First thanks for a very well thought out response. It is a very good answer corporations certainly like to hear…
BUT…
Any software regardless of IT Security measures and guidelines can and almost surely does have unknown flaws so why would I want that exposure if I can avoid it without any loss of functionality? TLSv1.0 would be my first example of a “now” broken security standard. Any old encryption algorithm like DES, WEP 64 which there are very many. SMBv1 would be another and there are many many more. Could ACME be another ?
Regardless of the security aspect I still would like the option for local access to dashboard.
So what happens when my internet provider is DOWN ? I would like to be able to access my NAS from my computers even if my internet connection is down. This is very important as if/when our internet connection is down we would still like to administer access on my NAS. And yes I could setup a home DNS / bind Linux server and deal with creating trusted certificate nonsense but why should I go through that hassle if I could just have local dashboard access as an option.
