Text:
I consent to Plex to: (i) sell certain personal information (hashed emails, advertising identifiers) to third-parties for advertising and marketing purposes; and (ii) store and/or access certain personal information (advertising identifiers, IP address, content being watched) on my device(s) and share that information with Plexās advertising partners. This data is used to deliver personalised ads and content, ad and content measurement, audience insights and product development. Your consent applies to all devices on which you have Plex installed. You can withdraw your consent at any time in Account Settings or using this page.
Soure: https://www.plex.tv/vendors/ (Might have to clear cache)
Can also read about the changes here: https://www.plex.tv/about/privacy-legal/
Man, you keep thinking that taking digs about how itās all a skill issue is either an argument or an insult, and I keep reminding you that even if there was a skill issue at play (and there wasnāt), being hard or annoying to use is the actual problem. If your UX allows for skill issues in making a straightforward setup run then itās a UX issue.
Also, me using Plex to host copies of my own media legally is not the same as operating a P2P service. But if itās any consolation I have no intention to set foot on that hellhole anyway, given that US authorities seem to not need copyright overreach to throw you in a room with no windows indefinitely these days. Good luck with that.
Oh, and yes, those are mutually exclusive. Or mutually inclusive, to be more accurate. If your concern is the govenrment overreach implications of having a portion of your data leaked, worrying about a smaller leak along the way of actively generating a larger leak is entirely pointless. Conversely, Iād argue that if you have a dozen users and are terrified that the cops are going to come and raid theā¦ Iām gonna say meth lab youāre running on the side, weāre back to the conversation about how cool you are with that dozen users having their Jellyfin clients running on a bunch of Android devices, Smart TVs, Windows boxes or whatever else.
Again, I keep struggling with the irony of this weird position having entirely bought into the narrative that self-hosting media is inherently illegal or dangerous. I came into this argument from the UX angle, you guys are increasingly convincing me that a significant disincentive for self-hosting to become mainstream is that its entire community is convinced that they are doing something wrong, apparently. Itās not that I hadnāt noticed how central to the whole thing a bunch of P2P-specific paraphernalia happens to be, but I wasnāt ready for the gatekeeping to come with a side of edgy 90s weāre-so-bad hack-the-world stuff.
Iām not explaining this to you again. What you described is not legal on a US hosted service like Plex, and even most other countries with DRM exceptions for personal use do not include sharing outside your immediate household. Even if itās perfectly legal in your country, and the US canāt touch you where you are, Plex is still obligated to abide by US restrictions. Good enough if that doesnāt bother you, but it isnāt completely without risk and you should be well aware of it.
What exactly does āgovernment overreachā mean in this context?
Using Google SSO independently is bad. Plex independently is bad. Using both together is worse. Using either while also breaking the law, when thereās a perfectly acceptable way to do neither of those things and still just as easily break the law is a whole lot better.
Iām just not a dumbass. Having a dozen users log in without any of them publicly pointing at me or my server IP is a hell of a lot safer than letting a private service log every sign-in and stream event of the server, and then letting a separate private service link those users to accounts with detailed personal information. Those people can install jellyfin on their phones and tablets all they want - google wouldnāt know what servers those clients are connecting to anyway. And even if they did, my server is not associated with my personal details or ISP-assigned IP address. Maybe you just didnāt know that, idk.
Using a google SSO isnāt a prerequisite for self-hosting becoming mainstream. Maybe SSO generally is, but there are a dozen other ways to achieve the same thing. Maybe I donāt care if it becomes mainstream? Maybe what I actually want is for people to learn tech self-sufficiency so that weāre not indefinitely reliant on SAAS. Maybe iām content with my special little hobby and Iād rather point and laugh at people who get fucked over by services they delude themselves into believing wonāt ever screw them, just because they canāt be bothered to learn a new skill.
If youāre as concerned with self-hosting becoming as mainstream as you claim you are, then Iād imagine youād be more concerned with the late-stage capitalist reality of media distribution and the increasingly restrictive laws surrounding its use. Where I live, the legal structure that protects the right to self sufficiency is very much under question, and continues to get worse. I got burned several times in the napster/limewire days, before it was established precedent that sharing digital copyright material was illegal, and unheard of still that anyone actually got punished for it. I know better than most that you canāt count on those protections indefinitely.
But as an anarchist, I think a little bit of crime is good, actually. More people should be doing crime. But if youāre gonna do it, do the rest of us a favor and donāt be a dumbass about it.
You are saying many things about the legality of this, especially internationally and regarding what Plex is or isnāt obligated to do, that are a bit of a stretch. But man, are they put in context by the admission of left wing cosplay there at the end where you concede you do think āa little bit of crime is good, actuallyā, which explains a lot of the hack the world mentality and why you feel so cool and dangerous by sharing some torrents you got with a slightly larger group of people than your direct family.
I still do think thatās counterproductive if you ever want a scenario where the late-capitalist media distribution landscape gets at least a modicum of competition from more reasonable and sustainable alternatives. That you prefer to feel edgy than to propose a viable scenario for that is all well and good, but I wish you didnāt feel the need to do that at people.
For the record, you are still wrong about SSO. Again it makes sense that if youāre cosplaying cops and robbers āthis thing bad, this thing bad, both together worseā sounds reasonable, but if you really were at risk of any real legal liability thatās really not how that would play out. In the real world ANY leak of that information from any source would be an absolute problem. So the Google login could be a problem by itself, and the Plex data gathering would be a much bigger problem by itself, but both together would just mean you are exactly as screwed as with just one.
But you think itās cool to crap on Google (which I guess it is) and are cosplaying, so thatās a cool thing to perform outrage about even if it doesnāt really matter in this scenario. Which Iām increasingly realizing is all this conversation is about, from the āIām so good at networking and system administrationā braggadocio to the āIām such a dangerous anarchist criminal that doesnāt give a crap about the rules because Iām so good they canāt catch meā stuff.
FWIW, I do care about self-hosting as a viable commercial alternative and about a legal framework to support it, but even if I didnāt think it was possible (which it is, and some people at least are working along those lines) I am not ready to give up on the changes required to get there just to feel cool on the Internet. You do you, though, justā¦ try not to scare the normies away. Not that there are any normies around here anyway, so I guess weāre safe on that front.
Thatās almost exactly what I was saying, except that using both actually increases your risk just by capturing more detailed logs of your server activity and the associated accounts. Your users could use anonymous usernames or share login credentials if they wanted to without it, but being forced to use google SSO means each user is personally identifiable even if theyāre protecting themselves otherwise. Itās the same reason I would never use googleās SSO for another web service if I had an alternative, even if for something completely innocuous. Why give them extra information about my web activity and tie it directly to my verified account, even if itās something trivial like what plex servers i use or how Iām watching my media and on what devices?
But mostly my point was that using googleās SSO by itself, with your own self-hosted server is dumb because it unnecessarily exposes you where you otherwise would have been fine. That was the whole point of this conversation - not that plex was specifically bad because they used it, but that it isnāt a desirable feature for plex or for a self-hosted alternative. Maybe you just misunderstood that, idk.
Where I am people are being black bagged for less than just breaking DRM. I could be disappeared on my way to work tomorrow just for saying something silly like āfrom the river to the seaā. Maybe youāre privileged enough to feel secure in your legal standing, but thatās not one that I share. Like I said, iāve gotten burned for using napster when I was young and dumb, and I thought I was safe then, too.
For most people this side of the pacific, ripping DVDās for personal use is not legal, and streaming them to others is even less so. Any service hosted within the US is subject to that law. You being outside the US but using a private service hosted within it puts you squarely within that jurisdiction, but since you fancy yourself a lawyer, and since IDGAF anyway, iāll let you mull it over for yourself. If all youāre afraid of losing is access to your plex account then all the power to ya. I just donāt agree with that value judgement.
Iām honestly not sure why you feel so cavalier about your data privacy. If youāre really one of those āiāve got nothing to hideā folks, I have a larger gripe with you than what a silly āplex vs jellyfinā debate can cover. Itās incredibly shortsighted and normalizes apathy and complacency. Thereās no reason to be exposing your private server usage data to private for-profit companies, especially when that activity is already borderline legal at best. My actual fear is that plex gains mainstream attention and comes under legal scrutiny. we go through another tightening of the screws because our bloated media market is bleeding and dragging the rest of the stock market down with it. Thatās what happened with napster and the record industry, and itāll happen with streamers and plex if weāre not a little more discrete.
Yes, rip your dvds. Yes, share them with whoever you want. Go pirate some animes or download a car, IDGAF. But donāt pretend like youāre somehow safe from punitive copyright action just because youāre off in Greenland or whereverthefuck. Youāll end up teaching normies bad habits and poor judgement when it comes to protecting their data privacy.
Again, just donāt be a dumbass about it.
Well there you go. I would really rather self-hosting not even be commercial.
Lmao yes look at me and my data hygiene, youāll never be as cool as me. Itās clear that you have some misgivings about FOSS as a concept, I guess you can feel good about donating your money to a for-profit entity as a way to stick it to those hippies. God forbid I had tried selling you on linux in this thread, that could have really snowballed.
I mean, my Plex server is on a Fedora machine, it seems to be doing fine. I have gotten into arguments here about how frustrating it is that Linux advocates pretend every usability problem for Windows users is solved and that ājust use Mintā is a valid solution to that issue. If you want to know how that goes, it goes a lot like this conversation.
On topic, using any external login or remote access third party service for your self hosted services is a significant change in how much info is not controlled by you, nobody is arguing that. Thereās a conversation to be had about whether thatās worth it for most users. Like I said earlier, is it a good thing for Home Assistant to provide a paid subscription service that will handle that for you? For most people Iād say yes, itās still a much safer, more flexible alternative to Googleās or Amazonās ecosystem, so why not? Baby steps.
But if youāre already using a commercial service that already has a proprietary login then no, it doesnāt matter. Plex already knows which clients go to your server. It does not need Google for anything here, having Googleās SSO doesnāt give them any information they already have. It does give that to Google, but if your concern is the cops are going to bang on your door for all your illegal pixels that you stream then youāre just as boned. Itās borderline irresponsible to pretend otherwise.
As for the āI have nothing to hideā thingā¦ look, if you want to have this argument with someone else go pester them instead. Itās not āI have nothing to hideā, itās āthis commercial service that I use does something that is legal and I intend to both take advantage of that and defend my right to own my mediaā. How you get āI have nothing to hideā out of that is your own pretzel logic.
I have a right to store, backup and access my own media and to keep a copy of it for private use. I will exercise that right regardless of how many US corpos pretend that hey own the very concept of showing video to people. I am doing nothing illegal here and of the perfectly legal software options to do this perfectly legal thing I chose the one that had better usability for my family to be comfortable using it. This comes at the cost of an external service storing some of our data, just like our Netlfix and Disney+ subscriptions do, but since Iām not keeping a media server performatively that is a tradeoff we have made on a bunch of places because not everybody who lives here is willing to do homework to be able to use their devices. That cool with you?
For the record, I donāt have any misgivings about FOSS as a concept. I do have remarkable contempt for people who want it to keep being a minority option because they like being in the secret treehouse and donāt want everybody else learning about it. Widespread, successful FOSS doesnāt look like half-baked UX and hobbyist programmers working for nothing in their spare time, and I would certainly like to see a landscape where alongisde hobby projects we have a solid stable of financially sustainable professionally made open source alternatives that anybody can get into. Jellyfin isnāt even the worse offender here. If nothing else itās frustrating because it could be a more approachable sustainable alternative in the vein of your Blenders or Home Assistantsā¦ but itās kinda not, and that sucks.
Yes, that was the joke
There are so many differences between HA and Plex that itās almost difficult to pick which one is most significant. All iād say is - if plex was at all the same as HA, I would have zero problem with it. If jellyfin adopted HAās model of paid development, Iād be thrilled. But HAās strategy is actually pretty unique, itāll take time for that structure to be stress-tested and propagate.
Yea but not really - google accounts are usually pretty specifically identifiable to a person/ad account/collected internet and device activity. Might not be a big deal to you, but having those things tied together is problematic on a number of levels. You can self-host an SSO, and you can also have a security-focused third-party SSO - both would be marginal improvements over using googleās auth system in terms of privacy.
Yes, 100%. If youāre at all concerned about privacy, plex is a terrible idea, with or without SSO. Iām glad you agree.
āWhat iām doing is perfectly legal so it doesnāt matter if they have my detailed dataā. Youāre not hiding it because you think you donāt need to - thatās exactly the argument youāre making. Every step toward data privacy is valuable, even if your total data hygiene practice isnāt perfect. It still matters.
Good for you. Most of us do not.
Neither am I, but I guess I do feel quite passionately about keeping it private and Iām not shy about advocating for the practice. Probably for the same reason youāre very tight lipped about what country youāre from - you donāt necessarily think youāll get swatted if you do, just that itās a pointless detail to share with strangers if you donāt have to. Most of my family doesnāt care enough about not using netflix or disney+ that theyāre happy to keep using them if my offering is too complicated. Iām happy to help them set up and learn how the server works if theyāre interested, and a number of them have become enthusiastic self-hosters themselves as a result. If I was operating a mission-critical service on my server then maybe iād care more about minimizing UX friction but since itās not, Iām happy with prioritizing privacy and control over polish. Thatās a pretty common mentality for a server administrator - iām not running a SAAS here. At most Iām just the enterprise IT manager trying to keep the office slack channel running.
You can say that, but boy oh boy is that hard to believe. You certainly donāt think FOSS is worth any level of inconvenience. Looks to me like youāre the kind of person who wants the best tool for every job, regardless of if you could get by with a middling one that supports a FOSS project. Thatās fine. I use adobe products for work because I canāt really get by without it, but I still use GIMP or Inkscape when I can and I support those ecosystems with my time and money because it draws more people in. And I actually do want my FOSS tools to be built as side projects, at least at first. Thereās a place for polish and professional support, but a lot of this stuff needs to be built out and tested before that kind of thing happens. A lot of these projects act as beta testing for forks that will end up doing one thing really well to a high level of polish. Having a product thatās maybe a little complicated but extremely accessible from a configuration standpoint lets more tech-minded people build on top of them and work toward more polished solutions.
But I certainly donāt find VC backed projects entering into the FOSS space as a good thing. Maybe that competition drives positive movement in the open-sourced ones, but usually they turn out to be āembrace, extend, extinguishā projects. Like, I donāt think metaās Threads is a positive thing for federated social media, even though by this logic they are making it āmore mainstreamā by their adoption of activitypub. There just isnāt a way to separate the product they produce from the economic model they operate under, and plex has chosen a model that inevitably leads to enshittification and walled-off content gardens.
I just donāt see any reason to blow smoke for plex. Their UX is fine (great, even), but theyāre doing basically everything else wrong. Theyāre reliant on VC capital, theyāre collaborating with private media and tailoring their TOS to protect copyright holders, theyāre collecting data they donāt need and forcing features that reduce privacy, theyāre changing their privacy policies to enable data sales and monetization, theyāre bait-and-switching users by placing popular free features behind paywalls, theyāre banning lifetime paid users for perfectly legal use of their servicesā¦ the list goes on and on. At some point, a company like Plex crosses the line from āreasonable profit-seekingā to āactively user-hostileā, and I think theyāve already crossed that line. Maybe you think their UX is worth the abuse, but I certainly do not - not when thereās a perfectly fine alternative that fits my needs and more.
Well, hey, there we agree, then. Iād say that the setup for HA is actually fairly Mozilla-like, and people donāt seem thrilled with THAT, so it wasnāt a given youād agree. Plex certainly isnāt that. For one thing itās commercial and closed source. But crucially HAās commercial branch WILL have a bunch of your data, including voice processing and login info, if you do buy into their paid subscription service.
As for the rest of the argument, most is redundant so Iām not gonna go through the loop again, I am actually busy. But I will add a few things. For one thing, whether I think FOSS is worth āany level of inconvenienceā is irrelevant. I do, and I do live with the inconvenience in some cases. But if the goal is for FOSS to be mainstream and a primary choice (and it can absolutely be, there are plenty of examples), then it doesnāt matter what I think. The reason the privacy tradeoffs make sense for Plex is that Plex is an app your family is likely to use. Mine does, and they sure wonāt put up with bad UX for the sake of using an open alternative. OBS didnāt crush Xsplit out of the market because of ideology, it did it because it became more powerful, usable and reliable.
And let me clarify I donāt āblow smoke for Plexā. I opened this whole subthread by saying I wanted to use Jellyfin (hence all the testing weāve been nitpicking about) but couldnāt justify it. Iāve said this above. Iād drop Plex in a heartbeat if Jellyfin was just as good to use for me and the rest of my household. But it isnāt. Thereās no reason to blow smoke for Plex, but there is a reason to not delusionally pretend that open source alterantives are better than they are. Youāre not going to gaslight normies into using them that way and the complacency just makes it less likely for them to succeed at what theyāre trying to do. It is, after all, the year of Linux desktop.
It would be great if JF did something similar, but I think they donāt specifically because theyād be liable for their users illicit use of it. Thatās basically the whole reason OSS streamers exist. Plex started out that way, but when they decided they wanted to compete with the big boys they were forced to lock it down more to protect themselves against legal challenges. Thatās why I think youāre kidding yourself if you think itās a long-term solution for streaming ripped media. Thatāll only last until copyright owners decide to push plex to take action against it.
I donāt think that should be the goal - FOSS as a model will never outcompete for-profit corporate models. IMO the goal should be to encourage people to learn the minimal amount of tech self sufficiency so that they can choose FOSS when they need it, rather than pushing FOSS to become OSS, and then eventually just SAAS. Firefox is a good example of what can go wrong with chasing mainstream adoption. Thereās a place for projects like Plex, but im pretty adamant that those should be halfway solutions more than end-goals. Iām fine with leaving that as a disagreement.
Nobody is saying JF is easier to use than plex, we just prefer the flexibility and privacy and arenāt bothered or slowed down by the complexity. Thatās fine. You just have different priorities than the rest of us. Iām glad thereās an option for you.
I think your read on what people typically do with Plex probably doesnāt align with reality. I also think in the end youāre way less optimistic about the potential of open source software than I am. There are multiple areas where OSS options are either dominant or very competitive, but I am also clearly way less picky about how that gradient of openness to commerciality than you are. We can agree that itās fine that there are options for both or all steps in that gradient, but there is a ton of snark and all-or-nothing attitude in that community as well.
I will say that If you have a commercial option like Plex and a couple of open alternatives (say Kodi and Jellyfin for the sake of argument) I would prefer one of those to have the type of UX that can compete with the closed commercial product because you can compete with open alternatives.