Nice work from Synology, they're quite reactive for security fixes (the Heartbleed issue went fixed in a handful days). And so they were quick to fix the bug used by the hacker to gain root access and make Synology NAS servers mine Dogecoins.

Yet there is one "small" problem: updates must be applied manually, the NAS can at most automatically download the patch and warn the user. But if people only use like Samba shares (Windows shared folders), they never connect to the web interface and so never get notified an update waits for installation ! An update that requires only a click on a button and an automated 5 minute install + reboot !

Sysadmins can't trust the mainstream user to update the computer. I saw Windows 7 systems running for years without the user even knowing Windows Update was disabled (!!). Unattended updates is the GOLDEN RULE. Synology must find a way to patch the NAS servers automatically, without user input, every time it's possible without reboot. And let the user decide a timespan where the server may reboot itself, for kernel fixes.

UPDATE EARLY, UPDATE OFTEN, UPDATE ALONE
(Permalink)