• 24 Posts
  • 148 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle


  • found the culprit: I’ve connected my jellyfin-media-player apps to a CNAME alias provided by my Pi-hole (jellyfin.box) and a matching nginx proxy entry:

            listen 80;
            listen [::]:80;
    
            server_name jellyfin.box;
    
            location / {
                    proxy_pass http://127.0.0.1:8096/;
           }
    

    so when I disconnected the app from the jellyfin.box server and connected it to the “new” server at server.box:8096 it started working immediately. looks like I’m missing some headers in that proxy so I’ll look into it.

    edit: yepp, adding headers fixed it, I can connect to the jellyfin.box server and have it detected by all other devices on the network.

            location / {
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection $http_connection;
                    proxy_pass http://127.0.0.1:8096/;
            }
    




  • first off, I have serious doubts that any one dude - or even a group of those for that matter - can ascertain the security of such a complex system; a browser is essentially an operating system, with all the layers and complexities that entails.

    even if you’re somewhat successful in such an endeavor, I don’t really care if it potentially is. chromium comes from those shitmakers and I’m not willingly using anything they had their nasty fingers in. they threw one shovel of shit too many on the heap and they are now forever on my ignore list. if that means that I don’t get to access certain domains, sites, and/or apps - so be it, I’ll make do without.


  • I can’t speak to the doom scenarios (death trap and whathaveyous) but I can share my experience. I was faced with buying what’s considered a new “decent” bike for close to $1K and went the other way - I bought a used one for $80 in sorta OK shape; no idea who made the frame but the majority of its components are of chinese origin.

    the rationale was a) to see if I even want the thing - what if I ride it a couple of times and then decide it’s too much bother, and b) I should learn how to maintain it and fix the usual stuff.

    three years later, I’ve replaced close to all of the key components by myself - wheels, crank shaft, pedals, front and rear derailleurs, brakes, calipers, cables, chains, tyres, etc. I had no experience fixing anything and got all my education from youtube. some of the gear failed and was replaced, other was upgraded preventively, mostly with shimano’s value line. I’m not blaming the original components for failing, there’s ample wear and tear the way I ride it and I also happen to be kinda oversized for this bike, shoulda gotten an XXL frame.

    my advice is, ride the bike as is and replace components as they fail, you’ll learn how to fix stuff in the process and the replacements are super cheap. only then, when you’re a seasoned rider start looking into better alternatives.




  • I’ve gone the other way - there is no interacting per se with the media PC; instead, it’s a dumb sink that plays back everything you send it, by way of macast and jellyfin-mpv-shim. you use android apps to send it stuff (e.g. newpipe share to allshare which connects to macast and jellyfin android app which connects to JMS) and to control playback (pause, skip, change subs, etc.). so, all media selection and playback control is done from the mobile device, no need to touch the media PC doing the playback.

    not sure this will fit into your use case because of spotty internet, but that should prompt you to install jellyfin post-haste. then you have two options, the mentioned android app + JMS or just the jellyfin media player which can run in TV mode with a pared down controller (up/down/left/right/enter/back) - I’ve successfully repurposed an ancient Apple Remote that has just those six keys.




  • good messenger for what?

    if you want a solution for you and a bunch of your henchmen to coordinate and discuss totally-not-crimes with ephemeral comms, practically any E2EE solution will work; once the not-crimen is done, burn your accounts and toss the devices for good measure and you’re scot free.

    if you want a secure messenger that’s part of a widely used communication platform where you can also do normal people shit and also convert normal people to actually use it (think getting contact deets from cute boy/girl at a bar or giving yours to a business correspondent without an elaborate powerpoint presentation on how to use it) and you want to enjoy the fruits of 20+ years of continuous IM development, like having top-notch UX, battery efficiency, network resiliency, quality voice/video calls, etc., without being spied on then such a thing doesn’t exist.

    how come? meredith baxter recently stated that it costs signal $50MM/yr to run their infra. that money has to come from somewhere. if there are no advertising dolts dumping cash on spying on your social graph and convos, the remaining avenues for financing are few and far between.

    in closing, there aren’t any super awesome messengers you weren’t aware of, everything is shit.





  • I mean, OK, it’s a vulnerability and there are interesting implications, but this is hardly significant in any pracitcal sense of the word.

    the potential victim has to run their system without a firewall, has to print to the printer they’ve never interacted with before and then the attacker can run shit with whatever the printing system’s user id is, which shouldn’t be an issue on any reasonably modern distro.

    I routinely remove cups and friends from any system I run because I have no need for printing and it bothers me to see it constantly during every system upgrade.



  • I wanted to write the same thing. have the notes app do the notes thing and handle encryption elsewhere.

    as to apps, I suggest QOwnNotes. it’s markdown, highly configurable so you can make it minimalistic AF, stores notes in invidual files and folders. it also has a bunch functionality like syncing to nexctcolud and such, but I’d advise against it, just use it as a notes editor. you don’t have to selfhost anything, make it use the e.g. Documents/Notes folder and you can use syncthing to securely replicate it to other devices.