• 8 Posts
  • 122 Comments
Joined 2 years ago
cake
Cake day: June 6th, 2023

help-circle



  • The last set of comments is from 2024. These have not been addressed. The fact that it is possible to stream without auth is just bonkers.

    The entirity of jellyfin security is security via obscurity which is zero security at all.

    “As a cybersec researcher”, the limp wristed, hand wavy approach to security should be sending up alarm bells. The fact that it doesn’t, means that likely either, you don’t take your research very seriously, or you aren’t a “cybersecurity researcher”.

    “Thank you for this list. We are aware of quite a few, but for reasons of backwards compatibility they’ve never been fixed. We’d definitely like to but doing so in a non-disruptive way is the hard part.”

    Is truly one of the statements of all time.
















  • If you’re going to use a git tool, you need to know how git works.

    There are 0 excuses for not having months of work in a repo, none. I have no sympathy whatsoever. How the fuck do you spend so many months without backing up your project or stuffing it in a repo?

    No sympathy. Dude is a shit developer and he learned an invaluable lesson.