QNAP NAS Community Forum

Hi

I just got my TS-431P3 configured.
All is working fine here, but I shared a folder with a guy thru MyQnapCloud (created a shared link) and gave it to him.
My internet speed is 1Gbps down / 200 Mbps Up and he can only download at about 800kbps....

Why is that? Any configuration missing? Or not the best way to send/share data?
Thank You

I assume he has a good internet connection?

He also have 1Gbps download...

If it is CloudLink, then it's limited by the QNAP gateway servers, if it's via portforward (dangerous!) you should reach higher speeds (depending on the peering speed to the endpoint)

C

The link is like this: https://www.myqnapcloud.com/smartshare/***************

This kind of share is limited?
If yes, how can I share the data without this limitation?

Thank You

Smartshare would be the portforwaded version then (I think) .. as cloudlink starts with qlink.to

But I don't know for sure, because I have never used this service (for above mentioned security reasons) as I don't like my files encrypted for ransom and criminals mining bitcoin at my cost

I understand your point of view, but this is like using a knife... I know it can cut me or even kill me, but I need to use it...

That's a good analogy. There's a wrinkle in that reasoning, however.

With the explosion of online criminality, properly securing one's own devices is becoming a matter of social responsibility. If you don't care about your NAS or other IoT device being compromised and becoming part of a botnet or other nefarious operation, and this actually happens to you, you become an unsuspecting actor in the dark web economy. I wouldn't go as far as saying you become complicit, but your negligence can have far reaching and dire consequences not only for you but for others.

To take your analogy to the extreme, when health organizations or utilities are attacked by online criminals, lives may be at risk.

Food for thought...

Yeah, that's true and I completely agree with that argument.

But what to do then? Stop using technology? Because we know that potentially everything connected to the internet can become a bot.
In this specific case (using the QNAP), isn't also a responsibility from QNAP to provide and research ways to avoid these situations?

larbac wrote: ↑Wed Mar 10, 2021 7:02 pm But what to do then? Stop using technology? Because we know that potentially everything connected to the internet can become a bot.
In this specific case (using the QNAP), isn't also a responsibility from QNAP to provide and research ways to avoid these situations?

Yes absolutely QNAP has its share of responsibility too, but they can't be relied upon to protect you, and their track record in matters of security is abysmal. The software architecture and security model on which their NAS devices are based is fundamentally flawed. No matter how much they patch it, it will remain a ticking bomb.

You don't have to stop using technology but you need to take precautions and reinforce the security of your devices, or use devices that are inherently more secure. It takes some effort to learn and implement. Or you can rely on 3rd-party commercial file-sharing services which are experts at their job and are much better equipped to deal with security threats than your home setup.

Security and convenience don't go well together. You have to choose one or the other. That's unfortunate, but that's the way things are for the time being.

Businesses that are breached, ransomed and DDOSed are also responsible. In most cases they have to face the consequences of their own laziness and negligence. They chose convenience over security.

I think your knife analogy is spot on. A risk assessment based on your circumstances and plenty of reading is the right and proper approach. “Do this” or “don’t do this” without a deeper understanding of context can actually be very risky for the end user.

spile wrote: ↑Fri Mar 12, 2021 3:29 pm I think your knife analogy is spot on. A risk assessment based on your circumstances and plenty of reading is the right and proper approach. “Do this” or “don’t do this” without a deeper understanding of context can actually be very risky for the end user.

No. You don't get it. It's not about the risk to the end user, it's about the risk and nuisance to others in general by way of negligence. An IoT device which is compromised as a result of its owner's carelessness and negligence helps the criminals and can cause me, and society at large, directly or indirectly some harm. The knife analogy as it was presented may only cause personal harm.

How would you react if your personal data or your money were stolen because one of the online services you use is breached thanks to the millions of compromised IoT devices powering botnets and cryptominers? This happens all the time and perpetuates and proliferates as long as end-users don't care.

It's like drunk-driving. Perhaps you don't care about killing yourself running off the road, and that's fine, but you could cause an accident involving other people.

Mousetick wrote: ↑Fri Mar 12, 2021 5:09 pm

spile wrote: ↑Fri Mar 12, 2021 3:29 pm I think your knife analogy is spot on. A risk assessment based on your circumstances and plenty of reading is the right and proper approach. “Do this” or “don’t do this” without a deeper understanding of context can actually be very risky for the end user.

No. You don't get it. It's not about the risk to the end user, it's about the risk and nuisance to others in general by way of negligence. An IoT device which is compromised as a result of its owner's carelessness and negligence helps the criminals and can cause me, and society at large, directly or indirectly some harm. The knife analogy as it was presented may only cause personal harm.

How would you react if your personal data or your money were stolen because one of the online services you use is breached thanks to the millions of compromised IoT devices powering botnets and cryptominers? This happens all the time and perpetuates and proliferates as long as end-users don't care.

It's like drunk-driving. Perhaps you don't care about killing yourself running off the road, and that's fine, but you could cause an accident involving other people.

No. You don't get it. Neither the OP nor myself are saying that social responsibility is not important. A risk assessment is not limited to just personal risk and will determine a risk level that includes personal and third parties. That is where the social responsibility bit comes in.