this post was submitted on 07 Dec 2025
520 points (96.3% liked)
Technology
77090 readers
2576 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Playing devil's advocate, I understand one point of pressure: Plex doesn’t want to be perceived as a “piracy app.”
See: Kodi. https://kodi.expert/kodi-news/mpaa-warns-increasing-kodi-abuse-poses-greater-video-piracy-risk/
To be blunt, that’s a huge chunk of their userbase. And they run the risk of being legally pounded to dust once that image takes hold.
So how do they avoid that? Add a bunch of other stuff, for plausible deniability. And it seems to have worked, as the anti-piracy gods haven’t singled them out like they have past software projects.
To be clear, I'm not excusing Plex. But I can sympathize.
I wish more people understood this perspective
It's really nice of them to fight the good fight while I use Jellyfin instead.
You may (half) joke, but MPAA attention on Jellyfin would suck.
I'd like to call this "the Ubuntu buffer".
Maybe a dumb question: What exactly could go wrong? Has the MPAA done anything to stifle Kodi?
https://www.comparitech.com/kodi/kodi-piracy-decline/
https://www.digital-digest.com/news-64644-Netflix-Amazon-Join-Forces-with-the-MPAA-to-Sue-Kodi-Box-Maker.html
And this is with Kodi furiously distancing itself from pirates at the time.
Attacks don’t have to be direct. Though they absolutely can be, too.
Which doesn’t have half the features and crap security compared to Plex/Emby.
The security thing is ironic because my personal Jellyfin server (nor anything else on it) has been hacked, but Plex itself has had their database leaked recently. It's actually the main reason I switched because I don't like their auth servers being a giant common target. (Also, technically it theoretically means Plex employees can just let themselves in to people's private servers)
From their blog post about it:
The passwords were hashed and, I'm inferring from their language, salted per-user as well. Assuming a reasonable length password (complexity doesn't matter much here, what we want is entropy) it would take a conventional (i.e. not quantum) computer tens to hundreds of millions of years to crack one user's password.
Yeah, I'm not really worried about it. I changed my password and moved on. It's just that hackers have every reason to try and exploit Plex, while individual servers are hardly worth someone's time and effort to go after when the payoff is maybe 1-2 usernames and emails
And I’ve never been attacked by a bear while wearing my goose feather headdress.
Call it survivorship/selection bias if you want, but basically every hack I've been exposed to is from centralized servers getting exploited that serve millions of people. Plex, along with any other public facing service with lots of users, receives targeted attacks constantly. All my server receives is automated bots looking for 10-year-old Wordpress .php exploits (I don't even run php on my server).
There is that but it’s primarily that they’ve taken over 40 million dollars of venture capital. They are almost certainly under immense pressure to turn profitable asap and converting lifetime pass users into revenue streams somehow, converting new users into SaaS, etc are going to be things they pursue more aggressively.
Don’t take the devils money if you don’t want the devils stipulations
They've taken other measures as well. Nobody knows the details besides them, but they blocked an entire cloud provider called Hetzner because too many people were using it for pirate Plex servers. They absolutely have to maintain the image of being legitimate like you said.
Sure, apart from charging for remote access.
That serves the purpose too. It’s harder to pin Plex as an “illegal distribution service” when you have to pay for access. Either the streamer or “distributor” can’t be very anonymous, which makes large scale sharing impractical.
On the other hand, the more money they squeeze out, the more they risk appearing as if they “make money from piracy,” which is exactly how you get the MPAA’s attention.
Remote access via their servers.
I admit I’m very out of the loop, but my understanding is that remote access via their servers is the only supported remote viewing solution? Anything else is a “hack” so to speak.
If you have a static IP, or dynamic DNS set up, you can set up your own remote access with a reverse proxy like nginx. The nice thing is I get to use my own SSL certificate and all the actual streaming goes directly to my server, not through their proxies.
The only "hacky" part about it is that the Admin dashboard shows "Not available outside your network", even though everything works perfectly.
Everything else is "a hack" in the sense that it is literally just the way to get Jellyfin working outside your network too.
It's really not. They handle authentication but then everything is sent to your server.
Dynamic DNS does cost money. But not $8 a month. Development also costs money which falls under the $8 a month, but really not my problem, which is why I use Jellyfin. I used to run Plex off of my Nvidia shield, which was a cool gateway drug to self hosting and I'm grateful to them for that, but I like handling the technical stuff myself.