Seagate Drives At Risk Of Data Theft Over Hidden Root Account

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Those who are running certain wireless Seagate drives should update their hardware to the latest firmware right away; flaws have been found that could give attackers access to the device.

The vulnerability is just one of many flaws in three wireless hard drives manufactured by the company, the advisory said. Other flaws included in the advisory allow an attacker to "directly download files from anywhere on the file system." Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and the company's LaCie Fuel hard drives are said to be affected by the flaw.
 
Well this assumes you can even get them to last long enough to be affected. I have replaced 25 seagates from our SAN arrays in the past year alone.
 
Does it seem a little bit silly that the device is designed in such a way that this sort of vulnerability is even possible?
 
Succumbing to
Entropy
At a
Godawful
Alarming
Trot
Everyplace
 
Dear Seagate,




never.jpg
 
Seagate wireless hard-drives provides undocumented Telnet services accessible by using the default credentials of 'root' as username and the default password
Click to expand...
Don't buy wireless harddrives... build your own NAS.
 
Seagate: The only drive vendor with multiple ways to lose your data!
 
damicatz said:
Why are you using SATA drives for a SAN array?
Click to expand...

I use SATA drives (enterprise level drives only) in almost all the drive arrays at the office.
It's a small company, but very data heavy, so I need capacity (and price/TB) over performance.
If both drives are 7200 RPM there really isn't much difference in performance.

The price of SAS drives have been dropping, and are now close to the cost of enterprise SATA drives, so I might have to look at SAS again.
 
You must log in or register to reply here.
Back
Top