Ok, well you just made it sound like the main issue was the lack of audit /guarantee and not an actual security issue. I don’t think breaking clients is an excuse not to at least get started putting forward a date, even if it’s a year in the future, where clients need to be updated by. Sure Overseeer isn’t begging people to put it on the internet, but there aren’t any known vulnerabilities to my knowledge, same with vaultwarden. Imo it’s a big win to getting more people comfortable using jellyfin if they can put their foot down and say clients need to update, or stay on the old version. Every time there’s Plex drama, it seems like the list of reasons people don’t want to spend time to migrate isn’t getting whittled down much. I’ve donated hundreds of dollars over the years at this point to jellyfin proper as well as several clients hoping things could move faster. Like imagine if the Overseeer devs designed a frontend. There’s nothing that jellyfin can’t technically do that I find missing, but it feels like a death by a thousand cuts.
Just because you do know any or that there are no know to the public does not mean it is secure. Do we know if the plex communication with your server is secure? No one cares, because no one is looking into it.
The main issue, is that ita not that simple to get new versions on the closed eco systems on many smart TV, especially when you are just a single dev and no company who can throw money on the problem.
As I said, the issue is not that big, and mainly an excuse for most ppl.
The API break will come, hopefully sooner than later, but it needs to be carefully designed, to prevent issues in the future.
But again, the current issue is not that much of a problem. I do not see the benefit of anyone to probe my server if i have certain media files on there. And i do not use the default paths.
Sure not knowing of an issue doesn’t mean it’s secure, but that doesn’t also mean that projects with known issues aren’t a problem… Like if you want jellyfin to be popular you should want this to be fixed - I don’t get this attitude from people who main jellyfin who seem opposed to pushing for it to be better. It not being a big issue is your own personal opinion - it’s obvious that known security issues sitting around for a long time bothers a lot of people so the sooner it gets addressed, the fewer reasons people have to stick with Plex. That’s a good thing right?
Ok, well you just made it sound like the main issue was the lack of audit /guarantee and not an actual security issue. I don’t think breaking clients is an excuse not to at least get started putting forward a date, even if it’s a year in the future, where clients need to be updated by. Sure Overseeer isn’t begging people to put it on the internet, but there aren’t any known vulnerabilities to my knowledge, same with vaultwarden. Imo it’s a big win to getting more people comfortable using jellyfin if they can put their foot down and say clients need to update, or stay on the old version. Every time there’s Plex drama, it seems like the list of reasons people don’t want to spend time to migrate isn’t getting whittled down much. I’ve donated hundreds of dollars over the years at this point to jellyfin proper as well as several clients hoping things could move faster. Like imagine if the Overseeer devs designed a frontend. There’s nothing that jellyfin can’t technically do that I find missing, but it feels like a death by a thousand cuts.
Just because you do know any or that there are no know to the public does not mean it is secure. Do we know if the plex communication with your server is secure? No one cares, because no one is looking into it.
The main issue, is that ita not that simple to get new versions on the closed eco systems on many smart TV, especially when you are just a single dev and no company who can throw money on the problem.
As I said, the issue is not that big, and mainly an excuse for most ppl. The API break will come, hopefully sooner than later, but it needs to be carefully designed, to prevent issues in the future.
But again, the current issue is not that much of a problem. I do not see the benefit of anyone to probe my server if i have certain media files on there. And i do not use the default paths.
Sure not knowing of an issue doesn’t mean it’s secure, but that doesn’t also mean that projects with known issues aren’t a problem… Like if you want jellyfin to be popular you should want this to be fixed - I don’t get this attitude from people who main jellyfin who seem opposed to pushing for it to be better. It not being a big issue is your own personal opinion - it’s obvious that known security issues sitting around for a long time bothers a lot of people so the sooner it gets addressed, the fewer reasons people have to stick with Plex. That’s a good thing right?