dogs0n

@dogs0n@sh.itjust.works

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨3⁩ ⁨hours⁩ ago⁩:
Sorry, I wasn’t clear. When I said “why do you care?”, I didn’t mean YOU specifically with OPs potential problem of losing users.

I meant why do people in general, who self-host software for friends/family, care if their friends/family stop using the software.

E.g. I have friends on Plex, but for whatever reason, I decide I want to move to Jellyfin. My friends stop streaming my media because they dont like jellyfin for whatever their own reasons may be. I personally wouldn’t care about losing them as “users”, because it’s not like they are paying customers. I let them access my instance for free, if they aren’t bothered enough to use it, then thats on them, not me to cater to their needs by keeping Plex around.

Hope that cleared up my meaning. I wasn’t attacking you for caring with your original response.

p.s. you are at risk by hosting Plex too, just in different ways. Plex still requires your server is open to the internet, right? Even if only Plex’s servers can access it, who’s to say Plex themselves don’t get hacked. Always a risk/reward type deal with hosting software, in my opinion, either are fine to expose.
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨3⁩ ⁨hours⁩ ago⁩:
Yes, you are right, but I think my point was missed.

Theres not much reward for hackers to hack private jellyfin hosts (unless there is some big exploit that gives remote code execution that im unaware of), sure the bots will scan and try exploits on open ports, but are they specifically targetting jellyfin?

There is always a risk, but in my opinion, the chances of being hacked through jellyfin are way too low to bother with over-bearing measures, like a required vpn connection.

Running jellyfin in a secure manner (without root, only access to your content, etc) reduces the risk of much harm too.
⁨Comment⁩ on ⁨Tabletop Convection Oven*⁩ ⁨⁨17⁩ ⁨hours⁩ ago⁩:
My guess is they were making popcorn and fish sticks for a movie night.

When shaking the air fryer to get all the corn cooked, a single fish stick stuck itself to the top.
⁨Comment⁩ on ⁨The first driverless semis have started running regular longhaul routes | CNN Business⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
Maybe this type of automation could be improved by letting trains handle the long journey part:

Autonomous truck -> train -> autonomous truck

Then, the automated trucks (that could maybe be dispatched from rail networks when you have cargo to send) dont have to do the long distance part. Only the last couple miles each time from train to warehouse and vice versa.

I’m sure there are complications im missing, but at scale this sounds like a feasible plan
⁨Comment⁩ on ⁨Several phone brands rumored to be planning a major shift away from Android⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
If you’re looking at getting a new (used) phone, I would suggest GrapheneOS (the most secure/private de-googled rom afaik).

You need a Pixel phone, the newer you get the longer you will keep getting software updates for the future (if you keep the phone past these many years of support, then I believe switching to a other rom will be required for security patches etc. Each phone is supported until Google stops supporting them I believe).

If you plan on never touching a google service, GrapheneOS allows for that (nothing google by default), but on the other hand, if you need google play, etc for banking apps or whatnot, they have that covered with Sandboxed Google Services (which you can run solely in another user profile on your phone for added privacy).

Anyways, I think GrapheneOS in a great option & their website has much more info if you’d like to continue hearing about it:

grapheneos.org
⁨Comment⁩ on ⁨Several phone brands rumored to be planning a major shift away from Android⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
That sounds funny, but In that reality, the government with all its power will find a way in (they probably already have programs (as in departments) for finding their way into other countries tech).

Better to just install a proper de-googled android build (grapheneos, etc) and only use wifi (if data/phone num not needed) for the best odds.

In a couple of years (with more r&d, development and investment) I bet this will change to being use a linux phone.
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Hm I don’t remember posting the comment you are replying to, to the one I replied to.

You are right, but I still argue that keeping Jellyfin up to date is fine, there’s no serious bugs (afaik) that will compromise your whole server for instance, so these bots have nothing valuable to exploit here.

When I say don’t post your instance url I was talking about normal people finding it to try streaming from it without auth, I think I was replying to someone else and though this was the same thread.
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
I find it hard to believe that there are bots scanning for jellyfin exploits, since as far as I’m aware, the exploit is for viewing content without auth. 99% of bots are scanning for old instances of wordpress or other outdated software to exploit.

If my content on Jellyfin was illegitimate, the person scanning for my files would have to prove that before they can sue, no? I don’t think this makes sense for anyone to do.
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
You may need to reevaluate your threat model.
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
I agree with you, it’s likely this vulnerability is only known because Jellyfin is open source… how many are hiding in Plex’s proprietary source code…

Anyways when has anyone ever been pwnd by this “exploit”, I have seriously never heard of anyone being “hacked” by one of them.

Definitely overblown as far as I am aware… don’t post your instance url all over the internet and you will likely be fine.

Using Plex (is fine, do whatever u want) and giving them your data instead doesn’t really help you (or at least sending your data through them).
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:

you will absolutely lose a bunch of them

I always see this and I have to ask: why do you care?

They likely aren’t paid customers of yours, if they don’t follow your rules and the software you like to use, then they are free to use any other method of consuming media.

VPN

Have to agree with the other comment that asks why do you need to use a vpn. Fax
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
My question is, where are you posting the address to your jellyfin server that someone who finds it will go through the trouble of even doing this?

Also how could they start litigating you based on the content you have? If I had illegal content on my server, I would be really dumb to expose it on the internet on a public jellyfin server. Otherwise my movies, tv, etc are my paid for content…
⁨Comment⁩ on ⁨That's all folks, Plex is starting to charge for sharing⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
You didn’t ask, but if you’ve had a bad experience with the apps, you could try one of the native apps.

My friends on Apple devices thing Swiftfin (github.com/jellyfin/Swiftfin) is much better than the normal jellyfin app.

I haven’t used this one/know anyone that has: Findroid (third party) (github.com/jarnedemeulemeester/findroid). Mostly because I haven’t had any issues with the official jellyfin app for android, but it would probably give a cleaner experience, being native and all.

For the server, I think it’s fantastic. Never had any problems that weren’t a few clicks to resolve. Pretty much use it and forget I’m the one maintaining it for the most part. I wonder what issues you encountered?
⁨Comment⁩ on ⁨Reminder if you're leaving Discord for this Revolt server ( Linux + Steam Deck devs / creators)⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I didn’t mean to say that it’s (still) trash, I think it’s useable, but there are still a lot of improvements to come.

Element as a client seems to want to do everything, which is probably great for a lot of people, but it (in my experience) has led to a poor user experience (which with more time, will likely improve, they seem to have a lot of backing).

With Element completing voice/video implementation, I imagine it’ll be easier for other clients to reference their work when implementing their own support.

Once the other clients get voice support, I will definitely be trying them out again, I’m sure they will make a much simpler experience that works out the box.

The lost keys problem has luckily never happened to me, it usually boils down the user error I believe, but yeah, if it is a user error that happens often, they should figure out some way to fix that (probably a hard problem, which is sort of fixed (i believe) if you use the client on multiple devices, so if you get logged out of your account you can easily authorize your access from another logged in device, eg desktop/mobile).
⁨Comment⁩ on ⁨Reminder if you're leaving Discord for this Revolt server ( Linux + Steam Deck devs / creators)⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I agree, I don’t think it’s trash. From my experience, chatting is very good, voice/video are just the next thing they are tackling.

Better UX will probably come after important features are done.
⁨Comment⁩ on ⁨Reminder if you're leaving Discord for this Revolt server ( Linux + Steam Deck devs / creators)⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Just imagine the good they could have done by being a new competent Matrix UI that can do everything, but instead they are a Discord clone.
⁨Comment⁩ on ⁨Reminder if you're leaving Discord for this Revolt server ( Linux + Steam Deck devs / creators)⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yeah, they kinda screwed up Element with combining mobile and desktop features into one app. The first time I tried creating a call on desktop, it was suddenly apparent how confusing they had made it, because you can do it in multiple ways (normal calls & conference calls).

There are other UIs that look very nice, but sadly don’t support voice chat. Hopefully these other clients can catch up, but it’ll likely take a while.
⁨Comment⁩ on ⁨Trying to avoid antitrust suits, Google senior executives told employees to destroy messages⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Either of us deliberately destroy data: locked up.

Company exec does the same: slap on the butt and a $2 fine.

We should all be on the same playing field!
⁨Comment⁩ on ⁨finally got static IP from a new ISP⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Hosting on your own hardware is much more fun though! In most cases it’s safer too, you don’t really need to worry about much as long as you dont portforward your ssh port & don’t run programs as root.

I would say it’s cheaper as well, but that depends on how expensive the static ip lease is per month.
⁨Comment⁩ on ⁨Sharing Jellyfin⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

The internet is full of bots pounding at your machines to get in. It is only a matter of time until the breach Jellyfin.

If you are talking about brute force attacks for your password, then use a good password… and something like fail2ban to block ips that are spamming you.

This point doesn’t exactly match, but: public services like google auth don’t require users use vpns. They have a lot more money to keep stuff secure, but you may see my point… auth isn’t too trivial of a feature to keep secure nowadays. They implement similar protections, something to block spammers and make users have good passwords (if you dont use a good password, you are still vulnerable on any service).
⁨Comment⁩ on ⁨Windows 10 LTSC – the version that won't expire for years⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

the only thing I miss is the big preview window in the file manager

I may be misinterpreting you, but I think this is a thing with Dolphin. It has a preview pane, which supports all the file types I commonly interact with (F11), which can be dragged to resize bigger or smaller.

I haven’t used any preview thing on Windows, which is why I think I may be misunderstanding.

Anyways if you haven’t tried Dolphin, maybe it has a solution for you (made by kde project, but I believe it should be installable for any desktop environment)
⁨Comment⁩ on ⁨What are some FOSS programs that are objectively better than their proprietary counterparts?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

average user doesn’t even know what a port number or IP address is

They don’t need to, just give them a url, username and password and let them type each for each field.

(If you mean because you want them to configure a vpn to access your jellyfin instance, then just expose it to the internet, which surely you pretty much have to do for your plex instance)

Cost:Convenience

Do people really think this or will they think (like everyone i know) that it’s free and I can watch what I want.
⁨Comment⁩ on ⁨Nextcloud (PHP) vs OpenCloud (Rust)⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Thanks for your reply, I will definitely keep that in mind if Seafile fails to meet any critera moving on, but yeah your last point is also right, it would probably be a big pain to migrate out at this point with all my data for multiple users here.

It seems a lot has been modernising recently, I didn’t know they were also using Go, but hopefully they continue with it for new code.
⁨Comment⁩ on ⁨Nextcloud (PHP) vs OpenCloud (Rust)⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
NextCloud being so slow forced me to migrate to Seafile.

Seafile being less one-stop-shoppy made me not use it so much, but whenever I do it is always fast and responsive (unlike nextcloud, where 80% of the time I was looking at the loading indicator). Looking it up now though, it looks like it has a lot of new features I haven’t yet tried so I’m probably gonna start using it more now.

Only downside with Seafile is it’s deduplication (for me), because it stops me from easily accessing files directly (always gotta use a client). Likely a benefit for most though and I do rarely need to access a file directly on disk, just when I do, it’d be an easy shortcut for whatever I’m doing.
⁨Comment⁩ on ⁨America is fucked⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
We need them to rappel from the helicopter and swing right into your appartment through the window. This is how we save lives.
⁨Comment⁩ on ⁨A 'US-Made iPhone' Is Pure Fantasy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Lol I agree. The value is horrendous when you spec one of their products to have decent storage/ram, but nevertheless can’t fault the speed of their ARM chips.
⁨Comment⁩ on ⁨A 'US-Made iPhone' Is Pure Fantasy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I have no source, but I remember seeing a graph of where iPhones sell and places like China/India were 80% android phones (mostly Samsung I think).

I don’t think the asian marketplace puts Apple products in such high regard as the US.

Samsung phones are still premium, I think they appeal more in other countries.

I see what you mean though with 20% of just China being almost the US population, but they are still losing 300m customers.
⁨Comment⁩ on ⁨A 'US-Made iPhone' Is Pure Fantasy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Hehe that is funny, sadly I think the US is Apples biggest market, so they probably wouldn’t want to let go and give up any marketshare.

US usually is the most important market for most (international) companies I believe.
⁨Comment⁩ on ⁨A 'US-Made iPhone' Is Pure Fantasy⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I hate to say it, but it’s actually quite powerful trash that they produce.
⁨Comment⁩ on ⁨6* months away now. If you're on 10, do you plan to upgrade? Make the jump to Linux?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Of course, I run EndeavourOS. My guess is that nowadays it doesn’t matter if you run amd or nvidia (likely won’t run into problems with either).