+ Reply to Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 27

Thread: Beware! Seagate Personal Cloud NAS

  1. #11
    Join Date: Sep 2012

    Location: East Anglia UK

    Posts: 1,177
    I'm Marc.

    Default

    Wow, just wow....

    I finally nagged a response out of Seagate 'support', rather than deal with my issue they've taken the fact that I provided them with additional information, from my DNS/adblock server, to try and help them better troubleshoot the issue and have tried to twist it (through apparently 'misunderstanding' what they're looking at) to say that it's not them (it is).

    So, for instance, because I've used my ad-blocking server to block the domains being called by the Personal Cloud, those domains therefore turn up in the server control panel as 'Top Advertisers' (because the personal cloud spams them every 3 or so minutes) Seagate's response is 'these aren't being called by the personal cloud they are advertisers' GRRR, they are deemed advertisers because I've blocked them - they are all being called by the cloud IP!

    One of the other shots I supplied (unprompted) shows the IP of the Personal Cloud and the domains being hit, because it happens not to include one of them (even though it's in the 'Top Advertisers' list with the same number of hits as the others) they've come back saying 'nerr, it's not in that list' (implication - you're lying mr customer).

    Anyway, because I thought I'd get support (and have waited a month) I've now missed the chance of getting a refund from the reseller so I've asked Seagate if they'll provide me with one, let's see how that goes.

    DO NOT BUY A SEAGATE PERSONAL CLOUD THEY ARE COMPROMISED AND THEIR SUPPORT IS SHADY.

  2. #12
    Join Date: Oct 2015

    Location: Durham

    Posts: 211
    I'm Andy.

    Default

    Sorrŷ to ask what will seem like a dumb question to loads of people, but for what purpose is the NAS contacting the sites you list? What information is it giving or getting?

  3. #13
    Join Date: Sep 2012

    Location: East Anglia UK

    Posts: 1,177
    I'm Marc.

    Default

    Quote Originally Posted by Scooby View Post
    Sorrŷ to ask what will seem like a dumb question to loads of people, but for what purpose is the NAS contacting the sites you list? What information is it giving or getting?
    Entirely legitimate question, the simple answer is that I don't know and either Seagate don't know either, or they're not telling me. They have suggesting that oracle may be being hit due to some use of their database software in the product, but I don't believe that these sort of services would be provided under their top level domain (ie the service would likely be on a subdomain like service.oracle.com rather than on their main website). It should also be noted that I've uninstalled all the 'apps' from the drive so by rights it shouldn't be doing anything but waiting for me to access it over my local network and serve me my files.

    As to why it hits gnu.org I can see no good reason.

    So without a straightforward explanation from support I can only assume that the device's firmware is somehow compromised and that Seagate don't care.

    When I have a moment I will put some work in to trying to find out what the requests actually contain, at the moment all I can see is that there's a DNS (domain name server) request for the sites listed but I can't see any further content at the moment.

  4. #14
    Join Date: Feb 2013

    Location: W Lothian

    Posts: 36,454
    I'm Grant.

    Default

    Its gotta be a worry with these nas products. If it goes out, can it read info and send it to people. Can it lock you out etc.. can it ransom you etc
    Fortunately i cant get my head round these world book type things so dont have one
    Regards,
    Grant ....

    I've said it before and I'll say it again: democracy simply-doesn't-work
    .... ..... ...... ...... ................... ..... ..... ..... ..... .....
    DENON DV2900 - TWIN PRO MONOBLOCK AMPLIFIERS - XIANG SHENG DAC\PRE\HEADPHONE AMP - AVANTREE OASIS CLASS 1 BLUETOOTH - AUDIO TECHNICA ATH-MSR7 & OPPO PM-3 PLANAR HEADPHONES - WIN10 JRIVER23, SPOTIFY PREMIUM - ECHO DOT - SMSL M6 MINIDAC - FULL RANGE TWIN TELEFUNKEN's - Q ACOUSTIC BT3 actives - CANTON SUB - MAINS REGENERATED AND FILTERED.

  5. #15
    Join Date: Apr 2012

    Location: Southall, West London

    Posts: 28,458
    I'm Geoff.

    Default

    Have you looked at the legal side? Is it a breach of contract with you or a breach of consumer regulations? And of course, is Seagate doing anything illegal?
    Mr. Tact!

    Main system: MMs/ADCs/Low output MC's/One rare Japanese SUT/One scarce British phono stage/various tonearms/hefty Japanese DD TT and hefty Japanese BD TT and small British BD TT. 4 CD players/2 jitter buster/2 DACs/Valve buffer. TVC stepped attenuator or valve pre-amp or solid state pre-amp. Current dumping power-amp or either of two Class A SS power-amp or Class A EL34 valve monos or big Japanese (part Class A) integrated. Big dual concentric speakers/Smaller dual concentric speakers/Two way British compacts and full range speakers, amongst others. And too much more to list!

  6. #16
    Join Date: Sep 2013

    Location: North Island New Zealand

    Posts: 848
    I'm Chris.

    Default

    Quote Originally Posted by Rothchild View Post
    I

    recently picked up a 4gig NAS drive 'Seagate Personal Cloud' for
    reasonable money, but I'm writing here to warn off any potential
    purchasers and to check a couple of things with anyone else who has one.

    Generally its a good value NAS type drive seemed to suit my modest needs
    perfectly, however it took me two days to get up and running - I'd
    switch it on and log in to it, it would tell me it wanted to update the
    firmware and then say it couldn't do the installation and fail, I'd
    factory reset rinse and repeat to no avail. I finally managed to get it
    to skip the update and it finished configuring itself and then finally
    the update worked (from within it's own settings panel.

    So far so 'OK'

    Now, I also run my own DNS server so that I can block advertising and
    malware at my router, one of the benefits of this is that I can also see
    all the outgoing requests from the devices on my network (great for
    trouble shooting and to catch naughty software quickly). Low and behold I
    can see the NAS making DNS requests every 3 minutes for a bunch of
    sites:

    apple.com
    hp.com
    microsoft.com
    oracle.com
    gnu.org

    The NAS is hitting these sites over 700 times a day, now I don't much
    care for any of the dot coms but I'm unhappy to be causing issues for
    gnu.org.

    The icing on the cake is that Seagate Support is utterly atrocious,
    they've not responded to queries put in through the webform on their
    website, the have a twitter acct called seagage_support which just told
    me to phone them, expect their phone support line is open 7 - 4 Mon-Fri
    and I'm in gainful employment during those times, so currently I'm a bit
    stuck with this thing.

    Does anyone else have one of these things and the ability to monitor
    what it's doing on your network to see if mine is an isolated incident
    or if this is a 'feature' ?

    If you're thinking of buying one of these may I urge you to reconsider -
    I'm currently viewing mine as a 'buy cheap buy twice' mistake.
    Hi Marc
    I would recommend also reviewing how to free the Java Scripts on
    websites - it will be an eye opener as to how many are non compliant

    The reasons first, to understand Why FSF is doing this
    https://www.gnu.org/philosophy/javascript-trap.html
    and the page how to set your Java Script Free
    https://www.gnu.org/software/librejs...avascript.html

    Also
    be aware some sites are compliant on their first page to lead you in ,
    but then contain many on subsequent pages.

    As a general guide, and you probably already know far more than me in
    this area. confine email to a computer that has
    the highest security, uses encryption and is ideally free software.
    But at the very very least is Linux based.

    For an understanding of what free software is
    find the short video here: http://www.fsf.org/resources/
    and find for yourself the Free Software definition to understand
    what it means.

    Alternatively actually read and understand the End User Licence Agreement that people
    worldwide - willy nilly think nothing about, and rather like robots agree to, KNOW what you
    are agreeing to.... its a shocker.

    Free software is a leaning curve, like you have never seen before - Wow !

    Maybe we should work on a new thread to assist AOS members as best we
    can, and invite a round table of discussion.

    Cheers / Chris
    Last edited by Light Dependant Resistor; 24-02-2017 at 22:10.

  7. #17
    Join Date: Sep 2012

    Location: East Anglia UK

    Posts: 1,177
    I'm Marc.

    Default

    Thanks Chris,

    Don't, you're making me kick myself for buying it even more - I've been a keen user and advocate of Open Source for over a decade now, there's only one windows machine in the house (in the studio) and everything else runs linux. AFAIC Debian is the true path and the GNU licence is a work of subversive genius, the value of which will ultimately rank alongside the transistor and the silicon chip.

    The issue is I didn't do enough research on this drive before I bought it to realise it's not a proper NAS, yeah it's a big hard drive with an ethernet socket but it's also riddled with lots of wierd 'apps' and the like which could be doing all sorts of stuff.

    As for a the legal situation Geoff, given that Seagate either don't know or aren't saying if this is how the device is expected to work and that there are many, far more heinous offences being committed online I'm not going to be able to get law enforcement involved and unless I can get some FSF pro-bono on it, I'm not going to start spending money on a solicitor for a 100 device - this is what Seagate are counting on I suppose, and why the best thing I can do is try to warn others off falling in the same trap as me.

  8. #18
    Join Date: Sep 2012

    Location: East Anglia UK

    Posts: 1,177
    I'm Marc.

    Default

    Legend!

    This is straight from the latest email from 'Tech Support'

    "It is right, that the gnu.org does not provide any web services, but ALL of our Firmware, for all devices is based on a GNU-GPL License and has to follow the license requirements. So the contact between the gnu.org and Seagate is a very extensive."

    There's not an emoji with enough face palming and eye-rolling going on to countenance just how stupid this excuse is.

    Caveat Emptor! You have been warned, Seagate are shady as.

  9. #19
    Join Date: Dec 2011

    Location: Athens

    Posts: 267
    I'm Dimitris.

    Default

    Could these be probes for updates? Do you see any other traffic attempts towards these sites?

    But yeah I have given up using such NAS machines looooong ago.

    They are cheaply made, they usually do not have the horsepower to support the full bandwidth of the ethernet ports, heat management is bad or non-existent (directly affecting disk life) and the custom firware (read half-baked) rarely works as intended without issues. And if anything goes wrong with a disk, you are pretty much eFed up because it will take forever to rebuild volumes (if you are lucky) or recover the sytem (if you are unlucky).
    I always ended up trying to install some micro Linux distro on them, but after a while (when my time became more expensive) I decided it was just not worth it.

    A few years back I built an HP microserver running a proper OS that works as intended without surprises. And of course I never looked back or spent any more silly money on toy devices with a short expiration date.
    Sources: Modified SL1200 MK2, Salas folded RIAA, Phonoclone, VSPS, Shelter 501 MK2, Modified Pioneer P6D6 as transport, Shigaclone transport, Peter Daniel NOS DAC.
    Amplification: Custom 211 Monoblocks, Electrocompaniet AW120, Audio Research VS110, Gainclone
    Loudspeakers: Tannoy Turnberry, PBN Montana EP Signature
    Cables/stands: Tempflex ribbon and Twinax cables
    Other: Promitheus Signature Passive Attenuator, Custom JFET - transformer preamp.

  10. #20
    Join Date: Sep 2012

    Location: East Anglia UK

    Posts: 1,177
    I'm Marc.

    Default

    Hi Dimitris,

    No, I don't believe it's probing for upgrades. For one gnu.org don't actually host any software and I don't believe any of the other companies that are getting pinged host any services on their TLD, the volume of requests is wild as well; today alone as I look at the dns logs right now there are 860 requests to each of the five sites that are being hit (hp.com, oracle.com, microsoft.com, apple.com and gnu.org) that tots up to over 4300 unauthorised requests from the personal cloud to the network in just one day

    I would be interested to hear from anyone with any insight as to what my legal rights are likely to be in this context. I have tried to reach out to the Free Software Federation (the keepers of the GPL licence) to point out that Seagate are basically using them s an excuse for distributing broken software so I'm hoping that they might be able to assist too.

    I'd love to be able to install 'FreeNAS' or something similar on this box but I suspect it's stitched up with some shady firmware, I'll see if I can make time to overcome it if I can't get a sensible response from seagate.

+ Reply to Thread
Page 2 of 3 FirstFirst 123 LastLast



 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •