After getting a NAS to replace my raspberry pi 4 as a home server, I literally just SCPd the bind mounts and docker compose folder, adjusted a few env variables (and found out of a few I needed to add for things like the uid/guid the NAS used as default for the media user I created) and it took maybe 30 minutes total to be back and running. Highly agree with you from experience.

They are also way too small in terms of storage given that they don’t support external cards (Apple is similar). Google/Apple definitely want buyers to also buy their subscription storage services or pay the high premium for the next storage level.

I’m on an XR right now and it feels older, but still very much usable. I wish companies offered options to only get security patches instead of having to buy new phones every few years, that’s the 1 thing I hope Google keeps around and doesn’t walk back in the future.

Great summary “a lot of common error checking has gone into it. It can be told what you want without specifics that would only potentially be applicable to 1 system type.”

Forgot expensive. Big, expensive, unreliable. The trifecta.

Out of curiosity as an owner of a QNAP NAS, how did it go out? Any signs it was in its last legs? Now that I’ve used one, the form factor is the only thing better than most options out there when I got it.

Nowadays all QNAP, Sinology and other NAS vendors supposedly offer a lot of extra value with their cloud options, but I find them a sure way to get hacked based on the average company’s investment in security (I work in IT, it is a sad affair sometimes) combined with all the ransomware specifically targeting them due to old packages they rely on = I’ll build my next system from the ground up, even if the initial cost is higher and the result is uglier.

deleted by creator

deleted by creator

Not to mention that some providers offer APIs to provide certificates without opening port(s) 80/443. This allows using nice host names on your personal domain with valid SSL over the internal network too. Want to migrate a server or service? Just change the IP associated with the domain on the internal DNS. Makes migrating and upgrading a lot easier.

You don’t have to take my word on this, but when you have so many vulnerabilities, the foundation and knowledge about security practices by the developers is missing some key ingredients.

I use Jellyfin. I like jellyfin. I would like people to use jellyfin, but do it responsibly.

Citing backwards compatibility is not an acceptable answer either. If individual endpoints and/or protocols (web sockets) are being addressed as separate issues, then there is no overall filter for the most basic thing as checking if the user is authenticated, you know a potential attacker will look for more.

Will they target jellyfin instead of your average government website with a low budget and similar issues? Unlikely, but possible if the level of effort is low and can potentially create a large botnet, maybe?

You handle these with overall filters (or whatever they are called on c#) and white lists if something truly needs not to have it instead of reacting when someone reports it.

The simple fact that some of the code was sending api keys as GET parameters (which get logged cross every access log in the middleware on its way to the target server) and it didn’t raise any flags seems sufficient enough to suggest DO NOT expose jellyfin directly to the internet.

By then you would have racked up thousands of dollars in legal fees. Not to mention if anyone posts anything negative about the current administration you could be used as an example.

We already have students on visas being kidnapped off the streets, let’s stop pretending the law actually matters for the people in power.

Bash does seem like a better fit for this kind of script since it is a lot more portable.

I.e.: It comes by default for many Linux distributions. For windows, a Git bash install will get you most utilities needed for large reliable scripts (grep, scp, find, sort, uniq, cat, tr, ls, etc.).

With that said, you should write it on whatever language you want, especially if it is for learning purposes, that’s where the fun comes from :)

Cheaper plex subscription at the cost of healthcare and taking orders from a moron. Can’t say no to a great deal!

I don’t know if it is always the fastest. I know they said android, but for example on not too old Apple phones (pre-usb c), I had the impression you could get better throughout on wifi compared to a cable connection. Maybe that’s just apple trying to squeeze money on proprietary connectors, but other manufacturers seem to copy their worst takes sometimes though.

He just needs a bonus for a few billion dollars and then it will be ok.

I seriously can’t believe there are board members that brain dead that think it would be a good idea to approve that kind of bonus if they are trying to make any money for the company.

Can you elaborate on what you mean?

And the day that something bad in general about the code can be said? That’s when developers fork. It means something different to us.

I’ve heard of people using a shake sensor or a power monitoring outlet/switch which seems like it would take a lot less effort to integrate into automations (like showing a light when it is done somewhere).

Not sure if the UK is similar to where I lived, but they were the worst “cloud” provider I’ve ever used. Want to shut down the instance you had to recreate it with a different OS? Good luck getting it back online as they are out of capacity. Also, if you accidentally deleted one of the default network components it was impossible to recreate it without incurring a cost kind of going against anything you learned about cloud computing and “infrastructure as code”. It was a glorified GUI.

Edit: I’m just glad my current employer does not use anything oracle as their support is also famously bad.

Developer1: @developer2: could you take a look, I know u know stuff about this.

Developer2: can’t reproduce. Might be able to if I get the app logs in trace level, the blood of 3 dragons and a signed autograph of Michael Jordan’s third hello world program.

User1: here are some other unrelated logs at info level only and nothing else.

Git bot: clozed y’all.