I have seen this post too, and I was rather sure that "options" 2, 3, 4" are only a sarcastic note, but note a real alternative. But I missed the <sarcasm> tags...P3R wrote: ↑Fri Jan 28, 2022 9:12 amOMG!yemartin wrote: ↑Fri Jan 28, 2022 5:16 am 1) You don't. I mean: reevaluate your use of QNAP to access files remotely. If it is just a small convenience, maybe it is not worth the risk.
2) You understand the risk but have have money to burn and don't mind paying ransoms (risky: unlocking may not always be an option).
3) You understand the risk but your data is disposable so you don't mind loosing it.
4) You understand the risk but have a solid backup strategy, and don't mind restoring from backups when needed.
5) You only access your QNAP through a VPN. This allows remote access without exposing the NAS to the open Internet.
In my opinion only 1 and 5 are valid options.
2-4 are hugely irresponsible and I'm surprised to see anyone even suggest them. It's not only the data on the NAS that is at stake. Every time criminals own the system they can do anything. The criminals could plant a trojan on the NAS, they could use it as a relay in further criminal activities, they could use it as a foothold to attack other systems like the backups, a work laptop (so suddenly you're giving the intruder a foothold into your employers network), surveillance cameras to spy on you or anything else in the network.
This is true madness!
regards