Wednesday, February 25, 2015

Lenovo Superfish Fiasco

So I have a Lenovo Miix that happens to fall under the time period of the Superfish security bug. I just checked and I'm free and clear. This is why I hate bloatware. Unfortunately, this problem really soiled Lenovo's reputation.

If you have a Lenovo and want to check your machine, there are some online sites that check your SSL for the man-in-the-middle hijack attack.
Here is a good tester:

Tuesday, February 24, 2015

QNAP TS-120 and TS-212P NAS review

OK, I haven't been blogging for a while. I've been just busy. However, today, I am going to resume and post about two QNAP NASes I've been using for the past 2 months. The 2 Bay QNAP TS-212P (pictured above left) and the single bay TS-120. I'm not going to go into a full review. I'm just going to jot my thoughts on using these two devices.

Now for a bit of a background. As many of my old readers know, I am a fan of home-grown systems; using FreeNAS and re-purposing Pogo Plug devices. Well, for the past year, my FreeNAS box has been at the office. At home, I'm a bit more energy conscious. I've been using various spare Linux boxes to act as SAMBA and TimeMachine shares. I've also used a few Pogo Plug in stock and ArchLinux form. However, my TimeMachine (TM) backups have been a bit flakey. Every other two or three weeks, I would get a corrupted TM image and would have to re-start. Furthermore, I had two pogoplugs fail on me. So when the QNAP went on sale during Christmas, I figure I'd give it a try.

I got the TS-120 for around $80 and the 2 bay TS-212p for $110. They are similar yet different. Both have Marvell 1.6 ghz CPUs with 512MB RAM. Both have a single USB 2.0 and two USB 3.0 ports. Power consumption is very similar at 12/13 watts (5/6 watts sleep). The key difference is the single bay TS-120 has an eSATA connector. According to QNAP, the TS-120 is middle end and the TS-212p dual bay is an entry level model.

In terms of storage, I slapped a 3TB Seagate on the TS-120 and two 4TB Hitachis on the TS-212p. The TS-212p is running in a RAID mirror for redundancy. Both are similar in performance and capabilities.

Installation is straightforward. Screw in some drives, boot, update the firmware and access everything via a web base interface.

So what do I like about them? They're very much plug-n-play and zero hassle. It is kind of refreshing.
The browser interface acts like a pseudo operating system. In fact, QNAP does call it an OS. QTS 4.0. For a browser interface, it works surprisingly well within the limitations of HTML. You can drag-n-drop files and overal UI is well done for an HTML app. In fact, this works well with Chromebooks.

In addition, QNAP makes some fairly competent iOS and Android client apps to access the NAS.
Importantly, QNAP has a good repository of add-on applications.

You can install apps such as Squid Proxy server, WordPress, Node.js, Python, Plex, an USB web cam, etc. Pretty much, your useful standard open-source applications. Hence, you can turn your NAS into a variety of appliances from downloading bit-torrents, serving DLNA media, to a CMS application server. The capabilities are limited to the computing power of the specific QNAP device you are using. For example, I have Plex installed but neither devices are suitable for real-time transcoding. They serve h.264 MP4 media just fine to my iOS and Android devices but for 1080p MKVs, you'll want to look at the more advance QNAP models.

My needs are pretty simple. I wanted a simple TimeMachine box in addition to storing MP4 media files that I don't want running on the family Plex server.

For these two use cases, the QNAP boxes were fantastic. I even installed the CloudLink add-on which allows you to remotely access your NAS from the outside. Again, it was plug-n-play. There was no need to set-up port forwarding. The Cloud Link creates a tunnel link that allows you to access your NAS via Web browser or a mobile app. Sure, I had this before with ad-hoc set-ups using Pogos and open source cloud tools like OWNcloud/PyDIO. However, none of those solutions worked well. The iOS and Android app has one simple thing I like and that is searching. 

Something so simple yet profoundly compelling. Sure, connecting to a file server is trivial using CIF/SAMBA apps but the ability to search the file-system easily wasn't there. For example, open up ES File Explorer on my Android phone, mount a Samba mount, and I'd always have to browse folders; looking for what I needed. I normally, over-think things but this simple feature is a good reason for me to use QNAP.

There are some handy apps I want to mention real quick. You can set-up an Amazon S3/Glacier rsync. You can even rsync your Google Drive to a path on the NAS. The replication and synchronization tools are pretty good. I was able to set-up an schedule RSYNC to my FreeNAS box and it worked effortlessly. Thus, whatever is copied to my single bay QNAP, a duplicate copy is made in the background to my "real file server." You can even set-up one-touch USB drive copies. If you have an external USB drive, the NAS can easily synchronize to it whenever it is connected to its USB ports.

In terms of performance, it depends on your drives and network. I have a gigabit network and in comparison to my FreeNAS box, the QNAP was considerable slower with mix performances. The Seagate single bay TS-120 was pretty slow in terms of network copies in both AFP/SAMBA.

TS-120 Single Drive Seagate ST3000 3TB drive.

TS-212P w/ Mirror Hitachi 4TB drives

Overall, I'm not really expecting much in terms of performance. These are entry-tier devices. For Time Machine backups and accessing via my iPad, the performance is fine. However, I am genuinely curious about some of their small business models. I am seriously thinking about testing the soho models at my work for TimeMachine backups and RSYNC replication. I'm also seriously thinking about evaluating these for iSCSI vSphere application. 


I like these devices. I really like the simplicity and ease-of-use. After a full week of work, I don't really want to think about tinkering around anymore on the weekends. I like how they just work for my needs. Between the two, it is a toss-up. I really like the eSATA port on the TS-120 but the TS-212p in a RAID mirror is more disaster-recovery friendly. If you are not sure, I suggest you try the low-end TS-120 if you can get one for $80 on sale. Who knows, you might get hooked. Thats what happened to me. I had no intention of replacing my other devices but the ease-of-use is pretty compelling. At first, I thought of just having a secondary TM back up on my network but now,I am thinking about the 4-6 bay models. I had no intention about getting hooked into a NAS eco-system but I am sure glad I tried.


Monday, February 16, 2015

Secured Guest Account on OSX Yosemite.

I notice something interesting with the new Guest login on Yosemite. If you have an encrypted file-system, the guest login is completely different from the normal guest login of a non-encrypted drive.

With an encrypted filesystem (File Vault), you have to re-boot into an ultra-secure mode. This is almost analogous to a Chromebook and I like it. The new guest mode only has one app running and that is Safari.

Once in guest mode, the user has no other access. He/she cannot access any applications nor can they browse the filesystem.

For comparison, here is the guest mode on my iMac also running Yosemite without File Vault. The original guest mode has desktop, application and file system access.

So if you are running a full file-vault, the guest mode will be a complete surprise. I can see some people not liking it; preferring it to the original mode. I personally like it as it appears to be more isolated and there is little to no chance a user can see anything on my drive as it is intended.