Most news sites are reporting about bad security in Western Digital hard drives. As presented at Hardware.io the other week, and from the Full Disclosure mailing list from a few days ago, excerpt below:
Authors: Gunnar Alendal, Christian Kison, modg
Vendor notification: The vendor has been informed of the research.
Patches: The authors are not aware of any fixes.
Research on Western Digital wide-spread self-encrypting hard drive series “My Passport” / “My Book”. Devices researched utilizes mandatory HW AES encryption. Multiple vulnerabilities, including:
* Multiple authentication backdoors, bypassing password authentication
* AES factory key recovery attacks, exposing user data on all affected devices, regardless of user password
* Exposure of HW PRNGs used in cryptographic contexts
* Unauthorized patching of FW, facilitating badUSB/evil-maid attacks
Architectures researched (USB Bridge Vendor – Chip model – Architecture):
JMicron – JMS538S – Intel 8051
Symwave – SW6316 – Motorola M68k
PLX – OXUF943SE – ARM7
Initio – INIC-1607E – Intel 8051
Initio – INIC-3608 – ARC 600
JMicron – JMS569 – Intel 8051
Click to access got-HW-crypto-slides_hardwear_gunnar-christian.pdf
http://seclists.org/fulldisclosure/2015/Oct/79
https://threatpost.com/academics-find-critical-flaws-in-self-encrypting-hardware-drives/115103/
http://www.theregister.co.uk/2015/10/20/western_digital_bad_hard_drive_encryption/
Firmware Security 