←back to thread

The Synology End Game

(lowendbox.com)
452 points amacbride | 7 comments | 29 Aug 25 06:37 UTC | HN request time: 1.356s | source | bottom
Show context
bayindirh ◴[29 Aug 25 08:13 UTC] No.45061490[source]
I'm looking for a NAS for a very long time (budget, size, network, etc.), but when I was ready to pull the trigger on a Synology, they did this, and I dodged a bullet.

Long story short, I'll be buying an ASUSTOR AS6804T, and if I don't like the software, I'll just install TrueNAS on it. It's not only officially supported, they have a full length video showing the process. They don't provide tech support, but eh.

Icing on the cake? The eMMC storing the original firmware sits on its own USB port, so you disable that port, and both disable and protect the firmware from being overwritten.

If you want to return to original firmware, enable the port, remove the TrueNAS SSD, and viola!

replies(3): >>45061540 #>>45061742 #>>45061779 #
1. lmm ◴[29 Aug 25 08:49 UTC] No.45061742[source]
Asustor were pretty useless when mine stopped working, and had a pretty bad ransomware incident where they did a lot of blaming users for their own buggy software. I won't be buying from them again.
replies(2): >>45061828 #>>45062040 #
2. bayindirh ◴[29 Aug 25 09:03 UTC] No.45061828[source]
I can just install TrueNAS and be happy, though. I'm not afraid of configuring things.
3. re ◴[29 Aug 25 09:39 UTC] No.45062040[source]
I looked up the ransomware attack out of curiosity: https://www.bitdefender.com/en-us/blog/hotforsecurity/asusto...

It looks like Deadbolt also hit QNAP and Terramaster.

replies(1): >>45062087 #
4. bayindirh ◴[29 Aug 25 09:47 UTC] No.45062087[source]
Also, it looks like only units which are accessible from the internet are hit, but isolated units did not get hit.
replies(1): >>45063402 #
5. lmm ◴[29 Aug 25 12:48 UTC] No.45063402{3}[source]
> only units which are accessible from the internet

Sort of. Accessible via Asustor's own software which they'd been promoting to users, which I'm pretty sure had some kind of hole punching / bridge node setup so that you could use it even if you were blocking all inbound connections to your NAS. Obviously if you completely disconnect it from the internet in both directions then you're safe (but also can't get updates etc.)

replies(1): >>45063652 #
6. bayindirh ◴[29 Aug 25 13:11 UTC] No.45063652{4}[source]
I plan to keep mine in an egress only state behind NAT (It can connect somewhere, but it's not reachable). Maybe, maybe I'll include it in my VPN setup.
replies(1): >>45071237 #
7. lmm ◴[30 Aug 25 01:48 UTC] No.45071237{5}[source]
Yeah, that was the state mine was in, it didn't save me.