Comment on What's the security situation when opening a jellyfin server up for casting?
illusionist@lemmy.zip 13 hours agoSure, software can always be vulnerable.
Plex was running on his private computer, not a dedicated server, right? Windows? His version was 75 versions behind the current version at the time. How could the malware escape the server’s/plex’ sandbox? With a keylogger? Why wasn’t he using a password software? This isn’t the best example for your point
droolio@feddit.uk 12 hours ago
They opened it to the internet - that’s the big difference (and the topic at hand). Security is a multi-layered thing, but if your weakest point is a gaping hole, the rest doesn’t mean much. To my point - assuming Jellyfin ain’t gonna have vulnerabilities even when you’re fully up-to-date, is foolhardy.