Terry said:
May thanks. I'll try some analysis along those lines, as I do have PE
(although I've not used its more advanced features before). Also ProcMon,
although that generated a daunting flood of obscure entries when I've
tried it before for other detective work.
One thing I have done since my post is to open the drive's properties in
Device Manager and change the setting to 'Optimize for Performance'. I've
also switched off Indexing as Paul in Houston suggested.
BTW, in Device Manager I couldn't see how to distinguish the two entries:
WD 10EAVS External USB Device from their descriptions.
WD My Book 1140 USB Device
Those don't appear in Computer Management. And Device Manager doesn't
specify capacities. So there's no cross-reference unless I'm missing
something?
Yes, but you don't have an "ordinary" enclosure. Actually, it's the
combination of features in the drive, plus the enclosure approach,
which makes the product different.
http://community.wdc.com/t5/My-Pass...age-WD-SES-Device-USB-Device/td-p/2852/page/2
You have an external drive, which appears as a composite device.
Apparently, there is a "virtual CD" in the thing, with WD SmartWare
software in it. Your enclosure also has a new entry, for
"SCSI Enclosure Services". The purpose of the virtual CD, is to offer
software to use the advanced features of the drive+enclosure.
http://community.wdc.com/t5/My-Book...-not-Initialize-because-its-write/td-p/186856
Apparently, you can "hide" the virtual CD, but not really get rid of it.
There is no firmware flash to blow it away. There *are* firmware
updates for the enclosure though, which may work out some of the kinks.
There is a move afoot, to support drive encryption in *all* hard drives,
at some point in the future (I saw this in an industry wide press release).
Perhaps this kind of USB enclosure chip, is an indication of how they hope
to support new features like that. Maybe in fact, all high capacity drives
now support encryption, and I just don't know about it ?
"Security:
As mentioned above, the new WD drives come standard with password protection
and 256-bit hardware-based encryption. When I spoke to WD a few weeks back,
they were pretty adamant about erring on the side of total security. Thus,
WD never receives your drive’s password. In other words, you are the only
person who knows the password. Should it be lost, the drive will remain
locked or must be re-formatted to use again."
As far as I know, the encryption feature will be inside the drive
controller chip on the hard drive itself. It's when that is enabled,
there could be surprises.
That's an example of the brave new world we're headed to. I'm kinda curious,
where the support for this will come from, on older desktops, when using
internal drives. Will malware be able to load a password, and hold
a drive hostage ? Will the BIOS be able to lock out access to it ?
It's too bad, in articles like this, they don't describe *why* they need
this feature.
http://wdc.custhelp.com/app/answers...it-needed,-and-how-to-get-the-driver-popup-to
*******
There is a suggestion here, that if the hard drive is removed from
that enclosure, and installed in your computer, you will *lose access* to
the data on it. That tells me, the hard drive has encryption features,
and the removal from the enclosure, removes whatever support the USB
chip provides. The USB chip is not the thing encrypting the disk, but
it could be, that the "SCSI Enclosure Services" are what program the
encryption (provide a way of sending the password to the drive, for
usage as an encryption/decryption key). (An older desktop computer,
might not have BIOS support for such a thing, and stuffing the raw
drive into an old desktop, might not give the opportunity to use
a password.)
http://community.wdc.com/t5/WD-Smartware/Demand-fix-for-Smartware-Rootkit/td-p/2719/page/4
Imagine what a mess this is going to make at Data Recovery firms.
"No, sir, we can't recover your data. AES256..."
*******
I don't understand all the details of this yet, and the only reason
for throwing in these tidbits, is to suggest extra care when
dealing with your new hardware. It could mean, for example,
if the enclosure part of the product fails, and you have a
perfectly good hard drive, you could lose access to the data.
That would be, unless you can find a means to pass a password
to it, before accessing it.
The screenshot here, for SmartWare, shows it has a place to set
a drive password. And I wonder, if not setting a drive password,
leaves the drive unencrypted enough, such that moving the drive
mechanism into the host computer, still works ?
http://web.archive.org/web/20100102...products/wdsmartware/images/scrn_settings.jpg
I can also find an example of a PDF manual for one of their drives.
There is a software option, to only provide access to the password
setting, with less of their other software cruft.
http://www.wdc.com/WDProducts/Library/UM/ENG/4779-705020.pdf (pg.33 top)
I can see how they're suckering people into SmartWare, by only
providing USB3 on the essentials column.
http://www.wdc.com/en/products/external/desktop/
Sorry for going off on a rant, but I'm not that happy with the
hard drive industry "stealth" approach to adding features. I hate
to have to learn about this stuff, when it "fails in my face".
Previously, it as "4K sectors" and then "512e" and all the
associated alignment issues for older OSes like WinXP. I could
detect issues on the 512GB drives I was buying, but could never
be sure whether "4K sectors" was the underlying issue.
Encryption is a two edged sword. It prevents others from seeing
your data (good). It can prevent you from seeing your data (bad).
Once encryption technology is present, or forced on you, as
the case may be, you *must* use industry best practices, to
protect yourself. On EFS, that might be preparing a key disk for
example, and putting it away in a locked cabinet. I don't know (yet),
what the equivalent would be for this situation. What the gotchas
might be.
Paul
