
Western Digital My Cloud drives have a built-in backdoor - swift33
https://www.techspot.com/news/72612-western-digital-cloud-drives-have-built-backdoor.html
======
trengrj
For reasons like this I built my own NAS from scratch using a server and ZFS
(admittedly using Western Digital red drives). I don’t believe consumer NAS
vendors have the capability to properly patch and secure web interfaces and
I’d extend this to Synology and QNAP as well.

Additionally NFS and SMB are very complex protocols and difficult to setup
correctly. NFS without Kerberos provides only very basic whitelisting
security. Adding Kerberos means you need active directory or something like
FreeIPA and a scary amount of configuration (DNS server requirements, client
side Kerberos config etc). I went down the whole Kerberos route and at the end
decided mounting via ssh was far simpler and probably more secure. I would
only trust a very technically competent vendor to do this well and don’t know
if one exists.

~~~
chopin
Interesting. That is exactly the route I have gone through: Setting up Active
Directory with Samba in a mixed environment (Linux servers and Win 7 clients).
I now happily run Linux Mint clients connected via sshfs.

Setting up Kerberos was a nightmare. Also, it is very hard to reason whether
your SMB connections are safely encrypted with the specific settings one
chooses. The protocols are complicated and the settings opaque. A lot of Stack
Overflow is involved.

------
QuinnyPig
Yikes. This is why historical responsiveness to this type of issue is so
important during vendor selection. WD appears to have left its customers out
to dry.

------
tinus_hn
Party like it’s 1999. It’s been a long time since I saw a device this bad.

