Waryle

No, once again you’re inventing definitions, please have a read

Where do you even get the “media” part in it?

I’ll quote myself because I already answered that: « Media is the plural of medium, which means “intermediary” ». That’s the textbook definition of the word media, and the consensus about what it means.

Whatsapp is the middleman/platform, thus intermediary (= “medium/media”), between two people socializing. I don’t understand what you don’t understand.

A social network is social media that allows to form groups or communities. Two people communicating is not a network, the whole point of a network is interconnection between members of a group.

totally made up definition from your part

You forgot the “from your part” that is quite important. Language is a consensus, you just invented your own definition and pretend that it is the consensus.

And anyways, if “social media” and “social network” is the same, why have two different terms for it?

They’re not the same, it’s the square/rectangle thing. A social network is a kind of social media, all social medias are not social network. You could argue that Whatsapp is a social media but not a social network (but the frontier is getting blurry with groups and these kind of things).

That’s a totally made up definition from your part. Media is the plural of medium, which means “intermediary”. A social media is just the middleman that allows people to socialize. Lemmy is a social media, as well as a social network.

“trading convenience for security” was what my comment responded to. Using your phone to pay is not compromising security in any way, quite the contrary actually, and I explained why.

In France, everybody (barring most gas stations, even if I have seen some with tap-to-pay nowadays) can take tap-to-pay, even the remote mountain refuges I have been hiking to. You can even pay tolls and parking with it now.

And somebody even more old-school than you would think you’re a fool not taking cash or checks with you as a backup for your card. I’ve been paying with my phone for years without any problem, I just take my card when I need to refuel my car or traveling, and most of the time I have to check my card pin code anyway on my phone because I never use it.

And if my phone is off for some reason, well I have my watch.

Cards on smartphones are more secure than the real cards. You need a pin on your phone to pay, with a card you can pay up to 50€ without any approval.

Also, should a transaction be intercepted, the pirate would only acquire a Digital Account Number (DAN), which can be invalidated to disable the virtual card on the phone. You can still use the physical card and you can add another virtual card on the same, or on a different device.

If a payment made with your physical card is intercepted, the pirate gets the Primary Account Number (PAN) instead. It means that you must disable the real card as well as any virtual card relying on it, and requires you to await a replacement from your bank, and switch all your payments to this new card.

No, Jellyseerr is a selfhosted webapp where you request movies and shows, which will be searched and downloaded by your configured Sonarr/Radarr, which will populate your Jellyfin.

You can see it as a user-friendly Sonarr+Radarr front-end, that you can sync with Jellyfin users, so they can go and request content directly without you manually adding things in Radarr/Sonarr.

just $10/month year

You can look up for:

• Setting up max authentication attemps per connection -> slows up a lot brute force attacks. If your password is strong enough, that’s already a big step to secure your server.
• Generate SSH Keys and disable password authentication -> do this only if you’re connecting through the same devices, because you won’t be able to connect from any device that has not being set up. Personally I don’t use this because I want to be able to access my server even if I’m not home and without my laptop
• Set up Crowdsec -> it’s a local service which scans logs and will block access to any suspicious IPs. It also relies on a crowdsourced list of IPs that are identified as threat and will preventively block them

Oh you insufferable rawgabbit. Even in the face of definitive proof, the only thing you care about is throwing a 4 paragraphs tantrum trying to twist every single word just to not say “OK, maybe I was wrong on that thing”. I’m out.

https://www.legifrance.gouv.fr/juri/id/JURITEXT000030635061/

Case law from the Cour de Cassation, where the defendant was convicted, by Articles 323-1 and 323-5, of having extracted data freely following a proven failure of the protection system.

The complainant just had to show that the data SHOULD have been inaccessible, by expressing this “with a special warning” :

"3°) alors qu’en l’absence de dispositif de protection des données, la maître du système doit manifester clairement et expressément manifester, par une mise en garde spéciale, sa volonté d’interdire ou de restreindre l’accès aux données ; qu’en déduisant de la seule présence d’un contrôle d’accès sur la page d’accueil du site de l’ANSES que M. X… s’était irrégulièrement maintenu dans le système contre le gré de son propriétaire, la cour d’appel a violé l’article 323-1 du code pénal ;

Translated :

“3°) whereas in the absence of a data protection system, the master of the system must clearly and expressly manifest, by means of a special warning, his intention to prohibit or restrict access to the data; that in deducing from the mere presence of an access control on the home page of the ANSES site that Mr. X… had irregularly maintained himself in the system against the owner’s will, the Court of Appeal violated article 323-1 of the French Penal Code ;

In my case, the first thing you see when you arrive at my Jellyfin instance is a login form blocking your entry, and you have to go through a backdoor to access my data, so there’s no ambiguity on this point.

You’re wrong, period. Stop trying to debate laws interpretation of a country you don’t even speak the language of.

I live in France, and these are the relevant laws :

• Article 323-1 : you access my server without my authorization -> 3 years of prison, 100k€ fine
• Article 323-3 : you touch my data in any way -> 5 years of prison, 150k fine

Using a flaw in a software to retrieve data you should not have access to is illegal where I live, the same way as you’re not suddenly allowed to enter my house and fetch my drawers just because I left a window open. I won’t debate this point further.

Keeping that copy on a web accessible platform that is accessible by anyone on the internet(unauthenticated) isn’t covered by your rights at a bare minimum.

It’s as accessible as my DVD collection in my living room: anyone can get into my home without a key by illegally breaking a window.

Using a flaw in my Jellyfin to access my content is illegal and can’t be used against me to sue me, period. The idea of rights holders who would hack me to sue me is just plain ridiculous.

Depending on the content “timing” if they trigger on something that doesn’t have a physical/consumer release yet… or all sorts of other “impossible” conditions. This is obviously reliant on what content you actually have on your server.

And again, the only proof they would have could not be used in courts.

For real, you’re just fear-mongering at this point.

I was sincerely hoping someone would bring some real concerns, like how one of these security breaches listed in the OP could allow privilege escalation or something, but if all you got is “Universal might hire hackers to break through your server and sue you”, you’re comforting me in my idea that I don’t have much to fear

Where I live, I have the legal right to have a copy of a film of which I have a legal version, they can watch my media library as much as they want, it’s not enough to prove that it’s illegal.

And hacking my server is illegal, they can’t go to court by presenting evidence obtained through hacking, they would risk much more than me.

My Jellyfin server is behind Cloudflare with IP outside of my country banned.

I got Crowdsec set up on Cloudflare, Traefik and Debian directly.

I got Jellyfin up in a docker container behind Traefik, my router opens only 80 and 443 ports and direct them to Traefik.

Jellyfin has only access to my media files which are just downloaded movies and shows hardlinked by Sonarr/Radarr from my download folder.

It is publicly exposed to be able to watch it from anywhere, and share it to family and friends.

So what? They might access the movies, even delete them, I don’t care, I’ll just hardlink them back or re-download them. What harm can they do that would justify locking everything down?

ZFS Raid Expansion has been released days ago in OpenZFS 2.3.0 : https://www.cyberciti.biz/linux-news/zfs-raidz-expansion-finally-here-in-version-2-3-0/

It might help you with deciding how much storage you want

The most popular sandwich in France is the Jambon-Beurre, which is just butter and ham

Gnome Shell has been first released in 2011.

I’m curious, what is missing from Firefox compared to Vivaldi according to you?