We’re at around 1.5C for a few years. That’s not the same thing as a sustained average.

What that means is that we still have time to fight for better policy.

If the alarmists are right, we’re completely fucked already. Might as well do nothing and enjoy the benefits of a petro society while it lasts.

This is not what climate scientists are asking for right now.

Specifically these issues: https://github.com/jellyfin/jellyfin/issues/5415

The big one is that video/audio playing endpoints can be used without authentication. However, you have to guess a UUID. If Jellyfin is using UUIDv4 (fully random), then this shouldn’t be an issue; the search space is too big. However, many of the other types of UUIDs could hypothetically be enumerated through brute force. I’m not sure what Jellyfin uses for UUIDs.

Nah, setting non-standard ports is sound advice in security circles.

People misunderstand the “no security through obscurity” phrase. If you build security as a chain, where the chain is only as good as the weakest link, then it’s bad. But if you build security in layers, like a castle, then it can only help. It’s OK for a layer to be weak when there are other layers behind it.

Even better, non-standard ports will make 99% of threats go away. They automate scans that are just looking for anything they can break. If they don’t see the open ports, they move on. Won’t stop a determined attacker, of course, but that’s what other layers are for.

As long as there’s real security otherwise (TLS, good passwords, etc), it’s fine.

If anyone says “that’s a false sense of security”, ignore them. They’ve replaced thinking with a cliche.