Well it’s also. Windows XP. There’s updates. Install them when you want to. Windows 10: There’s updates, install them soon unless it’s pro then install them when you want. Windows 11: Please install your updates, you have twenty seconds to comply. Windows 12: What’s that, you were in the middle of editing a file with 8 hours worth of edits? Tough I’m rebooting now bitch.

Enjoy it while you can. The age of enshittification will be upon us. With fully locked bootloaders and the only way to install true FOSS mobile OS is to pay 3x the price for half the capabilities of a normal Android phone.

However, my understanding is that this could be exploited only by authenticated users with permission to add new media. Not like that’s a risk to ignore, but it’s not like it could be exploited by anyone on the Internet.

I wonder if that’s the reason for setting the default live TV management permission to false. Since that permission might well the the route to adding your own malicious m3u link for that second change.

Reverse proxy will let anyone connect to it. VPN, you can create keys/logins for your intended users only. Having said that, from what I could see, nothing in the security fixes were to do with authentication. I think (just from a cursory look), they could only be exploited, if at all from an authenticated user session.

But personally, something like jellyfin where the number of people I want to be able to access it is very limited, stays behind a VPN. Better to limit your potential attack surface as much as you can.

From a cursory look at just the security commits. Looks like the following:

• GHSA-j2hf-x4q5-47j3: Checks if a media shortcut is empty, and checks if it is remote and stores the remote protocol if so. Also prevent strm files (these are meant to contain links to a stream) from referencing local files. Indeed this might have been used to reference files jellyfin couldn’t usually see?
• GHSA-8fw7-f233-ffr8: Seems to be similar, except for M3U file link validation and limiting allowed protocols. It also changes the default permissions for live TV management to false.
• GHSA-v2jv-54xj-h76w: When creating a structure there should be a limit of 200 characters for a string which was not enforced.
• GHSA-jh22-fw8w-2v9x: Not really completely sure here. They change regex to regexstr in a lot of places and it looks like some extra validation around choosing transcoding settings.

I’m not really sure how serious any of these are, or how they could be exploited however. Well aside from the local file in stream files one.

Not sure what you mean. I just saw asterisks.

You know I cannot be the only one that will consciously decide to not buy brands that make intrusive adverts. But, they must also know that. So I can only assume that the majority of people don’t think the same and it’s an overall upside for these annoying ads.

If you want to go super de-centralised. Just remove the internet and go for a mesh network :P

Wait this is still a thing? I remember writing a DCC download bot in arexx on the amiga, back in the mid 90s.

Peter Backman, CEO of theDelivery.World, said the practice was only misleading if customers were purposely trying to support independent restaurants and takeaways.

That’s some high grade bullshit. There is going to be a subset of people (and I’d argue it’s a growing number) that want to support local businesses and so yes it’s misleading to all those people.

But more than that. A corporate/franchise brand has such a huge value they will sue you if you use it without permission. So if they’re choosing not to use a brand they paid good money to use, it can only be because they want to deceive.

It’s true rsi is far more likely to kick in before hinge failure.

Foldable hinge. Good for 10k folds, or 30 minutes of foldy bird.

Samsung did make 1tb phone models. Not sure if they still do. When I got my s24, 1tb was an option.

I upgrade every 4 years or so, and that’s really only because it’s also when battery life usually declines.

These days the only improvement seems to be memory, storage and camera. Somehow I feel some of those will stagnate.

But the new Samsung s28, it’s totally a bigger number than what you have now.

At home I’m on Linux but yes I also have a work laptop and I hate windows more and more daily.

Then I suggest they use an XNOR pointer instead! Checkmate patent trolls!

Huh. I am sure you could search for individual books. For sure you could do it by goodreads ID I think? Yes, adding an entire author as the primary way to do things is a bit much for some. I know for sure I have managed to do individual books before now.

Yep, same. Well I actually remember finding the best ways to copy a game on a tape error free first. Some, without protection you could just save back to tape for a digital reproduction (and this also allowed tape to disk conversion). Actually those with non destructive copy protection could kinda be copied too if you knew a little Z80 ASM. Others, you needed to copy tape to tape and hope the quality turned out OK.

But yes, then bringing your box of copied disks (Amiga in my case) into school and swapping with your friends was the way to go.

That’s fine. I’ll make my own internet. With blackjack, and hookers. In fact, forget the internet!

It’s a real shame because Readarr did work and they really just needed to fix their own metadata servers. No? Or were there other problems I’m not aware of?