Thanks

Nice, link to the file?

Yeah, the Steam update got me thinking MP was totally new, so I was planning to try that with some friends. Guess I’ll set up an B41 Server then, thanks!

Aaah, that makes sense. Thanks for explaining

Im kinda confused there. On steam the devs recently posted an update, that MP is now available, but it seems that it has been for a while?

Was it in beta up until now or was it fan made?

I actually maintain my own xdcc download client

Why would your passwords be stolen? If you have a good master password you could pass around thumb drives with the database and noone would be able to acces them, wince they are securely encrypted. Having them on your phone makes no difference as long as you don’t leave your phone and password manager app unlocked and out in the open (which both actively warn you against)

Its also possible for a webserver to offer two versions of an API. Add a new one that needs authentication, mark the old one as deprecated and add a checkbox to disable it. Then clients can update to use the secure one and if you use and unmaintained client you can enable the old insecure api

And you think if Jellyfin were a comparable size, there wouldn’t be just as many or more?

If You want to use remote streaming after this, without paying, you do. Did you even red the article or are you just here to Stan for Jellyfin?

In the sense, that you need a VPN for both

You CAN, but you really shouldn’t. Even the documentation says as much. The Jellyfin server is way to insecure to expose it to the open internet. In reality you can’t safely use Jellyfin remotely without a vpn

Great, so the free Plex now was downgraded to feature parity with Jellyfin

Which is not what Plex is doing. There’s no change for paid users.

Wow, could you get any more condescending? We bought a product (10+ years ago in my case) and it still works great. Why would I switch to an inferior service, just because the FREE version of the product I already bought got worse?

This has no impact on anyone that actually paid for Plex.

With this move the free version of Plex got downgraded, to now have feature parity with Jellyfin. Meaning a VPN is required if you want to access your media on the go

There are ways to fix these issues while preserving legacy client support. And honestly I don’t see how changing their database mess would help in solving security issues. In the end they’ll have to change their API to a more secure one, which will definitely disrupt client support for future updates

The main issue there isn’t the fact that these issues exist. The problem is the Jellyfin devs attitude towards them, most of these problems have been known for years (more than five in some cases) but are largely ignored. Client compatibility is valued over everything else.

There have been plenty of suggestions, ideas and even PRs, but the devs priorities don’t allow for any security centered patches to get merged

https://github.com/jellyfin/jellyfin/issues/5415

Beside the various security holes that have been ignored for years by the devs?

As open as the servers “security”