cross-posted from: https://poptalk.scrubbles.tech/post/2333639
I was just forwarded this someone in my household who watches our server. That's it folks. I've been a hold out for a long time, but this is honestly it.
They want me to pay to stream content that I bought from my hardware transcoded also on my hardware.
I'll say it. As of today, I say Plex is dead. Luckily I've been setting up Jellyfin, I guess it's time to make it production ready.
Edit: I have a Plex Pass. More comments saying “Just buy a plex pass” are seriously not getting it. I have a Plex Pass and my users are still getting this.
And for the thousandth person who wants to say the same things to me:
- YES I know I'm unaffected as a Plex Pass owner.
- My users were immediately angry at it, which made me angry. Our users don't understand what plex pass is, and they shouldn't have to, that's why I had it. The fact that they were pinged even though it should have kept working is horribly sloppy
- Plex is still removing functionality. I don't care that "People should pay their fair share". If Plex wants to put every new feature behind a paywall, that's completely okay. They are removing functionality.
- "But they have cloud costs". Remote streaming is negligible to them. It's a dynamic DNS service. Plex client logs in, asks where server is, plex cloud responds with the IP and port of where server is located. That's it.
- "Good luck finding another remote streaming" - Again, Plex just opens up an IP and port. Jellyfin also just opens up an IP and port (Hold on jellyfin folks I know, security, that's a separate conversation). All "remote streaming" is is their dynamic dns. Literal pennies to them. Know what actually is costing them money? Hosting all of that ad-supported "free" content that they're probably losing money on.
In short, I don't care how you justify it. Plex is doing something shitty. They're removing functionality that has been free for years. I'm not responding to any more of your comments repeating the same arguments over and over.
Seems like it was only a matter of time.
20% more will jump to Jellyfin. The other 80% will entrench and talk even more about how great Plex is. I mean Jesus, $250 to watch pirated movies. lol wtf It's also fucking wild to me that people are defending a monetization model that is on self hosted hardware. Like, I gotta pay for my server and then a license to avoid buying DVDs. Fuck it, at this point just buy the fucking movie.
Ya'll are brain dead. Plex loves you tho.
Yup, read through this thread and it becomes clearer and clearer. and trust me, I've been a long time hold out, I've been through this many times - but this is the first time I've seen functionality removed from Plex to be put behind a paywall. And doing a price hike at the same time. Absolutely shitty. I've already migrated off.
Why would they need to connect to a VPN every time they connect to Jellyfin?
Jellyfin has some security issues that, depending on who you ask, are either critical vulnerabilities that make it completely unsafe to expose to the Internet or largely unconcerning for regular users.
I'm not overly concerned about my instance running behind a reverse proxy. Perhaps I am just naive...
Honestly yeah. The Jellyfin Backend is basically unauthenticated for a large part, allowing anyone to map and stream your content as soon as they guessed the ids, which isn't that hard, since they are based on the paths on your device. So if your movie sits in /mnt/media/movies/the_bee_movie that is pretty esay to guess and calculate the id from, allowing anyone to stream that content from your server
And apart from an undesirable bandwidth usage resulting from someone guessing their way to my file structure, how can this be used to compromise my server?
They can stream content from your server or map out what you have on there by using a rainbow table. Depending on the country you live in they can and will use that combined with your IP to start litigating you
And this has actually happened before?
My question is, where are you posting the address to your jellyfin server that someone who finds it will go through the trouble of even doing this?
Also how could they start litigating you based on the content you have? If I had illegal content on my server, I would be really dumb to expose it on the internet on a public jellyfin server. Otherwise my movies, tv, etc are my paid for content..
You don't need to post it. Bots are scanning every ip, 24/7, looking for servers to infect, endpoints to abuse and data to extract.
Go set up a ssh tarpit on your server and watch the flies drown in it. I will not expose anything on my server that has so many known vulnerabilities
Your content might be legitimate, but the vast majority use Plex and Jellyfin as a media Server for pirated content and still want to share it with their friends or family. And just FYI, most blurays and DVDs also forbid this kind of sharing in their license
I find it hard to believe that there are bots scanning for jellyfin exploits, since as far as I'm aware, the exploit is for viewing content without auth. 99% of bots are scanning for old instances of wordpress or other outdated software to exploit.
If my content on Jellyfin was illegitimate, the person scanning for my files would have to prove that before they can sue, no? I don't think this makes sense for anyone to do.
p.s. I won't argue that YOU should setup software that you dont want to, just that this particular reason not to may be a bit farfetched.
Yes, you are right, but I think my point was missed.
Theres not much reward for hackers to hack private jellyfin hosts (unless there is some big exploit that gives remote code execution that im unaware of), sure the bots will scan and try exploits on open ports, but are they specifically targetting jellyfin?
There is always a risk, but in my opinion, the chances of being hacked through jellyfin are way too low to bother with over-bearing measures, like a required vpn connection.
Running jellyfin in a secure manner (without root, only access to your content, etc) reduces the risk of much harm too.
if you reverse proxy (w/ proper headers etc.) into a VPN this isn't an issue
The magic bullet in that sentence is VPN not reverse proxy
im aware, but the inconvenience of all users connecting to the VPN was mentioned. that's unnecessary this way
I always see this and I have to ask: why do you care?
They likely aren't paid customers of yours, if they don't follow your rules and the software you like to use, then they are free to use any other method of consuming media.
Have to agree with the other comment that asks why do you need to use a vpn. Fax
Sorry, I wasn't clear. When I said "why do you care?", I didn't mean YOU specifically with OPs potential problem of losing users.
I meant why do people in general, who self-host software for friends/family, care if their friends/family stop using the software.
E.g. I have friends on Plex, but for whatever reason, I decide I want to move to Jellyfin. My friends stop streaming my media because they dont like jellyfin for whatever their own reasons may be. I personally wouldn't care about losing them as "users", because it's not like they are paying customers. I let them access my instance for free, if they aren't bothered enough to use it, then thats on them, not me to cater to their needs by keeping Plex around.
Hope that cleared up my meaning. I wasn't attacking you for caring with your original response.
p.s. you are at risk by hosting Plex too, just in different ways. Plex still requires your server is open to the internet, right? Even if only Plex's servers can access it, who's to say Plex themselves don't get hacked. Always a risk/reward type deal with hosting software, in my opinion, either are fine to expose.
This place sucks at times as it becomes clear it’s just an echo chamber that we used to call the Donald for.
My users don’t like the UI of Jellyfin as it isn’t as polished as Plex. I do this for my users and although it costs me money, it does save them a whole lot more money and means they’re taken out of some capitalist systems which should be the goal no?
I also have the cost of a VPN too.
Edit: The comment I replied to was on -6 upvotes at the time of posting.
The UIs are nearly identical, though.
Not in the slightest.
On iOS for instance there is a weird thing where it has a set of Ui controls and then if you double tap the screen it turns to the iPhone default Ui controls.
This.
I just set up Plex for my mom on her bargain bin cheapo android TV. It had the plex app right there and it’ll play without transcoding.
Can’t do that with Jellyfin.
Entrenchment. This is a profoundly absurd statement.
You paid $100 to access software hosted on your own devices. That's wonderful you think that's a great idea. I'm sure the Plex devs love you and would kiss you right on the mouth.
Because you're vendor locked in.. lol.
This is a complete false equivalence and I feel that you know that. The idea of a console is to expand it by buying new games. That's not unexpected.
I am a software developer. The argument isn't that software should be free. The argument is that this is an exceptionally poor business model and as a developer I'm disgusted that people are defending it. The VC which owns Plex and other VCs will use this "logic" that you have to move the goal posts further, and further, and further, and further until there's no such thing as free software anymore. And I think that's fucked up.
At the end of the day you're paying twice to avoid buying IP. Just fucking buy the IP if you're going to be stupid. Movies are like $12. At $250 you're paying $2.10/mo in addition to your hosting costs.
Just go buy 20 movies for the same price. It's so dumb.
I dunno man, I don't care much, when Plex gets shitty enough I'll jump. But paying for the ongoing maintenance of software isn't some evil thing, even if I self host it.
You're not paying for software maintenance, you're paying a subscription service to a private company that has already decided to cut back on features that others also thought they were paying to maintain.
If you want to actually pay for software maintenance, migrate to Jellyfin and pay them instead, rather than filtering your payments through middle managers and shareholders first.
Problem is jellyfin (apps and server) is shit
You didn't ask, but if you've had a bad experience with the apps, you could try one of the native apps.
My friends on Apple devices think Swiftfin (https://github.com/jellyfin/Swiftfin) is much better than the normal jellyfin app.
I haven't used this one/know anyone that has: Findroid (third party) (https://github.com/jarnedemeulemeester/findroid). Mostly because I haven't had any issues with the official jellyfin app for android, but it would probably give a cleaner experience, being native and all.
For the server, I think it's fantastic. Never had any problems that weren't a few clicks to resolve. Pretty much use it and forget I'm the one maintaining it for the most part. I wonder what issues you encountered?
Many of us bought lifetime passes ages ago though so we're not paying a subscription.
But that's not what you're paying for. You're paying for access to that software...
I know. And some of that money, funds development, and some of that development includes security.