The company that employed the core Immich devs about a year ago to give them a full-time salary to keep working on Immich. Founded and funded by a millionaire whose stated goal is to try and make a viable business model out of software that doesn’t abuse its users
e2ee would be important if youre uploading files when away from your local network
Even without e2ee or a VPN, just plain old HTTPS should be enough to secure that part, or am I missing something?
even if you steal my password (database)
That’s a big leap you’re doing there, equating stealing a password to stealing a password database. Those are very different. Stealing a password can be done through regular phishing, or a host of other methods that don’t require targeted effort. Stealing a password database, if properly set up, is a lot harder than that. It depends of course on what password manager you’re using, but it usually involves multiple factors itself. So equating that to just a password, no matter how strong and random, is just misleading.
Mind you, I agree that it’s less secure than “proper” MFA, and I’m not saying that everybody should just use MFA through a PW manager. I am using physical security keys myself. But for a lot of regular people that otherwise just couldn’t be bothered, it’s absolutely a viable alternative that makes them a whole lot safer for comparatively little effort. Telling them they just shouldn’t bother at all is just going to create more victims. There is no such thing as perfect security, and everyone has a different risk profile.
More like 1.5FA, at least. It still protects against passwords being compromised in any way that doesn’t compromise full access to your password database, which is still a lot better than using just passwords without a second factor.
You might have to sign out and then in again. There was a bug with the initial release that caused this kind of behavior
Huh? I’m streaming from my Jellyfin just fine when I’m on the go, with no tailscale or other VPN set up
Why not simply say donation
It’s about setting expectations. The wording is chosen because they believe that paying open source developers for their work should be the norm, not the exception. Calling it a donation would not do that justice. Their wording is saying “Here’s the software, we’ll trust you to pay us for it if it brings you value and you can afford it”. It’s an explicit expectation to pay, unless you have good reasons not to, which is also fine but should be the exception. Whereas a donation is very much optional and not the default expectation by nature.
In the end it’s just a semantic difference, it’s just all about making expectations clear even if there is no enforcement around them.
I’m German, and I would not want that. German grammar works differently in a way that makes programming a lot more awkward for some reason. Things like, “.forEach” would technically need three different spellings depending on the grammatical gender of the type of element that’s in the collection it’s called on. Of course you could just go with neuter and say it refers to the “items” in the collection, but that’s just one of lots of small pieces of awkwardness that get stacked on top of each other when you try to translate languages and APIs. I really appreciate how much more straightforward that works with English.
Well but distributed != federated. Which is why Forgejo is currently working on a federation feature.