this post was submitted on 07 Dec 2025
357 points (96.9% liked)

Technology

77084 readers
2758 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
357
4 reasons Plex is turning into the thing it replaced (www.androidauthority.com)
submitted 19 hours ago by fne8w2ah@lemmy.world to c/technology@lemmy.world
102 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] brucethemoose@lemmy.world 122 points 18 hours ago* (last edited 18 hours ago) (5 children)

Playing devil's advocate, I understand one point of pressure: Plex doesn’t want to be perceived as a “piracy app.”

See: Kodi. https://kodi.expert/kodi-news/mpaa-warns-increasing-kodi-abuse-poses-greater-video-piracy-risk/

To be blunt, that’s a huge chunk of their userbase. And they run the risk of being legally pounded to dust once that image takes hold.

So how do they avoid that? Add a bunch of other stuff, for plausible deniability. And it seems to have worked, as the anti-piracy gods haven’t singled them out like they have past software projects.

To be clear, I'm not excusing Plex. But I can sympathize.

[–] ragebutt@lemmy.dbzer0.com 5 points 6 hours ago

There is that but it’s primarily that they’ve taken over 40 million dollars of venture capital. They are almost certainly under immense pressure to turn profitable asap and converting lifetime pass users into revenue streams somehow, converting new users into SaaS, etc are going to be things they pursue more aggressively.

Don’t take the devils money if you don’t want the devils stipulations

[–] kieron115@startrek.website 4 points 7 hours ago* (last edited 7 hours ago)

They've taken other measures as well. Nobody knows the details besides them, but they blocked an entire cloud provider called Hetzner because too many people were using it for pirate Plex servers. They absolutely have to maintain the image of being legitimate like you said.

[–] almost1337@lemmy.zip 41 points 17 hours ago

I wish more people understood this perspective

[–] explodicle@sh.itjust.works 26 points 16 hours ago (2 children)

It's really nice of them to fight the good fight while I use Jellyfin instead.

[–] brucethemoose@lemmy.world 15 points 16 hours ago (1 children)

You may (half) joke, but MPAA attention on Jellyfin would suck.

[–] explodicle@sh.itjust.works 10 points 16 hours ago

I'd like to call this "the Ubuntu buffer".

[–] AtariDump@lemmy.world 1 points 14 hours ago (1 children)

Which doesn’t have half the features and crap security compared to Plex/Emby.

[–] xthexder@l.sw0.com 12 points 11 hours ago* (last edited 11 hours ago) (1 children)

The security thing is ironic because my personal Jellyfin server (nor anything else on it) has been hacked, but Plex itself has had their database leaked recently. It's actually the main reason I switched because I don't like their auth servers being a giant common target. (Also, technically it theoretically means Plex employees can just let themselves in to people's private servers)

[–] kieron115@startrek.website 2 points 6 hours ago* (last edited 6 hours ago) (1 children)

From their blog post about it:

An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication data. Any account passwords that may have been accessed were securely hashed, in accordance with best practices, meaning they cannot be read by a third party.

The passwords were hashed and, I'm inferring from their language, salted per-user as well. Assuming a reasonable length password (complexity doesn't matter much here, what we want is entropy) it would take a conventional (i.e. not quantum) computer tens to hundreds of millions of years to crack one user's password.

[–] xthexder@l.sw0.com 3 points 6 hours ago

Yeah, I'm not really worried about it. I changed my password and moved on. It's just that hackers have every reason to try and exploit Plex, while individual servers are hardly worth someone's time and effort to go after when the payoff is maybe 1-2 usernames and emails

[–] KairuByte@lemmy.dbzer0.com -3 points 14 hours ago (2 children)

Sure, apart from charging for remote access.

[–] brucethemoose@lemmy.world 12 points 14 hours ago* (last edited 14 hours ago)

That serves the purpose too. It’s harder to pin Plex as an “illegal distribution service” when you have to pay for access. Either the streamer or “distributor” can’t be very anonymous, which makes large scale sharing impractical.

On the other hand, the more money they squeeze out, the more they risk appearing as if they “make money from piracy,” which is exactly how you get the MPAA’s attention.

[–] TheOctonaut@mander.xyz 4 points 14 hours ago (2 children)

Remote access via their servers.

[–] KairuByte@lemmy.dbzer0.com 2 points 14 hours ago (2 children)

I admit I’m very out of the loop, but my understanding is that remote access via their servers is the only supported remote viewing solution? Anything else is a “hack” so to speak.

[–] TheOctonaut@mander.xyz 1 points 7 hours ago

Everything else is "a hack" in the sense that it is literally just the way to get Jellyfin working outside your network too.

[–] xthexder@l.sw0.com 3 points 11 hours ago

If you have a static IP, or dynamic DNS set up, you can set up your own remote access with a reverse proxy like nginx. The nice thing is I get to use my own SSL certificate and all the actual streaming goes directly to my server, not through their proxies.

The only "hacky" part about it is that the Admin dashboard shows "Not available outside your network", even though everything works perfectly.

[–] FlexibleToast@lemmy.world 1 points 13 hours ago

It's really not. They handle authentication but then everything is sent to your server.