QuMagie on TS-328

Please post your questions about using the web-based Photo, Music, Video Stations here.
Post Reply
andycliff
New here
Posts: 3
Joined: Tue May 04, 2021 4:56 am

QuMagie on TS-328

Post by andycliff »

Please does anyone know where I can find a list of compatible QNAP's for QuMagie? I have a TS-328 and installed QuMagie with no problem. Then I went to sign up for monthly licensing. When I tried activating the license an error came up saying "Your NAS Model does not support this license". Sure wish I knew that before I paid over my license fee!
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuMagie on TS-328

Post by dolbyman »

best to contact qnap about it, they are the only ones that can advise or even refund
Theliel
Know my way around
Posts: 124
Joined: Tue Jun 12, 2018 4:52 am

Re: QuMagie on TS-328

Post by Theliel »

I'm sorry I do not understand. License for QuMagie? QuMagie does not require any kind of license as far as I know.

On the other hand, if the application is listed in the official store, the NAS is compatible, otherwise it would not appear. You can also check it on QNAP's own website:

https://www.qnap.com/en/app_center/?os= ... 5.3&II=304
andycliff
New here
Posts: 3
Joined: Tue May 04, 2021 4:56 am

Re: QuMagie on TS-328

Post by andycliff »

Thanks, I did look in the compatibility site on QNAP but it only gives details about hardware. The license for QuMagie is to be able to share photo albums with others. I have thousands of family photos and a lot of family members. I'm trying to set up a photo collaboration site on my TS-328 where family members can see/download my photos & upload their own. QuMagie looks like a good option (especially as it allows tagging). I have it installed but don't have a share option (hence the license). When I purchased the license & tried to activate, thats when I was told my TS-328 doesn't support it.
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuMagie on TS-328

Post by dolbyman »

Do not expose your NAS to WAN .... see the recent ransomware threads for consequences

viewtopic.php?f=45&t=160849

share photos via dropbox onedrive ,etc
Theliel
Know my way around
Posts: 124
Joined: Tue Jun 12, 2018 4:52 am

Re: QuMagie on TS-328

Post by Theliel »

andycliff wrote: Wed May 05, 2021 9:20 pm Thanks, I did look in the compatibility site on QNAP but it only gives details about hardware. The license for QuMagie is to be able to share photo albums with others. I have thousands of family photos and a lot of family members. I'm trying to set up a photo collaboration site on my TS-328 where family members can see/download my photos & upload their own. QuMagie looks like a good option (especially as it allows tagging). I have it installed but don't have a share option (hence the license). When I purchased the license & tried to activate, thats when I was told my TS-328 doesn't support it.
I didn't know there was a QuMagie license for sharing features. I have been using QuMagie for a long time, with different users, and each one can upload the photos they want if they want and they are shared with the rest.

Can you send me the link to the QuMagie license URL? I don't see it in the license QNAP Store either (https://software.qnap.com/)
andycliff
New here
Posts: 3
Joined: Tue May 04, 2021 4:56 am

Re: QuMagie on TS-328

Post by andycliff »

Theliel wrote: Fri May 07, 2021 5:21 pm
andycliff wrote: Wed May 05, 2021 9:20 pm Thanks, I did look in the compatibility site on QNAP but it only gives details about hardware. The license for QuMagie is to be able to share photo albums with others. I have thousands of family photos and a lot of family members. I'm trying to set up a photo collaboration site on my TS-328 where family members can see/download my photos & upload their own. QuMagie looks like a good option (especially as it allows tagging). I have it installed but don't have a share option (hence the license). When I purchased the license & tried to activate, thats when I was told my TS-328 doesn't support it.
I didn't know there was a QuMagie license for sharing features. I have been using QuMagie for a long time, with different users, and each one can upload the photos they want if they want and they are shared with the rest.

Can you send me the link to the QuMagie license URL? I don't see it in the license QNAP Store either (https://software.qnap.com/)
https://software.qnap.com/qumagie-for-qutscloud.html this is the license I signed up for. I only did the month so was only out of pocket $9 so no big deal. When I did it I assumed you had to have the cloud component, maybe that's where I went wrong. I'm still very new to this so I'm likely making dumb mistakes lol
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuMagie on TS-328

Post by dolbyman »

That is a license for the virtual QTSCloud appliance .. not for a physical NAS.

Make sure you read my warning .. or pay with your data
Theliel
Know my way around
Posts: 124
Joined: Tue Jun 12, 2018 4:52 am

Re: QuMagie on TS-328

Post by Theliel »

andycliff wrote: Sat May 08, 2021 1:35 am https://software.qnap.com/qumagie-for-qutscloud.html this is the license I signed up for. I only did the month so was only out of pocket $9 so no big deal. When I did it I assumed you had to have the cloud component, maybe that's where I went wrong. I'm still very new to this so I'm likely making dumb mistakes lol
dolbyman wrote: Sat May 08, 2021 1:45 am That is a license for the virtual QTSCloud appliance .. not for a physical NAS.

Make sure you read my warning .. or pay with your data

Like dolbyman said, Its for Cloud QTS, not own NAS, where QMagie work perfecly full featured.

About NAS security for Photo/content share, I do not agree with what dolbyman says. With adequate knowledge and security practices that are at least logical to me, the NAS should be secure:

1st. The most important thing, ALWAYS, have the system and applications updated, and of course keep up to date with the security bulletins
2nd. Only enable the services that are required, that implies uninstalling those applications that are not necessary as well
3rd. If we connect it to the Internet, directly or through a NAT device (Router), NEVER use the known ports for any service, and only expose to the Internet those services that really require it. That is, if we require access to the Web interface, do not raise it on port 443/80/8080 ... use arbitrary "high" ports (1024-65535). Almost all attacks are carried out in an automated way to specific services raised by default in specific ports. Using other ports would not make the device less vulnerable (if it was really vulnerable), but would not be detected by botnets, and therefore not attacked
4th. Of course, always have a physical backup in a separate location for redundancy.

There is nothing that is completely safe, at any time a Zero Day exploit can appear and in any service. That forces, I repeat, to take the first measure as something obligatory, and much more important than any other premise. If we don't keep the software up to date (including whatever operating system it is), you are leaving the door open to any old or new exploit
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuMagie on TS-328

Post by dolbyman »

talk is cheap..but ransom payments for encrypted data is steep

qnap patched the vulnerabilities AFTER they were exploited so even an up to date system was vulnerable for a while

so my advice still stands..never ever expose your NAS to WAN ...I have been saying it for years and in the last 12 Months there was 3 malware wave attacks on qnap...all preventable if the systems were not exposed
Theliel
Know my way around
Posts: 124
Joined: Tue Jun 12, 2018 4:52 am

Re: QuMagie on TS-328

Post by Theliel »

Obviously, if you do not expose the NAS to the outside, it is impossible to have any security breach from outside, and of course, it is a risk that will always be present. But that does not imply that the device is going to be hacked, or we would have to extrapolate it to any device connected to the Internet, starting with each of the world's Web servers, and all kinds of services, your Phone/PC too.

Total security is impossible on any connected service / device.

In the case that concerns us, HBS was patched on the 16th, and it was not until a few days later that affected cases began to be reported. In any case, it is likely that there were previous infections of the patch, of course

But this, with normal security measures, would not have been a problem either. Did all those affected use HBS? did they use the default ports? did they let the NAS open the ports through upnp?

The ultimate culprit in 99% of computer security problems is the end user, generally due to poor "education" in this regard. An exploit can appear at any time of any product / software / device, and they come out on a daily basis, and that is something that we cannot remedy. Therefore, it is in our hands to ensure that the system is prepared to deal with it, especially if we store sensitive or important data.

It applies to everything. Your solution to avoid hacking an email account (for example) would be to access the account only at home and on your computer. I would instead fix it simply using decent unique passwords and MFA systems.

Security always has to go hand in hand with usability, a compromise must be reached between the two, or otherwise, as I said, we could not connect to the Internet at all, starting with the computer or mobile phone you use to write in the forum, because it is impossible for you to be certain that there is no malware on the web that exploits a vulnerability in the web browser from which you access, and by doing so they have taken complete control of your device
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuMagie on TS-328

Post by dolbyman »

Limit your exposure by just using a VPN for access .... all the long talk about that risks can always popup and one has to accept compromise are NOT helping the thousands of compromised users .. they would all have had no problem would they have used a remote access VPN.

The same conversation comes up now every 6 months (after each new malware wave)... DO NOT EXPOSE YOUR QNAP
Theliel
Know my way around
Posts: 124
Joined: Tue Jun 12, 2018 4:52 am

Re: QuMagie on TS-328

Post by Theliel »

No, because by that rule of three, tomorrow a security flaw could appear that affects the VPN server that would allow unauthenticated access. The solution goes through security education as I have said, it is the only thing that is effective. I refer to what has been said, 99% of all security issues are directly or indirectly due to the end user, not the system.

If the user really cared about security, he would never use the default ports, he would use strong passwords, he would have the software updated ... even use an FW to protect the system (by the way QNAP has QuFireWall that can be installed, and simply Filtering connections by country gives you another essential tool to avoid 99% of any attack)

If one wants to be able to squeeze a NAS, not exposing the NAS to the Internet is not an option, considering that the vast majority use them precisely to be able to access them externally, and apart from the fact that a VPN server can also have security problems, in many cases / scenarios they cannot depend / use them.

Solving all this is much simpler and does not require much, just configure the system WELL, and apply basic security guidelines. I have been managing systems for many years and have never had a single security problem. Although it is politically incorrect to say it, I am sorry, but the person responsible for all this has happened is the user himself. No company in the world can assure you zero risk in any system, because they will always appear, and you will always see who takes advantage of it.

Zero Day exploits exist and will exist, and affect any product and manufacturer. The greater the market share of said "product", the more interest it will have in hackers, because they can potentially reach more people, it's that simple.
User avatar
dolbyman
Guru
Posts: 35022
Joined: Sat Feb 12, 2011 2:11 am
Location: Vancouver BC , Canada

Re: QuMagie on TS-328

Post by dolbyman »

Ok I assign you the designated (moral) support person for the next malware wave

Because changing passwords,disabling admin,updating software, ifs,buts and coconuts has hepled so much in the past


btw crickets in infection terms of the people with no or vpn only access...weird right?

I am out
Theliel
Know my way around
Posts: 124
Joined: Tue Jun 12, 2018 4:52 am

Re: QuMagie on TS-328

Post by Theliel »

Again and again ... a system without failures is impossible, it does not exist. Hackers are able to enter even NASA / NSA, so ... and even with everything, 99% of the time it is by end-user error, I can give you the statistics you want.

So adding 2 + 2, the only solution starts with education in security, companies / organizations and in "important" environments is already an imposition on their own workers. Otherwise, whatever you do, you are at their mercy.

a) Correct configuration
b) Minimum of "care"/education in the matter
c) If it is sensitive information, access control by certificates, MFA and Firewall.
d) Backup Policies, ALWAYS 3-2-1

Simple. If this is taken into account, you will never have a single problem, and in the hypothetical case that it appears, it will be solved in a few minutes / hours. Otherwise, you expose yourself to everything else.
Post Reply

Return to “Photo Station, Music Station, Video Station”