WD's MyCloud vulnerability

Please do be polite and don't spill my beer

Moderator: The Kurators

User avatar
Mr Onion
Site Moderator
Posts: 4633
Joined: Sun Feb 23, 2014 3:13 pm
Location: Between two Keilidh's

WD's MyCloud vulnerability

Post by Mr Onion » Tue Jan 09, 2018 11:45 am

... and the list goes on
A SECURITY RESEARCH COMPANY has published details of vulnerabilities it has found in a number of Western Digital's MyCloud devices.

Gulftech Research and Development's James Bercegay explains that despite contacting the company back in June, there is to date no patch available for any of the patches.

The news is on top of the 85 (!) vulnerabilities uncovered last year.

https://www.theinquirer.net/inquirer/ne ... ven-longer
James
_________________

Fluted Afro LP12, Khan, Kore, Cirkus, Tranquillity, Trampolin2, Radikal (with Allium Skin Mods), EKOS SE/1, sKale, DVXX-2mkII, HoL Mat

Lots of black boxes connected with bits of damp string.

User avatar
LD100
Full Member
Posts: 131
Joined: Sun Jun 18, 2017 10:57 am
Location: Chicago, Illinois USA

Re: WD's MyCloud vulnerability

Post by LD100 » Tue Jan 09, 2018 4:06 pm

I for one miss the simpler time, when all there was to fear was "do not fold, spindle or mutilate".

Image

:shock: :smt023
Original 1978 Fluted Afromosia LP12, Ekos 2, Lyra Kleos SL and lots of other stuff from the 70's that still work fine.

User avatar
evil_C
Full Member
Posts: 1361
Joined: Tue Apr 28, 2015 3:14 am

Re: WD's MyCloud vulnerability

Post by evil_C » Sat Jan 13, 2018 5:21 pm

Am I the only one not to know what's going on in that picture?

Wenge1
Full Member
Posts: 3233
Joined: Mon Feb 24, 2014 5:26 pm

Re: WD's MyCloud vulnerability

Post by Wenge1 » Sat Jan 13, 2018 5:31 pm

evil_C wrote:
Sat Jan 13, 2018 5:21 pm
Am I the only one not to know what's going on in that picture?

Looks like the old program cards that were punched in a sequence to make a machine code. Of course that m9ght just be a load of old cobblers ......... :roll:
.
.
Harban 'Wenge' Cymbiosis Signature LP12, Klimax Radikal / Urika, Karmen, Tranquility, Rubikon, Ekos SE, Skale, Krystal. Sarum Super Array IC's. Chord Signature speaker cable

dCS Puccini CD Player

KK/1(D), Klimax Twin (D), ProAc Response D2's
.

User avatar
LD100
Full Member
Posts: 131
Joined: Sun Jun 18, 2017 10:57 am
Location: Chicago, Illinois USA

Re: WD's MyCloud vulnerability

Post by LD100 » Sat Jan 13, 2018 9:03 pm

evil_C wrote:
Sat Jan 13, 2018 5:21 pm
Am I the only one not to know what's going on in that picture?

It's never funny when you have to explain it...but...

Once upon a time, when International Business Machine (IBM) was just starting off to become the business automation giant of the world, it used what would be called IBM cards to transfer data in and out of large main frame computers.

Normal citizens might get one of these cards with their bills, and they were stamped with the words "please do not fold, spindle or mutilate"...as doing so would keep them from being read by the automated card readers and slow down the processing of your payment toward your bill. This would be the opposite of the desired effect of automation, which was to speed up payment from the customers to the businesses.

And yes, I worked with these machines in high school and at university, writing programs in COBOL (common business-oriented language)...a time without exploited program vulnerabilities...

I'm so old I scare myself. :shock:

Image
Original 1978 Fluted Afromosia LP12, Ekos 2, Lyra Kleos SL and lots of other stuff from the 70's that still work fine.

User avatar
evil_C
Full Member
Posts: 1361
Joined: Tue Apr 28, 2015 3:14 am

Re: WD's MyCloud vulnerability

Post by evil_C » Sun Jan 14, 2018 12:48 pm

Thanks for the explanation. I must have been just marginally too late to have encountered such delights.

HiFi Kabin : Disclaimer