Comment on Important Notice of Security Incident
FreedomAdvocate@lemmy.net.au 1 day agoPlex followed best practices and made sure that in the event of a data breach your accounts were safe, and alerted us promptly to the breach and reassured us that nothing private/of value was compromised.
JellyFin knowingly leaves multiple API endpoints with zero authentication.
I know which one I prefer, and it’s not the one with gaping security holes marked as “won’t fix”.
filcuk@lemmy.zip 1 day ago
People don’t seem to understand that no-one can reasonably stop a breach today.
The question is whether the attackers got anything of value and how easy they got in.
anas@lemmy.world 23 hours ago
This breach was, in fact, very preventable. Plex didn’t need to force users to authenticate with a central server to access their own self-hosted media in the first place.
FreedomAdvocate@lemmy.net.au 18 hours ago
That’s not how “preventable” works.