illusionist

@illusionist@lemmy.zip

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨I built LinuxMate to kill post-install chaos (free repo + demo)⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
That’s cool
⁨Comment⁩ on ⁨Help getting started with self hosting Jellyfin via NAS?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Backup and yolo 😎
⁨Comment⁩ on ⁨Help getting started with self hosting Jellyfin via NAS?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
That’s one risk. Someone could use it for a bot net or other attacks. Or he could try to escape the device and hack into other devices on the LAN. But also, it depends on the reward that a hacker can get. Is the expected reward worth the work to hack into your server?
⁨Comment⁩ on ⁨Help getting started with self hosting Jellyfin via NAS?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
An open port is a door to the service. The service needs a vulnerability and then an attacker can abuse that. Oftentimes multiple vulnerabilities are used in an attack. Attacks can become public years after they were found. Just because nothing is public doesn’t mean that it’s there. What can an attacker gain if he enters your server?

app.opencve.io/cve/?product=jellyfin&vendor=jelly…

If you want to know what happens to people who opened their ports in the past, look in the lemmy and reddit selfhosted subs for the posts about it. I am not aware of a single post in the last x years about someome complaining that his jellyfin media library was encrypted and she shall pay a sum x for the encryption keys.

⁨Comment⁩ on ⁨Help getting started with self hosting Jellyfin via NAS?⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

There is always risk with exposing something to the Internet or untrusted people. You need to take steps to mitigate the risk.

Make sure you patch

make sure you only expose as little as possible

use https/tls

have good, automated, tested backups to media that gets disconnected!

having access logs enabled

Isolate and separate from any private/internal stuff as much as possible.

    Separate hardware

    separate VLANs

    separate VMs

reddit.com/…/is_it_dangerous_to_open_http_ports_t…

⁨Comment⁩ on ⁨Wanderer - federated trail database (komoot etc)⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Not on my instance fosstodon.org
⁨Comment⁩ on ⁨Wanderer - federated trail database (komoot etc)⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
Nice, thx!

I could see the profile but unfortunately no post from mastodon, lemmy and pixelfed.
⁨Comment⁩ on ⁨Wanderer - federated trail database (komoot etc)⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:

wanderer is built on the ActivityPub protocol, meaning your instance can connect with others to share trails, profiles, and updates. Follow users across the network, discover new trails from different communities, and interact seamlessly with other federated platforms like Mastodon — all without relying on a central server.

Is there an example account that I can follow from lemmy or mastodon? In practice, can you connect your mastodon to your wanderer account?
⁨Comment⁩ on ⁨I built LinuxMate to kill post-install chaos (free repo + demo)⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Neither do native and flatpak vscode work the same way. It’s about that OP decides it, not the user.
⁨Comment⁩ on ⁨I built LinuxMate to kill post-install chaos (free repo + demo)⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
It looks great but I don’t like it.

You decide that firefox gets installed via apt and not flatpak. Why?

This aims at someone who already has a system and wants to have some reproducible thing for a new system.

Back the fuck up and restore from backup.

This also includes take asnapshot of flatpak apps and simply reinstall all of them on the new system.

Yes, there is a lot of improvement to automatically do all this. But not with another solution. Just use dotfiles. Dotfiles and a cloud sync thing.
⁨Comment⁩ on ⁨Reproducible alternatives to nextcloud?⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Sorry to hear that!

I use hub.docker.com/_/nextcloud/#running-this-image-wi…

It works like a charme.
⁨Comment⁩ on ⁨Reproducible alternatives to nextcloud?⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Try nextcloud with docker/podman. Take a backup/copy right before upgrading, upgrade, if it fails remove the upgrade and wait another week/month before upgrading or fix it. In the meanwhile, you can simply use the version that you have not yet updated.
⁨Comment⁩ on ⁨Stop using MySQL in 2026, it is not true open source⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Depends on the task but for general usage there is no big difference. You would choose one over the other if you need one for work.
⁨Comment⁩ on ⁨State of the Fin 2026-01-06 | Jellyfin⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Is it a nativ tizen app? So far there was a webview which is ok but it’s a webview
⁨Comment⁩ on ⁨Best subsonic alternative?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Navidrome

github.com/basings/selfhosted-music-overview
⁨Comment⁩ on ⁨Findroid v1.0.0 with a complete redesign is here⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
awesome! I love it
⁨Comment⁩ on ⁨AI’s Unpaid Debt: How LLM Scrapers Destroy the Social Contract of Open Source⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I may not be up to date
- What damage to open source did the big tech ai companies do?
- how do they take advantage of us?
⁨Comment⁩ on ⁨is it normal for smart thermostat to rotate very often for no appearant reason?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Yes. In a quiet room, like a bedroom, everything is loud. I’m not sure if that was better. Less often and shorter would be better
⁨Comment⁩ on ⁨is it normal for smart thermostat to rotate very often for no appearant reason?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Yes
⁨Comment⁩ on ⁨is it normal for smart thermostat to rotate very often for no appearant reason?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Thx
⁨Comment⁩ on ⁨is it normal for smart thermostat to rotate very often for no appearant reason?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Yes, thx
is it normal for smart thermostat to rotate very often for no appearant reason?
Submitted ⁨⁨5⁩ ⁨weeks⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨11⁩ ⁨comments⁩
⁨Comment⁩ on ⁨What's the security situation when opening a jellyfin server up for casting?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
How are you hurt if your jellyfin server is compromised and you don’t know about it?
⁨Comment⁩ on ⁨What's the security situation when opening a jellyfin server up for casting?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
If it’s nor detected, reported and noone gets hurt, what’s the problem?
⁨Comment⁩ on ⁨What's the security situation when opening a jellyfin server up for casting?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Sure, software can always be vulnerable.

Plex was running on his private computer, not a dedicated server, right? Windows? His version was 75 versions behind the current version at the time. How could the malware escape the server’s/plex’ sandbox? With a keylogger? Why wasn’t he using a password software? This isn’t the best example for your point
⁨Comment⁩ on ⁨What's the security situation when opening a jellyfin server up for casting?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
How often do you read that a jellyfin server was compromised?
⁨Comment⁩ on ⁨Docker security⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I use podman that doesn’t suffer from that problem
⁨Comment⁩ on ⁨PSA: Don't use nextcloud's auto upload on the android app as a backup⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Ok
⁨Comment⁩ on ⁨PSA: Don't use nextcloud's auto upload on the android app as a backup⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Can you reproduce it?
⁨Comment⁩ on ⁨⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
What’s your take on scrobble services?

I don’t like that one monopoly company gets all the data and abuses the system with it even further.