Should I begin telling you about the wonderful man in the middle attack that I reported to Plex over 3 years ago and how it’s still not fixed? Anyone can setup a plex instance and use that very instance to request an ssl certificate on behalf of any other plex instance, and then setup shop and gain complete access to your machine.
Comment on Plex’s crackdown on free remote streaming access starts this week - Ars Technica
theskyisfalling@lemmy.dbzer0.com 9 hours agoBecause I don’t have to learn about things like proxies to try and open the service up outside my network in a secure manner or try to explain to family they need to run tailscale at the same time and then inevitably have to provide tech support for another aspect of “why is this not working?”
I just check allow remote access and it just works and I can go about my day doing things I enjoy more because fucking about with Linux and providing tech support are pretty low on that list for me :)
chonkyninja@lemmy.world 5 hours ago
dan@upvote.au 5 hours ago
Do you have a CVE for this?
fartsparkles@lemmy.world 2 hours ago
You’re going to need to back up your claim otherwise you might as well be lying as there’s no CVE like this I can find nor any public disclosure.
Plex have a bug bounty program and a responsive security team too.
Post your security report.
hperrin@lemmy.ca 8 hours ago
Sounds like a skill issue.
theskyisfalling@lemmy.dbzer0.com 8 hours ago
Typical condescending reply that I expect, yes it is a “skill issue” and I don’t really give a fuck. We don’t all have the same skills or the same levels of interest in acquiring those skills, some of us just want a solution that works easily for their skill level.
It is your kind of attitude as well that puts more people off learning these things because without a real interest in learning these things those kinds of hostilities just put people off of wanting to participate in those circles.
hperrin@lemmy.ca 8 hours ago
You could learn everything you need to know by watching a 20 minute YouTube video, but you’d rather use a paid product instead. That’s, like, the definition of a skill issue. The issue isn’t that the software is hard to use, it’s that you refuse to learn how to use it.
And that’s not the fault of Jellyfin, because the “ease of use” of Plex is because it’s a paid product. They can afford to run servers to make everything work for you without having to put in any effort to learn. You’re using their servers to make it easy for you, and you’re paying to do it.
It’s fine if you don’t want to learn to set up a service, but it does make me wonder why you’re commenting on a self hosting community.
theskyisfalling@lemmy.dbzer0.com 7 hours ago
Except that just isn’t true unless you have prior knowledge of lots of other things. As with a lot of documentation within this space it all presumes prior knowledge of different things.
Most things you read or watch will start with just do x but if you don’t already even know how to do x then you have to go down a further rabbit hole to find out how to do that. Everything you try and do is a series of these things so your 20 minute YouTube video turns into hours of trying to learn other things to tie in with it.
On top of that I dont understand the underlying security implications behind opening my network up to the outside world, it is all well and good following some 20 minute video but without understanding the underlying implications of what you are doing how can you really fully trust that information because I dont understand everything behind it?
Again, I never said it wasnt a skill issue, I literally agreed with you that it was…
Also why can I not comment and participate in a self hosting community just because I dont do things exactly the way YOU want me to does that mean I automatically can’t participate?
It is your kind of hostile and condescending attitude along with documentation that assumes too much prior knowledge that makes both the self hosting and Linux communities really unwelcoming to people that are looking to even dip a toe into them. This all or nothing attitude where only your method of doing things is acceptable and anything else is seen as fair game for mockery and condescension.
I’m new to the space and maybe in the future as I learn more about it I can move on to other things as I gain the knowledge I need but people like you, whose attitude is just fucking shitty are really off putting in these spaces. Everyone needs to learn and the culture of condescension and mockery towards new users by a large majority of the existing user base doesn’t make more people want to join in and learn.
Cheers for adding absolutely nothing to the conversation though and further putting me off wanting to learn any more or continue to interact with the communities though. You’re really helping push adoption of things like this.
chonkyninja@lemmy.world 5 hours ago
Quick question, do you know how to wipe your own ass?
Cocodapuf@lemmy.world 1 hour ago
Do you know how to rebuild your car’s engine?
Do you know how to remediate black mold spreading on the walls of a houseboat?
Do you know how to compile Linux to run on some custom arm hardware?
Do you know how to repair or rebuild a crumbling stone retaining wall?
There’s a good chance you may not know how to accomplish all of those tasks. There’s also a very good chance you may not care about knowing how to accomplish all of those tasks, as some of them may not be relevant to you. This is ok.
Finally, I know you’re posting on the Internet, but you don’t have to be an asshole, that’s a choice.
theskyisfalling@lemmy.dbzer0.com 5 hours ago
No, I am intending to take that course next year, any tips?
fluffykittycat@slrpnk.net 6 hours ago
I can’t wait till meshvpn technology becomes so common that we forget what life is like without it. Tailscale is awesome but it is just the beginning
neon_nova@lemmy.dbzer0.com 8 hours ago
What?! Why don’t you have to do those things with Plex?
theskyisfalling@lemmy.dbzer0.com 8 hours ago
Because it does it for me? In Plex I just tick one box in settings to allow remote connections and then choose which libraries to share to which users and bam they can access all that content just by downloading the Plex app and logging in on their end.
No fucking about.
neon_nova@lemmy.dbzer0.com 8 hours ago
Doesn’t Jellyfin operate the same way?
I’m not sure there is any difference.
Cocodapuf@lemmy.world 2 hours ago
It does not, not at all.
Darkassassin07@lemmy.ca 7 hours ago
Plex has an automatic proxy service hosted by their public servers. If you haven’t or can’t configure port forwarding correctly, plex will route the connection through their own servers.
The problem is, that also means Plex co has total control over your server and the data sent between it and clients if they so choose. Anything from quietly logging the data sent back and fourth, to controlling who can connect and what they can do while they are.
Jellyfin has to be correctly exposed to the internet via port forwarding or tools like tailscale/a vpn; but it’s entirely your server under your control. You have ultimate control over how your server can be accessed, but that also means you’re responsible for actually setting that up.
theskyisfalling@lemmy.dbzer0.com 8 hours ago
No, not at all. Jellyfin you’d have to setup a proxy or some kind of VPN like tailscale for the remote client to be able to access the media. I started to try and figure it all out when I first set up my server but as I have said in another reply j dont really care to waste the time learning how to do it in a secure manner and minimise the friction on my other users so I dont know the ins and outs but jellyfin you absolutely can’t just tick a box and share a library.
Also jellyfin meta data analysis was shit compared to Plex and so I’d have to spend even more time actually managing the server that I dont have to do with Plex.
cmnybo@discuss.tchncs.de 8 hours ago
Jellyfin is free open source software, they don’t have the money to provide free proxies to their users.
AlternatePersonMan@lemmy.world 8 hours ago
Same. For whatever reason Jellyfin just does not want to work outside of my network. I have fiddled with port numbers, settings, and everything else. I have no idea why it won’t work.
Darkassassin07@lemmy.ca 7 hours ago
Sounds like you’re behind cgNAT, which essentially means there’s another router owned by your ISP that’s between yours and the open internet, which also requires port forwarding, but your ISP will never do that for you.
It complicates things, but the solution(s) are tools like tailscale, cloudflare Tunnels, or to rent a VPS just to host a proxy/vpn.
Plex solves this by using their own public servers as a proxy for you, but this is part of how they have control over your users/server/data, such as blocking remote streaming… That makes more than a few people uncomfortable.
theskyisfalling@lemmy.dbzer0.com 7 hours ago
Yeh these are things I realise and I know there are solutions. The way Plex does it isnt ideal but also it works for me and my current knowledge level.
Maybe in the future as I learn more I can move on but right now it works for me and I dont have the time or motivation to put into learning everything else I need right now, as with everyone else in the world right now there is a lot of other shit going on that it just isnt high on my priority list unfortunately.
I’m still in my first year of self hosting personally and as well as being a Linux newbie I have learnt a lot and it has been a steep learning curve with everything.
Darkassassin07@lemmy.ca 7 hours ago
I only bring it up because you explicitly said you have no idea why it doesn’t work.
Take things at a comfortable pace; there’s no sense overwhelming yourself. Then you just forget what you’ve done and end up lost in your own maze.
I started with Plex myself, almost 10 years ago. Moved to Emby, where I learned about buying a domain, setting up ssl through a reverse proxy, and just continued to explore from there. Today I run ~26 containers/projects across three systems and I’m always keeping my eye out for interesting new things.
Best of luck with your journey m8.
fluffykittycat@slrpnk.net 6 hours ago
The way networking has developed is honestly embarrassing. We shouldn’t have to have cgNAT or any of the other problems that come with how we’ve broken the end to end principle, and it’s made us reliant on centralized Services when there’s absolutely no technical reason why that ever had to be the case
dan@upvote.au 5 hours ago
Thankfully CGNAT isn’t as common in the USA as it is in other countries. In the US, ISPs generally either offer native IPv4 (most of the major ones), or only use IPv6 and provide IPv4 at all. The latter is the case with a lot of the mobile carriers, especially T-Mobile. Your phone only gets an IPv6 address, and their network uses 464XLAT to connect to legacy IPv4-only servers.