You needlessly want to punish tens of thousands of people for the acts of a few hundred. It's cruel, pointless and very damaging, and your tirades from a high-school essay only support the shallowness and immaturity of your thinking. I won't waste any more time on you.

You want to use the "throw everybody out and see what happens", and you claim how much better things would be under your governance.

You're talking like a Elon Musk wanna-be, even using shitty metaphors that mask all the complexity of the problems, and the cruelty that these kinds of decisions imply.

You want to throw 20k employees out without any consideration for the economic and personal consequences, not to mention all the other companies around who will see their business sometimes heavily impacted.

All this to make a stupid metaphor. You're 14 at best.

How old are you?

The workers, the gamers, and the industry are glad you're not in charge of anything, punishing them for things they have no control over, and wasting good talents and infrastructure.

No, make it a entirely employee-owned company, so they can vote the execs out, sanitize the culture, and keep the thousands of worker out of unemployment

You can look up for:

• Setting up max authentication attemps per connection -> slows up a lot brute force attacks. If your password is strong enough, that's already a big step to secure your server.
• Generate SSH Keys and disable password authentication -> do this only if you're connecting through the same devices, because you won't be able to connect from any device that has not being set up. Personally I don't use this because I want to be able to access my server even if I'm not home and without my laptop
• Set up Crowdsec -> it's a local service which scans logs and will block access to any suspicious IPs. It also relies on a crowdsourced list of IPs that are identified as threat and will preventively block them

Tu n'as fait aucun effort, 11 pages c'est rien à survoler pour récupérer l'information, et t'as littéralement un résumé page 2...

Tu mélanges les enjeux sanitaires et écologiques. Pour un parisien, faire construire une voiture électrique en Chine, ça ne va pas lui filer un cancer des poumons et/ou réduire son espérance de vie en bonne santé, contrairement aux particules fines issues de la combustion, du roulement et du freinage des voitures qui passent dans sa rue. C'est sur ce deuxième point que les ZFE agissent, et c'est ce qui a toujours été visé.

Pour l'écologie, notamment éviter les émissions de gaz à effet de serre, bien entendu il ne faut pas jeter le parc automobile actuel pour tout remplacer par de l'électrique. Il faut tout bonnement réduire les déplacements, surtout ceux effectués via les modes de transports les plus émetteurs, à savoir la voiture, et favoriser les alternatives.

Ça tombe bien, parce que Paris réduit aussi fortement la place de la voiture dans ses rues et pousse de plus en plus les gens vers les transports en commun et le vélo, et ça porte également ses fruits.

Alors il y a ton avis, et il y a les chiffres

Je suis aussi de cet avis. Maintenant va instaurer cette mesure, je te regarde.

Les ZFE c'est pour la pollution atmosphérique, pas pour le réchauffement climatique. Paris a sérieusement amélioré la qualité de son air en quelques années avec ce genre de mesures.

Oh you insufferable rawgabbit. Even in the face of definitive proof, the only thing you care about is throwing a 4 paragraphs tantrum trying to twist every single word just to not say "OK, maybe I was wrong on that thing". I'm out.

https://www.legifrance.gouv.fr/juri/id/JURITEXT000030635061/

Case law from the Cour de Cassation, where the defendant was convicted, by Articles 323-1 and 323-5, of having extracted data freely following a proven failure of the protection system.

The complainant just had to show that the data SHOULD have been inaccessible, by expressing this “with a special warning” :

"3°) alors qu'en l'absence de dispositif de protection des données, la maître du système doit manifester clairement et expressément manifester, par une mise en garde spéciale, sa volonté d'interdire ou de restreindre l'accès aux données ; qu'en déduisant de la seule présence d'un contrôle d'accès sur la page d'accueil du site de l'ANSES que M. X... s'était irrégulièrement maintenu dans le système contre le gré de son propriétaire, la cour d'appel a violé l'article 323-1 du code pénal ;

Translated :

“3°) whereas in the absence of a data protection system, the master of the system must clearly and expressly manifest, by means of a special warning, his intention to prohibit or restrict access to the data; that in deducing from the mere presence of an access control on the home page of the ANSES site that Mr. X... had irregularly maintained himself in the system against the owner's will, the Court of Appeal violated article 323-1 of the French Penal Code ;

In my case, the first thing you see when you arrive at my Jellyfin instance is a login form blocking your entry, and you have to go through a backdoor to access my data, so there's no ambiguity on this point.

You're wrong, period. Stop trying to debate laws interpretation of a country you don't even speak the language of.

I live in France, and these are the relevant laws :

• Article 323-1 : you access my server without my authorization -> 3 years of prison, 100k€ fine
• Article 323-3 : you touch my data in any way -> 5 years of prison, 150k fine

Using a flaw in a software to retrieve data you should not have access to is illegal where I live, the same way as you're not suddenly allowed to enter my house and fetch my drawers just because I left a window open. I won't debate this point further.

Keeping that copy on a web accessible platform that is accessible by anyone on the internet(unauthenticated) isn't covered by your rights at a bare minimum.

It's as accessible as my DVD collection in my living room: anyone can get into my home without a key by illegally breaking a window.

Using a flaw in my Jellyfin to access my content is illegal and can't be used against me to sue me, period. The idea of rights holders who would hack me to sue me is just plain ridiculous.

Depending on the content "timing" if they trigger on something that doesn't have a physical/consumer release yet... or all sorts of other "impossible" conditions. This is obviously reliant on what content you actually have on your server.

And again, the only proof they would have could not be used in courts.

For real, you're just fear-mongering at this point.

I was sincerely hoping someone would bring some real concerns, like how one of these security breaches listed in the OP could allow privilege escalation or something, but if all you got is "Universal might hire hackers to break through your server and sue you", you're comforting me in my idea that I don't have much to fear

Where I live, I have the legal right to have a copy of a film of which I have a legal version, they can watch my media library as much as they want, it's not enough to prove that it's illegal.

And hacking my server is illegal, they can't go to court by presenting evidence obtained through hacking, they would risk much more than me.

My Jellyfin server is behind Cloudflare with IP outside of my country banned.

I got Crowdsec set up on Cloudflare, Traefik and Debian directly.

I got Jellyfin up in a docker container behind Traefik, my router opens only 80 and 443 ports and direct them to Traefik.

Jellyfin has only access to my media files which are just downloaded movies and shows hardlinked by Sonarr/Radarr from my download folder.

It is publicly exposed to be able to watch it from anywhere, and share it to family and friends.

So what? They might access the movies, even delete them, I don't care, I'll just hardlink them back or re-download them. What harm can they do that would justify locking everything down?

Now let's do intercity trains and tramways then

Thanks for sharing your researches

So we can have autonomous metros, buses and taxis that allow people anywhere when they need it so they don't rely on having a car?