SuddenlyBlowGreen

Yeah, that doesn’t sound abusive in the slightest.

You seem to be projecting...

Thank a christian for this.

By the end of its first day, Mirai had infected over 65,000 IoT devices. By its second day, Mirai already accounted for half of all Internet telnet scans observed by our collective set of honeypots, as shown in the figure above. At its peak in November 2016 Mirai had infected over 600,000 IoT devices.

And that's just 1 botnet out of many.

Imagine non-network wrench situation:

"The FAA has grounded all Boeing 737 Max 9 jets today after a massive decompression event occurred on Alaska Airlines at 16,000 ft. The door plug blew out of the jet at altitude. United Airlines has reported, after inspection, loose bolts the door plug of several of its Boeing 737 Max 9 jets as it continues to inspect every one if its 79 jets in its fleet."

What's the ratio of boeing door decompressions to IoT devices being hacked?

If they're technically inclined enough to run an installer and log in to google/apple, then they can do it, or you can do it for them.

That said, your case is valid. I just dislike my services dangling out without proper security, unless they're designed for it, and plex's auth model rubs me the wrong way.

Why not?

Tailscale.

Yeah, you can lead a horse to water, and whatnot.

Just use a password manager, goddamn.

I'd be curious how sensible you'll find this proposal.

Yep, that way you can set ACLs, you they can only access the jellyfin ports + the ports you allow them to.

Also, tailacale DNS.

The fact that tailscale has google/apple/etc logon integration will also help.

Privileged drives and economilcally-and-socially-disadvanted-due-to-historical-injustices drives. The last ones a bit of a mouthful, so you can use EASDDTHJ drives.