I’ve been reading up on the new features of DSM 7.2 specifically regarding immutable storage. I understand the idea of locking the files so that you can’t just click the delete button and get rid of them. This is great for protecting against accidental deletions as well as ransomware.
However, couldn’t a malicious actor just delete the entire storage pool? Are there any other weaknesses with immutable storage?
If you have physical access, you could just yank the drives and run. In the world of what if’s the meteor obliterating your NAS and all your supporting infrastructure is also a possibility. If a malicious actor has admin access to the NAS, its game over no matter which way you look at it.
Ah, Ok that helps. So let’s say I am the administrator, and I was running compliance mode. I put a bunch of data on some drives, but later decide I don’t want that. To reclaim that drive space, I would have to physically remove those drives, install them in some other system (Windows or Linux I presume) and then format the drives. Then I could reuse them in Synology for another purpose. Does that sound correct?