General > General Technical Chat

Replacement NAS

<< < (7/9) > >>

Halcyon:

--- Quote from: unseenninja on April 15, 2024, 10:14:12 am ---Most people experience bit flips as random blue screens of death and put it down to micros~1's software quality.

--- End quote ---

To be fair, usually when things fuck up, it's usually Microsoft's fault. I've been chasing weird and wonderful issues for weeks.

NiHaoMike:

--- Quote from: nctnico on April 15, 2024, 07:51:54 am ---Sorry, but this remark makes zero sense. A NAS is a device you physically own and have access to. Unless the hard drive(s) fail(s) or you lose the password, there is no way you can get locked out of your data even if the vendor ceases to exist. It is not cloud storage!
--- End quote ---
https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-92-000-d-link-nas-devices-now-exploited-in-attacks/
With a standard PC running an open source server distro, all you have to do is update it. With a lot of proprietary ARM systems, you're stuck with the vendor continuing support.

--- Quote --- And in case a NAS does fail, you just buy another one and restore the data from another backup.

--- End quote ---
If you're trying to get back the data that has changed since the last run of next level backup, having to buy another NAS from the same vendor is pretty much the definition of ransomware.

--- Quote ---99% of the NAS devices runs Linux anyway so the chance you can't access the hard drive from a Linux computer is next to zero.
--- End quote ---
Unless it uses some proprietary RAID to support "advanced features". Hence the reason to do some research to make sure a tool to read off the array with a standard PC exists.

--- Quote from: unseenninja on April 15, 2024, 10:14:12 am ---If it wasn't for Intel insisting that ECC DRAM was an "enterprise feature" and making it impossible or unnecessarily costly to implement for consumer CPUs, it would be used in every PC.

A random bit flip caused by a cosmic ray is not the stuff of legends, they really do happen. As the size of each individual bit in a memory chip gets smaller and smaller, the chance that a bit flip might happen increases. Most people experience bit flips as random blue screens of death and put it down to micros~1's software quality. A bit flip which corrupts data in memory before ZFS has checksummed it and written it to disk will never be detected until you discover that the file in question is corrupted. The original authors of ZFS say you should use ECC DRAM. Those guys know what they are talking about.

My TrueNAS has ECC DRAM and I wouldn't even think of building one without it. I also based it on an AMD CPU for this generation of the hardware as I didn't want to pay Intel's premium for something which is an essential feature.


--- End quote ---
I read somewhere that ECC is a standard feature of DDR5, has there been any independent verification that's actually the case for all DDR5?

nctnico:

--- Quote from: Halcyon on April 15, 2024, 11:28:25 am ---
--- Quote from: unseenninja on April 15, 2024, 10:14:12 am ---Most people experience bit flips as random blue screens of death and put it down to micros~1's software quality.

--- End quote ---

To be fair, usually when things fuck up, it's usually Microsoft's fault. I've been chasing weird and wonderful issues for weeks.

--- End quote ---
I disagree. I have quite a bit of background in supplying reliable PCs (and making PCs reliable) and in my experience most of the problems in PCs are due to crappy hardware and / or drivers. Windows will run well for prolonged periods of time on good quality hardware.

nctnico:

--- Quote from: NiHaoMike on April 15, 2024, 12:27:22 pm ---
--- Quote from: nctnico on April 15, 2024, 07:51:54 am ---Sorry, but this remark makes zero sense. A NAS is a device you physically own and have access to. Unless the hard drive(s) fail(s) or you lose the password, there is no way you can get locked out of your data even if the vendor ceases to exist. It is not cloud storage!
--- End quote ---
https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-92-000-d-link-nas-devices-now-exploited-in-attacks/

--- End quote ---
But who is crazy enough to put a NAS on internet? I mean that in itself is a big no. And chances are there will be more security issues with your self build PC based NAS compared to an off-the-shelve product which should have a minimal attack surface to begin with. IF you need remote access to a NAS, do this via a VPN router / VPN client.

David Hess:

--- Quote from: NiHaoMike on April 15, 2024, 12:27:22 pm ---If it wasn't for Intel insisting that ECC DRAM was an "enterprise feature" and making it impossible or unnecessarily costly to implement for consumer CPUs, it would be used in every PC.
--- End quote ---

The real cost is in system validation with the BIOS and operating system.  At least AMD allows it even if unsupported in most cases.  Unfortunately for whatever reason, AMD disables ECC on their CPUs that have built in graphics, at least up until recently, except for the Pro versions which are not generally available.  When I built my little server, I could have bought a Pro CPU from the Chinese grey market, but the increased cost was about the same as a cheap graphics card for a server which normally has no monitor, so I did that.


--- Quote ---As the size of each individual bit in a memory chip gets smaller and smaller, the chance that a bit flip might happen increases.
--- End quote ---

Whether a bit is affected depends on the density of the charge rather than the amount.  The ionizing radiation strike distributes charge across a large volume, so if the bits are physically smaller, they pick up less charge.  DRAM designs have improved density by storing equal or slightly less charge in smaller volumes, so the charge density goes up for each bit and it become less susceptible.  In practice the result has been that radiation susceptibility leveled off several DRAM generations ago for a given amount of RAM, but of course system memory requirements still increased so systems do become more vulnerable, just not nearly as much as originally expected.


--- Quote ---My TrueNAS has ECC DRAM and I wouldn't even think of building one without it. I also based it on an AMD CPU for this generation of the hardware as I didn't want to pay Intel's premium for something which is an essential feature.
--- End quote ---

The last Intel system I built for myself with ECC was a Pentium 4, which I still have.  Everything since has been AMD because of better ECC support.  I tried figuring out what I needed to build an Intel ECC system a couple years ago when I built my Ryzen workstation, and it was too complicated and questionable, and the Intel system would have doubled the cost of the motherboard.  High AMD motherboard prices became reasonable compared to even higher Intel motherboard prices.


--- Quote ---I read somewhere that ECC is a standard feature of DDR5, has there been any independent verification that's actually the case for all DDR5?
--- End quote ---

It is, and it is not.  All DDR5 uses ECC internally to provide a limited amount of protection, but errors are only corrected when data is read out, and no scrubbing takes place.  This has to be the case because scrubbing every time that a row is opened would cost too much power.  How often rows can be opened is already limited by power concerns.

Normal DDR5 implements two 32-bit memory channels per DIMM, but ECC DDR5 implements two 40-bit memory channels per DIMM, which has nothing to do with the internal ECC protection.  I assume this means the chips will be 8-bits wide so one channel takes either 4 or 5 chips, and a single rank DIMM will use 8 or 10 chips.


--- Quote from: nctnico on April 15, 2024, 01:02:35 pm ---But who is crazy enough to put a NAS on internet? I mean that in itself is a big no. And chances are there will be more security issues with your self build PC based NAS compared to an off-the-shelve product which should have a minimal attack surface to begin with. IF you need remote access to a NAS, do this via a VPN router / VPN client.
--- End quote ---

Some people are dumb, inexperienced, or desperate enough to expose the Remote Desktop Protocol or SMB port so that they can reach their system remotely.  A VPN is definitely the way to go, and is what I have always done in the past.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

There was an error while thanking
Thanking...
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod