• linearchaos@lemmy.world
    link
    fedilink
    English
    arrow-up
    32
    ·
    3 months ago

    Jellyfin pased my spouse test for local network.

    I put her on tailscale for remote access but she’s not a big fan of that.

      • linearchaos@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        3 months ago

        I’m not worried about SSL. I’m worried about a rapidly developed open source project with lots of changes and lots of cooks in the kitchen. All it takes is a buffer overflow and one of a thousand libraries they’re using. I don’t know that they have a dedicated security team or even anyone really looking at that.

        I wouldn’t be so worried but it needs to have access to my media which is outside of my DMZ.

        And I don’t want to put my media into my DMZ.

      • Damage@feddit.it
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 months ago

        I put through the reverse proxy and so far I haven’t had any issues

    • Petter1@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      3 months ago

      Why not having your own wireguard endpoint at home? Then you could additionally filter ads using adguard at home and on the go.

      • linearchaos@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        3 months ago

        I have tailscale at home I could use an exit node. My family doesn’t want ad blocking because then they don’t get their ads for their free to play games.

        Honestly the biggest reason not to use VPN home for everything as every time you swap cell phone towers your IP changes and you renegotiate. It’s not so bad when I’m using something that buffers, so it’s also not so bad when I’m driving, but when a passengers loading a website or playing a game with ads and the ads which are already 30 seconds take an extra 30 seconds to load they get all grumpy.

        It’s good thinking though I have totally tried to sell people on that

        • Petter1@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          3 months ago

          I am constantly connected to my VPN at home if my iPhone is not connected to a WiFi in white list, and I use an IP white list, including DNS, to go through the tunnel and I play no adware games 😂I guess that is why it works so well for me.

          But nice to know why VPN on phone behaves like it does if you route everything through it. I think have experienced that before, when I forgot to disable the third party VPN I use to spoof location.

          • linearchaos@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 months ago

            The VPN keeps a constant network connection open. It’s job isn’t just to encrypt the traffic and route the traffic home but also to make sure that there’s no man in the middle activity going on.

            Each cell phone tower you are connected to provides you with a new IP. In most cases cell phone towers are less than 2 miles apart. While you’re driving or taking a train or just about any other form of transportation that means you’re going to change IP addresses every couple of minutes. If you’re not connected to a VPN it’s a couple dozen milliseconds to change that IP and start talking to a new tower. But once you throw VPN in the mix your VPN says hey you’re IP changed sorry we need to renegotiate. You send your SSL key up and you’re off It checks it against your SSL key and the other side and rebuilds a new connection. In the best of circumstances this goes pretty quickly. But not quickly enough for certain tasks. Buffering video is fine. Remote screen connections, SSH terminals, anything else that’s extremely on demand underperforms horribly.