• 0 Posts
  • 563 Comments
Joined 1 year ago
cake
Cake day: July 2nd, 2024

help-circle











  • MaggiWuerze@feddit.orgtoSelfhosted@lemmy.worldImportant Notice of Security Incident
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    5
    ·
    edit-2
    8 days ago

    No, the worst is that a company like Sony or their lawyers can find my server and create a list of movies I offer and then sue me over it. I live in a country where lawyers make a living doing nothing but that.

    Besides that, security by obscurity is the worst possible form and barely qualifies as security at all. It’s also another place where the Jellyfin devs leave their users to their own devices when it comes to securing the server against malicious actors.

    And none of this is clearly communicated by the project. The unauthenticated endpoints are not disclosed, the issues with the filepath is not disclosed. People treat it as a drop in replacement for Plex, but people using it as such basically throw an unauthenticated server onto the open web