I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Scary le Poo@beehaw.org · 2 days ago

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Scary le Poo@beehaw.org · edit-2 2 days ago

It isn’t randomly generated. If you read through you would have known that.

Also, Rainbow tables.

tldr, Rainbow tables are precomputed lists of hashed values used to crack password hashes quickly. Instead of hashing each password guess on the fly, attackers use these tables to reverse hashes and find the original passwords faster, especially for weak or common ones. They’re less effective against hashes protected by a unique salt.

i_am_not_a_robot@discuss.tchncs.de · 2 days ago

If the ID is the MD5 of the path, rainbow tables are completely useless. You don’t have the hash. You need to derive the hash by guessing the path to an existing file, for each file.

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

I don't know who needs to hear this, but DO NOT EVER expose Jellyfin to the internet

Collection of potential security issues in Jellyfin · Issue #5415 · jellyfin/jellyfin