I’m not worried about SSL. I’m worried about a rapidly developed open source project with lots of changes and lots of cooks in the kitchen. All it takes is a buffer overflow and one of a thousand libraries they’re using. I don’t know that they have a dedicated security team or even anyone really looking at that.
I wouldn’t be so worried but it needs to have access to my media which is outside of my DMZ.
I have tailscale at home I could use an exit node. My family doesn’t want ad blocking because then they don’t get their ads for their free to play games.
Honestly the biggest reason not to use VPN home for everything as every time you swap cell phone towers your IP changes and you renegotiate. It’s not so bad when I’m using something that buffers, so it’s also not so bad when I’m driving, but when a passengers loading a website or playing a game with ads and the ads which are already 30 seconds take an extra 30 seconds to load they get all grumpy.
It’s good thinking though I have totally tried to sell people on that
I am constantly connected to my VPN at home if my iPhone is not connected to a WiFi in white list, and I use an IP white list, including DNS, to go through the tunnel and I play no adware games 😂I guess that is why it works so well for me.
But nice to know why VPN on phone behaves like it does if you route everything through it. I think have experienced that before, when I forgot to disable the third party VPN I use to spoof location.
The VPN keeps a constant network connection open. It’s job isn’t just to encrypt the traffic and route the traffic home but also to make sure that there’s no man in the middle activity going on.
Each cell phone tower you are connected to provides you with a new IP. In most cases cell phone towers are less than 2 miles apart. While you’re driving or taking a train or just about any other form of transportation that means you’re going to change IP addresses every couple of minutes. If you’re not connected to a VPN it’s a couple dozen milliseconds to change that IP and start talking to a new tower. But once you throw VPN in the mix your VPN says hey you’re IP changed sorry we need to renegotiate. You send your SSL key up and you’re off It checks it against your SSL key and the other side and rebuilds a new connection. In the best of circumstances this goes pretty quickly. But not quickly enough for certain tasks. Buffering video is fine. Remote screen connections, SSH terminals, anything else that’s extremely on demand underperforms horribly.
Jellyfin pased my spouse test for local network.
I put her on tailscale for remote access but she’s not a big fan of that.
Same. Wish the world had already adopted ipv6
Is it not safe to expose externally with ssl yet?
I’m not worried about SSL. I’m worried about a rapidly developed open source project with lots of changes and lots of cooks in the kitchen. All it takes is a buffer overflow and one of a thousand libraries they’re using. I don’t know that they have a dedicated security team or even anyone really looking at that.
I wouldn’t be so worried but it needs to have access to my media which is outside of my DMZ.
And I don’t want to put my media into my DMZ.
I put through the reverse proxy and so far I haven’t had any issues
Why not having your own wireguard endpoint at home? Then you could additionally filter ads using adguard at home and on the go.
I have tailscale at home I could use an exit node. My family doesn’t want ad blocking because then they don’t get their ads for their free to play games.
Honestly the biggest reason not to use VPN home for everything as every time you swap cell phone towers your IP changes and you renegotiate. It’s not so bad when I’m using something that buffers, so it’s also not so bad when I’m driving, but when a passengers loading a website or playing a game with ads and the ads which are already 30 seconds take an extra 30 seconds to load they get all grumpy.
It’s good thinking though I have totally tried to sell people on that
I am constantly connected to my VPN at home if my iPhone is not connected to a WiFi in white list, and I use an IP white list, including DNS, to go through the tunnel and I play no adware games 😂I guess that is why it works so well for me.
But nice to know why VPN on phone behaves like it does if you route everything through it. I think have experienced that before, when I forgot to disable the third party VPN I use to spoof location.
The VPN keeps a constant network connection open. It’s job isn’t just to encrypt the traffic and route the traffic home but also to make sure that there’s no man in the middle activity going on.
Each cell phone tower you are connected to provides you with a new IP. In most cases cell phone towers are less than 2 miles apart. While you’re driving or taking a train or just about any other form of transportation that means you’re going to change IP addresses every couple of minutes. If you’re not connected to a VPN it’s a couple dozen milliseconds to change that IP and start talking to a new tower. But once you throw VPN in the mix your VPN says hey you’re IP changed sorry we need to renegotiate. You send your SSL key up and you’re off It checks it against your SSL key and the other side and rebuilds a new connection. In the best of circumstances this goes pretty quickly. But not quickly enough for certain tasks. Buffering video is fine. Remote screen connections, SSH terminals, anything else that’s extremely on demand underperforms horribly.
Same, mine passed the test. But used only locally.