Apparently to be able to access my WD My Cloud Home NAS on my M1 MacBook Air I will need to enable kernel extensions. This appears to reduce security somewhat, but I don't understand by how much. Can someone explain with the risks would be?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
WD Discovery requires kernel extensions
- Thread starter BulkHedd
- Start date
- Sort by reaction score
Kernel extensions have access to everything on your computer. You are explicitly trusting the developer completely. Also kexts can cause kernel panics or open security holes. In the case of a well known corporate entity you are probably safe from spying/malware attempts but I’d look for reviews to find out the quality of the extension.
Edit: Not the same device but maybe an example of the quality you can expect.
WD My Book Live users wake up to find their data deleted
Yeah, that's what I was afraid of. According to WD my device is not affected due to newer security architecture. I'm still not too sure about enabling those kernel extensions.
I wouldn't worry so much about security when it comes to WD or another well-known company/group, just be careful not to allow everything that requests to install kernel extensions - that's when then the security problems start. That said, I would worry about crashing or other bugginess starting up though. If you start to notice problems and can link it to the kexts that install you can always remove them later. All of the kernel-panics/crashing problems I've had on my M1 Mini were related to kernel extensions.
As for data disappearing : backups and backups of backups + the most important things into the cloud. Never trust anything.
As for data disappearing : backups and backups of backups + the most important things into the cloud. Never trust anything.
Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.
Wizcase said the flaw it found in MyBook devices also may be present in certain models of WD MyCloud network attached storage (NAS) devices, although Western Digital’s advisory makes no mention of its MyCloud line being affected.
The vulnerable MyBook devices are popular among home users and small businesses because they’re relatively feature-rich and inexpensive, and can be upgraded with additional storage quite easily. But these products also make it simple for users to access their files remotely over the Internet using a mobile app.
I’m guessing it is primarily users who’ve configured their MyBooks to be remotely accessible who are experiencing these unfortunate drive wipes. Regardless, it’s probably safest to observe Western Digital’s advice and disconnect any MyBooks you have from ethernet access.
If you’d still like to keep your MyBook connected to your local network (at least until you can find a suitable backup for your backups), please make double sure remote access is not enabled in your device settings (see screenshot above).
I used to use one of these for daily Time Machine backups years ago. I'm very glad that I no longer do.