Given how notorious the Chinese government is in forcing local companies to add spyware to their products or store encrypted data for future decryption when quantum computers will become more feasible (e.g. Huawei), how secure do you think their Terramaster NAS products are? Is it worth the cost or is it best to just steer clear of these?
Yes. Next question.
ANYTHING from china is suspect.
I got a Terramaster but I installed OMV on it. Is it still risky ?
yes…because you can’t know if an exploit or backdoor isn’t baked in to the hardware of the device.
hot take:
it doesn’t matter if China has your data, it matters if the USA does
I’m not a chinese citizen
Pribably
There’s no such thing as a “Privately Owned Business” in China…the CCP will always be a shareholder
Absolutely
Having recently purchased a really nice looking piece of network gear with all the features I wanted at a very low price from a Chinese vendor that had absolutely no existing reputation I was aware of, my experience was enlightening with the final lesson being re-taught: you get what you pay for.
If your use case is within the boundaries of the equipment’s quality limits then you will probably do fine, but I suspect if you try to explore the more complex features of the equipment you will find out where the lack of effort and cost reduction comes from.
how secure do you think their Terramaster NAS products are
I don’t think this would be any less secure than any other consumer vendor device. I just don’t think you’d be able to get much help if anything is broken, and I wouldn’t expect to see any fixes for bugs.
You definitely should not put something like this directly on the Internet, and that advice isn’t limited to Chinese hardware. It is pretty easy to limit a device like this from “phoning home” at your Internet edge if you’re concerned with such things.
Given how notorious the Chinese government is in forcing local companies to add spyware to their products or store encrypted data for future decryption when quantum computers will become more feasible
rofl you live in the UK. worry about MI5 and GCHQ, not President Xi, as they are doing that shit to you right now and actually have the capacity to arrest you!
Are you storing data that the Chinese government would be interested in?
if its not allowed to route out, who cares? 🔥wall it off
Better than the CIA watching your back and notifying the IRS.
Commun sense people
Stop buying just bc is cheap.or has a new tech or proccesor etc
Unless you dont give two cents about what you store or what network you plug it in
Yes. Always yes.
You can easily and relatively cheaply build a NAS with something like TrueNAS or just a Debian file server that I would trust a lot more than anything off the shelf made with closed source code with who knows built in.
There’s an old joke in infosec about wanting firewalls made by every different nation. You want a Cisco device, that has back doors for the Americans, a Huawei device that has Chinese back doors, and a Juniper device with Israeli back doors. Put them all together and you should be good
No no no, that’s not good enough. You also need a Palo alto because all the cool kids are running it and a pf sense for good luck
Don’t forget an EDR solution because the execs are too embaressed to ask what it means so they buy it to save their egos
EDR, XDR throw money at all the acronyms :D
Something AI powered too for good measure, I presume. Ahem. “AI”.
Don’t forget some WAPs.
I’m not too proud to admit I don’t even know what that is. Someone take my IT credentials away
Wireless Access Point. Maybe it’s used more in a networking environment. But Cardi B stole this acronym.
Doesn’t everyone just google it to remember anyways?
That’s the problem with so many acronyms in networking
Juniper is Israeli? I didn’t know that
Now that you mention it, it’s Checkpoint. I got them mixed up. Corrected
Silicom is Israeli too, as was Mellanox before the Nvidia acquisition.
rofl - Americans are getting smarter.
Are you calling me American bro?