WD SmartWare Security: Encryption - what is encrypted!

Hello folks,

first off all I’m new here but I registered because I’am a bit worried about how strong the WD Hardware Encryption really is. So I recently bought a WD My Passport Ultra 2TB primarly because it supported Hardware Encryption.

Now the first thing that bothers me is, that there is NO support for Linux. I’m really dissappointed about this, (should be not toooooo difficult to just provide the community a command line tool to unlock their drives)

And second, I really want to know if my files are encrypted, or what is actually encrypted with AES256? I read it this post -> http://community.wd.com/t5/WD-Software/WD-SmartWare-Security-Encryption/td-p/576629#

that the files themselves are not encrypted?

So how can the data then be safe and unrestorable? If professional data recovery companies can access the files, (maybe by changing the controller sw and other stuff) do they have full access then to the data?

I hope some staff member can enlight me and tell me what the WD SmartWare Security actually encrypts?


Sorry if this sounded a bit rude, but I was just a little shocked when I saw that topic above and had to read that the files are not encrypted!!!

Hi SebbaG, if the hard drive is not unlocked, it is not possible to access your files, even with a data recovery program.

Hi Ichigo,

first of all, big thx for your answer. But still I’m not completly satisfied with it. I still wonder what is actually encrypted with AES 256 bit? Because the product is advertized using hardware encryption and it is not encrypting the files themselves - as stated in the other topic.
So my question remains, what is encrypted with AES256?

Because if it’s just the filesystems metadata (superblock, inodes etc.) then with some knowledge and file carving techniques it is indeed possible to recover  the data.
That’s why I want to know what actually is encrypted on the technical end to be sure that my data is safe!

Hope someone can answer me this question more technically… thx in advance!

Files are encrypted as soon as they enter the drive as the drive itself is always encrypted at all times. That’s why data recovery is near impossible from these drives even if you take the drive off the case.

hi pizzamatrix,

thx for your answer as well
So you say that the files on the drive are always encrypted at all the times. So even if encryption is disabled they are encrypted?

  1. This would explain why there is an instant turn on/off of the  encryption function possible (without reencrypting the files)

-> If I assume this, I would further think that the password we enter to encrypt the files later on, is simply encrypting the drives “MasterKey” is that correct?

SebbaG wrote:

hi pizzamatrix,

thx for your answer as well
So you say that the files on the drive are always encrypted at all the times. So even if encryption is disabled they are encrypted?

Yep.

SebbaG wrote:

  1. This would explain why there is an instant turn on/off of the  encryption function possible (without reencrypting the files)

 

-> If I assume this, I would further think that the password we enter to encrypt the files later on, is simply encrypting the drives “MasterKey” is that correct?

Yep.

1 Like

ok, now I understood. Thx this was the answer I was looking for…

So lets hope the Master-Key is unique for each drive and not saved by the manufacturer
Well Security always needs trust in the first case :smiley:

so, if there will be hopefully some day support for linux, I will be completly happy! :wink: