so, apparently the encrypted passwords that you can turn on on your external harddrives have serious flaws and are actually very easy to break into making your data not as secure as you may think…
"Western Digital self-encrypting hard drives riddled with security flaws
Encrypted data is often easily recovered, in some cases with no password required.’
“Western Digital encrypted external hard drives have flaws that can expose data
Researchers found serious flaws in the encryption implementation on Western Digital external drives”
The units were designed for security and data-theft prevention. Hardware encryption and/or hardware failure are no issues when you keep a backup of your data.
so if they were designed for security and data theft prevention then why is there massive flaws in the security on these harddrives? My point is If someone steals your harddrive you may think your data is perfectly safe but if the security is flawed then nothing on there is actually protected…
This article is from Oct 21. 2015 and WD was in dialog with the researchers.
What is done in this 9 month? Can we as users do anything (firmware update, new chip from store…)
apart from encrypting files with VeraCrypt again?
If this topic becomes active again, I hope this idea will get the attention of WD:
Please develop storage devices with open source encryption code and using cascaded encryption for maximum security, guaranteed free of back doors like VeraCrypt is (the successor of TrueCrypt).
Hardware encryption built into drives is apparently faster than using encryption software alone.
If the cascaded encryption is performed by the drive (hard disk or SSD) itself, this would offer very robust security. But the code would need to be open source to prove there are no “back doors”, NSA or GCHQ code or major flaws. VeraCrypt claims that its open source code proves there are no “back doors” in the code (read the section "Why is VeraCrypt open-source? What are the advantages?
"): VeraCrypt - Free Open source disk encryption with strong security for the Paranoid
Most users would not know how to enable the hardware encryption. Why can’t it just be enabled with a BIOS password? No need for expensive software or “Professional” versions of Windows, so the drive can store different operating systems and still be accessible.
In case anyone’s wondering why not just install VeraCrypt? It’s good, but software encryption is (much) slower than hardware encryption.
