- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: ReadyNAS NV+ and ssl
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ReadyNAS NV+ and ssl
I'm using a ReadyNAS NV+. The web interface only supports TLS 1.0. Many browsers are beginning to pull support for TLS 1.0 as it's old and insecure. Chrome no longer supports it and no longer allows an exception for it. This was brought up at least once before on the forums here, but was never really resolved[1]. Simply keeping an older browser around just to administer a single device doesn't seem practical, and with auto update on everything these days the list of possible browsers continues to shrink. It's only a matter of time before it becomes impossible to access the https admin console. The possibility of turning off SSL and using HTTP is the epitome of "throwing the baby out with the bathwater". What are the possible paths to supporting newer version fo TLS? There's hasn't been an update to the firmware (4.1.16) for about 5 years[2]. If Netgear is going to support NV+ going forward we clearly need a new one. Is it possible a plugin could do this?
[2] https://kb.netgear.com/000038792/RAIDiator-Version-4-1-16-Sparc
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ReadyNAS NV+ and ssl
@bachrach44 wrote:
If Netgear is going to support NV+ going forward we clearly need a new one.
Let's start here. Netgear stopped selling the NV+ v1 in 2011, and issued the final firmware for it in 2017. They've made it quite clear that they are no longer supporting it.
@bachrach44 wrote:
Is it possible a plugin could do this?
Yes - if one could create the necessary sparc build environment, then one could create an add-on patch. @WhoCares_ did this for 4.2.x and 5.3.x systems (which have easier build environments), but not for 4.1.x.
Not clear that anyone is willing to take this on.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ReadyNAS NV+ and ssl
Work around by downloading an old browser and disabling updates.
https://ftp.mozilla.org/pub/firefox/releases/90.0b7/win64/en-US/
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ReadyNAS NV+ and ssl
@JulzB wrote:
Work around by downloading an old browser and disabling updates.
https://ftp.mozilla.org/pub/firefox/releases/90.0b7/win64/en-US/
More information on this is found here: https://community.netgear.com/t5/New-ReadyNAS-Users-General/Workaround-for-ERR-SSL-VERSION-OR-CIPHER...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: ReadyNAS NV+ and ssl
@bachrach44 wrote:The possibility of turning off SSL and using HTTP is the epitome of "throwing the baby out with the bathwater".
I can't imagine a business still relying on such an outdated product. So, assuming it's in your home, do you really think somebody is going to try and sniff your home network just to break into your NAS?
If you do, how many computers access the NAS and is a separate wired-only network an option?
But you are right that access will likely become more and more difficult as technology progresses. So, it's probably time for you to start looking at options for a replacement.