How NSA access was built into Windows

By +Mirumir
in It's a Conspiracy!

 Share

Recommended Posts

Grand Master

HawkMan

Posted
Posted

then you turn on UPnP or IPv6 and your theory breaks :)

 

there's a few other targeted attacks that would break it to. granted an attack using UPnP would mostly need to be targeted anyway, or it would first need to bomb the router to find what ports are open which in many routers would block it anyway, and even if it finds an open port it would need an attack vector on that port. so UPnP isn't really a problem.

Mentor

JonnyLH

Posted
Posted

then you turn on UPnP or IPv6 and your theory breaks :)

 

there's a few other targeted attacks that would break it to. granted an attack using UPnP would mostly need to be targeted anyway, or it would first need to bomb the router to find what ports are open which in many routers would block it anyway, and even if it finds an open port it would need an attack vector on that port. so UPnP isn't really a problem.

UPnP is initialized by the client which sends a packet to the router letting it know about its intentions. This lets the router know that if it receives traffic for a certain protocol, send it to this machine or that machine. Its just an automated port-forwarding protocol.

 

IPv6 gives everyone a public address. Completely different to the subject matter. IPv6 allows the internet be what it was designed to be, an all connected network. That invalidates all my statements regarding NAT because every client is directly reachable and NAT isn't existing on those networks. Although, there's very few ISP's which actually provide CPE's which are IPv6 and IPv4 supporting, let alone give them both an address. Your probably looking at 20~ years before IPv6 becomes the norm. Especially when more providers are investing in CG-NAT rather than a correct IPv6 deployment.

Veteran

+DonC Subscriber²

Posted
  • Subscriber²
Posted

You know, the original article was about the NSA and a supposed back door in Windows.  NAT is a side issue.  How about you consider the scenario of a Starbucks or Internet caf? with free WI-FI instead.

 

Even though I was taken for a ride by the purpose of NSAKEY in my post on page 1, the rest of my post stands IMHO.  You'd have to have no understanding of the technicalities of Windows to think that the details as posted would give secret remote access.

Grand Master

HawkMan

Posted
Posted

UPnP is initialized by the client which sends a packet to the router letting it know about its intentions. This lets the router know that if it receives traffic for a certain protocol, send it to this machine or that machine. Its just an automated port-forwarding protocol.

 

IPv6 gives everyone a public address. Completely different to the subject matter. IPv6 allows the internet be what it was designed to be, an all connected network. That invalidates all my statements regarding NAT because every client is directly reachable and NAT isn't existing on those networks. Although, there's very few ISP's which actually provide CPE's which are IPv6 and IPv4 supporting, let alone give them both an address. Your probably looking at 20~ years before IPv6 becomes the norm. Especially when more providers are investing in CG-NAT rather than a correct IPv6 deployment.

UPnP opens the port, it doesn't care about the data outside of UDP and TCP. 

 

Problem with IPv6, is while it restores the internet to what it's supposed to be, a lot of tech wannabes don't understand the implication of it, and the tech idiots don't understand it anyway and their ISP never tells them, granted that category of users will have their windows or internet security firewall on anyway. 

You know, the original article was about the NSA and a supposed back door in Windows.  NAT is a side issue.  How about you consider the scenario of a Starbucks or Internet caf? with free WI-FI instead.

 

Even though I was taken for a ride by the purpose of NSAKEY in my post on page 1, the rest of my post stands IMHO.  You'd have to have no understanding of the technicalities of Windows to think that the details as posted would give secret remote access.

 

 

You have to understand that these articles are made for two kinds of people. The techies who are also paranoid conspiracy theorists who will ignore all their tech knowledge if there's a conspiracy theory they can apply instead. and then there's the tech idiots, also known as regular people, who just don't know better and think tech conspiracy nut journalists who don't know anything about the tech they're writing about are more trustworthy than their actual tech specialists locally. 

Mentor

thomastmc

Posted
Posted

Still haven't gave any evidence to prove me wrong. I never said your sources were wrong, just over explaining a simple fact.

 

So, could you please explain how it is impossible to hijack a connection and/or relay a spoofed malicious packet to a member of the internal network relying on NAT alone?

Grand Master

HawkMan

Posted
Posted

So, could you please explain how it is impossible to hijack a connection and/or relay a spoofed malicious packet to a member of the internal network relying on NAT alone?

 

 

That would be what I referred to as a targeted attack earlier. it's "nearly" impossible to defend yourself against a targeted attack by a dedicated and skilled hacker with enough time, with consumer grade equipment. 

Mentor

thomastmc

Posted
Posted

That would be what I referred to as a targeted attack earlier. it's "nearly" impossible to defend yourself against a targeted attack by a dedicated and skilled hacker with enough time, with consumer grade equipment. 

 

I absolutely agree. I've always heard from friends I trust on security that nothing is truly secure, it's just degrees of difficulty. I would also assume that the NSA is capable of the greatest degree of difficulty possible.

 

It's my contention as well that the operative mechanism in defending against any sophisticated attack would be the firewall, intrusion detection, etc., not the NAT.

Veteran

+DonC Subscriber²

Posted
  • Subscriber²
Posted

NAT is not a security measure. A good summary of why NAT is a bad idea, including the security issues, is given in RFC 4966: "Reasons to Move the Network Address Translator - Protocol Translator (NAT-PT) to Historic Status."

 

http://www.ietf.org/rfc/rfc4966.txt

Proficient

nullie

Posted
Posted

This NSAKEY thing was all over the place when it was discovered. Turns out, it doesn't actually mean what OP says it means.

there's only a few things that it could actually do. and plus, I am sure the NSA has access to the WIndows source code and kernel directly. knowing them, they have deals with Intel and AMD to have debug access on the CPUs which would allow them to bypass any protection mechasnism or code isolation on a computer, giving them super root access regardless of OS settings. there is no limit to how far the NSA goes with this, asking and getting backdoors into things.

 

but what proof do you have that the NSA key's don't give access to decryption and password cracking capabilities? if all the NSA wanted was to protect their own systems or network, they could install their own keys on the side like everyone else. this is definitely backdoor access type **** into how Windows handles encryption.

 

you know, it's possible that there can be more than one key that can decrypt a certain crypto; possible that Windows has built in backdoors like this for the NSA. like I said, they also think OpenSSL has backdoors like this. that no one knows if the code is secure or not because it's impossible to tell.

Grand Master

HawkMan

Posted
Posted

there's only a few things that it could actually do. and plus, I am sure the NSA has access to the WIndows source code and kernel directly. knowing them, they have deals with Intel and AMD to have debug access on the CPUs which would allow them to bypass any protection mechasnism or code isolation on a computer, giving them super root access regardless of OS settings. there is no limit to how far the NSA goes with this, asking and getting backdoors into things.

 

but what proof do you have that the NSA key's don't give access to decryption and password cracking capabilities? if all the NSA wanted was to protect their own systems or network, they could install their own keys on the side like everyone else. this is definitely backdoor access type **** into how Windows handles encryption.

 

you know, it's possible that there can be more than one key that can decrypt a certain crypto; possible that Windows has built in backdoors like this for the NSA. like I said, they also think OpenSSL has backdoors like this. that no one knows if the code is secure or not because it's impossible to tell.

 

There would be a lot less conspiracy theorists if they had some basic knowledge of how technology works. 

 

As for the next paragraph, read up on what te NSAKey actually is, please, and how useless an encryption key would be if it was stored like that. exactly what purpose do you think an encryption key would have stored in the registry ? 

Proficient

nullie

Posted
Posted

There would be a lot less conspiracy theorists if they had some basic knowledge of how technology works. 

yeah did you see the AMD cpu that the hackers had cracked the debug password to a few years ago? the password was passed to the CPU and gave the hacker ability to execute any code they wanted above the operating system. these types of backdoors are built into every CPU..

 

http://news.techeye.net/security/hackable-debug-mode-found-in-amd-cpus

 

looks like there's also a whole bunch of hidden CPUs features there that the NSA can unlock - basically run software on AMD CPUs in stealth rootkit mode with god ability. No one ever linked it to the NSA, but you know why that's there. Intel's CPUs have not been cracked by the public, so the elusive features remain for top secret clearance users only, so far.

 

 

 

As for the next paragraph, read up on what te NSAKey actually is, please, and how useless an encryption key would be if it was stored like that. exactly what purpose do you think an encryption key would have stored in the registry ? 

I have already read up enough about that. thanks, and yeah it sounds like a backdoor into Windows giving them the ability to reverse engineer, decrypt things easier, and hide things that the user would have no control over.

Grand Master

Noir Angel

Posted
Posted

Backdoors into our computers would be useless anyway, unless they had a court order to place you under surveillance any data collected via such covert means would be completely inadmissible in law in most Western countries.

Grand Master

HawkMan

Posted
Posted

yeah did you see the AMD cpu that the hackers had cracked the debug password to a few years ago? the password was passed to the CPU and gave the hacker ability to execute any code they wanted above the operating system. these types of backdoors are built into every CPU..

 

http://news.techeye.net/security/hackable-debug-mode-found-in-amd-cpus

 

looks like there's also a whole bunch of hidden CPUs features there that the NSA can unlock - basically run software on AMD CPUs in stealth rootkit mode with god ability. No one ever linked it to the NSA, but you know why that's there. Intel's CPUs have not been cracked by the public, so the elusive features remain for top secret clearance users only, so far.

 

 

 

I have already read up enough about that. thanks, and yeah it sounds like a backdoor into Windows giving them the ability to reverse engineer, decrypt things easier, and hide things that the user would have no control over.

:rolleyes:

 

 

and really, a registry key is a bacdoor into windows ? would you PLEASE explain that one... if there was a backdoor it would be hidden in the code, and there wouldn't be a visible key in the registry where it serves absolutely no purpose. 

 

Also you obviously didn't understand a single thing that was said in the article you quoted, since NOTHING there had anything to do with your wild conspiracy claims. 

Proficient

nullie

Posted
Posted

Backdoors into our computers would be useless anyway, unless they had a court order to place you under surveillance any data collected via such covert means would be completely inadmissible in law in most Western countries.

lol. you think the NSA cares about what the court system says about this? they specialize in black ops dude, warrantless tapping and monitoring that is done without judicial involvement. the information being gathered is done in secret, without court consent most of the time. the CIA uses it, the NSA, DoD, FBI.. and you know, they get away with it because often times it leads to nothing big. it is sometimes used in courts, and the way they get by with that is by keeping it secret from the court and public defenders how they obtained the information. it's all done under the guise of "national security". you don't have any idea how hard it would be to prove how they really obtained information on you man, you have no protections court or constitutional provided that are actually honored by any government agents.

:rolleyes:

 

 

and really, a registry key is a bacdoor into windows ? would you PLEASE explain that one... if there was a backdoor it would be hidden in the code, and there wouldn't be a visible key in the registry where it serves absolutely no purpose. 

I was under the understanding this NSAKey was hidden in the DLL, only discoverable after a hacker reverse engineered and decompiled the code.

 

is this NSAKey in the registry of every system now? it would only be one component to crypto. one part of a key that allows them greater access to how the cryptography services in Windows worked. it could allow them to decrypt anything they wanted without effort. you know, at least Windows encrypted stuff. and the running of signed code with higher security clearances and methods to bypass Windows security. that's what it does. so what are you talking about? why are you dismissing this?

Grand Master

Noir Angel

Posted
Posted

Even the worst lawyers in the world know about inadmissable evidence, I'd like to see how the hell you think they would sneak it into trials on such a massive scale with nobody noticing.

Grand Master

HawkMan

Posted
Posted

I was under the understanding this NSAKey was hidden in the DLL, only discoverable after a hacker reverse engineered and decompiled the code.

 

is this NSAKey in the registry of every system now? it would only be one component to crypto. one part of a key that allows them greater access to how the cryptography services in Windows worked. it could allow them to decrypt anything they wanted without effort. you know, at least Windows encrypted stuff. and the running of signed code with higher security clearances and methods to bypass Windows security. that's what it does. so what are you talking about? why are you dismissing this?

 

It's in the registry of every windows after Windows95, and has nothing to do with the NSA, again, read up on what it ACTUALLY does instead of making up conspiracy theories in your head based on a variable name. 

 

the rest of your post again, shows a complete lack of understanding how cryptography works, just like your knowledge of how CPU's work. 

Even the worst lawyers in the world know about inadmissable evidence, I'd like to see how the hell you think they would sneak it into trials on such a massive scale with nobody noticing.

 

secret police, and black abduction teams and silent assasinations, and such of course. what did you think ? 

Proficient

nullie

Posted
Posted

Even the worst lawyers in the world know about inadmissable evidence, I'd like to see how the hell you think they would sneak it into trials on such a massive scale with nobody noticing.

like the NSA and DA did recently. they falsified the information on how they obtained the evidence. there's a story about it right here:

 

http://yro.slashdot.org/story/13/06/19/0326244/nsas-role-in-terror-cases-concealed-from-defense-lawyers

 

they merely don't have to disclose the truth on how evidence was obtained, or who provided it. and they make up information to include it, fabricating information about the who, what, and where. they might use the information to generate false password and dictionary attacks for example, suddenly "breaking in" at the opportune time, when they really used other resources to crack and break in. they never have any obligation to disclose their real methods of operation.

 

and you might be right that most of the time the NSA has no reason to want to provide this information for use in the court systems. they wouldn't want to risk disclosing that they were actually in your system or spying on you in some way. this is being done all the time, and it's done just to invade your privacy and rights, they would rather keep tabs on you without risk of exposure and get you in other ways if they have to.

the rest of your post again, shows a complete lack of understanding how cryptography works, just like your knowledge of how CPU's work. 

well I have no examples to show anything else. I think you're the one who's clueless. this is pretty comprehensive. and it's you who has no clue on anything. you're stuck in a fantasy world here. the article on the AMD password thing is already out there; there are passwords and debug features on every CPU that grants backdoor super user access, for running additional code, above the operating system. this lets them modify code in execution, run rootkits, and more, all above detection of the operating system or user level applications. read up some more about it, follow the links to the other articles if you must.

Grand Master

Noir Angel

Posted
Posted

If evidence comes from a spotty source it will be ruled as inadmissible. I really don't think the NSA are as smart as you seem to think they are, the thing about IT geeks is that there are plenty about that are just as smart as the people the government employs and if they smell a rat they would say so.

Proficient

nullie

Posted
Posted

If evidence comes from a spotty source it will be ruled as inadmissible. I really don't think the NSA are as smart as you seem to think they are, the thing about IT geeks is that there are plenty about that are just as smart as the people the government employs and if they smell a rat they would say so.

it didn't in that case man. and honestly, you have no idea how to tell or prove it came from a spotty source. the system isn't as clean as you think it is, and you gotta have proof man. it's not like you're the NSA or FBI agents or DA doing all this stuff. the court has faith in these people, and as a defendant, you can't just make a claim that this evidence was somehow discovered improperly or without a warrant, unless it's some easy case where they broke into your house or something obviously when no warrant was provided. these types of defenses to have evidence dismissed or found inadmissible only work when they don't cover their tracks man. they may very well use these covert spy techniques or illegal means to crack or gain access to something, and then use that to pursue a warrant, and include that information they gained illegally down the line without in fact saying how or where it was originally obtained. it might just be used to "legitimately" conduct the investigation afterwards. you're a fool to think this isn't how it gets done.

 

face it, you have no legitimate protection out there.

Grand Master

Noir Angel

Posted
Posted

You don't have to prove that it came from a spotty source, the legal system has to provide a chain of information that proves it's legitimate. Juries are made up of normal people not government spies so the argument that illegally obtained evidence would just slip by en masse just doesn't hold any water.

Grand Master

HawkMan

Posted
Posted

well I have no examples to show anything else. I think you're the one who's clueless. this is pretty comprehensive. and it's you who has no clue on anything. you're stuck in a fantasy world here. the article on the AMD password thing is already out there; there are passwords and debug features on every CPU that grants backdoor super user access, for running additional code, above the operating system. this lets them modify code in execution, run rootkits, and more, all above detection of the operating system or user level applications. read up some more about it, follow the links to the other articles if you must.

 

Would you please read that article and understan it and see that it has NOTHING in relation to your wild claims, and it has nothing to do with backdoor access or anything. seriously, it's like you read it but something completely else that what it actually says is what you actually read. 

 

it's a maintenance mode, and you have to hack the damn cpu to activate it, and it doesn't run in normal mode bu allows you to modify the cpu to oveclock it and such. It's not a backdoor tool.

 

but this is pointless, I can see arguing common sense and that the man isn't out to get you with you is as pointless as arguing religion with a christian evangelist. 

Proficient

nullie

Posted
Posted

You don't have to prove that it came from a spotty source, the legal system has to provide a chain of information that proves it's legitimate. Juries are made up of normal people not government spies so the argument that illegally obtained evidence would just slip by en masse just doesn't hold any water.

tell me when that works for you. juries are clueless noobs who believe like 73% of them that the government is doing them a favor by spying on everybody. so if their opinion is different from yours, your screwed man. you would have to have some extremely overwhelming evidence in your favor to support any illegal activity occurred in your case. there's also a good chance that most courts wouldn't even let you make the argument to the juries about this type of crap. they would sensor you and restrict your argument to directly talking about the alleged acts you committed. sure you could deny it, and say it happened another way, but the jury is free to not care, the judge can say you can't introduce evidence to support yourself, and in the end, even when everything is legit, nothing gets proven and the jury and judge doesn't care about any of your crazy claims that this was done illegitimately. no. most defense attorney's also aren't looking to expose government corruption or abuse, so you're likely to just get ****ed. our system is garbage dude, no protection at all, and no extensive review to determine how evidence was obtained, or to investigate any of your claims is usually ever made, and it doesn't just happen automatically.

Proficient

nullie

Posted
Posted

Would you please read that article and understan it and see that it has NOTHING in relation to your wild claims, and it has nothing to do with backdoor access or anything. seriously, it's like you read it but something completely else that what it actually says is what you actually read. 

 

it's a maintenance mode, and you have to hack the damn cpu to activate it, and it doesn't run in normal mode bu allows you to modify the cpu to oveclock it and such. It's not a backdoor tool.

 

but this is pointless, I can see arguing common sense and that the man isn't out to get you with you is as pointless as arguing religion with a christian evangelist. 

I read the article years ago. it allows them to fully bypass any of the normal security features in the CPU. for example, memory isolation, which is a protection the OS provides to prevent "limited users" from accessing certain parts of memory and hardware. they can modify anything in memory in debug mode, access additional registers, and basically run anything they want on your system.

 

it has nothing to do with overclocking or anything else. you're pretty much unknowledgeable about anything like this. if you were a programmer you'd also understand what this could be used for, but right now you're completely talking out your ass.

 

http://hardware.slashdot.org/story/10/11/12/047243/hidden-debug-mode-found-in-amd-processors

 

here's an example of it's use:

 

limited mode software sets a register with a certain password

limited mode software suddenly can execute code in debug mode, without hardware or software level security restrictions.

limited mode software can read/write to any part of memory, giving it access to sensitive data in the operating system and has admin access without the operating systems knowledge

limited mode software has complete stealth ability if it decides to do something it wants

 

boom. whatever the software is designed to do at this point, it has admin access without having admin access. there are other articles about this out there.

 

there are many features on the CPU which are locked down but made available in debug mode. it is backdoor access to your hardware and software, or allows a lot of special things to happen and be done that cannot normally be done on an x86 CPU.

Mentor

JonnyLH

Posted
Posted

So, could you please explain how it is impossible to hijack a connection and/or relay a spoofed malicious packet to a member of the internal network relying on NAT alone?

 

By the attacks you've been posting about here. I've never said the NAT attacks which you've posted aren't possible or hard even, they're easy attacks. I could upload malicious code on a website and be able to open ports to an internal machine quite easily.

 

There's the NAT Pinning attack which you described. It's essentially some Javascript which just literally calls a URL with a port defined. Once this has been done, the router knows that, that port means that machine so you can send packets against that port and that public IP address and you know it's hitting that internal machine which sent the request.

 

Another way would be to exploit UPnP using a virus or some other malicious code. This would be way more dangerous. You could build software that would periodically make calls out, so you can call it. You could push UPnP requests to open any port and exploit any protocol. There's some very scarey things you can do with some protocols. For example, I'm pretty sure its RDP or another remote desktop protocol which allows a reverse calls. For example, I tell you to connect to me. So control can be gained without your knowledge.

 

Those attacks to be honest, are quite easy to do, especially if you own a website. In the terms of this post and the way NSA would need the backdoor, NAT makes it completely unfeasible because the backdoor is waiting for the connection. The back door isn't prompting for a connection. Without this there is no way to talk to an internal host. Every consumer CPE or even big routers (I've tested this on a Juniper MX960, they're the bees knees of routers) drop packets incoming with a NAT when it hasn't got an entry on the NAT translation table. If a packet is dropped, there's nothing you can do about it.

 

That would be what I referred to as a targeted attack earlier. it's "nearly" impossible to defend yourself against a targeted attack by a dedicated and skilled hacker with enough time, with consumer grade equipment. 

 

You're right, there's attacks for most things. Look at ARP attacks for large networks, they're scary. For example inside my University network I could point the whole network to use a server I setup with just a clone facebook login page to get everyone's details but when you log-in it restores to the original site. I wouldn't have a clue myself if I was generally browsing. You even can do it without breaking SSL, scary or what?

 

I absolutely agree. I've always heard from friends I trust on security that nothing is truly secure, it's just degrees of difficulty. I would also assume that the NSA is capable of the greatest degree of difficulty possible.

 

It's my contention as well that the operative mechanism in defending against any sophisticated attack would be the firewall, intrusion detection, etc., not the NAT.

 

Hardly anything is secure, but it the terms of what the NSA would need its not feasible unless the backdoor made the connection first.

 

NAT is not a security measure. A good summary of why NAT is a bad idea, including the security issues, is given in RFC 4966: "Reasons to Move the Network Address Translator - Protocol Translator (NAT-PT) to Historic Status."

 

http://www.ietf.org/rfc/rfc4966.txt

 

Thats 100% right, its a common misconception that NAT was designed as a security feature as well as a IP saving mechanism. Although with how NAT technically works, it provides some security features which are quite good to the average consumer. 

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Ubuntu Livepatch arrives on Arm64 to eliminate system reboots for kernel updates

      By BergischNRW · Posted

      Nice to see! Especially now with Arm64 VMs getting more popular and sometimes even cheaper than traditional x86 ones in datacenters.
    • Politically funny images of the World

      By +Nik Louch · Posted

      I never said they weren’t, I said I don’t care. Do keep up…
    • TerraMaster F2-425 Pro review: a low-powered Intel NAS that ships with AI (OpenClaw)

      By Steven P. · Posted

      TerraMaster F2-425 Pro review: a low-powered Intel NAS that ships with AI (OpenClaw) by Steven Parker It has been a while since I reviewed a TerraMaster NAS, but the company reached out to me asking if I was willing to test the F4-425 Pro, which goes on sale today. It is an upgrade on the F4-425 Plus, which I reviewed back in October 2025 What you need to know is that it basically follows the design principles of the four-bay F4-425 series, with its all-metal exterior. Here are the most important specifications: TerraMaster F4-425 Pro CPU Intel Core N350 (8x E Cores/Threads, Max burst up to 3.9 GHz) Intel Core N305 (4x E Cores/Threads, Max burst up to 3.8 GHz) TDP: 7W / 9W (Base) Graphics Intel UHD Graphics 32 EUs (1.35 GHz) Intel UHD Graphics 24 EUs (1.25 GHz) Memory 1x slot 16 GB DDR5 4800MT/s non ECC SODIMM (Max 32 GB) 1x slot 8 GB DDR5 4800MT/s non ECC SODIMM (Max 32 GB) Disk Capacity 120 TB (30 TB x 4) Supported RAID Types TRAID, TRAID +, RAID0, RAID1, RAID5, RAID 6, RAID 10 Network 2x RJ-45 5 GbE Internal storage 3x M.2 2280 NVMe Slot (PCIe 3.0 x1) Bootloader 2Gbit 256 GB NAND Flash card (MX30LF2G28AD) USB port (internal) USB Ports 1x Type-C 3.2 Gen 2 (10Gbps) 3x Type-A 3.2 Gen 2 (10Gbps) HDMI 1x (HDMI) Hardware Transcoding Engine H.264, H.265, MPEG-4, VC-1 Maximum resolution: 4K (4096 x 2160); Maximum FPS: 60 Size (H/W/D) 219 x 181 x 150 mm Weight 2.9 kg System Fan 150 x181 x 219 mm Power 90W, 100V - 240V AC, 50/60 Hz, Single frequency Power consumption (HDDs) 45W (4x 4TB ST4000VN008 in read/write state) 14W (4x 4TB ST4000VN008 in hibernation) Noise Level: 20.9 dB(A) Using 4 SATA HDDs/SSDs in standby mode; Test environment noise: 17.3dB(A); Test distance: 1m Warranty 2 Years OS TOS 7.0.0706 (Beta) MSRP £639.99, $699.99, €739.99 / £739.99, $799.99, €839.99 As you can see above, there are two variants of the F4-425 Pro releasing today. The lesser variant has the slightly weaker N305 CPU and iGP, and 8 GB less RAM, although it also costs $100 less than the top variant we are testing today. In addition, these new F4-425 Pros are shipped with the as-yet-unreleased TOS 7 beta. So what is TOS 7 exactly? During the device initialization, you are warned not to use it in a production environment, which we'll get into later. My contact told me that TOS 7 exits beta today, June 23. The clear difference with the F4-425 Plus is that it contains the more powerful N350 Intel CPU released in the first quarter of 2025, with support for DisplayPort 1.4, HDMI 2.1, LPDDR5 (4800), DDR5 and DDR4, and a max TDP of just 7W. It also supports AV1 decoding, as well as H.264, VP8, VP9, H.265 (8 bit), and H.265 (10 bit). The different capabilities in the Alder Lake-N (and Twin Lake) series are listed below. Processor E-cores L3-cache Turbo clock GPU GPU-clock TDP Intel N355 8 6 MB 3.9 GHz 32 EUs 1.35 GHz 9 W Intel Core 3 N350 3.9 GHz 1.35 GHz 7 W Intel Core i3-N305 3.8 GHz 1.25 GHz 9 W Intel Core i3-N300 3.8 GHz 1.25 GHz Intel N250 4 3.8 GHz 1.25 GHz 6 W Intel Processor N200 3.7 GHz 0.75 GHz Intel N150 3.6 GHz 24 EUs 1 GHz Intel N97 1.2 GHz 12 W Intel Processor N100 3.4 GHz 0.75 GHz 6 W The CPU is part of the Alder Lake-N series that sits just below the top N355 offering, albeit with an impressive TDP (less than the N355 and N305) for the features it offers. It is designed for low- powered systems and entry-level laptops. As before, we are seeing another NAS with an acceptable, if not great, amount of RAM. It should be noted that the F4-425 Pro only has one SODIMM slot, so if you are planning to upgrade the already 16GB included in this NAS, it will have to be on one module of Single Rank DDR5. As a reminder, up until a couple of years ago, it was commonplace to only get 2 or 4GB max on a flagship Synology or QNAP home NAS. Ever since the likes of TerraMaster and more have entered the market with ample RAM sizes included in their NAS offerings, it has gone a long way in forcing the hands of the traditional makers to up their game a bit. Before we dive in, you can view the different SKUs released so far since the 2025 series launched for Home and SMB users, with the most important specifications listed along with the MSRP listed below: SKU CPU Cores Memory Link Price F2-425 Intel N5095 4 4 GB DDR4 2.5 GbE x1 $249.99 F4-425 Intel N5095 4 4 GB DDR4 2.5 GbE x1 $369.99 F2-425 Plus Intel Core N150 4 8 GB DDR5 5 GbE x 2 $399.99 F4-425 Plus Intel Core N150 4 16 GB DDR5 5 GbE x 2 $569.99 F4-425 Pro Intel Core N305 8 8 GB DDR5 5 GbE x 2 $699.99 F4-425 Pro Intel Core N350 8 16 GB DDR5 5 GbE x 2 $799.99 The F2 in the product name means two 3.5-inch HDD bays, where F4 is four 2.5-inch bays. First impressions Like with the F8 SSD Plus packaging, the F4-425 Pro is using the upgraded box materials, which certainly look better than a plain cream colored box with TERRAMASTER stamped on the sides. The box gives off a premium feel and certainly adds a positive vibe to first impressions. In the box F4-425 Pro TNAS device Power adapter LAN cable (CAT 6) Quick guide [full online guide] Limited warranty notice Screws (for HDD bays) Stickers 2x rubber feet (spares) Design As has become kind of common with TerraMaster, certainly in the last three years, the 2025 F2- and F4-series have received a makeover that really adds to the premium feel of the NAS. Gone are the plastic shells, now replaced with an aluminum outer shell, with the front and back retaining the textured black plastic we saw on the 2024 models. Some key differences from the 2024 series include placing the power button back on the front, along with the addition of a Type A USB port. It's not much bigger or heavier either; in fact, it weighs 500 grams less than the F4-424 Pro. It's slightly shorter in height and depth (length), but only by a few millimeters. The front and back do retain a similar style to the 2024 series. On the front, you just have your four bays along with LED indicators for the HDDs and power. The welcomed change is having a USB port on the front for quick access, should you need to back up a USB drive, for example. Around the back, from top to bottom, you have a reset pin hole, an HDMI port, two 5 GbE Ethernet ports, two USB 3.2 Gen 2 (10 Gbps) Type A ports with a Type-C port below them, and a connector for the barrel port power source. Again, there's no Kensington Security Slot present, which is a bit of a shame considering it's a data storage device. Left side Right side On the left and right of the F4-425 Plus, it is completely smooth aluminum with a TERRAMASTER logo printed on both sides. On the bottom, there are some holes to assist ventilation. Unlike with the F4-425 Plus, the rubber feet did come unstuck during the teardown, which was also an issue on the 2023 series. It seems like other customers have lodged complaints about them, as TerraMaster now includes two spare rubber feet in the box, in case any of the preinstalled ones are lost; however, this seems more like a papering over the cracks solution rather than actually fixing the issue with better quality rubber stand-offs. There are also four screws that must be removed in order to access the internals. Teardown Upon removing the four screws, you can slide the device out of its shell to reveal the three NVMe M.2 slots (PCIe 3.0 X1) and single SODIMM slot connector, which is populated with a single 16GB DDR5 4800MT/s module. I added a couple of MP44Q M.2 PCIe 4.0 SSDs (2 x 4TB) that can be availed on Amazon for $492.99 that TEAMGROUP supplied us with, along with a 250GB 970 Evo Plus that my colleague Chris White sent me by accident and let me keep a few years ago. As I have said in previous reviews, TerraMaster support staff actually encourage installing whatever you want on their devices, and happily, the USB port for the bootloader is now easily accessible should you want to use it for your own flavor of NAS OS, such as TrueNAS, Unraid, or maybe Xpenology. Yes, because TerraMaster has now switched to a 256 GB NAND Flash card (3rd photo above) for the TOS bootloader. This is also replaceable, but you can also simply add a USB bootloader, access the BIOS, and tell the F4-425 Pro to boot from that instead of the Flash card. Unlike earlier iterations of TerraMaster NAS, you don't have to tear this down any further than the four screws on the outer shell in order to be able to access and manage the memory, NVMe slots, and USB bootloader. However, if you need to access the NAND Flash card or CMOS battery, then eight more screws (four on each side) need to be removed in order to take off the rear panel with the 120mm fan, and then the motherboard can be lifted off and removed from the SATA connector PCB. There's also no risk of threading the screw holes, because the four that hold the shell in place are metal on metal, while the screws that hold the rear panel on do screw into plastic. Either way, like last time when I reviewed the F4-425 plus, I was just happier to see larger screws being used. Overall, it follows some great improvements in build quality from the 2024 series and earlier. Setup BIOS The F4-425 Pro includes an Aptio BIOS from American Megatrends [1, 2], and you can setup pretty much everything here including the boot order, which is locked to the UEFI OS, however above that choice you can enable or disable booting to the USB bootloader so this would still allow you to switch to a USB stick with an alternative bootloader and boot from it, or disable it to instead always start from the first disk with an OS installed on it. Initial Setup Setup is roughly the same as the F4-425 Plus, along with the new TOS 7 setup dialogs, so there will be no surprises here. Upon connecting to the LAN and booting up, the F4-425 Pro can be reached by navigating to http://tnas.local. If that doesn't work, you can use the local address assigned via DHCP, which you can find using the TNAS PC desktop application, which is essentially a TerraMaster NAS finder. The setup process is pretty straightforward, through a wizard, and in full below: TOS 7 Initialization As you can see, TOS 7 received a new coat of paint, and the initialization requires fewer interactions. Happily, TOS no longer decides to throw all disks into the same Storage Pool; 2.5-inch HDDs are allocated into Storage Pool 1. This is because two of the HDDs are allocated to hold system files. Previously (with TOS 5 and 6), if you pre-installed HDDs and SSDs, they were all placed into Storage Pool 1, even if you did not select the SSDs for inclusion during the onboarding. TOS 7 Setup On first boot, there is a tutorial and some steps to take to harden the TNAS (or not), which includes an immediate update from TOS 7.0.0616 to 7.0.0706, of which the changelog screenshot is also included in the above gallery. It must be noted that the Security Advisor still contains (in my opinion) a pretty major bug in that if you enable SPC and then do the required rebooting, the Security Advisor still says that SPC is disabled. TerraMaster provided the following statement about it: It is disappointing that TOS 7 has been in beta since December, and this OOBE issue is still there. Shutdown option has moved Instead of a Taskbar option to manage the NAS, all of these options have been moved to the Control Panel, initially I did not see it and my contact had to show me how to power off the F4-425 Pro. To logout, reboot or power off you can find those controls at the top right of the Control Panel. It is also possible to power off through the TNAS mobile app beta. Storage setup Above, you can see the steps I took to create the Storage Pools and Volumes. I made a second Storage Pool using TRAID on two 4TB MP44Q SSDs (which, in this instance, is similar to RAID 5), and finally, I added the 250GB 970 Evo Plus drive as Hyper Cache on Storage Pool 1 in Balanced mode. Registering If you decide not to lock down the F4-425 Pro in Security Isolation Mode (blocking all external connections), then you could set up a TNAS device ID through the Remote Access setting in the Control Panel (which must be unique). This works in combination with an online TerraMaster account. TOS 7 TNAS Online Creating a TerraMaster account and linking the device online activates the warranty when you provide proof of purchase and the serial number, but it also gives you access through the TNAS mobile app, which allows you to complete certain operationsб including powering off and restarting the NAS remotely. A TNAS mobile update is required to gain access through TOS 7, and this is provided on the TerraMaster website, as it is not yet on Google Play. The app is evolving all the time and has made leaps and bounds since I first started reviewing TerraMaster devices almost three years ago. It is not quite there yet if you are comparing the likes of Synology, which, sadly, a lot of users online do all the time. OpenClaw setup One of the main selling points of the new F4-425 Pro is the inclusion of OpenClaw, with TerraMaster claiming that it is "powered by the world's first AI-native TOS 7 OS, supporting local-first smart workflows and independent data control." However, I immediately ran into problems trying to enable OpenClaw. After waiting 20 minutes at the "Enabling" message of the OpenClaw app following installation, I decided to do some searching online and discovered that it couldn't complete the installation process due to SPC being enabled, which is something TOS 7 immediately recommends to be enabled on first boot. SPC for NAS (TOS 7) is basically the same principle as UAC in Windows; it blocks executables from being launched by non-Super Users. After reaching out to my contact about these issues, I received the following response: Anyway, this only became clear when I closed the OpenClaw app screen and clicked on the OpenClaw icon in the taskbar; that is when I saw the message about disabling SPC. I think, due to the fact that this is a requirement, this should be a prompt during the installation process, not when closing the App Market and then trying to launch OpenClaw. There's also no 'Getting started' guide for people like me who have never used OpenClaw. I tried to add an LLM and discovered the tutorial led nowhere. That's when I started looking around the official TerraMaster forums, and I found a guide that helpfully explains that you won't get anywhere with OpenClaw unless you have a paid plan, which is disappointing because I imagined there would be an option to use a local LLM as I do in SubtitleEdit with Whisper-XXL. In addition, with the marketing imagery on the official site, it says that the OpenClaw feature is "all processed 100% locally for absolute privacy." which led me to believe that I could install a local LLM, not one that required paid tokens. In any case, TerraMaster does not provide guidance for this new feature, which was also a selling point of the F4-425 Pro! My contact also provided clarification about the above points I raised with TerraMaster Since it is not in the scope of the review to add paid services, I'll leave that to the people who are more qualified with OpenClaw. F4-425 Pro Surveillance App TOS also comes with a Surveillance app, which is not installed by default; it can be found in the App Market recommended section. In addition, after installing, it doesn't drop a shortcut on the Desktop or top taskbar, but you can "Send to Desktop" from the App Market listing for the app for a quick way to open it. Adding my Reolink POE doorbell camera was painless. TerraMaster doesn't appear to have a repository of preconfigured cameras; instead, the camera must be added using ONVIF or RTSP. No mobile Surveillance app TerraMaster still doesn't have a dedicated Surveillance app, although from searching online, Surveillance can be used and managed through the TNAS mobile app. I tried this with the updated TNAS mobile app beta in combination with TOS 7 and got a message that Surveillance was "Only accessible through web browser," so I reckon this must be limited to the stable versions of TOS 6 and the mobile app. More quirks In addition, whenever I minimized the Live View window in the browser Surveillance app, the feed appeared to switch to the Low-bandwidth stream, and there was no way to get the High-quality stream back. To get the High-quality stream back, I had to close Live View and then reopen it. Benchmarking A pretty cool feature of the TOS 7 is that it allows you to install directly to the NVMe M.2 SSD. In order to do that, you would have to leave out any HDDs during initialization, and even then, the system partitions are always written to two HDDs when they are eventually added. With three NVMe slots, this also gives an interesting scenario where you could build a TRAID storage Pool for installing all your apps and Docker on, and keep the third for SSD cache on the HDD pool. Limitless options! SATA PCIe 3.0 X1 A CrystalDiskMark test on a mapped network drive from within a Windows 11 25H2 PC (image above) connected over a 5 GbE hub was well within acceptable ranges. Although the read result on SATA was a little less than with the F4-425 Plus, for some reason, while writes were generally better. SATA PCIe 3.0 X1 I also ran the NAS Performance tester, which tests the link speed performance. As you can see, it pretty much maxes out the 5GbE connection. Of course, you can also opt to bond the two 5 GbE connections for a bit more umph, but I didn't do that. TOS 7, which, as of testing, is still in Beta, comes with an App Center that has a bunch of handy programs you can install right off the bat, such as Emby, Plex, Docker, as well as in-house Backup and Surveillance solutions. As you can imagine, any media streaming services you would want to host off the F4-425 Pro will work great, thanks to the Intel Core N350 CPU and its 16 GB of DDR5 memory. Accessing from mobile is only possible if Security Isolation Mode is disabled, which can put your NAS at risk from external sources, so there was no way to access it from the TNAS Mobile app. It's also quiet. I had this sat next to my computer on my work desk for the past week, and I did wonder if the noise I was accustomed to with NAS devices would annoy me, but all I could hear was a soft whirring of the rear fan (which was a little annoying) when the disks were not actively copying or reading data. Conclusion So what have I learned? Unfortunately, this release raises a few important questions and concerns that I feel haven't been adequately addressed. What I didn't like Our variant shipped with TOS 7 beta, and it's advised not to use it in a production environment. I feel that's a bit limiting on an $800 device. The mobile app is also still in beta and does not support some of the first-party apps, like Surveillance, and it still has quite a few bugs. I am a bit confused about the OpenClaw marketing along with the F4-425 Pro. I feel like that if it's going to be a main selling point, then offer official guidance on how to get started with it. TerraMaster recommends enabling SPC, but then markets the NAS for use with OpenClaw, which requires disabling SPC to be able to use it, opening up genuine security concerns for the NAS; and that's before you get into the security concerns of OpenClaw itself. Of course, the above issues won't be a problem if you decide to install something else on it, or even go back to the stable TOS 6. I wish TerraMaster had just given TOS 7 as opt-in rather than shipping with it. TOS 7 has been available as a preview since December 2025 (so well before my last TerraMaster review), and according to a thread on Reddit where a user shared a screenshot from the TerraMaster Facebook page, it is scheduled to launch today, June 23, but there's nothing about that in the TerraMaster news blog. My contact confirmed over email that TOS 7 exits beta today. The rubber feet also deserve a mention as they continue to be a problem, with them coming unstuck the moment you shift the F4-425 Pro anywhere on your desk. What I liked What it comes down to, though, aside from what I already mentioned, you are still getting a quality, affordable device here, so recommending it will depend on the individual's use case. If you're just looking for a relatively small NAS device to manage virtual machines on, backup your files, and take care of your home theater streaming, then it is a great device that will certainly futureproof you for some time. It provides good performance, takes up little space, and is, on the whole, very quiet. Four bays afford proper redundancy using TRAID or RAID 5, and you can even expand on storage capacity by adding the 2-bay D5, or 4-bay D8 Hybrid DAS over a USB 3.2 (10Gbps) link. Considering the 2024 releases were more about power, with the likes of an Intel Core i5-1235U high-end laptop CPU under the hood, I asked my contact last time if we could expect more of the same in higher-end models and was told: It makes a lot of sense to use Intel's N350 chip inside a NAS; it is more than capable of doing what the F4-425 Pro is intended for, media streaming and backup. The only downside is still the clear lack of community and even staff support on the official forums. In the past, I have had topics go unanswered for days, or there would be generic-type "we've noted this and passed it onto our developer team" type responses. Along with the other things I mentioned, it all ends up costing it a couple of points. If you are comfortable with the command line, Docker, and setting up TrueNAS or Unraid, you'll be fine. You can do great things with this hardware. In TOS, the apps are a bit lacking, and things don't always work as expected.\ AI NAS?! What has become clear to me this year is that we are going to start seeing all kinds of "AI NAS" come to market, and while that might be good for us consumers, be diligent and research these claims. Although the F4-425 Pro technically comes with AI, it is really using a cloud service that is externally sourced off-device through the third party OpenClaw app. My colleague did review a newcomer to the NAS space earlier this year, and it includes a local AI assistant inside the Zettlab D4 NAS, and they do not even use AI in the product name, check out Chris' review here. Where to buy and a discount coupon However, it does not change the fact that this is truly a great entry-level home media-class NAS that you can buy right now. TerraMaster is having a 20% off launch discount, plus you can also still apply our unique 10% off coupon on checkout, which only works on the official website. So here is a breakdown of the pricing that is only valid on the official TerraMaster website. TerraMaster F4-425 Pro (N350) + 20% discount + 10% coupon = $575.99 TerraMaster F4-425 Pro (N305) + 20% discount + 10% coupon = $503.99 TerraMaster F4-425 Pro (N350) + 20% discount + 10% coupon = £525.59 TerraMaster F4-425 Pro (N305) + 20% discount + 10% coupon = £460.79 Use NEOWIN coupon code during checkout for 10% discount Over on Amazon US and UK, the F4-425 Pro also gets a 20% launch discount, but here, the above 10% coupon cannot be applied. TerraMaster F4-425 Pro (N350) for $639.99 at Amazon US (was $799.99) TerraMaster F4-425 Pro (N305) for $559.99 at Amazon US (was $699.99) TerraMaster F4-425 Pro (N350) for £583.99 at Amazon UK (was £729.99) TerraMaster F4-425 Pro (N305) for £511.99 at Amazon UK (was £639.99) As an Amazon Associate, when you purchase through links on our site, we earn from qualifying purchases.
    • Politically funny images of the World

      By PsYcHoKiLLa · Posted

    • Hey Google, these are the Gemini features I want in 2026

      By ad47uk · Posted

      I used to use Google assistant, not on the phone i have now, but about 7 years ago, then I decided it did not really do anything for me. Because i had Echo units over the house I added Alexa to the phone to control stuff and that is how it is now. Not the new Alexa+, as that is not really available in the U.K yet apart from on new units and to be honest, not interested in it. I went though the stage years ago of using voice to do text and call people, quicker to do it using my hands. I had a muck about with Siri on my Mac when I first got it, but not having a microphone permanently plugged in makes it a pain. I know it can be used by text. Siri like Apple AI is disabled on my Mac and will stay disabled.

  • Recent Achievements

    • One Month Later
      nates earned a badge
      One Month Later
    • Week One Done
      Almohandis earned a badge
      Week One Done
    • Rookie
      dorf went up a rank
      Rookie
    • First Post
      mike_rumble earned a badge
      First Post
    • Dedicated
      tuben earned a badge
      Dedicated

  • Popular Contributors

    1. 1
      +primortal
      500
    2. 2
      +Edouard
      204
    3. 3
      PsYcHoKiLLa
      94
    4. 4
      Michael Scrip
      91
    5. 5
      neufuse
      71
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!