The Current Synology & QNAP NAS and OpenSSL Security Issues Explained
As many of you may have heard, in recent weeks there were two vulnerabilities identified in the OpenSSL encryption platform, a popular SSL option for many sites and servers, that provided an opening for particularly industrious interlopers to access a site via a weakness in the platform. Although not a service that is developed by Synology or QNAP NAS, it is used in several smaller areas/applications in their respective DSM and QTS software platforms. This is not uncommon for a brand to use a third-party provider and OpenSSL is one of the most popular open-source SSL platforms in the world. This vulnerability in OpenSSL was identified in late August and although alot has happened in that time, though the vulnerability is beginning to be resolved, it is still not fully resolved on the Synology or QNAP NAS affected software and services. So, today I wanted to go through what an SSL is, what OpenSSL is, the nature of the vulnerabilities, what has been resolved, what hasn’t and ultimately explain where things are right now. Let’s get started!
- - -
Check out FREE NAS advice section on nascompares.com