus should be on the network not on the WDTV-L

As I see it, my network can be accessed only by direct connection or by cracking a long  WPA2 AES key (don’t remember exactly, 64 characters perhaps). Not a trivial task.

If I had some media/files that I had to protect, I’d use an encrypted .dmg (or truecrypt volume) and mount it and share it only when needed, controlling access/permissions on the server/my computer. It’s a bit of a pain, but such is the burden of security.

Just my 0.02…


#15

Thanks for the info, vanadiel.

So the only major “security” issue with WD TV Live usb hd is that people in the same network (=same household basically) can access all files on the hd. But there is no risk for neighbors or other people I don’t know to get their hands on my files, if WiFi is just password protected and secured (hackers don’t count, of course everything can be hacked in the end, but practically speaking here).


#16

Can the USB revert back to 1.0 speed?


#17

streamaer wrote:

Thanks for the info, vanadiel.

 

So the only major “security” issue with WD TV Live usb hd is that people in the same network (=same household basically) can access all files on the hd. But there is no risk for neighbors or other people I don’t know to get their hands on my files, if WiFi is just password protected and secured (hackers don’t count, of course everything can be hacked in the end, but practically speaking here).

You would also have to enable the media sharing option of the WDTVlive. (Samba server)

Without that option enabled  no other device on your network except the WD Life can access the USB attached storage. 

This setting is found under network-Share WD TV on your network.

There’s a utility on the installation cdrom called WD discovery tool that you can use to transfer files from the WDTvlife to your windows pc.

It’s explained with pictures and more details starting at page 69 of the manual.


#18

" I was wondering what’s the point to share something on the network if you canot secure it?"

You have enemies on your home network?

“How am I suppose to connect the family hard drive to this thing if all data will be visible to everybody?”


You want to hide pron from kids? Keep it on a USB drive and don’t share USB drives from the WDTV Live.

“Am I forced to buy another hard drive just to make this player work? I am so dissapointed…”

Why are you disappointed? It says on the box what the device can do. It can stream from your network (password protected) shares, or you can plug a harddrive into the device and share it with the network. Its typical, they decide to add a little neat feature and people come in here and whine about it.



#19

If you have another router laying around you could put your WDTV Live and trusted computers on a separate subnet. The restricted computers would then only have access to the Internet and the machines on that subnet. Not a perfect solution but manageable workaround if you have the extra hardware.


#20

whattheheck wrote:

 

Why are you disappointed? It says on the box what the device can do. It can stream from your network (password protected) shares, or you can plug a harddrive into the device and share it with the network. Its typical, they decide to add a little neat feature and people come in here and whine about it.


Why are you trolling? You have complaints here that are outside of “what it says on the box.” Are you a “whiner” too?