My WDMyCloud Public Folder Hacked

cpt_paranoia wrote:

 Apparently, a hacker was using it as some sort of torrent upload/download site

 

How did you come to this conclusion? Whilst I’m not saying it is impossible, it would be the first report of an actual hack I’ve heard of here. Like ISIiS, I’d look to your local security procedures first…

 

Any system is potentially vulnerable to dedicated hackers; note the cases of hacking attacks on US Government websites, cloud services, corporate websites, etc. WD have taken measures to provide device security; they haven’t ‘done nothing’. Whilst they may be slow to respond to known security vulnerabilities (and I have moaned about this), they have responded.

 

I note your post seems to be addressed at WD. Just a reminder: this is a customer forum, and there are very few WD employees here; they’re identified as such below their user name.

I came to that conclusion because it was very apparent. The movies were strewn with torrent signatures/files. My network is very secure. As I stated in my previous post, all that is required to get to our files is the path. This is a severe security flaw that others have been ranting about in this forum for years and WD has obviously done nothing about it.

Yes, thanks. I understand that WD pays very little mind to their forum, but I am hoping to get ther attention since trying to use their customer support in the past proved pointless.

AJ777 wrote:

No, our Public folders are not just available to our network users. They are available to anyone on the intenet that has the pathway to get to them. I can very quickly and very easily send non-password protected links out to anyone on the internet to access my Public files. They do not need a password or any means of security to access my files. This is a bulit in function of WDMyCloud. All they need is the pathway to get to our files. What this means is that our Public files are available to anyone and everyone that can figure out the pathway to get to them. Our Public files are not secure in any way shape or form. Of course I do not share my my WiFi with my neighbor, and as I already described, I have gone to great expense and taken extreme painstaking measures to secure my hardware and files. If you would search this forum, you would see that others have been emphatically seeking resolution for this issue for years without any intervention by Western Digital of any kind.

How is both your WD My Cloud and your router/gateway/firewall configured? Is the router configured to pass ports to the WD My Cloud or other devices on the local network? Is the My Cloud sitting in the DMZ or outside the router’s firewall? Do you have FTP enabled on the WD My Cloud? Is Remote Access under Settings turned off? Have you turned off Public Access to the Public folder? And before you say you canot turn off public access to the public folder, yes you can thanks to a bug in the Dashboard coding. Change the name of the Public Share via the Dashboard and you’ll get an error saying you cannot change the share at which point the ability to turn off Public Access becomes active and can be set to Off. Or one can possibly use SSH to change the permissions on the Public Share folder. Note however that if the WD My Cloud restarts, is rebooted, or the firmware is updated the permission settings on the Public Share folder may be reset to WD’s defaults.

The very fact that torrent files are being saved would have me wondering if anyone, like say kids, on the local network is torrenting the files. I’d check every network connected device for torrenting software and check to see if the software is configured to monitor or save to the My Cloud Public folder. Wouldn’t be the first them a kid or adult lied about not torrenting or sharing files.

AJ777 wrote:> As I stated in my previous post, all that is required to get to our files is the path.

Can you provide an example of this “path” to access your Public Share folders from the internet (or outside your network)?

Bennor wrote:


AJ777 wrote:

No, our Public folders are not just available to our network users. They are available to anyone on the intenet that has the pathway to get to them. I can very quickly and very easily send non-password protected links out to anyone on the internet to access my Public files. They do not need a password or any means of security to access my files. This is a bulit in function of WDMyCloud. All they need is the pathway to get to our files. What this means is that our Public files are available to anyone and everyone that can figure out the pathway to get to them. Our Public files are not secure in any way shape or form. Of course I do not share my my WiFi with my neighbor, and as I already described, I have gone to great expense and taken extreme painstaking measures to secure my hardware and files. If you would search this forum, you would see that others have been emphatically seeking resolution for this issue for years without any intervention by Western Digital of any kind.


How is both your WD My Cloud and your router/gateway/firewall configured? Is the router configured to pass ports to the WD My Cloud or other devices on the local network? Is the My Cloud sitting in the DMZ or outside the router’s firewall? Do you have FTP enabled on the WD My Cloud? Is Remote Access under Settings turned off? Have you turned off Public Access to the Public folder? And before you say you canot turn off public access to the public folder, yes you can thanks to a bug in the Dashboard coding. Change the name of the Public Share via the Dashboard and you’ll get an error saying you cannot change the share at which point the ability to turn off Public Access becomes active and can be set to Off. Or one can possibly use SSH to change the permissions on the Public Share folder. Note however that if the WD My Cloud restarts, is rebooted, or the firmware is updated the permission settings on the Public Share folder may be reset to WD’s defaults.

 

The very fact that torrent files are being saved would have me wondering if anyone, like say kids, on the local network is torrenting the files. I’d check every network connected device for torrenting software and check to see if the software is configured to monitor or save to the My Cloud Public folder. Wouldn’t be the first them a kid or adult lied about not torrenting or sharing files.

I am using the LinkSys EA6700 router with all available firewall, DMZ is off as I already stated, Port forwarding is off, MyCloud is inside the router firewall, https is on, ftp is disabled in the router and in MyCloud, remote access is off in router but on in WDCloud for phone and pc when away from my network (the WD authentication for this seems to be sufficient for security). I also use Kaspersky on all my devices with all the maximum protection enabled that I can use without completely crippling my devices. Yes, that would be great to turn off public access, the only thing is that you need public access to stream video to your devices since media devices are incapable of providing passords/security credentials for private folder streaming from MyCloud or any other cloud. I use MyCloud as a DVR since I cut the cable cord a couple years ago. Users need to be able to secure access to to their Public folder from outside their network and leave the folder as Public within their network. That is the only way to safely stream to your devices without outsiders having free reign on our Public folders. Numerous posters have expressed their concerns about this over the years.

My kids are all grown, I am by myself, and nobody but me has touched any of my hardware. I have never, nor will I ever use any kind of torrenting software on any of my devices. There was approximately 30-50 movie files in my Public folder with numerous torrenting files within the folders. It’s very obvious that someone came in through the internet and placed them there.

Bennor wrote:


AJ777 wrote:> As I stated in my previous post, all that is required to get to our files is the path.


Can you provide an example of this “path” to access your Public Share folders from the internet (or outside your network)?

You merely open your desktop mycloud app, right click on a file in your Public folder, select copy link and paste that link into an email. Anyone with that link can access that file in your Public folder without any kind of security measures from basically anywhere in the world. It seems likely that since there are no security measures to speak of that with a slight amount of hacking, the Public folder could be accessed by a moderately competent hacker.

For starters, if you have not already done so, read the  [FAQ] Twonky DLNA Media Server Setup & Use if one is using the WD My Cloud to stream content to DLNA clients. It is generally recommended NOT to put media content in the main “Public” Share folder even though the WD My Cloud User Guide recommends it.

If one is using DLNA to stream then one can put their content into Private Share folders. So long as Media Serving is active on a Private Share the media is accessible to all DLNA clients on the local network.

If you do not have any users connecting remotely, as in outside of the local network, to the WD My Cloud then one can disable Remote Access to try and block remote access from outside the local network. The down side is it may or may not affect local network mobile users who use the WD My Cloud app and WD Photo app to connect to the My Cloud device on the local network. Disabling Remote Access does not appear to affect local network DLNA access to the Twonky Media Server which is embedded into the WD My Cloud. Nor does disabling Remote Access affect the use of file manager software on mobile devices (like ES File Explorer on Android) to access the WD My Cloud on the local network.

The Remote Access option on the WD My Cloud Dashboard does include the ability to manually configure the ports the router uses forward traffic to the WD My Cloud from outside the local network. This WD Support link has more information: How to enable port forwarding on a network router for use with a WD My Cloud, My Book Live, or My Book Live Duo 

The bottom line is that the router is what is letting traffic through from the internet to the WD My Cloud provided the WD My Cloud is behind the firewall. There are a variety of steps one can take on the router; from disabling UPnP to forwarding ports to dummy IP addresses, to blocking outbound IP address port or communications, to try and block internet traffic inbound through the router to the WD My Cloud. The way to have true security for remote non local access to the WD My Cloud is to implement a VPN tunnel into the local network and configure the router’s firewall to block all Internet communication to the WD My Cloud so only VPN traffic to the local network will be able to access the WD My Cloud remotely.

On the local network the Public Share folder will always be visible and accessible to all unless one changes the permissions on it either via SSH or turning off Public Access on the Share folder.

AJ777 wrote:

 

You merely open your desktop mycloud app, right click on a file in your Public folder, select copy link and paste that link into an email. Anyone with that link can access that file in your Public folder without any kind of security measures from basically anywhere in the world. It seems likely that since there are no security measures to speak of that with a slight amount of hacking, the Public folder could be accessed by a moderately competent hacker.

OK now I get what your talking about. First there IS security measures being applied. The URL link contains the username/password string needed for the WD2Go.com site to connect to the WD My Cloud and access the file (or folder contents). Without that security string being included with the URL one gets a “User not authorized” message.

While the “device_user_id=” string in the URL that contains the user id doesn’t appear to change from file to file, the “request_auth_code=” DOES change (at least on my end) from file to file. If I try to use a different “request_auth_code=” that was used for a different file I get a “User not authorized” message.

If I try to access the URL “http://WDMyCloud.device<numbers_removed>.wd2go.com:80” I get a “You don’t have permission to access /UI on this server.” message. The question is can one use the “device_user_id=” string and “request_auth_code=” string from a URL copied from the WD My Cloud Desktop app to UPLOAD content? I don’t know.

The easy solution to this is to set Cloud Access to Disable within the WD My Cloud. That way no one can remote access that WD My Cloud device from the Internet. Or at the very least set each don’t configure each user for a WDMyCloud.com login. The next option is to configure one’s router/gateway (if possible) to reject or reroute WD2Go.com requests. It appears the external to internal port mapping on the router for WD2Go is 8080 -> 80 and 8443 -> 443 (per this WD Support link).

With most online storage services one can hide the contents from general public view so only those with a specific URL can access it.  Often such services allow one to give out a URL that allows others to access a specific file or storage contents. Without that URL one cannot access the file or the contents. Giving out the URL to a file from the WD My Cloud Desktop app is much the same way in that anyone with the URL can view the file. Can they upload content without using the WD My Cloud Desktop app, or the WD My Cloud mobile app, or the WD Photo mobile app? Don’t think so (probably not without some hacking skills) or using some other form of access to one’s local network.

If one wants remote access to their WD My Cloud from the Internet then they are, knowingly or unknowingly, accepting the risk of unauthorized users potentially gaining access to the contents in some way shape or fashion.

Don’t remember if you indicated if you gave anyone else remote access to your WD My Cloud, but if you did perhaps you should contact them and find out if they (or their kids) uploaded the media files to the Public Share folder(s).

Bennor wrote:


AJ777 wrote:

 

You merely open your desktop mycloud app, right click on a file in your Public folder, select copy link and paste that link into an email. Anyone with that link can access that file in your Public folder without any kind of security measures from basically anywhere in the world. It seems likely that since there are no security measures to speak of that with a slight amount of hacking, the Public folder could be accessed by a moderately competent hacker.


OK now I get what your talking about. First there IS security measures being applied. The URL link contains the username/password string needed for the WD2Go.com site to connect to the WD My Cloud and access the file (or folder contents). Without that security string being included with the URL one gets a “User not authorized” message.

 

While the “device_user_id=” string in the URL that contains the user id doesn’t appear to change from file to file, the “request_auth_code=” DOES change (at least on my end) from file to file. If I try to use a different “request_auth_code=” that was used for a different file I get a “User not authorized” message.

 

If I try to access the URL “http://WDMyCloud.device<numbers_removed>.wd2go.com:80” I get a “You don’t have permission to access /UI on this server.” message. The question is can one use the “device_user_id=” string and “request_auth_code=” string from a URL copied from the WD My Cloud Desktop app to UPLOAD content? I don’t know.

 

The easy solution to this is to set Cloud Access to Disable within the WD My Cloud. That way no one can remote access that WD My Cloud device from the Internet. Or at the very least set each don’t configure each user for a WDMyCloud.com login. The next option is to configure one’s router/gateway (if possible) to reject or reroute WD2Go.com requests. It appears the external to internal port mapping on the router for WD2Go is 8080 -> 80 and 8443 -> 443 (per this WD Support link).

 

With most online storage services one can hide the contents from general public view so only those with a specific URL can access it.  Often such services allow one to give out a URL that allows others to access a specific file or storage contents. Without that URL one cannot access the file or the contents. Giving out the URL to a file from the WD My Cloud Desktop app is much the same way in that anyone with the URL can view the file. Can they upload content without using the WD My Cloud Desktop app, or the WD My Cloud mobile app, or the WD Photo mobile app? Don’t think so (probably not without some hacking skills) or using some other form of access to one’s local network.

 

If one wants remote access to their WD My Cloud from the Internet then they are, knowingly or unknowingly, accepting the risk of unauthorized users potentially gaining access to the contents in some way shape or fashion.

 

Don’t remember if you indicated if you gave anyone else remote access to your WD My Cloud, but if you did perhaps you should contact them and find out if they (or their kids) uploaded the media files to the Public Share folder(s).

 Yes, I turned off the Twonky server today as a matter of fact. It is an absolutely ridiculous excuse of a media server anyway. I cannot pause, fast forward, rewind any of my media, nothing, on any device. I absolutely cannot believe that WD would have chosen to put such a garbage app into their premier storage device.

If I put my media in a non-public folder then none of my devices can play my media except for my laptop that my alternate media server resides on because of password/security authentication. How do I get around this? YOu make it sound like this is a viable option but it is not if none of my devices can play my media. Also, I do not understand why I would want to potentially make more potential security issues with an unknown app such as ES File Explorer rather than using a WD app designed for my intended purpose? I have used ES file explorer for years but have never considered accessing anything with it by providing Wifi passwords, personal data, etc. I do not trust most of the apps on my phone. Most Android apps have horrendous bugs in them and if they don’t today, they will tomorrow after an update.  

I do not feel that remote access is the issue. WD generates a random code for each device to gain remote access. This seems to be very secure since it is the only way that remote access can be gained. Also, why should I even consider eliminating access to my cloud when I am away from my network. I paid hundereds of dollars for my cloud to function as a cloud. It is not a viable option for me or for anyone else to eliminate remote access since they would in essence be turning their cloud into very high priced external hardrive. That is not an option.

Why would I want to manually configure the ports the router uses to forward traffic? An open port is an open port. One is not really any more secure than another.

Yes, of course the router is passing all communication. That is its purpose, but WD needs to establish a simple setting that blocks access outside the network to the Public folder unless an authenticated remote access device is accessing it. I would venture to say that 99% of all users do not want their Public folders accessed by everyone on the internet 24/7 which is WD’s currrent design. Additonally, it is not the router’s job to secure the data that I have stored in my WD device. It is the WD device’s job.

Yes, a Public non-password protected folder is essential inside the network to stream media. As I stated, media cannot be streamed to media devices via password protected/private/secure folders, but I do not want the entire flipping world to have access to it without my permission. WD’s currrent design is the Public folder is wide open 24/7 and there is nothing we can do about it. Others have been ranting about this on this forum for years. It seems like the folder could be very easily blocked from outside the local network. It could be as simple as only giving access to my particular devices and my remote access devices. There it is, very simple solution and problem fixed. Why WD is incapable of determining such simple solutions astounds me.

No, I am the sole user of my WDCloud and always have been. No other user has ever been granted access. Also, I have always used the maximum amount of password characters which reminds me of another very irritating issue. When setting up WD Cloud for the first time the maximum password characters is only around 10 characters which is absolutely ridiculus considering what most users are securing. It’s not until you can access the dashboard that you can change your password to a 20+ character.  

I wonder if eliminating remote access would even eliminate access to our public folders. Remote access is remote access and it is specifically for our individual devices which is granted access through a random code. The public folder is wide open 24/7 and I really doubt that eliminating remote access would even eliminate access to the public folder since they really have nothing to do with each other.

I appreciate your trying to help but WD needs to understand that we the users want to control access to our folders. We do not want WD giving wide open access to any of our folders 24/7 without OUR permission. That does not seem like too much to ask since we the consumers are the ones paying hundreds of dollars for the devices. My 4 TB MyCloud and 4 TB My Book backup drive are just about full. Do you think I will running to WD to spend hundreds more dollars for more of their devices? That’s not that likely but possible. Companies need to learn to listen to their customers. Without their customers there are no companies. That is why everyone is jumping on the Apple bandwagom. For the last 10 years Microsoft has seemed to absolutely care less what their customers want and now they are paying dearly for it.

I’m going to snip portions of AJ777’s latest post in order to reply and not create a wall of text. My comments are under the bolded/italicized sections as a reply.

_ “Yes, I turned off the Twonky server today as a matter of fact. It is an absolutely ridiculous excuse of a media server anyway. I cannot pause, fast forward, rewind any of my media, nothing, on any device. I absolutely cannot believe that WD would have chosen to put such a garbage app into their premier storage device.” _

Not sure why you cannot rewind, pause, or fast forward. Could be a problem with your DLNA client or the media encoding. I have had no problems; pausing, rewinding, fast forwarding all of my video and audio files using several DNLA clients; on Windows PC’s, Roku devices, and Android devices.

"If I put my media in a non-public folder then none of my devices can play my media except for my laptop that my alternate media server resides on because of password/security authentication. How do I get around this?"

Its simple, simply activate Media Sharing on the Private Share. Once activated the Twonky Media Server will scan the Private Share contents and any supported media content will be available for streaming to DLNA clients. See the following WD Support document for more information on how to setup and configure a Private Share: How to create a Public or Private Share on a WD My Cloud, Mirror, EX2, or EX4 drive

"Yes, of course the router is passing all communication. That is its purpose, but WD needs to establish a simple setting that blocks access outside the network to the Public folder unless an authenticated remote access device is accessing it. I would venture to say that 99% of all users do not want their Public folders accessed by everyone on the internet 24/7 which is WD’s currrent design. Additonally, it is not the router’s job to secure the data that I have stored in my WD device. It is the WD device’s job."

First it is your router’s job to stop/block ALL inbound traffic to your network and only let that though which has been requested. As previously explained using SSH to change folder permissions, or through a bug in the WD My Cloud Dashboard one CAN disable public access to the Public Share folder and configure access to it by individual User. Supposedly it is Twonky that utilizes these public folders.

_ “As I stated, media cannot be streamed to media devices via password protected/private/secure folders, but I do not want the entire flipping world to have access to it without my permission.” _

As indicated above this is not the case. Private Share folders can have media streamed from it. Turn on Media Sharing for the Private Share folder.

_ “WD’s currrent design is the Public folder is wide open 24/7 and there is nothing we can do about it. Others have been ranting about this on this forum for years. It seems like the folder could be very easily blocked from outside the local network. It could be as simple as only giving access to my particular devices and my remote access devices. There it is, very simple solution and problem fixed. Why WD is incapable of determining such simple solutions astounds me.” _

On this there is much agreement. WD’s implementation or lack their of when it comes to granular control over folders both public and private (including sub folders) is abysmal. One shouldn’t have to resort to using SSH or a bug in the Dashboard interface to have granular control but one does. It is one of the major drawbacks to this device. The WD My Cloud is what it is. But I assume WD decided it was better to dumb the WD My Cloud Dashboard down to appeal to the masses and make the device as simple as possible ot use by those with very little computing knowledge. Currently the solution is to keep all files out of the Public Share folder and remove any files users may upload to it.


Just some additional comments. I’m a bit confused by the initial complain about the “WD My Cloud Public Folder hacked”. Making such a claim would imply that someone gained access to your local network to put files on the WD My Cloud. If those files were not put there through the remote access feature of the WD My Cloud then someone has access to your local network through your WiFi or has gained access to the wired Ethernet, both are unrelated to the WD My Cloud. It appears by claiming the Public Folder was “hacked” the discussion has drifted from what your real problem is with the WD My Cloud. Ability to restrict control access to the Public Share folder. By claiming the folder was “hacked” is what lead to discussions on how to prevent remote access at the router level to the WD My Cloud or the local network.

From the looks of it, the WD My Cloud is operating as designed on your local network but you are upset or not satisfied with not having more control over the device than is, easily, available. That is a valid complaint, but one that doesn’t have anything to do with the public folder being hacked. Like it or not the WD My Cloud is what it is. There are ways to use SSH or the bug in the Dashboard to close down access to the Public Share folder. But out of the box the Public Share folder is open to all on your local network.

One further observation.

"Do you think I will running to WD to spend hundreds more dollars for more of their devices? That’s not that likely but possible. Companies need to learn to listen to their customers."

Generally I do agree that companies need to listen to their customers. However lets stop and think about who WD is really marketing the entry level WD My Cloud devices to. Are they marketing them to someone who is computer savvy who is looking for a feature rich NAS at a cheaper price point than those offered by more expensive NAS manufacturers? Or are they marketing the My Cloud to the average Joe who wants a simple to set up device to store their pictures, music and videos from their cell phones/tablets/PC’s on a hard drive, and back up their computers to a hard drive along with being able to access that hard drive remotely or locally to pay that content back?

Lets look at the cost of the entry level WD My Cloud devices as compared to the cost of just a bare bones similar capacity WD Red drive (seems as most WD My Cloud units have WD Red drives internal). One is getting an NAS box (with media server) that has remote access capabilities for what is often a few dollars more than the cost of a bare drive. Amazon: WD My Cloud 4TB - $184.82 vs WD 4TB Red Drive - $154.00. It seems like some are hoping to get QNAP or Synology type NAS capability what could be half or more the cost.

I don’t mean to make excuses for the shortcomings of the WD My Cloud Dashboard or the Twonky Media Server. Both have some serious usability issues, some mentioned in this thread and elsewhere, that if fixed could greatly enhance the device. But WD has chosen, at this stage, to go with the device as is and market more capable devices at a higher cost tier that are more inline with those offerings from QNAP or Synology.

My Roku 3, high end sony and samsung blu-ray players, and high end samsung smart tv will not fast forward, rewind, or pause any video that I have tried streaming from Twonky, and I have tried many, many formats. The Twonky server has always been basically useless and WD voids our warranties if we attempt to install anything any better. I actually spoke to customer service about this and it is normal op for the version of Twonky on our WDclouds. It is a bare bones, no frills version that is not intended to integrate with devices or provide playability such as fast foreward, pause or rewind.

Actually, I feel that my cloud getting hacked is a very, very good description of what actually happened. In 35+ years I have never had any of my hardware penetrated and manipulated the way my WDcloud was hacked. It’s like there are no safeguards, security, or protection whatsoever for the Public folder which is absolutely ridiculous. Coupled with the fact that numerous others have complained about these very same issues over the years with absolutely nothing being done about it is very dissappointing. For someone to have been able to penetrate and manipulate my Public folder the way they did is a very grave and very severe problem that needs to be corrected now. Not when WD gets around to it, if ever,  

Thanks again for your suggestions. Nothing you are saying that works for you actually works for me, but I will test all processes again and will report back my finding.

AJ777 wrote:

My Roku 3, high end sony and samsung blu-ray players, and high end samsung smart tv will not fast forward, rewind, or pause any video that I have tried streaming from Twonky, and I have tried many, many formats.

Are you using the Roku Media Player on your Roku 3. Have you tried using an encoder like the free Handbrake program to encode video files? Is Twonky incorrectly recognising the Roku as some other Media Receiver Type? (See the Twonky UI -> Sharing -> Media Receivers .)

Using a Roku 2 XS with the Roku Media Player channel I have no problems fast forwarding, rewinding, pausing video content stored on the WD My Cloud. When there is a problem playing video it is 99.9% of the time a problem with the video file itself with either how it was encoded or was something like a 4K HD video. Running the video file through Handbrake usually fixes encoding problems. Otherwise no problems playing 720 and 1080 video resolution videos through Twonky. I also have my Roku hard wired as I ran into problems time to time with WiFi (Wireless N) trying to keep up for higher bitrate video files.

Agreed, but for the $343 i vested the media server should fast forward, pause, and rewind my video on all my devices like the other half dozen media servers I have tried. Also, I should be able to readily secure all my folders without completely crippling the functionality of the device. That does not seem like too much to ask for.

Yes, I have tried all the available server apps on the Roku 3. None of them, or the Roku 3, integrate satisfactorily with Twonky. I even tried the Twonky app on the Roku but it does not even complement the Twonky media server. It has some other sort of odd beaming function or something.

My Sony Blu-ray player is known for playing and integrating with basically everything on the market which is why I purchased it. The only server, out of many, that I tried that it does not integrate with is Twonky. I tried all the most well known media servers. Also, as I already mentioned, the que/review/pause functions will not work on my Samsung smart TV or Samsung Blu-ray player with any of the numerous formats I have tried.

WD really skimped out when they selected Twonky. It is by far the worst media server I have ever used. It is nearly completely dysfunctional as far as integrating with any player. It’s great though If you want to just use the stop and play buttons because that is all that is going yo work.

I’ve used the Twonky media server with the followings apps:

Linn Kinsky

UPnP Monkey

UPnPlay

BubbleUPnP

XBMC/Kodi

AirWire

DLNAPlayer

AirPlay

DroidUPnP

MediaMonkey

I settled on BubbleUPnP, Kodi and Kinsky, running on plain vanilla Android devices, and, for Kinsky, an iPad and a PC.

I can pause, fast forward and rewind in these apps, and I don’t recall having trouble with the others I tried.

I’m certainly not a WD or Twonky apologist, but I simply haven’t experienced the problems you are having. Granted, I’m not using a Sony Blu-ray player or Samsung TV.

Agreed. Most Android apps will play pretty much any video from any server, but I prefer to watch video on my TV not my phone. I did not mean to include my phone when I spoke about Twonky not playing on my devices since it is such an impractical viewing medium.

I don’t have a smartphone. I have a cheap Android media box connected to a dumb 40" TV. I chose this over a ‘smart TV’ because of the limited app availability, limited app update, weird UI and overpriced nature of ‘smart TV’ and similar devices.

cpt_paranoia wrote:

I don’t have a smartphone. I have a cheap Android media box connected to a dumb 40" TV. I chose this over a ‘smart TV’ because of the limited app availability, limited app update, weird UI and overpriced nature of ‘smart TV’ and similar devices.

Yes, I hope to get an HTPC someday. They still are very costly, not very reliable, and require a lot of, and constant jerry rigging to keep everything working right. I love my Blu-rays, my Sony player and my 7.1 DTS HD Master and TruHD surround sound. My Sony Blu-ray player has never failed me with exception to playing any Twonky video files from my WD Cloud. Also, my Mezzmo media server has streamed all of my media to all of my devices without issue to include my WiFi hogging .m2ts Blu-ray video files. All Samsung AVware seems finicky due to poprietary streaming issues or something but it is still very nice having built-in streaming. It is slow but muddles along. I would never buy a Samsiung AV device again though.

Yeah, there’s really not very good a solutions yet for streaming. My Roku and Samsung definitely leave a lot to be desired. A good HTPC is probably where it’s at if you have the time to fiddle with it.

AJ777 wrote:

Yes, I hope to get an HTPC someday. They still are very costly, not very reliable, and require a lot of, and constant jerry rigging to keep everything working right.

Yeah, there’s really not very good a solutions yet for streaming. My Roku and Samsung definitely leave a lot to be desired.

This really isn’t the case anymore. Both Plex Server/Plex Home Theater and Kodi are pretty straight forward to setup, even on moderately older PC’s that meet the system requirements. One can build a HTPC for under $300 these days (probably even under $200 if one can find deals).

Been running Plex on an old unused Dell Vista OS PC that has a Core 2 Duo E6700 with 4GB RAM for a couple of years now. Initial setup wasn’t a problem at all. Only problem, and it was a minor one, was getting some of the “unsupported” channels installed.

Some have no problems streaming with the Twonky server on the WD My Cloud. Others, like in your case, do. Both of my Roku’s along with a family member’s Roku have played everything we’ve thrown at it from two different WD MY Clouds so long as it was properly encoded in a Roku supported format.

One can build a HTPC for under $300 these days (probably even under $200 if one can find deals).

My Android media box cost me £35 delivered…

The only app I’ve paid for is BubbleUPnP, which cost £3.06 for unlimited licences; I have it running on six devices…