Yea I haven't tried Pangolin myself - looks a bit bloated for my tastes, but I have tried rinetd across Tailscale and it worked brilliantly (very simple conf file), and I've done reverse ssh before (using autossh) which was a bit fiddly. frp does look promising though, just as a VPS<->home bridge.
droolio
joined 2 years ago
I mean, anything with a web server can have vulnerabilities. Just look at the LastPass breach where hackers got in through an employee's exposed Plex library.
This video addresses many of the concerns of hosting stuff in public, and details a way (and some tools) to do it relatively securely. (There's always a risk there'll be a zero-day vulnerability in a web application like Jellyfin, but you can mitigate against them if you use the right strategies/tools, and you're vigilant enough.)
Since you're on cgnat, you can set up Pangolin on a VPS, or Tailscale-->rinetd-->Tailscale tunnel, also on a VPS. (Apparently frp is another similar solution, with p2p proxying.)
MURDERER!
FXP
Oh wow, there's a name I ain't heard in a while.
Fantastic rebuttal kindergartener, you convinced everyone.
Yes I read it when it first came out, and again after a recent update. It's very opinionated and I remain unconvinced the criticisms amounts to very much. At the least, certainly not to the point where words like nazi and fascist should be thrown around!
For example, I dislike Yarin's and Lunduke's politics but I did at least watched Yarin's interview. (Did you? It was boring, and entirely tech-oriented, nothing controversial at all.) But... trial by association I guess. And anyway, it's not the article itself I have a problem with - it's the borrowing of second-hand opinions as if they should be your own. Sometimes, it's prudent to reserve judgement (until 'verifying every single thing'), or criticise specific ideas, without leaping to ad hominem per consortium.
I find it wild in this day and age how questions like ("why do WE hate" such and such) are being asked in the first place, then answered through one person's opinion piece mindlessly linked from all angles. Please, for gawd sake, stop listening to random fedditors/redditors about what opinions you should adopt!
IMHO (<- there's a novel approach), the criticisms of FUTO are just as biased and political as FUTO themselves, and everyone should be sceptical of bias from all sides. Apparently, focusing on 'privacy, decentralization, and right to repair' - is being too political, and they're not allowed to have a philosophical take on what they imagine successful open source to be. (Incidentally, I'm not necessarily on FUTOs side, just pissed off at the nature of social media to obviate the need of critical thinking and make everything black or white.)
Is this really much of an issue? They provide documentation and a repository of scripts for working with WG for instance. And I've been using this docker container for many years without issue.
Duplicacy
You maybe right about the authoritarian part, but I guarantee you they don't know a thing about technology - evidenced by their unwillingness to listen to experts on matters like the Online Safety Act or on trying to outlaw e2ee. Starmer made Peter Kyle Secretary of State for Science, who said "For everyone thinking of using a VPN, verifying your age keeps a child safe ... so let's not try find a way around, just prove your age, make the internet safer for children." Authoritarian certainly is an adjective to describe these people, but so also is clueless.
view more: next ›
They opened it to the internet - that's the big difference (and the topic at hand). Security is a multi-layered thing, but if your weakest point is a gaping hole, the rest doesn't mean much. To my point - assuming Jellyfin ain't gonna have vulnerabilities even when you're fully up-to-date, is foolhardy.