In todays episode of “Plex enshittifies” Plex employee breaks ToS.
Source: https://forums.plex.tv/t/fake-reviews-on-play-store-by-plex-staff/917736
In todays episode of “Plex enshittifies” Plex employee breaks ToS.
Source: https://forums.plex.tv/t/fake-reviews-on-play-store-by-plex-staff/917736
This is why when people say that FOSS is more secure than closed source I always laugh. Those people seem to think that because it’s open source that not only has it been reviewed in depth by security experts who know every single possible vulnerability, but that they found every vulnerability, fixed them, put in PRs that were then approved by the creator, who then made a new release with those fixes……. every time a new potential vulnerability is discovered in the libraries etc that it’s using.
Often it just leads to situations like this - known big vulnerabilities that are just never fixed.
It cuts both ways… Closed source things can be hiding shit… or simply never testing/caring about it… Oftentimes a truly interested person can externally test it and find the flaw anyway… but not always.
Where open source can have a lot of people who care about it… but never have the manpower to fix it.
The best open source projects are the one that have closed source backing it seems. I’ve had my company throw in resources into open source projects before because we used them.
But jellyfin and the likes would be hard to get backing for
FOSS isn’t always more secure than closed-source, but it absolutely can be.
It depends on the priorities of the maintainers. It seems like Jellyfin’s maintainers might not be putting a huge emphasis on security, which is very disappointing, but they are volunteers at the end of the day.
My assumption isn’t that they’re all fixed, it’s that any particularly bad ones would be known about so I know to avoid it or not. Which appears to be the case.