Overall... I'm disappointed

Currently reading
Overall... I'm disappointed

62
22
NAS
DS412+, DS1815+, DS1817+ (HA), DS1019+, DS416slim, DS920+
Operating system
  1. Windows
Mobile operating system
  1. Android
Same amount of time, quantum computers = quantum encryption.

Thought provoking though, if quantum PC works by eliminating all wrong answers, does quantum encryption just give you the right answer, or does it tell you every single answer is correct except one, which actually is the right answer even though it says it is wrong.

8,796,093,022,208 length encryption key anyone
 

fredbert

Moderator
NAS Support
Subscriber
2,585
1,047
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
You have to keep updating the encryption, so any archives will have to be decrypted and re-encrypted with new, stronger mechanisms. Or don't decrypt and hope that over time you can still decrypt the onion layers of accruing encryption!
 
7
4
NAS
DS1815+
Encryption no substitute for strong password:

Use 15 character password, mix of upper, lower case, symbols and numbers. You can even save it in your browser, but if someone took you NAS this is how long it would take to get at your data

30 minutes or less, :whistle:or more, depends on drive time to destination

"...drives can be easily recovered using a PC and an Ubuntu live CD. "

google.com/search?q=synology+linux+recover


so, I think OP has a right to be upset with limitations on encryption, considering the (huge markup) price. Unfortunately it's a symptom of Synology software engineers are being stretched too thin, to save costs (in fairness, like any other company). The many shortcomings that we are all not happy with in their large portfolio of software would have been known prior to purchase had OP asked Google. We generally just deal with it. I mean they even got their own forum wrong.
1571430737119.png
 
62
22
NAS
DS412+, DS1815+, DS1817+ (HA), DS1019+, DS416slim, DS920+
Operating system
  1. Windows
Mobile operating system
  1. Android
So you have just recovered a NASes worth of encrypted data, now what? The 416slim uses Marvell Armada 385 88F6820 which is a SoC with hardware level encryption, so the CPU is the private key. You may be able to access the data but without the CPU and password, its just a waste of time.
 

jeyare

Subscriber
1,898
629
no doubt some Synology approaches are out of my understanding.
But, regarding the security stage, based on encryption you never be able to prepare single solution for all users. Then you have (as NAS vendor) these 2 basic choices only:
- for 80% of users (mass market driven Pareto principle) you will prepare feature for basic but strong Share folder encryption. No one from the target group has an understanding what exactly it does mean for them. Frequently the encryption is in relation with data lose (forgetfulness of people) :rolleyes:. Many times advanced users use this feature also. It's OK.
- rest of the 20% advanced users can use their own solutions when Synology is just storage provider, from XX+ characters length of Encryption Key/Passphrase by BitWarden (saved to different media), or by independent encryption e.g. BitLocker for LUN. But although stealing disk drives won’t grant access to encrypted data, if those encryption keys fall into the wrong hands, your data can still be compromised.
Why to spend such pointless effort from NAS vendor to satisfy (by an universal solution) every single paranoid person (me also) in our universe? There is no way and it's costly. Because every single new feature must be supported across target product portfolio. Then people will cry that this Xeon based NAS support it and this small low cost CPU not.
Yes, it is still out of advanced encryption solution based on e.g. controller-based encryption when any data type: block, file, or object can be encrypted. Because Synology is out of this kind of architecture.

Re encryption by Synology NAS
You need always count with same (already mentioned) important points:
- do you need exactly encryption for whole disk data? Even for public available movies or MP3, etc?
- or just for specific (tier) of sensitive data stored in specific shared folder/s?
Then where is the foundation of whole disk encryption for Synology? Even when your single disk contains just single Shared folder in usage.

Finally:
when you store such interesting data for costly quantum bruttforce usage, you have to think about change of your security architecture :) or location change for your NAS.

Down to earth or change a beer provider.
Cheers.
 

fredbert

Moderator
NAS Support
Subscriber
2,585
1,047
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
That's probably a bit harsh :) If it's ambiguous, or misleading, in the marketing statements about what is encrypted and what isn't then it's fair to be upset when it doesn't work as implied. That's even if others don't see it as a necessary or useful feature.

I know what my needs are and have had some annoying experience from encrypted disks. I'll go down the route of encrypt what you need to encrypt and not the rest, also a fully encrypted disk can be an utter pain when recovering from an enclosure failure.

I've got three old WD myBook Studio drives. They support Firewire 800 and USB , so while I still have a couple of daily Macs that have FW800 I will use these. Bbbbbut they have the massively annoying feature of supporting encryption within the enclosure interface board. Which would be ok if when you decide not to password protect the disk the encryption was disabled. It isn't. I had a power supply go on one so took the disk out and into a different enclosure ... disk not readable but can format it and use as normal. The disk's data can only be accessed in the myBook Studio enclosure that formatted it.

For external USB drives I prefer as dumb as possible, the WD Elements 3.5" are good and usually cheaper than buying the WD Blue that's inside. If I want to encrypt data then there's Cryptomator or other options for managing vaults held on the NAS, and accessed via SMB/AFP/WebDAV/SFTP etc.
 
1,898
796
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
What I hate the most is when I buy an external drive and it comes with a PIA hidden partition that pops up when I connect it. Usually it’s populated with some recovery or repair software that is 99% of the time meant for Windows.
I had one of those and I couldn’t delete or remove that partition. when it finally died I smashed to pieces with a sledge hammer out of anger.
@Tedster would‘ve probably shot it twice :)
 
1,898
796
NAS
DS220+ : DS1019+ : DS216+II : DS118 : DS120j : APC Back UPS ES 700 — Mac/iOS user
I truly appreciate your brotherly concern. But Nooooo. That’s not going to happen. The last thing I need is Windows in my life :eek:

I have no problem with including Windows specific software on drives. But to make the piece of s*#@ thing on a separate read only partition and permanent to the point where I can’t get rid of it unless I use a sledgehammer, that’s where it becomes insulting.

Anyway, almost everything worth keeping is on the NAS now. I don’t need external disks as much as before the NAS. Less sledgehammers too :)
 

fredbert

Moderator
NAS Support
Subscriber
2,585
1,047
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
What I hate the most is when I buy an external drive and it comes with a PIA hidden partition that pops up when I connect it. Usually it’s populated with some recovery or repair software that is 99% of the time meant for Windows.
Ah yes, the myBook Studio has that too. I've one now that has had the disk completely cleaned of this partition but the logic board doesn't know it and when I reconnect the enclosure up pops a warning that the insert disk isn't readable. Have to click 'ignore' otherwise this alert just keeps popping up. I won't miss it when it dies.
 
127
54
NAS
2x DS920+
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. Linux
  2. macOS
  3. Windows
  4. other
Mobile operating system
  1. iOS
Last edited:
Ah yes, the myBook Studio has that too. I've one now that has had the disk completely cleaned of this partition but the logic board doesn't know it and when I reconnect the enclosure up pops a warning that the insert disk isn't readable. Have to click 'ignore' otherwise this alert just keeps popping up. I won't miss it when it dies.
I had a few MyBook Studio II drives but I don't recall them doing that... But then at the rate I swap out drives I've not experienced a drive failure for well over a decade, I just inherit them from other people. :)

The Thunderbot 2-based WD TB Duos seem to be as 'dumb' an enclosure as you can get, they leverage Apple's built-in RAID....

Anyway, back to the original program. :)
 

fredbert

Moderator
NAS Support
Subscriber
2,585
1,047
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I had a few MyBook Studio II drives but I don't recall them doing that..
I didn't know this until the first one I had got hit with a power outage (that was when I went from pre-UPS to post-UPS) and I opened it to get the data back online while I sorted out replacing it. FW800 was the quickest interface at the time so swapped it into a 2nd one's enclosure (smaller disk and less important) only to find the data wasn't readable and 'do you want to format the disk?' no, no, NO!! I think they had different power bricks or maybe the board had tripped, it works now but didn't then. Hence the drastic crack open and switch.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top