I recommend self hosting, I don’t consider Plex to be shelf hosting since its so heavily depending on a third party corp to facilitate things.
If you aren’t interested in self hosting i don’t have any suggestions for you other than to enjoy it while it lasts.
Edit2: here we go
That makes sense, I appreciate you taking the time. Its certainly not a very big issue for me personally, and i do have other mitigations in place for more general attacks like fail2ban, but not everyone is in the same situation so its a valid concern to mention.
I do think you’re overestimating the risk, Studios are unlikely to go to such lengths when there are bigger, easier targets. Still, it’s not entirely negligible, even if the exploit seems fairly benign to me personally.
My thinking as a sysadmin is if someone has security concerns, they wouldnt be JUST with jellyfin in most cases, you’d be securing an entire server (or paying someone else to handle that part), so its issues to keep in mind sure, but the mitigation would be mainly outside of jellyfin specifically anyway, thus why its not really mentioned in jellyfin’s docs or considered a big concern by the devs.
So I’m not really disagreeing with anything you’ve said, but I you haven’t changed my mind either, I’m still going to recommend jellyfin over plex.
Stolen is loaded… XBMC was open source. All the parts that rely on that are available for free.
Okay so they violated the GPL to produce their product, it started off on good terms and contributing back up stream but then they got greedy and decided to stop giving back, On top of that they also provide nothing upstream to FFMPEG or any other of the open source projects they benefited massively from… basically they are leeches of open source software… but you are technically correct [1] to say its not literally stealing.
[1] The best kind of correct
Well its good to make sure people know about it, but I would think most admins already know and just don’t care. Its certainly not news to me, and doesn’t seem very useful in terms of actually exploiting anything.
I’m curious what youd think a kind of worst case scenario would be for any of the current jellyfin auth issues. Like what would someone with bad intentions be able to do?
I think the Plex issue with emails being stolen is a bigger problem because then those emails can get phished for their Plex accounts and possibility more. I still wouldn’t consider it a huge deal though, Plex handled it correctly.
My real issue with Plex and why I constantly shit on them is that they stole from XBMC and made a business model that monetizes piracy or at least tries to.
Personally I wish I could just make authentication optional on my jellyfin just like it is for peertube and funkwhale.
Omg I remember when those bears tts videos where everywhere, simpler times.
Looks like You searched under housing. Try searching under “pets”
You can pay me and I’ll setup a searxng instance for you if you want.
Or just use the free ones, mine is here
Kagi is the only paid search ive heard of but its more of a AI company that just happened to have a search engine as their most successful product. Consider reading this before switching to them: https://d-shoot.net/kagi.html
This makes perfect sense to me.
He’s a huge narcissist after all, and I mean, he lost that legal battle. So, of course, if he has to face consequences, he’s gonna lash out by making everyone else faces consequences for the thing he’s guilty of.
It was always going to be a rug pull, they basically took XBMC and ffmpeg, made a “cloud” based front end for it and started asking people for money.
At no point was it anything other then an attempt to cash in on pirates. At some point I guess they realized all those “lifetime” subscription purchases would dry up and they started Partnering with or buying up other streaming content so they could at least pretend to be offering something else but that can only get them so far financially.
It might have been short sighted rather then an intentional rug pull, but obviously running a service like Plex requires an constant stream of funding, and when your loyalist users are the ones who paid a relativly small lump sum early on, it gets harder and harder to keep revenue coming in from new users and monthly subscribers.
I will preface this by saying I think it would be interesting to attempt but I think the end result would be disagreements of all kinds would lead to a lot of degeneration and splitting as we see with Lemmy and with how gab and parlor are in relation to mastodon and such.
There already are “forks” of wikipedia for conspiracy nuts and other sorts.
I think what could work though is similar to how some things are adding AP support that allows for following and sharing, and maybe commenting on articles, having those aspects be federated might not be so bad.
yes most chromebooks if you own them you do what you want because google knows even if they did lock them down more someone out there would be waiting with a soldering iron to figure out how to mod them into running other things. But thats not the same thing as a company that buys devices for their employees and doesnt give said employees permission to open them (without risking their job anyway). The point being, the “demand” for such systems is already mostly met, normal PC users/ gamers wouldnt actually buy a product like that, because if they did it would just be a “Console”. You couldnt force it on users because there isn’t a monopoly of PCs like there is with phones or game consoles
Actually I should have said in my original post, Game Consoles also qualify, because the PS4/5 Xbox whatever, the last 2 generations they’re literally just locked down PCs with very specific hardware.
Okay I don’t drive so im a bit out of the loop on this but last time i rented a car some 15-20 years ago it had GPS built in that didn’t require connecting, it was a tablet sized interface on the console… is that not a thing anymore? Like do cars in 2025 not have functioning GPS without a phone connected to them? Thats wild if so. A 2008 Toyota Prius could have a built in console navigation system, it ran off a DVD or USB key that you got updates for by mail, and here we are in 2025 you need a phone just to power the cars computer for navigation.
It was not that common 10 years ago, it was only JUST being fully rolled out in the US in 2015 when they finally made it mandatory for cards to have chips in them. I guess I’m just an old man yelling at clouds here, but i just never really felt like using cash or a card was that inconvenient.
I suppose for you tap2pay is as essential as being able to run custom software on my devices is to me, I have been using custom roms since 2009 and I wouldn’t be willing to sacrifice my ability to use GrapheneOS just so i can carry one less card that i can literally fit in my phone case, but hey, different strokes ig.
And what did you do five years ago or ten years ago? At what point did Tap to Pay become so convenient and so essential to your life that you’re willing to give up your ability to have complete ownership and control over what’s installed on your phone rather than go back to having a card on you?
It just doesnt seem like that big of a deal to me, but then i never was able to use it anyway because ive been running grapheneOS or another custom rom since before tap2pay even existed.
So you sacrafice your ability to use a more free device because youd rather leave your credit card at home, but thats A choice that you made. If you wanted you could bring a card with you or cast with you or a wallet full of things. Do you not carry ID with you either?
Honestly tap2pay seems like very little advantage over a credit card for having to sacrafice privacy and the ability to control the software on my phone, but thats just me.
Im not saying its a problem to want features, just saying its sacraficing freedom for convience, its a choice.
If you really wanted to use a Linux phone, there are options. You would have to adapt, you would have to use non-standard solutions, but in the long run you’d have more freedom because of those sacrifices in convenience.
None of the 3 things you mention was common place 10 years ago, its not that much of a setback to carry cash or a card, or to use a dedicated device for navigation. Its fine if you dont want to do that but dont act like you can’t live without tap2pay or a voice assistant if you really wanted to.
So what happens if your phone is lost or stolen or damaged? How would you pay for a new phone?
How old are you that you “need” these things.
Is not being able to use tap to pay, or having to plug in an aux cable really that big of an inconvenience?
Yes it does
Don’t spread misinformation