I see, thanks.

UpNp or port forwarding is the same way both Plex and Jellyfin work.

I don’t know what makes Jellyfin less secure since they both work the same way for this as far as I can tell…

Can you be more specific about what makes Jellyfin less secure when it comes to UpNp/port forwarding?

In the case of port forwarding at least Jellyfin is open source and has more eyes on it so it’s less likely for someone to zero day it and have at it unless I have misunderstood how each can connect off-network.

Furthermore the hash for your password is stored along with many others at a single (or relatively few) attack point/s on a Plex business server since it’s a centralized business whereas this is never the case for Jellyfin.

Also this thread is about Plex literally selling your personal data so I don’t really consider Jellyfin worse for exposing your personal data.

I’ll take my chances with a single idiot who want’s to compromise my poor asses tiny network versus an actual hacker who wants to compromise an enterprise businesses network that is storing thousands or hundreds of thousands of user credentials, data, and payment information (Which Jellyfin doesn’t store even half of).

If someone hacks Jellyfin on my network -> They have my… media files? Maybe the hash of the one password I use there?

If somone hacks Plex on my network or anywhere - or the people they sold that data to -> They have my password hash, credit card number and probably my name that is associated to it, personal data that Plex is selling, etc.

TL:DR I think Plex is more likely to be hacked rather than myself and the outcome of Plex getting hacked is worse than if my personal Jellyfin server gets hacked.

I went to the Jellyfin landing page, went to the install instructions, copy pasted and ran literally one command, opened it in a browser, made my local account, clicked a button to point it at my media folders and then I was done.

What isn’t easy?

Thanks, I’ll read up on this!

Thanks, I’d probably still go the Libre sweet potato route over a Roku stick or something in that case though, as there is a price difference there of at least $20.

I’ve heard a lot about Kubernetes, but haven’t actually had to interact with it once incredibly. Interesting, thanks for the recommendation!

Wow thanks!

Awesome, thanks! It didn’t occur to me that IKEA could be an option!

Personal system but I work in technology, so learning solutions used in industry is always handy.

I want spinning disks as they have shorter life but a wider mean time between failure, which should be better for the RAID I want to configure.

Since SSDs have a definitive number of writes in their lifetime, as I recall it can be kind of dangerous to install several new ones at the same time in something like a raid 1 configuration.

That’s great to know, all four of my other machines are running Debian right now so I should have a pretty good idea of what’s up!

That probably is what I will do for some time, leaning it gently and securely against a wall somehow, but in the future rack would be nice - especially if I find some enterprise firewall for sale or something.

Also really happy to hear ebay might have iLO licenses - I have grabbed a couple one-time licences off there for windows machines before, but I didn’t know they sometimes had stuff like this too.

Thanks!

Thanks for the tips and the link, that’s super useful!

Unsure about the iLO, but I do recall powering on one of these remotely in school using it. I’ll have to wait until I find some power cable to take a look I believe, but I do see a sticker with the default user name and password for it on the side, so here’s hoping haha.

I have a PLA 3d Printer, but I fear PLA has too low of a melting point to use for server components. It would be neat if there were a caddie model out there I could test with though - will have to look around.

Thanks for the insight on the rack as well, that will be good to know in the future I am certain.

Sniff the packets and see if you can determine what the data is.

People are probably down voting you because pointing someone to fdroid in response to a question asking for specific recommendations for a transit application is also not particularly helpful. It’s like if someone asked what boat they should buy for Alaskan Crab fishing which has navigational equipment and sonar that can detect down to 100 meters, and in response someone pointed at the entire ocean and said “I suggest you look for one there”.

Veracrypt hidden volume attached to an air gapped system. Unless someone kicks down the door and grabs you faster than you can click once, no one is getting at, or will realize that data exists.

https://youtu.be/JsVtHqICeKE

You are correct. Having worked in information technology, I realized pretty quickly that management is always reactive and never proactive.

In the words of pentester Jason E. Street in his defcon talk “kill everyone, destroy everything, cause total financial ruin” - “the best way to get management excited about a disaster plan is to burn down the building across the street.”

If a government got hacked big time because of a back door, they would probably become a lot less interested.

Yes, to a degree. In my experience a lot of attackers will call phones and wait for you to say something to get a model of your voice.

When I answer a phone number I do not recognize, I don’t say “Hello” anymore. Instead I remain quiet for 10 seconds. If its a poorly made bot trying to scrape my voice, usually it hangs up within that time.

I am also more open to letting everything I don’t recognize ring through to my voice mail which uses the default response without my voice since these types of attacks started.

For peertube etc, I am unsure what the best solution is, but would be interested in what people here suggest!

Awesome, Thanks!