Yes. You only need to pay if you’re connecting via their relay or trying to use the remote hosting functionality. But since a VPN would land you inside of the network, you’d be fine. You’d probably need to dig into the plex settings to specify that the VPN subnet is LAN traffic. But after that, you should be good.
I mean, you just listed the most insecure way to host Jellyfin. Poking a hole in your firewall will technically work, but that doesn’t mean it’s the correct way to do things. A good setup would use a reverse proxy, and some sort of authentication wall like Authentik or Authelia.
All of that would only take about 15 minutes for someone who knows what they’re doing. But the vast majority of people setting up Jellyfin for the first time won’t know what they’re doing. And seeing the inevitable “lol just open your firewall” comments only serves to scare them away, because even the noobs have heads that’s the wrong way to do things.
Though knowing that a homing pigeon with a thumb drive is actually faster than the fastest Internet network on the planet
Depends on how big the flash drive is, I suppose. Need to send a 1GB file? Just make a torrent. Need to send 40TB? Yeah, that hard drive is getting driven across town.
This feels a little bit like Brainfuck tbh.
For what it’s worth, I can think of one thing that would make brainfuck even worse: Instead of using 8 arbitrary characters (it only uses > < + - . , ] and [ for every instruction) for the coding, use the 8 most common letters of the alphabet. Since it ignores all other characters, all of your comments would need to be done without those 8 letters.
For example, “Hello World” in brainfuck is the following:
++++++++[>++++[>++>+++>+++>+<<<<-]>+>+>->>+[<]<-]>>.>---.+++++++..+++.>>.<-.<.+++.------.--------.>>+.>++.
If we instead transposed those 8 instructions onto the 8 most common letters of the alphabet, it would look more like this:
eeeeeeeeaneeeeaneeneeeneeenesssstonenentnneasostonnIntttIeeeeeeeIIeeeInnIstIsIeeeIttttttIttttttttInneIneeI
Chaotic evil is encrypting, compressing, then encrypting again.
I mean, that’s true regardless of how it is running. If the service is externally available, it will be probed for vulnerabilities. At least with a container, you can ward off what files it has access to, so an attacker can’t just ransomware your entire NAS with a single vulnerable service.