Given how notorious the Chinese government is in forcing local companies to add spyware to their products or store encrypted data for future decryption when quantum computers will become more feasible (e.g. Huawei), how secure do you think their Terramaster NAS products are? Is it worth the cost or is it best to just steer clear of these?
With all those “smart” devices (Including Internet of Crap), the rule of thumb is to put them on their own VLAN. Then put network filtering in place, such that nothing can talk out of this VLAN. And all you client devices that needs Internet access can then talk to them in the other VLAN.
You could allow specific destinations for them, but even DNS, it is better to just have a service exposed to them that only uses a hosts file to avoid VPN or exfiltration over DNS.
That is best practice. If you want to run a software update, you can open up, and update, and close down again.
Security is about being paranoid.
I had to do this with an NVR security camera system I got off Amazon. The NVR
iswas constantly sending data to servers in China. Using pfSense I put it on it’s own VLAN and used firewall rules to stop it from reaching the internet. I also setup an OpenVPN server so i can access it remotely when away from home.Interesting, can you share some literature on how to do this or give me some queries to use in Google.
You just need something that can act as firewall betweent he 2 networks, say a Linux box, and then have different SSID for secure and china devices, and VLANs.
OpenWRT is a good thing to have on your APs.
VLAN and firewall are the things to google.