Archive for January 8th, 2013
Today I downloaded and installed Synology’s new DSM 4.2-Beta (Build 3160). I’m normally excited about new DSM releases, even the betas, as they mean the opportunity to see and test new features. I’ve been impressed by DSM releases in the past, as they’re usually very stable and I can’t say as I’ve really had any major issue with them.
Unfortunately, Synology decided to implement something in this DSM release that has me irritated, to say the least. They require that you register with their MyDS service in order to install any additional software packages on your Synology product, or even to upgrade any packages that you had installed prior to installing the DSM 4.2 BETA. This even applies to 3rd party software packages, but not software packages installed from other software sources. And, it’s not optional.
Yes, even if you had a software package on your Synology product before installing the DSM 4.2 BETA, you can’t upgrade that software package without registering on the MyDS service.
Oh, yeah, you also can’t downgrade to a previous DSM release.
This is a great example of another instance of “forcing” customers to use cloud services to utilize the full potential of a product, and a huge disappointment for me. And yes, they keep records of your “purchases” (downloads). And, also, there’s currently no way to delete your purchase history, or your MyDS account.
I took a close look at Synology’s “What’s new” for this Beta to see if I had missed a mention that MyDS was required. Here’s a screenshot of what their website shows:
Note that it says that MyDS is required to purchase paid apps. It says nothing about free apps. This is misleading, to say the least.
I shouldn’t be forced to register and log in to Synology’s MyDS service to download and install their own software packages. It would be like Microsoft forcing users to have a Microsoft account to download Windows updates. More so, this even affects the third-party software packages available from the package center that come from Synology repositories. However, again, it doesn’t affect software packages from other sources.
The only good I could possibly even see coming from this would be the ability to remotely manage and push software updates to the Synology product directly from the MyDS center. But why would you want to do that instead of just logging into the product itself and doing it securely? I could even see malicious software authors getting hold of the Synology software bundles and offering to host them on publicly available repositories where they could be downloaded without registration, but modifying the packages to introduce malware into them, unbeknownst to the user.
Thanks a bundle Synology. Maybe you should take a lesson from Cisco. They tried something like that at one point. It was called Cisco Cloud Connect, and they backpedaled on it. Read more about that on eWeek here and here, and on Cisco’s own blog here.
I should clarify some of the above. You CAN manually install and upgrade freely-available packages from Synology. First, you have to go to Download Center, and select your product type. In the case of my DS211j, the direct link is here. (If you’re looking for the updated 4.2-BETA packages, they’re here for all models.) You can download the spk file from there, and subsequently upload the spk file via the Package Center’s manual update feature. (You can also find downloads for all packages for all models here.) The direct links to DSM 4.1 (build 2636) are here.
Again, why Synology forces MyDS registration to do this via the automated installer for freely-available packages is still beyond my understanding. However, it looks like their intent is DRM-based. Specifically, on packages that are to be purchased.
I’ve been in contact with Synology on Twitter, and I openly thank them for their dialog with me regarding my feelings on this issue. I’ve sent them the following email as well:
I’m submitting this to let you, Synology, know how disappointed I am in the decision to force MyDS registration for automatic package downloads in DSM 4.2-BETA. This is a decision that I feel has multiple implications.
First, it impacts the usability of the Synology product for people who do not care to register for a MyDS account, as they can no longer automatically update or install packages. Indeed, some packages can be manually installed by downloading from Synology’s website and installed or upgraded manually, but quite a few packages (such as 3rd party packages) are absent from the download list. Along with this, one that is present (Amazon Glacier) requires Python, which is not present.
Second, this impacts privacy, as all automated downloads are logged as “purchases” in the MyDS account, but this list cannot be deleted, nor can the MyDS account itself be deleted.
Third, there are additional possible security implications, but I am going to choose not to elaborate on them for the purposes of this email.
I strongly (and vocally) disagree with Synology’s decision.
I understand that the addition of paid packages to the Synology repositories has created the need for a purchase and DRM solution, but I do not understand why this has to create an issue for people that do not have those packages available to them, or simply choose not to purchase them.
I submit that it would have been a much better decision to at least allow the automatic installation and upgrade of free packages without the forced MyDS registration. Or, at least, to allow the download of all free packages via a web page or FTP download, and prominently display a link to that are in the DSM Package Center.
I have written about this at https://mikebeach.org/2013/01/08/synology-releases-dsm-4-2-beta-myds-registration-now-required/
Are you the owner of a Synology product and tried the DSM 4.2-BETA? What are your feelings about the forced use of MyDS for software downloads? Please feel free to share in the comments below. Thank you!