JRaccoon

Jellyfin is dropping HTTPS support with a future update[...]

What's the source for this? I wasn't able to find anything with a quick google search

I see everyone in this thread recommending a VPN or reverse proxy for accessing Jellyfin from outside the LAN. While I generally agree, I don't see a realistic risk in exposing Jellyfin directly to the internet. ~~It supports HTTPS and certificates nowadays, so there’s no need for outside SSL termination anymore.~~ (See Edit 2)

In my setup, which I've been running for some time, I've port-forwarded only Jellyfin's HTTPS port to eliminate the possibility of someone ending up on pure HTTP and sending credentials unencrypted. I've also changed the Jellyfin's default port to a non-standard one to avoid basic port-scanning bots spamming login attempts. I fully understand that this falls into the security through obscurity category, but no harm in it either.

Anyone wanna yell at me for being an idiot and doing everything wrong? I'm genuinely curious, as the sentiment online seems to be that at least a reverse proxy is almost mandatory for this kind of setup, and I'm not entirely sure why.

Edit: Thank you everyone for your responses. While I don't agree with everything, the new insight is appreciated.

Edit 2: I've been informed that infact the support for HTTPS will be removed in a future version. From v10.11 release notes:

Deprecation Notice: Jellyfin’s internal handling of TLS/SSL certificates and configuration in the web server will be removed in a future version. No changes to the current system have been made in 10.11, however future versions will remove the current system and instead will provide advanced instructions to configure the Kestrel webserver directly for this relatively niche usecase. We strongly advise anyone using the current TLS options to use a Reverse Proxy for TLS termination instead if at all possible, as this provides a number of benefits

The trick to remembering your dreams is to get into the habit of dream journaling. Have a diary (or a phone app) ready next to your bed, and make sure to write down all the details you can remember about your dream as soon as you wake up. It needs to be absolutely first thing you do after waking up, as otherwise you most likely forget it all.

Even if it feels like you can't currently remember anything about your dreams, this practice will quickly improve your dream recall.

Honestly, I think it's best to just block them and be done with it. It's now clear they're not simply misinformed and are in fact trying to hide the original sources on purpose. I have no idea what they think they'll gain by doing that.

Your instance admin(s) could obviously remove their mod rights and/or ban them, but I guess technically they aren't breaking any rules.

If you are in the UK (where lemmy.zip is geoblocked due to UK laws)[...]

That's news for me. Anyone know what law(s) exactly they have problems with?

Not to get into politics here, but I've never understood why the US makes taxes so difficult. Why do you have to remember to file them yourself when the government surely already knows how much you have made?

Where I live, the government handles everything automatically most of the time, and most deductions are included automatically as well. They send you a summary of the calculations along with how much you owe or the refund you'll receive. Only in rare cases, usually when some deductible is missing, do you need to fill out and submit forms yourself.

Obviously the orders are negotiated months beforehand and just published at the airshow for some free PR for both parties.

What if a bad actor acquires one of these once popular tracker domains? Could they somehow take advantage of it? For example, what if they make the tracker advertise a large number of "fake" peers that serve malware instead of the actual files? I only have a crude understanding of how BitTorrent works, so I’m not sure what kinds of protections, if any, it has against this type of attack.

I wouldn't care if they were just reposting memes, it's whatever. But why copy someone else's self-posts and post them as their own? Like, what do they get out of doing this?

Link to the free demo on Steam

Usually the gear is retracted almost immediately after takeoff, as it creates a huge amount of unnecessary drag if left out when not needed.

They're also not saying it couldn't have happened, are they? They're waiting for investigators to gather all the facts before making any statements, just like they should.

Meanwhile, we here on the internet are just speculating based on the limited information available (basically just the video footage). Based on the current information we have, my opinion is that pilot error is the most likely cause.

You're free to disagree about the likelihood of different scenarios, but right now we have no evidence that makes the theory of the pilots accidentally retracting the flaps instead of the gear impossible or "absurd." It's really counterproductive to start ruling out scenarios without concrete proof.