The company that employed the core Immich devs about a year ago to give them a full-time salary to keep working on Immich. Founded and funded by a millionaire whose stated goal is to try and make a viable business model out of software that doesn’t abuse its users
e2ee would be important if youre uploading files when away from your local network
Even without e2ee or a VPN, just plain old HTTPS should be enough to secure that part, or am I missing something?
even if you steal my password (database)
That’s a big leap you’re doing there, equating stealing a password to stealing a password database. Those are very different. Stealing a password can be done through regular phishing, or a host of other methods that don’t require targeted effort. Stealing a password database, if properly set up, is a lot harder than that. It depends of course on what password manager you’re using, but it usually involves multiple factors itself. So equating that to just a password, no matter how strong and random, is just misleading.
Mind you, I agree that it’s less secure than “proper” MFA, and I’m not saying that everybody should just use MFA through a PW manager. I am using physical security keys myself. But for a lot of regular people that otherwise just couldn’t be bothered, it’s absolutely a viable alternative that makes them a whole lot safer for comparatively little effort. Telling them they just shouldn’t bother at all is just going to create more victims. There is no such thing as perfect security, and everyone has a different risk profile.
More like 1.5FA, at least. It still protects against passwords being compromised in any way that doesn’t compromise full access to your password database, which is still a lot better than using just passwords without a second factor.
You might have to sign out and then in again. There was a bug with the initial release that caused this kind of behavior
Huh? I’m streaming from my Jellyfin just fine when I’m on the go, with no tailscale or other VPN set up
Why not simply say donation
It’s about setting expectations. The wording is chosen because they believe that paying open source developers for their work should be the norm, not the exception. Calling it a donation would not do that justice. Their wording is saying “Here’s the software, we’ll trust you to pay us for it if it brings you value and you can afford it”. It’s an explicit expectation to pay, unless you have good reasons not to, which is also fine but should be the exception. Whereas a donation is very much optional and not the default expectation by nature.
In the end it’s just a semantic difference, it’s just all about making expectations clear even if there is no enforcement around them.
One country cozying up to Putin is hardly a reason to call the entire EU divided
Oh awesome, thank you so much!
I’d love to know what font was used for the big “Saturday” there!
Well but distributed != federated. Which is why Forgejo is currently working on a federation feature.