Given how notorious the Chinese government is in forcing local companies to add spyware to their products or store encrypted data for future decryption when quantum computers will become more feasible (e.g. Huawei), how secure do you think their Terramaster NAS products are? Is it worth the cost or is it best to just steer clear of these?
Yes. Next question.
ANYTHING from china is suspect.
I prefer devices that might be compromised by the Chinese government to those possibly compromised by the US government. If the PRC has significant influence over my life, it’s probably because of WWIII, whereas the USA screws me over enough as is.
Genuinely asking: in case the device actually has a malicious back door (et similia threat), can it be reflashed with an Open Source OS?
If you take it and install UNRAID or your own choice of Linux server it should be safe. If you’re super worried just block it from the internet.
With all those “smart” devices (Including Internet of Crap), the rule of thumb is to put them on their own VLAN. Then put network filtering in place, such that nothing can talk out of this VLAN. And all you client devices that needs Internet access can then talk to them in the other VLAN.
You could allow specific destinations for them, but even DNS, it is better to just have a service exposed to them that only uses a hosts file to avoid VPN or exfiltration over DNS.
That is best practice. If you want to run a software update, you can open up, and update, and close down again.
Security is about being paranoid.
Interesting, can you share some literature on how to do this or give me some queries to use in Google.
You just need something that can act as firewall betweent he 2 networks, say a Linux box, and then have different SSID for secure and china devices, and VLANs.
OpenWRT is a good thing to have on your APs.
VLAN and firewall are the things to google.
I had to do this with an NVR security camera system I got off Amazon. The NVR
iswas constantly sending data to servers in China. Using pfSense I put it on it’s own VLAN and used firewall rules to stop it from reaching the internet. I also setup an OpenVPN server so i can access it remotely when away from home.
As long as you are ok with it, the Chinese are ok with it.
What Terramaster data security and user privacy? Replace their wretched TOS with a vanilla Linux distro, case closed.
Commun sense people
Stop buying just bc is cheap.or has a new tech or proccesor etc
Unless you dont give two cents about what you store or what network you plug it in
Are you storing data that the Chinese government would be interested in?
Under sensible configuration they can be OK. If look at it from vulnerability perspective, most of those devices are running Linux of some sort, so they all are vulnerable, unless updated frequently. A lot of vulnerabilities can be used to create backdoor, so it’s like one more or one less. But if you cut it off from internet and access it only from LAN or VPN, how those vulnerabilities will affect you? If there is opensoyrce firmware for it, like true storage or openwrt, that should cover you from built-in backdoors. I would only question hardware quality.
There’s an old joke in infosec about wanting firewalls made by every different nation. You want a Cisco device, that has back doors for the Americans, a Huawei device that has Chinese back doors, and a Juniper device with Israeli back doors. Put them all together and you should be good
Juniper is Israeli? I didn’t know that
Now that you mention it, it’s Checkpoint. I got them mixed up. Corrected
Silicom is Israeli too, as was Mellanox before the Nvidia acquisition.
No no no, that’s not good enough. You also need a Palo alto because all the cool kids are running it and a pf sense for good luck
Don’t forget an EDR solution because the execs are too embaressed to ask what it means so they buy it to save their egos
Doesn’t everyone just google it to remember anyways?
That’s the problem with so many acronyms in networking
EDR, XDR throw money at all the acronyms :D
Something AI powered too for good measure, I presume. Ahem. “AI”.
Don’t forget some WAPs.
I’m not too proud to admit I don’t even know what that is. Someone take my IT credentials away
Wireless Access Point. Maybe it’s used more in a networking environment. But Cardi B stole this acronym.
rofl - Americans are getting smarter.
Are you calling me American bro?
There’s no such thing as a “Privately Owned Business” in China…the CCP will always be a shareholder
I mean, aren’t QNAP and Synology Chinese manufacturers too?
Absolutely
i audible said “what. the. fuck.” reading this.