Plex was running on his private computer, not a dedicated server, right?
They opened it to the internet - that's the big difference (and the topic at hand). Security is a multi-layered thing, but if your weakest point is a gaping hole, the rest doesn't mean much. To my point - assuming Jellyfin ain't gonna have vulnerabilities even when you're fully up-to-date, is foolhardy.
Yea I haven't tried Pangolin myself - looks a bit bloated for my tastes, but I have tried rinetd across Tailscale and it worked brilliantly (very simple conf file), and I've done reverse ssh before (using autossh) which was a bit fiddly. frp does look promising though, just as a VPS<->home bridge.
I mean, anything with a web server can have vulnerabilities. Just look at the LastPass breach where hackers got in through an employee's exposed Plex library.
This video addresses many of the concerns of hosting stuff in public, and details a way (and some tools) to do it relatively securely. (There's always a risk there'll be a zero-day vulnerability in a web application like Jellyfin, but you can mitigate against them if you use the right strategies/tools, and you're vigilant enough.)
Since you're on cgnat, you can set up Pangolin on a VPS, or Tailscale-->rinetd-->Tailscale tunnel, also on a VPS. (Apparently frp is another similar solution, with p2p proxying.)
MURDERER!
FXP
Oh wow, there's a name I ain't heard in a while.
Fantastic rebuttal kindergartener, you convinced everyone.
Yes I read it when it first came out, and again after a recent update. It's very opinionated and I remain unconvinced the criticisms amounts to very much. At the least, certainly not to the point where words like nazi and fascist should be thrown around!
For example, I dislike Yarin's and Lunduke's politics but I did at least watched Yarin's interview. (Did you? It was boring, and entirely tech-oriented, nothing controversial at all.) But... trial by association I guess. And anyway, it's not the article itself I have a problem with - it's the borrowing of second-hand opinions as if they should be your own. Sometimes, it's prudent to reserve judgement (until 'verifying every single thing'), or criticise specific ideas, without leaping to ad hominem per consortium.
I find it wild in this day and age how questions like ("why do WE hate" such and such) are being asked in the first place, then answered through one person's opinion piece mindlessly linked from all angles. Please, for gawd sake, stop listening to random fedditors/redditors about what opinions you should adopt!
IMHO (<- there's a novel approach), the criticisms of FUTO are just as biased and political as FUTO themselves, and everyone should be sceptical of bias from all sides. Apparently, focusing on 'privacy, decentralization, and right to repair' - is being too political, and they're not allowed to have a philosophical take on what they imagine successful open source to be. (Incidentally, I'm not necessarily on FUTOs side, just pissed off at the nature of social media to obviate the need of critical thinking and make everything black or white.)
Is this really much of an issue? They provide documentation and a repository of scripts for working with WG for instance. And I've been using this docker container for many years without issue.
Duplicacy
The source can be found here: https://terrorismlegislationreviewer.independent.gov.uk/ (direct link)
It's an independent report by Jonathan Hall KC presented to parliament. I think everyone is under the impression that those highlighted paragraphs are a statement of law, they're not. But they are the guy's (correct) interpretation of existing law - namely, Schedule 3 of the Counter-Terrorism and Border Security Act 2019.
The report itself is a good thing, coz now we know how far the UK government will try to stretch their powers and what we need to repeal when Labour (and the Tories) fucks right off.
As part of his summary: