If you’ve been reading PCWorld Norway (you know you have) or scouring our own reports on the same subject, you know that many Internet devices such as routers and NAS boxes leave their data disturbingly easy to access. One of the most recent examples comes courtesy of the OpenVPN module in Synology’s 4.3-3810 update to its DiskStation Manager operating system.
A hardcoded password in said module makes the devices very easy to invade. Fortunately, Synology has released version 5 5.0-4458 already, but if you haven’t updated, do so now. Or update the VPN module in the package center. Or stick with the PPTP and L2TP/IPSec protocols. Our VPN guide by Eric Geier could help, too.