In todays episode of “Plex enshittifies” Plex employee breaks ToS.
Source: https://forums.plex.tv/t/fake-reviews-on-play-store-by-plex-staff/917736
In todays episode of “Plex enshittifies” Plex employee breaks ToS.
Source: https://forums.plex.tv/t/fake-reviews-on-play-store-by-plex-staff/917736
Jellyfin is a home media server. it is great for that use case. It is easy to setup and use. Most importantly its not sending data about everything we watch to some company.
Stick to plex if you want to run a free internet tv service for your cousin and their kids and whoever else and you aren’t concerned with their or your privacy.
I’m into self-hosting because data privacy is my primary concern.
Ok, then why do they offer remote connectivity?
What evidence of privacy problems do you have against Plex?
I’ve wiresharked, splunked, checked literally everything that I sent to Plex not all that long ago… Turns out it a whole fuckton of nothing and generic metadata pulled from the media agent. Turns out that as long as you turn off the dumb features, you’re not sending all that much. It’s much easier for me to tell people to turn that shit off than it is to convince them to install apps and configure everything.
Privacy won’t matter if a major studio catches wind of this type of vulnerability and decides to start scanning for jellyfin instances. The subpoenas will come shortly after.
Well there was that one time that Plex emailed your friends and shared your viewing habits.
https://www.404media.co/plex-users-fear-discover-together-week-in-review-feature-will-leak-porn-habits-to-their-friends-and-family/
Those users kept the feature turned on. I spoke out against that shit when it happened on Reddit. But turns out users who disabled the dumb features in their profile never had those emails sent. I never saw the email as an example… and my subset of 5-6 users that I think I had at the time… I distinctly remember 2 of them talking about how they never got one either… Turns out that I could reliably use that email to show the other 2-3 users that they need to turn off those flags.
and
Were the big sections I believe… But that was a couple years ago at this point and I might be misremembering.
I’d still say it qualifies as a huge example of “evidence of privacy problems with Plex.” It certainly informs the community on Plex the company’s perspective on privacy and what a user’s expectations should be.
They chose to make that email and feature opt-out and after the fact.
I understand and agree.
However it’s far easier for me to tell people how to setup their plex profile than it is for me to support infrastructure that they’d have to use to access jellyfin securely.
But to be frank on both jellyfin and plex, the end user never had privacy from the server owner. So talking about user’s expectations is completely different world of discussion than a server owners expectation of privacy.
I was only speaking to your question upthread. It sounds like you do agree with me that Plex does have a history of concerning privacy decisions. This one even directly affected users sharing your library.
As to the rest I’m not here to sell you on Jellyfin. It’s the right platform for my needs and I’m very happy with it. I’m not one of the “run a pirate tv server for a group of my friends” users, so I don’t place any value on the features that keep you on plex.
Open source will keep being open source. Every year seems to bring improvements to vpn technology and general consumer awareness of them. I have no doubt that Jellyfin will continue to close the gap, by all measures it is a popular and growing project. One day it may even be suitable for you.
I hate this distinction… If you have jellyfin exposed without some other form of auth in front of it is the problem. It has nothing to do with friends or other users.
Friends and other users make it hard to implement anything reasonable. If you’re running it strictly for yourself and have a vpn. Great. More power to you. But dropping
Leaving this completely unrelated link to a better alternative here: https://jellyfin.org/with no caveats as if it is a complete replacement for Plex is not the answer. Then when someone comes along and specifies why it’s not a good answer I get mobbed by the lemmy mob for pointing out why jellyfin is not as advertised (literally).Right. I don’t have Jellyfin exposed. Because I’m not trying to share its contents with anyone. That’s the distinction.
Plex clearly scans your media collection and does upload the metadata and they can add more data collection any time they want.
How are they going to scan a server on my network thats behind my firewall with nothing open to the internet?
No. The local metadata agent requests the data, it doesn’t upload a list of what you have but requests the metadata it’s missing. And you could say that a log collection of what data it retrieves is risky… except now they cram so much nonsense on the home page that all of that is fluff that would obfuscate that heavily…
But you can configure the meta-agent. You can not request it at all.
So then you agree with my initial statement that I start with of “people need to implement it sensibly knowing the potential risks.”?
If so… then why get into a hissy fit over this when my statement was clear? People shouldn’t implement Jellyfin without understanding the risks… it’s not innately secure and requires additional solutions to make it use-able. And thus, should be recommended only when that is disclosed.
Where did I disagree with you?
I’ve repeatedly pointed out that Jellyfin is great for a self-hosted home media server. If you use it as intended then its security is not an issue.
Its not for running an internet tv service for others.
I don’t really understand why this causes some people to go off on a rant about how hard it is to explain a vpn to their grandmother. That’s not something I’ve ever suggested.
Because you keep missing the point that spouse or others that live with you but aren’t literally at the house are also “remote” users who are part of the same home.
I’ve never seen any Jellyfin document claim that it’s intended to be used behind a VPN or strictly in LAN operations. And actually have seen it directly advertise itself as something to share with others.
https://jellyfin.org/
Would be hard to share with family and syncplay if we’re only talking about LAN access.
https://jellyfin.org/docs/
Comparing themselves to Plex directly in usage.
https://jellyfin.org/docs/general/post-install/setup-wizard/
Not needed if this is a local only server. default configuration guide…
Lets ignored the “networking” section all together… Nearly all of that is only relevant if your exposing it to the internet directly but if outs itself as “This document aims to provide an administrator” so not meant for the typical user.
So are you right that it’s meant to be local only? Or the creators themselves that run the website and advertise it for sharing and external connecting?
I’m mildly confused… Am I the troll or them?
I legitimately think that they believe the service is “meant” to be use local only… but the product page doesn’t lead me to believe the same thing… While I’m likely going about it in a bit of an asshole way, I’m trying to figure out which of us is “correct” here. If there’s a disconnect I want to rectify it… if there’s a clear disagreement, then I can understand and take that… I’m just trying to hash it out.
Them.
You’re right that if it was supposed to be run in local only mode there wouldn’t be a streaming over the internet option.
Yes it is if you want to use it from any other computer on your lan.
It’s working fine for me with it unchecked… Okay fine, let’s say I did something nonstandard.
What about the other items? The hundreds of references by their dev team about exposure to the internet in the git? the dozens of others on the site?
Edit: My point is made even if we sans one specific one…
Edit2: or how about this… let’s replace that one with this one?
What’s the point of this checkbox if not for attempting to get the server directly internet accessible?
Edit3: Just so we’re on the same page that you’re wrong though…
Ok, so maybe I was mistaken. I remembered it not working when I had that unchecked.
Good job being a complete shitheel about it. And yet you wonder why people think you’re a troll and/or shill.