Warning to customers with new WD hard drives

Newer WD External drives come with password protection and 256-Bit encryption as standard. Even if a password is not set the encryption is still applied to the data written to the drive. The 256-Bit encryption is controlled by ROM on the USB controller. On portable USB powered hard drives the encrypted ROM is on the actual hard drive. On external desktop drives the ROM is on the interface controller within the external case.

Make sure you keep hold of the external case the hard drive was in. Although not always needed, it could be  important later on. If you’ve lost data, have a look at our Western Digital Data Recovery service.

5 Replies to “Warning to customers with new WD hard drives”

  1. I have seen such ‘encryption-schemes’ on USB flash-drives and it’s a big joke : The ONLY thing that password does is prevent mounting of the storage-area until entered,
    as specified in the ATA-security extensions .

    1. Martin, I will clarify how these disks work. The external hard drives contain a regular SATA hard disk and a small electronic interface board with USB / eSATA connections. If you buy one of these drives and use it straight from the box, the data is encrypted on-disk by the external controller electronics (USB/eSATA interface card etc). The encryption key is stored on the external disk controller board, not the hard disk PCB. If you disassemble the external case, and attach the SATA disk to a SATA port on a PC, the data will be unreadable due to the encryption. The disk is not ATA locked, and every sector is readable, but cannot be deciphered due to the encryption. If you re-attach the hard disk to the interface board and connect to the PC using USB, the data will be readable straight away, as the disk gets decrypted on the fly by the interface board.

      If, instead of using the disk straight from the box you decided to set a user-password for the encryption, the data will instead be encrypted using that key. (or at least a key generated from the password.) If you disassemble the external case again, and attach the hard drive to a SATA port, the disk is still not ATA locked. The sectors are still accessible and the data is still not readable. The difference is that it now uses a user-generated key. If you re-attach the hard disk to the interface board and connect to the PC using USB, instead of decrypting on the fly, the software will prompt for the user-password. This is using proprietary WD software and nothing to do with ATA passwords or the ATA spec.

      In essence the default encryption is certainly not provided for reasons of security. (The user-generated code should be fine, unless there are known backdoors.) We could think of two possible reasons for default encryption. Either to make fast erasure extremely quick – simply creating new encryption keys would render all previous data unreadable. Or, to prevent people swapping the disks between different cases.

      This information has been gathered over many years, over many hundreds of disks. Please let me know if this makes things any clearer.

  2. So, the user-set password has nothing to do with the actual encryption,but is ‘just’ a ATA-security password
    preventing the drive from mounting until entered ?

    1. Actually the user-set password is encryption too. But the data is encrypted by default even if you don’t set a password. It seems strange as the data is automatically decrypted when read anyway, so not really protecting you at all unless you set a user-password. Basically the encryption is just tying the bare hard drive to the USB interface.

      1. Maybe I wasn’t making myself clear enough ?

        If the data is encrypted no matter if you set a password or not, then clearly the password has nothing to do with the actual encryption-key, the encryption-key must already be on the device and is NOT set by the user .

        It’s a pretty big deal, if you have not generated the key yourself there is absolutely NO guarantee that it is secret or even unique . For all we know, they could be re-using the same key over and over ?

Leave a Reply

Your email address will not be published. Required fields are marked *