Based on our research, comparative search volume for “Kodi” has fallen around 85 percent from 2017 to 2022. Google Trends data reveals the dramatic decline started in Q2 of 2017 and has, for the most part, continued that trend up to this point. Consequently, the decline in people searching for Kodi directly relates to the appearance of the coordinated attack against piracy in the form of ACE.
And this is with Kodi furiously distancing itself from pirates at the time.
Attacks don’t have to be direct. Though they absolutely can be, too.
The security thing is ironic because my personal Jellyfin server (nor anything else on it) has been hacked, but Plex itself has had their database leaked recently. It’s actually the main reason I switched because I don’t like their auth servers being a giant common target. (Also, technically it theoretically means Plex employees can just let themselves in to people’s private servers)
Call it survivorship/selection bias if you want, but basically every hack I’ve been exposed to is from centralized servers getting exploited that serve millions of people. Plex, along with any other public facing service with lots of users, receives targeted attacks constantly. All my server receives is automated bots looking for 10-year-old Wordpress .php exploits (I don’t even run php on my server).
An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication data. Any account passwords that may have been accessed were securely hashed, in accordance with best practices, meaning they cannot be read by a third party.
The passwords were hashed and, I’m inferring from their language, salted per-user as well. Assuming a reasonable length password (complexity doesn’t matter much here, what we want is entropy) it would take a conventional (i.e. not quantum) computer tens to hundreds of millions of years to crack one user’s password.
Yeah, I’m not really worried about it. I changed my password and moved on. It’s just that hackers have every reason to try and exploit Plex, while individual servers are hardly worth someone’s time and effort to go after when the payoff is maybe 1-2 usernames and emails
Simply not true. There is no person out there deciding every fry is too small. They just pick an exploit and send some bots after it. Every target is a good target because every target is a platform for more. It’s currency. The discrimination happens at the userbase level which is why jellyfin will always be safe. Kidding 😂
It’s really nice of them to fight the good fight while I use Jellyfin instead.
You may (half) joke, but MPAA attention on Jellyfin would suck.
Maybe a dumb question: What exactly could go wrong? Has the MPAA done anything to stifle Kodi?
https://www.comparitech.com/kodi/kodi-piracy-decline/
https://www.digital-digest.com/news-64644-Netflix-Amazon-Join-Forces-with-the-MPAA-to-Sue-Kodi-Box-Maker.html
And this is with Kodi furiously distancing itself from pirates at the time.
Attacks don’t have to be direct. Though they absolutely can be, too.
I’d like to call this “the Ubuntu buffer”.
Which doesn’t have half the features and crap security compared to Plex/Emby.
The security thing is ironic because my personal Jellyfin server (nor anything else on it) has been hacked, but Plex itself has had their database leaked recently. It’s actually the main reason I switched because I don’t like their auth servers being a giant common target. (Also, technically it theoretically means Plex employees can just let themselves in to people’s private servers)
And I’ve never been attacked by a bear while wearing my goose feather headdress.
Call it survivorship/selection bias if you want, but basically every hack I’ve been exposed to is from centralized servers getting exploited that serve millions of people. Plex, along with any other public facing service with lots of users, receives targeted attacks constantly. All my server receives is automated bots looking for 10-year-old Wordpress .php exploits (I don’t even run php on my server).
From their blog post about it:
The passwords were hashed and, I’m inferring from their language, salted per-user as well. Assuming a reasonable length password (complexity doesn’t matter much here, what we want is entropy) it would take a conventional (i.e. not quantum) computer tens to hundreds of millions of years to crack one user’s password.
Yeah, I’m not really worried about it. I changed my password and moved on. It’s just that hackers have every reason to try and exploit Plex, while individual servers are hardly worth someone’s time and effort to go after when the payoff is maybe 1-2 usernames and emails
Simply not true. There is no person out there deciding every fry is too small. They just pick an exploit and send some bots after it. Every target is a good target because every target is a platform for more. It’s currency. The discrimination happens at the userbase level which is why jellyfin will always be safe. Kidding 😂