Nope. I don’t talk about myself like that.
All of these “vulnerabilities”, require already having knowledge of the ItemIDs, and anyone without it poking around will get banned.
Which are simply MD5 hashes… You can precompile (rainbow tables) those. The “knowledge” here to get a valid video stream is “What path is the file on” which is pretty standardized. This is a good way to have a major movie studio’s process server knocking on your door.
you’ll have to put your Jellyfin server on the Internet.
Don’t.
They can also crawl this publically-accessible social media source for their data sets.
Crawling would be silly. They can simply setup a lemmy node and subscribe to every other server. Activitypub crawler would be much more efficient as they wouldn’t accidentally crawl things that haven’t changed, but instead can read the activitypub updates.
No upselling.
Bullshit. Within minutes of registering just to look at some stuff I got spammed with all sorts of bullshit via email. Custom one-off throwaway email alias.
Over the 15+ years that we’ve had crypto, there have been only two viable uses. All others have failed:
Criminal activity (including brutal stuff like enabling NK/Russia and drug cartels) Financial speculation (in of itself often a malicious activity where the goal is to dump your worthless bags on a mark)
Huh, Weird… Every use I’ve ever used crypto for doesn’t fall into these two categories. So I guess your assumptions and thus everything you based your logic/responses on must be faulty and incorrect.
I use Crypto much like I use my second language/citizenship. Rarely… However, that doesn’t mean I don’t use it legally. And simply holding onto the crypto != financial speculation. Nobody treats a savings account as “financial speculation”.
I’ve paid for plenty of things from my crypto wallets. Ranging from several to thousands of dollars.
And yes, I would like my payment for toilet paper and bell peppers to be private. Strictly for the fact that I don’t want Mega-corpo stores to be able to track and advertise to me based on my payment method. “Club cards” to advertise/track you are a thing. Large chains can do this same thing with payment methods details. So yes, being “real” here, I not only require it, but demand it.
Your premise is bad. And based on your other responses you don’t care to address it at all.
Transcoding…
Since Plex is distributing software that can re-encode video, the codecs that comes with the software must be licensed for many of the codecs.
Here’s an article that covers some of the shenanigans around h264… Now realize there’s at least a dozen others as well that are likely just as screwy. https://jina-liu.medium.com/settle-your-questions-about-h-264-license-cost-once-and-for-all-hopefully-a058c2149256
pay the license costs for the codecs your using…
granted… none of us care about that. but thats what they’re doing. also developement on the software (for good and bad)
I was going to leave this alone… your original comment was correct enough that it wouldn’t matter and your “dedicated attacker” left it fine when i read it before.
but your edit has a gaping flaw. you assume that all content in the library would be physically released. lots of shows and movies are not physically released now. Can’t claim “backup” for those. The moment a movie studio finds your stuff and can map a few titles and one of them never had a physical release… your in the shit.
but yes you can be much harder to scan overall with a few steps. fail2ban is a great answer that makes it deeply unlikely to be an issue.
but i wish that they’d just fix it.
edit: OR that they wouldn’t try to go after you for distribution…