In todays episode of “Plex enshittifies” Plex employee breaks ToS.
Source: https://forums.plex.tv/t/fake-reviews-on-play-store-by-plex-staff/917736
In todays episode of “Plex enshittifies” Plex employee breaks ToS.
Source: https://forums.plex.tv/t/fake-reviews-on-play-store-by-plex-staff/917736
Not that they’re really an issue unless you are exposing your server to untrusted clients. You shouldn’t be putting your servers on the Internet anyway, use a VPN.
I see this so often and nobody ever seems to realize that local/home VPNs use upload bandwidth, which for some is in dire low supply. I can’t have 4 full-time users using my upload connection routing through wireguard, when all 4 stream videos throughout the day. And that’s just 3rd party services like YouTube and Twitch, not plex. Then you add in two additional, off-site users who want to watch something with me on plex, and we are all given ~1.5 megabits a piece of a 10meg upload pipe over here. Mmmm, crispy pixels. ‘you can just use some IPs in wg so you don’t need to tunnel all data, just what you need’, they say, and I rebuke by showing them my dynamic IP address. ‘ask for a static one’ and they haven’t offered that for years besides enterprise customers.
And that’s before I ask everyone ‘so everyone download wireguard and scan your individual qr code, or I will send you the config file’ and everyone but a single user just hears the ocean. Then I need to teach them about VPNs, why we use it, why plex doesn’t work when the little lock isn’t showing on their phones, why ‘I had the lock in the corner but I couldn’t make a call or get online, so we are all getting [thing you don’t like] for dinner since I couldn’t ask’. Then I have to troubleshoot and tell them to toggle it off and on again…
The we get to the bit where they try to cast to the TV, and the chromecast is like ‘lol wtf is a VPN’ and we are back at square one, everyone hates me, I hate everyone right back, all changes from this experiment get reverted, and I lose credibility.
VPNs are useful, but I rage at people who assume they are a blanket solution for all situations and use-cases. And often, the people suggesting them are smug, like they have found something that nobody knows about and are superior because their situation doesn’t color outside of the lines.
Damn that was nice to vent. Been bothering me for way too damn long.
…and everyone but a single user just hears the ocean.
“I’m sorry I made my collection of movies available for you to watch for free, I’ll make sure to never do anything like that again”
I’m sorry, but this made me bust laughing. This is dead accurate for a few people in my life.
And this is exactly the type of support a lot of people just don’t want to do (including me). And the options really boil down to settle for supporting all this, or the risk of public access to unauthenticated endpoints.
They could just fix the endpoints and it’ll be a non-issue. But they won’t because “backwards compatibility”.
There are even other options that I can pre-emptively offer… but they all SUCK.
You can whitelist ip access… ISP ips rotate and are dynamic.
You can setup crowdsec and/or fail2ban… until a user fails to login a few times in a row because users are users and get themselves banned, now you’re back to support role.
VPNs already covered ad nauseam.
There are options… they all suck, especially when the answer of JUST FIX THE ENDPOINT is sitting right there.
Upload is upload. It doesn’t matter if it’s over the plain Internet or over a tunnel, you’re still uploading roughly the same number of bytes per second.
You didn’t read anything I said, I see
Tunnels have overhead. MTU overhead itself can cut 5% of your total bandwidth as a default (1500 -> 1420). Forget all the side-channel control stuff.
MTU itself is an interesting issue for wireguard. It defaults to 1420, which should be fine in most cases as the default is 1500 for most ISP connections. But there are interesting cases where you need to go less… If you try to cram a 1420 MTU packet down a 1440 MTU ISP connection (you need 28Bytes overhead minimum, so would need 1412 in Wireguard in this case)… you’re rewriting a fuckton of packets and splitting tons of data that can ruin your connection speed (halving immediately).
I have seen some people recommend 1384 MTU before… The lower you tune this for compatibility the less speed you get.
Once again though… this is way over a normal users head. And likely even over yours since you don’t seem to recognize that this is happening and that it isn’t byte per byte the same.
You should expect wireguard to lose you 5% speed minimum… with other issues potentially making it worse.
Edit: clarification on a sentence cause the wording was bad.
No VPN apps for TVs. You know, the most likely thing older people would want to use to access your server to watch movies with.
Edit:
And the fact that many endpoints are completely unauthed…
My router (more accurately its software) has VPN support, using it for the whole network. You might be able to find one
Sure… but now you’re supporting their whole network because you need the vpn in place. It quickly becomes a whole thing of support just to let your cousin’s kid watch some old shows you have in your library.
Or if the my Internet goes down, now my relative’s Internet 7 states over stops working.
Well I was taking it gracefully as a split-vpn. But yeah it’s a fair question to have if it’s misconfigured, or relying on something in your network (Eg, maybe you also setup a pihole and they lost DNS resolution due to vpn going down.) God knows with these random half-features that many consumer “routers” that are out there.
Depending on their router and how much IT labor you care to do for these people you can actually configure a site to site VPN tunnel. All traffic for a particular address range will get routed through the VPN automatically.
It used to be a high end feature but it’s made it’s way into general routers since it doesn’t really require many resources and it lets you label it as having more home office features.
I do NOT want to support my MIL’s network which is 3000 miles away. It simply will not happen or work for either of us. Until Jellyfin has a decent way to support remote users, I simply cannot change her over.
If Plex folded or somehow forced my hand, I would just kick off all of my family and use Jellyfin on my local network. They’d hate losing access, and I’d hate them paying $$$ for a thousand streaming services, but at this point, that’s what would happen.
Amen.
Honestly, you’re supporting a chunk of her network by being a media provider in the first place. “It won’t play” doesn’t usually come with an assurance that it’s not a device or network issue.
Neither plex nor jellyfin seem remotely worth the effort to provide to others in my opinion, I just felt like sharing that there are ways to afford network protection to locked down devices.
It’s much easier for me to manage if it’s a file issue though. It’s much more difficult to manage an actual network 3000 miles away, especially if something actually goes wrong. Basically, “it won’t play” can be checked locally. If it doesn’t play locally, I’m happy to fix it. But I’m not about to troubleshoot her network issues for her.
Saying I’m “supporting a chunk of her network” is like saying Netflix supports a chunk of their users’ networks. It’s just not true.
Okay. You’re still doing tech support either way. I have no way of knowing how much free tech support you’re willing to give, hence my caveat of how much you’re willing to support them.
Netflix would disagree. People feel like they’re supposed to be getting access to a service, and if they’re not getting it they’ll complain to the nearest party to what isn’t working. In this case that’s you or Netflix being asked questions about why the router isn’t working.
That it’s wrong or irrational has nothing to do with who’s getting asked the question, and who’s the first line of troubleshooting when the service doesn’t work.
If people didn’t ask the wrong people questions, Netflix wouldn’t need support articles on how to reset your router.
Yup already addressed this in another thread.
You have to take on supporting them now… supporting family is just like loaning money to family… or renting to family… or anything else with family. Stressful.
But even silly problems like what happens when their wireguarded phone connect to the wireguarded home wifi vpn… I can’t imagine that it wouldn’t cause problems that you’re going to get blamed for.
But even then this is still jellyfins problem. It’s clear the platform is MEANT to be public, otherwise there would be some integration with these other features that just don’t exist.
I’ve got no real care for jellyfin one way or another, just sharing that there’s ways to make the network obey.
I think giving people access to my media server is asking for too much trouble personally. Now you’re dealing with forgotten passwords, people using your bandwidth at weird hours, and you basically become the media fairy, responsible for finding whatever it is people want, and then dealing with their issues when their device can’t codec at it for whatever janky reason.
I’m good at setting boundaries with family so it’s not stressful, just more annoying than I want to deal with.
That’s difficult when most smart TVs / TV boxes don’t really have a VPN option.
Plex works just fine without a VPN.