That sounds funny, but In that reality, the government with all its power will find a way in (they probably already have programs (as in departments) for finding their way into other countries tech).
Better to just install a proper de-googled android build (grapheneos, etc) and only use wifi (if data/phone num not needed) for the best odds.
In a couple of years (with more r&d, development and investment) I bet this will change to being use a linux phone.
Hm I don’t remember posting the comment you are replying to, to the one I replied to.
You are right, but I still argue that keeping Jellyfin up to date is fine, there’s no serious bugs (afaik) that will compromise your whole server for instance, so these bots have nothing valuable to exploit here.
When I say don’t post your instance url I was talking about normal people finding it to try streaming from it without auth, I think I was replying to someone else and though this was the same thread.
I find it hard to believe that there are bots scanning for jellyfin exploits, since as far as I’m aware, the exploit is for viewing content without auth. 99% of bots are scanning for old instances of wordpress or other outdated software to exploit.
If my content on Jellyfin was illegitimate, the person scanning for my files would have to prove that before they can sue, no? I don’t think this makes sense for anyone to do.
p.s. I won’t argue that YOU should setup software that you dont want to, just that this particular reason not to may be a bit farfetched.
You may need to reevaluate your threat model.
I agree with you, it’s likely this vulnerability is only known because Jellyfin is open source… how many are hiding in Plex’s proprietary source code…
Anyways when has anyone ever been pwnd by this “exploit”, I have seriously never heard of anyone being “hacked” by one of them.
Definitely overblown as far as I am aware… don’t post your instance url all over the internet and you will likely be fine.
Using Plex (is fine, do whatever u want) and giving them your data instead doesn’t really help you (or at least sending your data through them).
you will absolutely lose a bunch of them
I always see this and I have to ask: why do you care?
They likely aren’t paid customers of yours, if they don’t follow your rules and the software you like to use, then they are free to use any other method of consuming media.
VPN
Have to agree with the other comment that asks why do you need to use a vpn. Fax
My question is, where are you posting the address to your jellyfin server that someone who finds it will go through the trouble of even doing this?
Also how could they start litigating you based on the content you have? If I had illegal content on my server, I would be really dumb to expose it on the internet on a public jellyfin server. Otherwise my movies, tv, etc are my paid for content…
You didn’t ask, but if you’ve had a bad experience with the apps, you could try one of the native apps.
My friends on Apple devices think Swiftfin (https://github.com/jellyfin/Swiftfin) is much better than the normal jellyfin app.
I haven’t used this one/know anyone that has: Findroid (third party) (https://github.com/jarnedemeulemeester/findroid). Mostly because I haven’t had any issues with the official jellyfin app for android, but it would probably give a cleaner experience, being native and all.
For the server, I think it’s fantastic. Never had any problems that weren’t a few clicks to resolve. Pretty much use it and forget I’m the one maintaining it for the most part. I wonder what issues you encountered?
Yeah pretty sad. It would be a much more useful feature for me on mobile.
On desktop, I usually just create a new window for different types of stuff.
No easy way to organize my infinite tabs on mobile (as far as im aware).
Chromium browsers on mobile do this, but it’s also a bit weirdly complicated/frustrating to work with at times, I hope of Firefox get to it, they can make it super simple.
I had go look up mixue and I now crave ice cream and tea. The hot and cold combo must be amazing. Possibly the cure to brain freeze.
The recent duckduckgo ad campaign will surely help rescue googlers and so does my mission to ensure everyone I know doesn’t use google search.
I believe in the underlying message (use linux), but doesn’t practically every big company change their privacy policy or tos every 10 minutes.
I don’t trust any governmental body, probably for the best.
I believe their license (GPLv3) doesn’t permit modifying the source code without releasing it to anyone who asks for it, but realistically, if it’s only code they have written, they won’t sue themself over it.
I’m no licensing expert, but that’s how I see it.
I didn’t mean to say that it’s (still) trash, I think it’s useable, but there are still a lot of improvements to come.
Element as a client seems to want to do everything, which is probably great for a lot of people, but it (in my experience) has led to a poor user experience (which with more time, will likely improve, they seem to have a lot of backing).
With Element completing voice/video implementation, I imagine it’ll be easier for other clients to reference their work when implementing their own support.
Once the other clients get voice support, I will definitely be trying them out again, I’m sure they will make a much simpler experience that works out the box.
The lost keys problem has luckily never happened to me, it usually boils down the user error I believe, but yeah, if it is a user error that happens often, they should figure out some way to fix that (probably a hard problem, which is sort of fixed (i believe) if you use the client on multiple devices, so if you get logged out of your account you can easily authorize your access from another logged in device, eg desktop/mobile).
I agree, I don’t think it’s trash. From my experience, chatting is very good, voice/video are just the next thing they are tackling.
Better UX will probably come after important features are done.
Just imagine the good they could have done by being a new competent Matrix client that can do everything, but instead they are a Discord clone.
Yeah, they kinda screwed up Element with combining mobile and desktop features into one app. The first time I tried creating a call on desktop, it was suddenly apparent how confusing they had made it, because you can do it in multiple ways (normal calls & conference calls).
There are other UIs that look very nice, but sadly don’t support voice chat. Hopefully these other clients can catch up, but it’ll likely take a while.
If you’re looking at getting a new (used) phone, I would suggest GrapheneOS (the most secure/private de-googled rom afaik).
You need a Pixel phone, the newer you get the longer you will keep getting software updates for the future (if you keep the phone past these many years of support, then I believe switching to a other rom will be required for security patches etc. Each phone is supported until Google stops supporting them I believe). You said you don’t care about updates because you can keep it from connecting to the internet, but it’s a plus anyways.
If you plan on never touching a google service, GrapheneOS allows for that (nothing google by default), but on the other hand, if you need google play, etc for banking apps or whatnot, they have that covered with Sandboxed Google Services (which you can run solely in another user profile on your phone for added privacy).
Anyways, I think GrapheneOS in a great option & their website has much more info if you’d like to continue hearing about it:
https://grapheneos.org/
p.s. you can check their website for how long different pixels will have continued support before (if) you get one (incase anyone else is reading this).