Re: Anybody have accessible NAS recommendations?


Luke Davis
 

While I don't know anything about that particular gear--I have always built my own NASes using Linux--I will say that I would have misgivings about buying a piece of 2013 computing equipment of any kind.

If it is not still receiving security patches, I would definitely not buy it. See the conversations here recently about Windows XP. Embedded systems are often even worse than old operating systems, when it comes to security and patching security holes.

So if that thing has an ARM, Intel, or AMD processor (or one of several others), for example, and it hasn't received 2018 software updates, it's vulnerable to several processor level hacks that can allow someone to read anything in its memory. That aside, depending on what software it's running, it could even become part of a botnet, like most Windows XP systems are.

So be very careful with buying old equipment like this. If it's not still getting software updates, stay far away from it, or only use it in a situation where it never touches the internet.

Some links:

read the comment by archagon, and some others: https://news.ycombinator.com/item?id=8128521

And perhaps: https://arstechnica.com/civis/viewtopic.php?f=2&t=1247263
https://www.reddit.com/r/synology/comments/9qzooz/hacked_2_factor_authentication_doesnt_prevent/

Luke

Join nvda@nvda.groups.io to automatically receive all group messages.