Saik0Shinigami

I wish I could find something like this (low power kinda thing) that could take like 40 sata ssds.

I have a whole stack of 500 GB ssds from a datacenter decommission that I've been sitting on.

The 2TB units found their way into my ceph cluster... but those machines are live vms... A smaller little guy that can stack all these 500 gb would be nice to give to my cousin or something and use as offsite backup.

Right but my point is they would just submit the request to the host server. If the original is taken down then all the federated service will lose the comments as well.

Not how federation works. Let's take a lemmy post as an example. If a server is federated with another and a new post is made, all subscribed servers are notified and a copy of the item is sent in that notification. If the original is "taken down" the copies still exist on the other servers and any deletion event is in ALL of their modlogs. ANY instance can "undelete" or revert the removal, or just ignore the deletion request all together (or roll back the database, or any number of operations to revert a change). The items doesn't just go away. The "origin" doesn't have all that much power to force other listening servers to do anything.

This also extends to comments. I run my own small instance with me and a few friends. My server never had serious downtime because it's just us. Our access to larger instances never "vanished" even as their sites went completely down. The local content is effectively cached regardless of the state of the origin server.

If the host server just straight up ignores turkey then they’ll block all servers that host Mastodon

Good luck with that... There's a lot of servers that can talk the same federation protocol. You're not going to get them all. Forget all the normal means of bypassing blocks... you have so many fediverse and threadiverse servers to attach to in order to access largely similar content.

How would being decentralised make any difference

You sign up on a server that isn't in Turkey and doesn't give a shit to respond to turkish demands.

Now turkey can only control the servers that are within it's countries, and has to submit requests to ALL of them rather than just one. And even then can't remove you from the rest of the federation.

I was going to leave this alone... your original comment was correct enough that it wouldn't matter and your "dedicated attacker" left it fine when i read it before.

but your edit has a gaping flaw. you assume that all content in the library would be physically released. lots of shows and movies are not physically released now. Can't claim "backup" for those. The moment a movie studio finds your stuff and can map a few titles and one of them never had a physical release... your in the shit.

but yes you can be much harder to scan overall with a few steps. fail2ban is a great answer that makes it deeply unlikely to be an issue.

but i wish that they'd just fix it.

edit: OR that they wouldn't try to go after you for distribution...

All of these “vulnerabilities”, require already having knowledge of the ItemIDs, and anyone without it poking around will get banned.

Which are simply MD5 hashes... You can precompile (rainbow tables) those. The "knowledge" here to get a valid video stream is "What path is the file on" which is pretty standardized. This is a good way to have a major movie studio's process server knocking on your door.

you’ll have to put your Jellyfin server on the Internet.

Don't.

https://github.com/jellyfin/jellyfin/issues/5415

They can also crawl this publically-accessible social media source for their data sets.

Crawling would be silly. They can simply setup a lemmy node and subscribe to every other server. Activitypub crawler would be much more efficient as they wouldn't accidentally crawl things that haven't changed, but instead can read the activitypub updates.