That seems like a rather arrogant tone to take. Reverse proxies are complicated. Easy to set up, but challenging to configure depending on what your needs are. Not everyone wants a homelab.
Everyone’s journey starts somewhere and sometimes people’s needs just don’t extend beyond the easier choices available.
Yes, in ways that were actually greatly beneficial. Some companies were complete vaporware, but it proved a huge boom for fibre optic infrastructure and on the whole, building out modern telecom infrastructure. In a few short years, people went from dialup and T1 connections to DSL and high-speed cable. People weren’t connected, and now they suddenly needed to be. It was an entirely new enterprise.
Unfortunately, these AI datacenters aren’t really the same. They’re not benefitting the public in a lasting sense. These are hot, they’re loud, and they’re expensive. The biggest benefits you may see from them after the bubble bursts is the infrastructure that was required to sustain them.
Improvements to sustainable, and cleaner energy sources are probably the biggest benefits. Reclaiming and rebuilding old nuclear plants, increased solar and wind projects. Governments that are willing to sell their constituents down a river for the business of a tech conglomerate won’t benefit from this, but for the states that are now passing legislation to require these kinds companies to put their money into the communities they want to operate in may build lasting improvements.
It’s a small silver lining, but it’s there. That said, I can only imagine that when these companies see their business begin to get buried under the landslide of debt and reality that they will do everything in their power to escape liability for the waste of resources.
Same, this seems incorrect
Darknet used to be good, but there’s been a shift in the content recently in which it feels like Rhysider doesn’t feel like he’s interviewing someone as much as he’s trying to be that annoying guy at the party who keeps butting in to try and tell your story for you.
I can’t quite tell what changed, or when, but I feel like he used to give his subjects a lot more room to breathe instead of imposing his own personality over everything.
I don’t feel bad for Microsoft, but responsible disclosure is about more than that.
It’s ethical. It gives the developer time to correct an error before it has the potential to affect anyone using their products. When you don’t follow that process, whether one set out by the developer, or a best effort on your part, you are now contributing to the potential harm caused by that vulnerability.
This isn’t universal, and I have no doubt that Microsoft is also partly to blame, but there’s a significant element of attention seeking in the mix here. They could have reached out to other security researchers, validated the findings in private and found another channel to work through. Maybe he tried, but largely it seems like his actions are retaliatory and broadly harmful to anyone who has to administer these products.
I have a lot of respect for security researchers. My job relies on the work they do and the skill it takes to do it. But part of that relies on doing things in a way that minimizes potential harm.
I was mostly making the comment in jest. I do rename, but my folder structures, as someone who downloads everything manually based on what I want to watch rather than doing the automated *arr stuff leaves it in directories only I consider sensible.
I have Jellyfin behind a reverse proxy that lives in a DMZ and a WAF to go with it. I’m sure there’s still room for watching an unauthenticated stream because I forgot to rename a folder somewhere, but it’s not exactly an attack vector I care about. I’m more concerned about DDoS or impersonation attacks, which I also attempt to mitigate via an LDAP implementation behind the scenes.
It’s not perfect, but it’s the best effort I can make at the moment.
Jokes on them, my paths are a shitshow and I can’t be bothered to organize them properly
You’ve got a couple benefits. If you have a domain name, and aren’t advertising it publicly, then you can use the reverse proxy to point that domain to a non-standard port that Jellyfin runs on.
Security through obscurity is not good security, but it does prevent the majority of port scanning attacks. You can also use fail2ban on the reverse proxy side to try and mitigate some attacks.
I find it’s primarily an issue when looking for information about products. Listicles have always been a pain, but now entire websites show up just to summarize every category of product without adding meaningful review or input.
I’ve had a problem lately where DDG just returns AI generated articles on topics instead of any real resources. It’s not their fault, per se, since it’s just a wrapper for Bing, but it’s pretty lousy.
If I know what to expect, then it’s fine, but if I’m genuinely looking for something new, it’s increasingly frustrating
It depends entirely on the implementation. Is it genuinely a “second factor”? Or are they just going to let you use one or the other? Because MFA is a real benefit to account security, even if SMS is the weakest version of it.
The trouble for me in this sense is that I have an AVR, I’d like CEC to work and I’d like an interface that was actually designed for a remote.
I’ve done this before, and frankly it’s just not as good. It works reasonably well, but an HTPC has never served as well as a purpose built piece of hardware or software, even if that’s the TV itself.
If I really wanted, I could buy a hospitality TV and use the RS232 to control it from the PC but I’m tired thinking about the ways that’s likely to fail.
This is what strong endpoint security is for. EDR software is also common. Routing everyone’s internet traffic is pretty strenuous.
Generally speaking, most VPNs used for business are a split tunnel, and aren’t forwarding all of your traffic, just the traffic relevant to your company resources that would otherwise be inaccessible unless you were on-site. So your internet traffic and regular browsing are still sent as if you had no VPN connection at all.
Interesting. So ultimately Google is divesting itself of the responsibility and cost of the network.
Given that the pricing is already pretty high compared to what it used to be, I won’t be surprised if it begins to creep up again in due time.
Not only is Google Fiber still going, it actually has begun expanding service again after being stuck in limbo for a while.
It’s a strange one, to be sure, but I guess they see a benefit to the infrastructure they built.
And enemas, for when you’ve already made a mistake
I hate playing this on a N64. I own it, I’ve tried, it’s a miserable experience. I largely chalk this up to it just being the N64 controller though.
With a proper controller, it controls very nicely imo. Inputs are precise and it takes some work to get good but it’s overall still one of my favorite Mario games, next to Odyssey.
If I remember right, that post wasn’t designed to highlight a practical use-case, but rather to set up a simple task as a “how could I apply this?” type of experimentation. The guy got roasted for it, but I think it’s a very reasonable thing to try because it’s a simple task you can see the direct result of in practice.
The cost problem was highlighted as well, because if such a simple task is a problem, it can’t possibly scale well.
Yes, just not for the North American market