One of our main priorities for the My Cloud OS 5 release was to improve the security of the firmware for our customers given the increasing number of cyberattacks on NAS devices and IoT devices. Prior to the release of the new firmware, we worked with a 3rd party firm to conduct a security assessment. They flagged the Transmission app to have a critical security vulnerability because it runs with root privileges and could allow an attacker to take over the device. For this reason, we held the release of this app in the first version.
We are working to address the concerns that have been voiced on the forums and through other channels. We added an authentication mechanism to mitigate the reported security vulnerability, but we are aware that this has caused functionality issues for some users. We continue to explore better options to improve the user experience for you. We would like to ask for patience from you, our customers, while we design a better solution.
