The new repo has two releases in it now. These releases are not signed with the original key as far as I can tell. Further, GitHub is silently redirecting to the new repo, even in Obtainium, meaning it’s possible that if you had this previously installed via Obtainium and updated now, you may have unsigned apks installed that may or may not contain the changes in the repo.

This is a mess. I deleted the repo from Obtainium (luckily I don’t auto install updates) and will wait to see what happens over the next few months. Might just save my notes in a network share instead of using syncthing from my phone. Idk, notes are all that I was using it for.

Watch for spicy pillows… they’ll light your stuff on fire.

Containers are better than any other option, so of course they’re being used! I’m gunna use containers even harder!

I picked unRAID to be able to mix disk sizes. It also requires little maintenance in my experience, so that’s also a plus.

Depends on your definition of "smart’ I guess. ZigBee stuff like buttons and the like probably won’t become obsolete for a long time. I guess you could argue that ZigBee protocol updates could eventually brick them though. Good thing a lot of it is open source

It doesn’t require an internet connection at all unless you want to update the firmware on the cameras 🙂 Oh, and I guess to view the web UI you’d need a LAN connection but it doesn’t need to connect to the full internet.

Frigate and Reolink are a good combo. Frigate is absolutely fantastic and can detect objects, sounds, and/or save clips and recordings to your pool. There’s really nothing better imo.

Huh? Did you even read the whole thread? They’re linked above.

They could put a banner in the network settings warning users about these security issues while they get them fixed, that doesn’t require fixing any inherited code. In the GitHub issue linked, there’s at least one upset user because they had no idea this was even a problem.

What about the pwned users of Jellyfin that have unknowingly had security holes for 5 years because Jellyfin doesn’t care enough to even put a banner in their settings to say it’s not secure?

I mean, that’s fine, but it’s still an issue and a risk that would cause me to want to use VPN for remote viewing. It doesn’t seem like security is Jellyfin’s priority at the moment, not that it’s Plex’s either, but it’s not to a place where it’s worth it to switch from a security standpoint, personally.

I’d love to switch. I would do it right now, but the problem is that Jellyfin’s security isn’t better if you open it up to the internet. For example, I’d have to set up a VPN for my remote users for proper security, and most of my users are in other states, not technically inclined, and watch on their TVs. I’d have to at least support a raspberry pi for them, or some sort of site to site VPN, and if it goes down, I’ll be expected to fix it. On top of that, if I do a simple raspberry pi based VPN, it would be made even more complicated since they’d want it to work with their smart TVs.

Again, I really want to switch. But Jellyfin needs to fix their security issues before I can. I’m also happy with the way Plex is reporting this, it’s above the standard “your data is lost” notifications.

Edit: here’s a link to the related GitHub issue I’ve been following: https://github.com/jellyfin/jellyfin/issues/5415

And @Saik0Shinigami@lemmy.saik0.com has a great thread explaining more: https://lemmy.today/comment/18923504

Ah, I stand corrected. That’s probably why I’ve never been charged, 2.5k is a lot for my use.

Which part? If you’re wanting to use cloudflare pages, it’s relatively straightforward. You can follow this and get up & running pretty quickly: https://www.hongkiat.com/blog/host-static-website-cloudflare-pages/

If you’re asking about the tarpits, there’s two ways (generally) to accomplish that. Even if you don’t use cloudflare pages to host your site directly (if you use nginx on your server, for example), you can still enable AI tarpits for your entire domain, so long as you use cloudflare for your DNS provider. If you use pages, the setup is mostly the same: https://blog.cloudflare.com/ai-labyrinth/#how-to-use-ai-labyrinth-to-stop-ai-crawlers

If you want to do it all locally, you could instead setup iocaine or nepenthes which are both self hosted and can integrate with various webserver software. Obviously, cloudflare’s tarpits are stupid simple to setup compared to these, but these give you greater control of exactly how you’re poisoning the well and trapping crawlers.

+1 for Duplicacy (the GUI, as a container). Very worth it, IMO. Not only do I use it for my PC, I back up my server to my other server in another state with it. I also use it with Backblaze B2 (for very important files) which is slightly more than Hetzner ($6/TB). I haven’t run into any chunking issues and they don’t charge for API calls. Highly recommendated.

Yep, on top of simply blocking, if you’re self hosting or using cloudflare, you can enable AI tarpits.

The problem is the github issue has hallucinations and incorrect technical terminology. It really shouldn’t be used for this purpose, it’s pretty selfish to expect maintainers to consider something that you used LLM for in my opinion. I don’t think that’s elitist, is it really all that difficult to write a feature request on your own, especially if you’ve already done the hard part (the research)?

I mean, sure, but LLM issues are currently plaguing open source projects. Curl, for example: https://gist.github.com/bagder/07f7581f6e3d78ef37dfbfc81fd1d1cd

If someone isn’t passionate about something enough to write their own request, why would the devs be passionate about implementing it?

Yikes. Why would the devs implement anything created by LLM? It shows that the requester (you, in this case) isn’t passionate enough to sit down and write something on their own.

So we’re filing LLM slop for Lemmy issues now? Also that’s a pretty poor choice for a name.