🇮🇹 🇪🇪 🖥

  • 0 Posts
  • 158 Comments
Joined 1 year ago
cake
Cake day: March 19th, 2024

help-circle





  • I presume you mean running Plex in host namespace. I don’t do that as I run the synology package, but I can totally see the issue you mean.

    Running in host namespace is bad, not terrible, especially because my NAS in on a separate VLAN, so besides being able to reach other NAS local services, cannot do do much. Much much much less risk than exposing the service on the internet (which I also don’t).

    Also, this all is not a problem for me, I don’t use remote streaming at all, hence why I am also experimenting with jellyfin. If I were though, I would have only 2 options: expose jellyfin on the internet, maybe with some hacky IP whitelist, or expect my mom to understand VPNs for her TV.

    (which doesn’t harden security as much as you think)

    Would be nice to elaborate this. I think it reduces a lot of risk, compared to exposing the service publicly. Any vulnerability of the software can’t be directly exploited because the Plex server is not reachable, you need an intermediate point of compromise. Maybe Plex infra can be exploited, but that’s a massively different type of attack compared to the opportunities and no-cost “run shodab to check exposed Plex instances” attack.



  • Well, as an application it has a huge attack surface, it’s also able to download stuff from internet (e.g., subs) and many people run it on NAS. I run jellyfin in docker, I didn’t do a security assessment yet, but for sure it needs volume mounts, not sure about what capabilities it runs with (surely NET_BIND, and I think DAC_READ_SEARCH to avoid file ownership issues with downloaders?). Either way, I would never expose a service like that on the internet.


  • Not to be “achtuallying” bit VPN is not a way to remote stream, it’s a way to bring remote clients in the local network.

    Likewise exposing services on the internet…not really going to happen esepcially for people - like me - that run plex/jellyfin on their NAS.

    I don’t have a horse in this race, i don’t use remote streaming, I only ever streamed from my nas to my 2 TVs, and I am experimenting with jellyfin. But for those who do need remote streaming, jellyfin is going to be problematic.





  • Ironically that poster is an Israel supporter. By their own logic every Israeli should be victim of default “suspicion” and be treated like an IDF war criminal, since everyone has the “potential” to be one.

    Actually, this argument would be even more compelling since Israel does have elections and you can emigrate/renounce to your citizenship, both not possible in case of manhood.

    It’s bizarre that someone could come up with such a poor argument that ultimately boils down to: “people should be accountable for the actions of other people in the same demographic”, without realising there are tons of way you can divide people in demographics.



  • Precisely. It’s completely different from doing that in your group of friends, where confrontation is a way to establish common values, and in an internet cesspool where anyway I am going to be moderated out.

    Just yesterday I was reading a great article about how social medias compare to TV when it comes to feeling part of a group. “Calling out” people in such places wouldn’t be anything else that virtue signaling (to yourself) to reaffirm your own identity (I stand up to sexism), and at the same time allow those people to reaffirm themselves (I get confronted because I am speaking truth).

    Basically it would be at most a performance.



  • because at least all men share the potential to act out problematic gender roles

    Everyone (literally) has the potential to act out problematic gender roles, women included.

    protect other men from female criticism because “they are different”

    This sentence is legit incoherent. If a criticism doesn’t apply to someone, protecting against said criticism is quite literally preventing discrimination.

    If men want to get rid of the collective suspicions

    Or maybe we can criticize unfair collective suspicion in the same way summary judgments based on other categories are crticizised. I really can’t see how this argument does not lead to racism, sexism, etc. Being a man is not being part of a club, you don’t decide to join, you don’t subscribe to any value, you don’t have a steering committee that decides how “manhood” is by vote. Why tf anybody should be responsible to change a group that they are part of simply for biological reasons?