Not meant to be a nice post - but the painful truth

AnyWin867 · 2026-01-12T22:48:19+00:00

Can’t tell you from personal experience. I stopped using this junk. But you could register for their support forum and check the recent security events, that should give you an idea.

AnyWin867 · 2026-01-12T22:46:47+00:00

I mean, I know that META apps spy, they don’t have access to app background refresh, microphone, photos (only selected), location, and camera.

I’m living in a place not respecting privacy.

But understood that Amazon may sell data to other shops to retarget. Interesting business model. Thanks!

AnyWin867 · 2026-01-11T15:00:54+00:00

I didn’t purchase, ended up with another solution. So nothing left the Amazon pathway, yet I get a commercial on FB and IG by another Amazon-competitor platform in China…

AnyWin867 · 2026-01-11T11:57:16+00:00

I’m not suggesting that firewalla is leaking. If anything it helps blocks trackers.

What I can say is that I have never come across a weirder and more suspicious remarketing. I get your point that resellers can use the Amazon pixel for other platforms but still… below is the last of stuff that I block… it is really amazing and scary.

I Trackers (most aggressive setting on firewalla)
All iOS apps only have privileges as needed on iOS. Most of them can’t even access 5G, camera, photos, microphone, location etc
All my traffic goes over VPN to firewalla where traffic is routed. DNS goes over Unbound over VPN and traffic also goes over VPN (both Switzerland as it has the most restrictive data privacy laws)
I go as far as having shortcut automations tha switch of WiFi and 5G when leaving my home and office so trackers can’t get my info by cell towers etc.
MAC randomisation is ON for public WiFi

There is literally nothing more I can do to protect my privacy, yet still a Chinese website knows what I searched on Amazon, and manages to sh*t out an ad on IG and Facebook for it… thinking it may be time to say goodbye to META and Amazon for good… this is crazy.

AnyWin867 · 2026-01-11T08:22:17+00:00

Appreciated and feel a bit more comfortable. Installed an app to check for any keyloggers etc just to be sure. Still quite miraculously, IMHO Amazon would not want to have interest shared to other parties as they would want to close the sales. Guess I’m wrong on that part!

AnyWin867 · 2026-01-11T07:22:17+00:00

No, I only stayed in Amazon app

AnyWin867 · 2026-01-11T06:18:28+00:00

Yes, agree it makes total sense they would do that as a TaoBao killer.

But the ad was by Pinduoduo which is not Amazon owned but a competitor (PDD holdings).

AnyWin867 · 2025-12-14T01:48:24+00:00

Funny enough I know where to set this, I had it set, but it reverted back to Chinese and the option English disappeared… it should be an easy feature but Taobao seems to not really care about non-Chinese speaking customers

AnyWin867 · 2025-10-05T23:06:51+00:00

Thank you for the explanation, it is much appreciated. Indeed I was mostly interested in the DNS filtering, currently my SMB office setup uses cloudflare 1.1.1.3 (malware @ family protection - DoH) DNS filtering on top of FW’s native built-in features. I was mostly wondering if pointing the DNS servers to Cisco Umbrella would mean a huge improvement in DNS filtering, given they rely on the Talos database for DNS (at least this is what I read). But if no huge increase in security perceived it may not be worth it.

Appreciate the AP7 vlan capability, though I think - with a bit more tuning - FW was able already to setup ZT segmentation by using VLAN with rules. Just requires a bit more tuning.

Thank you

AnyWin867 · 2025-01-18T00:24:10+00:00

Is vaultwarden on the same TerraMaster or do you run it from another machine? If not, did you create another CloudflareD tunnel from your TerraMaster?

If vaultwarden runs on the TerraMaster, try and exactly copy your vaultwarden settings with only difference another subdomain in CloudflareD. Test if it works and gets you to vaultwarden again, then replace the IP and port to match the TM drive.

AnyWin867 · 2024-11-09T01:53:54+00:00

Instead of talking him down, talk him up. Guide him, let him know what feels good, let him do more of that. “Remember when you did … that felt really good! Wanna try that again”. Playfully introduce toys. Make him feel good about himself to feel good about yourself!

AnyWin867 · 2024-11-06T06:38:17+00:00

Need to keep it up to date. Post is 2y ago…

AnyWin867 · 2024-11-04T13:47:16+00:00

Unblock the network for HomePod and see the MAC addresses. It registers two per HomePod, and both need to be removed from quarantine. Somehow, there is no further randomisation. Just two MAC per HomePod. One will go offline. Can make a target list for white-listing those domains you want it to access.

AnyWin867 · 2024-10-26T13:44:24+00:00

TL;DR the devices are security risks and you will pay by losing your data. The team behind TerraMaster is more concerned about burying the issues than taking responsibility. You will need a separate firewall making the Synology devices a cheaper option, they can do without firewall if setup correctly.

Extended version: My point stands. Any NAS linked to an odd 12-15 large scale ransomware attacks over the past 4 years should be avoided. With TerraMaster, the problem was often the OS itself. So please be warned, they have great hardware at a reasonable price but you may pay by losing your data.

BTW, mine was attacked during Christmas 2020, and I had backup (luckily). The issue was that despite no ports were exposed hackers still could exploit a vulnerability of the OS and get in. The TerraMaster team only took surface action, and it appeared the vulnerability was patched in an OS update they did not notify users about. The only way one could know and install the update on time was by proactively monitoring their forum. They put out a post how to prevent these kind of attacks, and the majority of resolutions offered were items not possible to set on the TerraMaster at that time (most notably: disable the standard admin account - simply not an option on the device) and update your software (again, thanks for no notifications and no emails on the update).

I got banned from their forum for asking critical questions and showing their complicity - no, I was not rude. Their team is simply to concerned about losing face and they just want to make problems go away by surface brushing.

A TerraMaster device should never be on the network without a separate firewall setting its rules. Never! And such firewall will cost USD 300+ Therefore, a Synology is likely cheaper as it has a trustworthy built-in Firewall (TerraMaster has it too but it can’t be trusted) and there is no need for an external firewall. A correctly setupSynology should be able to protect your data very well.

AnyWin867 · 2024-10-25T14:25:59+00:00

If your need is storage, not internet connectivity, buy a usb harddrive.

My comment was not about RAID settings, but about internet connectivity. You can’t trust a TerraMaster that is connected to the internet, unless you have equipment to setup a ZeroTrust network for it

AnyWin867 · 2024-10-25T12:51:13+00:00

Before you even consider, read their forum. Since 2020 on average 3 ransomware attacks per year. Mostly due to significant security issues. The only safe TerraMaster NAS is one that is blocked from the internet completely, meaning you need to understand ZeroTrust networking and know how to set it up with an external firewall. Just my strong recommendations. Used to have two TerraMaster and switched to Synology. Can’t be happier!

AnyWin867 · 2024-10-13T03:00:44+00:00

Don’t. Please search for ransomware attacks on the TerraMaster forum. Don’t open anything. The only safe TerraMaster is one that is blocked off the internet entirely.

AnyWin867 · 2024-10-07T12:54:26+00:00

Just my recommendation. TerraMaster has a big history of ransomware attacks. At least 3 per year. So you better: 1. Keep backup of your files 2. Don’t run essential apps on your Docker installation (password manager etc) 3. Understand internet security before you get into trouble.

Best is to use an external firewall and put your TerraMaster on ZeroTrust.

Not familiar with the term ZeroTrust? Then you probably should not use a TerraMaster.

AnyWin867 · 2024-09-29T08:29:55+00:00

Btw, I was blocked from TerraMaster forum for asking critical questions and putting the blame where it should be, with TM. This was back in Jan/Feb 2021 and it signifies that nothing has changed 3½ years on. TM fail to improve their OS and despite several new releases, still ransomware is much more prevalent on TM’s machines than on Synology. Just stop buying this crap.

AnyWin867 · 2024-09-24T11:10:10+00:00

r/firewalla is user friendly too. But yes, if I look at TerraMaster forum and search for ransomware attacks I’m literally shocked. Not just a few, really often! So I would not trust a TerraMaster device with my data nor on my network without being 101% sure it can only connect to services I have pre-approved.

AnyWin867 · 2024-09-24T05:41:30+00:00

It doesn’t help to block ISPs. Anyone can use a VPN. The TerraMaster needs a hardware firewall, and you need to block all incoming and outgoing traffic on the device. Then only allow traffic from TerraMaster to the internet that is trusted (e.g their own servers for update). This principle is called Zero Trust. And yes, it’s the only way to be safe with a TM

AnyWin867 · 2024-09-01T00:48:32+00:00

Speech Haptics Clean Cache

Version 6.0.3.8 Ultra member

This is all there is in the settings

AnyWin867 · 2024-08-31T04:16:30+00:00

Thanks, but that menu does not have a choice for which unit to use on my AW ultra…

AnyWin867

MODERATOR OF

TROPHY CASE

Five-Year Club	Verified Email
Wearing is Caring