Text:
I consent to Plex to: (i) sell certain personal information (hashed emails, advertising identifiers) to third-parties for advertising and marketing purposes; and (ii) store and/or access certain personal information (advertising identifiers, IP address, content being watched) on my device(s) and share that information with Plex’s advertising partners. This data is used to deliver personalised ads and content, ad and content measurement, audience insights and product development. Your consent applies to all devices on which you have Plex installed. You can withdraw your consent at any time in Account Settings or using this page.
Soure: https://www.plex.tv/vendors/ (Might have to clear cache)
Can also read about the changes here: https://www.plex.tv/about/privacy-legal/
There are a bunch of reasons why it might be a concern, and only the least of them has to do with the legality of copyright use.
Except plex has already proven themselves willing to ban users based on their use and streaming practices, so it clearly is a liability
If you live inside the US (or a state with trade agreements with the US) and are ripping physical media to store on your server and stream digitally, you are absolutely breaking the law. Doubly so if you are sharing that media with others outside your household.
'It's not a problem because I have nothing to hide' <- you are here.
Well, if you have an issue with people knowing you use Plex at all, then... tough luck, because I hate to tell you this, but a media server needs a client and it's a vanishingly small group of people that will use either Plex or Jellyfin clients and not let Apple, Google, LG, Samsung or whatever other device is running the client software that this is happening.
I give zero craps about whether Google knows I or anybody else uses Plex via their login because they already know this form the Google Play Store, along with the manufacturer of every TV we collectively own.
And for the record I do not live in the US and the way their absolutely idiotic copyright loopholes apply here is very much in question. It doesn't get tested in court much because the times it has been it didn't go particularly great for copyright holders. Private copying owned media is a right regulated by law here and I will continue to do so. If a corporation wants to deliberate with our local courts whether my owning a drive that happens to not be super picky about on-disc DRM I don't have anything particularly intense going on this week.
Ironically, in our own dumb legal implementation we are allowed to back up movies but there is a carved exception for software, so making a copy of a game you own is a bigger deal. Go figure.
First:
but also, it's not just that they know you use plex or jellyfin, it's that they know which plex server you use and from what devices you stream from. If, for example, plex decides they want to limit the number of households can stream from a single server (like they've already done), all they'd have to do is lock or limit people's google SSO to that server. They could also report which users are associated with servers engaged in illegal activity when requested, or they could region lock their services or specific media IP's by request from copyright holders..... There's a ton of abuses that are made possible by even that tiny bit of information they share/collect.
You might not care about it, but a lot of us do. Nobody is trying to convince you to stop using Plex, we're just trying to explain why we really do not want to use it ourselves
I have no idea where you live, but plex is an american company. Plex will 100% be forced to comply with copyright takedown requests, and could absolutely penalize you for infringing on american copyright law. Could you be arrested? Maybe not. But there are still a ton of ways you could get fucked because Plex has enshittified their service and has made zero commitments to protecting you or your identity.
small thing, but in the US this is technically allowed, but as soon as you format-shift the media (e.g. rip a dvd into a digital format) it is no longer protected. It's assumed that 'backing up movies' is literally 'duplicate the media in exactly the same format it was originally purchased in'. On top of that, it's also doubly illegal to then share that media, even as a direct stream via a home server. Idk where you live but I'm actually am not aware of any country who allows for your stated use (unless you're somewhere without extradition or trade relations with the US like Russia or Cuba, because they don't give a fuck about US legal claims). Not that it's commonly prosecuted even in the US, but US companies routinely get takedown requests for that shit and Plex will absolutely throw you under the bus.
No you are not. This thread straight up opens on "why would anybody use Plex" and this whole branch is about how people don't want anybody using Google for login.
You are presenting a lot of great hypotheticals and I'll be happy to stop using Plex if and when they stop being hypotheticals. They are, though, so I don't particularly mind.
Especially because we've moved from "oh, maybe get your family to not use Google to log in" to "actually, get them to move to F-droid or install from source and do so under proper DNS filtering to stop telemetry gathering".
Friend, if people's relatives were willing to install their Plex client from source they wouldn't need anybody to host a Plex server for them. What the hell are you going on about and how detached are you from how people use software?
I swear, online... man, "posers" is so harsh, but I can't find a better word. They always pretend they are running some top secret off-the-grid operation like big corpo is coming after them specifically. Your data is probably not that tightly kept (mostly because a bunch of it probably doesn't depend on you) and it's not that much of a priority.
Oh, and while I get that you get a kick of repeating what your understanding of US law is at me, over here backing up to additional media is explicitly supported by the right to private copy. As is, implicitly breaking DRM.
Not that it matters because nobody is enforcing these at individuals for private use anyway because the rules being sought are absurd and holders know it and they just want scary tools to wave in front of individual users and to actually deploy against major sharers. You are playing out this weird scenario where a company goes to Plex to get your name as if Plex doesn't have a business built on helping you do the thing you think they're chasing you for and has a ton more money they could be sued for. It's nonsense. The reality of it is it makes you feel cool and savvy to secure your home computer as if it held state secrets.
And that's fine, but don't act like anything else is insanity. It's kind of obnoxious.
it's not hypothetical, Plex has already been banning users for various reasons, all of which stem from them having access to data about your account, connected users, and server data.
You're the only one making this complicated bud.
I was simply telling you that the US has a similar carve out for breaking DRM, but that it didn't include the use case you are describing. Just giving you a heads-up that it's a common misconception here, and it could be misunderstood wherever you are too. Chill out. BUT, even if it IS legal where you are, Plex is bound to US law and can and will ban you for breaking it.
Except Plex is enforcing it because it is excplicitly against their terms of service, and have already done so.
I'm not saying it's insanity you dipshit, i'm saying there are good and valid reasons to avoid a cloud-hosted service not within your control. You're free to disagree but fuck off with this incredulousness
No, the bans stem from the EULA. I am not breaching the EULA. Whether Plex can verify that or not is not much of a concern for me.
But to be clear, I have zero to lose here. The outcome of Plex banning me for not breaking their EULA (for some reason, which is technically possible but unlikely) is the exact same as the outcome of me dropping Plex in case they ban me. In both cases the only thing that happens is I'm not using Plex anymore.
Also, in your hypothetical Plex already knows the stuff you are worried about. The SSO has nothing to do with it. Plex doesn't need data from Google to know, they already have your personal information.
I guess adding to the list of reasons to use Plex "being berated by online randos wanting to be performatively tech savvy". Which, again, changes nothing practical, but hey.
Take another look bud.
spoiler
But maybe you don't care about any of that shit, either? Idk man the list of things you're dismissing as unimportant is really adding up.
Jellyfin has zero idea who I am or what accounts/IPs access my server, nor do they know what's a part of my media catalogue or if they are legally licensed to me. If I were to use google's SSO, then google would know which accounts/IP's are accessing my server, which isn't a huge deal by itself, but if jellyfin were to have information about my entire account and library then it would suddenly be a very big issue.
But Plex does know what's on your account, and they do limit the number of authenticated users of the account as a part of their TOS and through limitations surrounding their paid plex pass, and they have exercised their right to terminate accounts and pass personal information of infringers along to law enforcement and copyright holders. None of which is even a remote possibility with a completely self-hosted solution. But hey, if you're happy then more power to ya.
You are correct, I don't care about any of that either. And I know about the boilerplate. Bud.
You need to agree with yourself about what you're arguing. Are you saying that the problem is the SSO or Plex?
Because if Plex will go tell on you it will do it based on the data they have internally, not based on any data captured by the login flow, so the SSO is not additional issue compared to using Plex without the Google login and using the email login instead.
And if you're arguing that the SSO is the problem and not Plex which you indignantly reminded me is what the thread was about, then you're arguing against yourself, because it sure seems we agree that if Plex is going to take any action against you illegally sharing files through their system (which, by the way, they are legally obligated to do) it won't be due to the Google login at all, which is just a bit of convenience and doesn't seem to provide anybody with any data they don't already have.
Once again, you are super keen on playing up hypotheticals. Once again, the biggest issue with those hypotheticals is that Plex boots me out... of Plex. I am not doing anything illegal with it or even breaching their EULA, including the paragraphs you quote (not that something being written down in an EULA makes it applicalbe, but still). I will bite that bullet and live with Jellyfin's implementation if and when that happens. Which it likely won't.
There's a problem with SSO's and there's a problem with Plex. Go back and read the conversation - that's not the problem with plex, it's a problem. Someone said they don't trust google login, and you were indignant about why that might be, and I was exceedingly patient with explaining why it's a problem. I like that jellyfin does not provide a google SSO, because I can choose a better, less invasive one as a server admin. I've not said anything contradictory here, you've just been willfully misreading shit.
just fucking read the words I so kindly found for you in the TOS (not that it fucking matters if it's a tos or a eula anyway). It's also not a fucking hypothetical, Plex has already been exercising this. But I don't give a fuck if you're concerned about it, i'm just telling you why so many people are taking issue with it. And given that they've already demonstrated that they collect detailed data about your personal library and watching habits, it is certainly not out of the question that they could now sell that data as a part of their new privacy policy.
Unless you live in a country without a copyright agreement with the US, you are absolutely liable under this. I have no idea if you do or not, but I'd venture a guess that most people here do. Good for you if it doesn't apply.
I don't give a shit what software you use.
I have absolutely not been willfully misreading. You can't argue that the guy saying he has a problem with Google's sign-in specifically has a point and also say that the data mining happening within Plex is WAY more intrusive. If the point is whether giving Google this data is a problem it must be worse than using any of the other sign-in options. But it isn't. Your data is as widely available one way or the other. It is reasonable to think Plex's visibility over your server is too much, I accept that, particularly if your use case runs afoul of their EULA...
...but then you can't tell me "I don't trust Google", unless your argument is you trust Plex more for some reason. Which you shouldn't. It just doesn't follow.
Oh, and they do sell your data for advertising. There's an opt-in for it, though. Since we're talking about legality, it'd be a punishable offense for them to sell your data without your consent, which is why that's there, and they do need to tell you what data they collect if you request it.
And no, I am not liable under US law. There is a treaty that requires both parties to meet those requirements, but US law isn't directly applicable over here. What is applicable is our own legislation made to comply with those trade agreements. Which includes exemptions for private copy.
As far as I and every piece of legal advice I've seen about this knows, anyway. If you have a source for how apparently US law is directly applicable to any country they have a trade agreement with feel free to point me to this insane new paradigm of international law, though.
Those are not mutually exclusive statements. In fact, mostly it just makes you an idiot for not having a problem with either.
It is worse than an auth method that isn't maintained by a known data whore like google. It's substantially worse when you're using it with another data whore service. For those of us who administrate remote services and care about not being beholden to google's data addiction, it is absolutely not a good thing to provide it as the default auth method, which is what the OP was saying. Even if jellyfin included it, I would immediately disable it. Especially since, as a server administrator, I have a vested interest in keeping the activity of that server private. Even if the specific details of the media on it aren't exposed, I don't want any party with conflicting interests to my own to know what users are associated with my server. Just having a dozen or so users connected through jellyfin to my IP would be enough for a motivated legal entity to look at me, and I have more than just a private media server to worry about. Is it likely to happen? Probably not. But why would I even risk it?
I don't have a source for you, but typically using a US-based platform can give US authorities a jurisdictional hook, especially if the rights holders are US-based or can show commercial harm. That is why US based web services are extraordinarily strict with all of their users, even those who live outside the US. I'm not even saying it's common, just that it could happen. I seem to remember operators of p2p services getting nabbed at customs while traveling back in the day - it wasn't illegal where they were, but it sure as fuck was in the US and they were extremely interested in putting the kabash on it.
No question that plex is a more convenient service, but if you have the tech literacy to manage something that's completely private that is only marginally more complicated, why the fuck wouldn't you? Then again, maybe if you think you're more tech literate than you are, it doesn't seem all that simple.
Man, you keep thinking that taking digs about how it's all a skill issue is either an argument or an insult, and I keep reminding you that even if there was a skill issue at play (and there wasn't), being hard or annoying to use is the actual problem. If your UX allows for skill issues in making a straightforward setup run then it's a UX issue.
Also, me using Plex to host copies of my own media legally is not the same as operating a P2P service. But if it's any consolation I have no intention to set foot on that hellhole anyway, given that US authorities seem to not need copyright overreach to throw you in a room with no windows indefinitely these days. Good luck with that.
Oh, and yes, those are mutually exclusive. Or mutually inclusive, to be more accurate. If your concern is the govenrment overreach implications of having a portion of your data leaked, worrying about a smaller leak along the way of actively generating a larger leak is entirely pointless. Conversely, I'd argue that if you have a dozen users and are terrified that the cops are going to come and raid the... I'm gonna say meth lab you're running on the side, we're back to the conversation about how cool you are with that dozen users having their Jellyfin clients running on a bunch of Android devices, Smart TVs, Windows boxes or whatever else.
Again, I keep struggling with the irony of this weird position having entirely bought into the narrative that self-hosting media is inherently illegal or dangerous. I came into this argument from the UX angle, you guys are increasingly convincing me that a significant disincentive for self-hosting to become mainstream is that its entire community is convinced that they are doing something wrong, apparently. It's not that I hadn't noticed how central to the whole thing a bunch of P2P-specific paraphernalia happens to be, but I wasn't ready for the gatekeeping to come with a side of edgy 90s we're-so-bad hack-the-world stuff.
I'm not explaining this to you again. What you described is not legal on a US hosted service like Plex, and even most other countries with DRM exceptions for personal use do not include sharing outside your immediate household. Even if it's perfectly legal in your country, and the US can't touch you where you are, Plex is still obligated to abide by US restrictions. Good enough if that doesn't bother you, but it isn't completely without risk and you should be well aware of it.
What exactly does "government overreach" mean in this context?
Using Google SSO independently is bad. Plex independently is bad. Using both together is worse. Using either while also breaking the law, when there's a perfectly acceptable way to do neither of those things and still just as easily break the law is a whole lot better.
I'm just not a dumbass. Having a dozen users log in without any of them publicly pointing at me or my server IP is a hell of a lot safer than letting a private service log every sign-in and stream event of the server, and then letting a separate private service link those users to accounts with detailed personal information. Those people can install jellyfin on their phones and tablets all they want - google wouldn't know what servers those clients are connecting to anyway. And even if they did, my server is not associated with my personal details or ISP-assigned IP address. Maybe you just didn't know that, idk.
Using a google SSO isn't a prerequisite for self-hosting becoming mainstream. Maybe SSO generally is, but there are a dozen other ways to achieve the same thing. Maybe I don't care if it becomes mainstream? Maybe what I actually want is for people to learn tech self-sufficiency so that we're not indefinitely reliant on SAAS. Maybe i'm content with my special little hobby and I'd rather point and laugh at people who get fucked over by services they delude themselves into believing won't ever screw them, just because they can't be bothered to learn a new skill.
If you're as concerned with self-hosting becoming as mainstream as you claim you are, then I'd imagine you'd be more concerned with the late-stage capitalist reality of media distribution and the increasingly restrictive laws surrounding its use. Where I live, the legal structure that protects the right to self sufficiency is very much under question, and continues to get worse. I got burned several times in the napster/limewire days, before it was established precedent that sharing digital copyright material was illegal, and unheard of still that anyone actually got punished for it. I know better than most that you can't count on those protections indefinitely.
But as an anarchist, I think a little bit of crime is good, actually. More people should be doing crime. But if you're gonna do it, do the rest of us a favor and don't be a dumbass about it.
You are saying many things about the legality of this, especially internationally and regarding what Plex is or isn't obligated to do, that are a bit of a stretch. But man, are they put in context by the admission of left wing cosplay there at the end where you concede you do think "a little bit of crime is good, actually", which explains a lot of the hack the world mentality and why you feel so cool and dangerous by sharing some torrents you got with a slightly larger group of people than your direct family.
I still do think that's counterproductive if you ever want a scenario where the late-capitalist media distribution landscape gets at least a modicum of competition from more reasonable and sustainable alternatives. That you prefer to feel edgy than to propose a viable scenario for that is all well and good, but I wish you didn't feel the need to do that at people.
For the record, you are still wrong about SSO. Again it makes sense that if you're cosplaying cops and robbers "this thing bad, this thing bad, both together worse" sounds reasonable, but if you really were at risk of any real legal liability that's really not how that would play out. In the real world ANY leak of that information from any source would be an absolute problem. So the Google login could be a problem by itself, and the Plex data gathering would be a much bigger problem by itself, but both together would just mean you are exactly as screwed as with just one.
But you think it's cool to crap on Google (which I guess it is) and are cosplaying, so that's a cool thing to perform outrage about even if it doesn't really matter in this scenario. Which I'm increasingly realizing is all this conversation is about, from the "I'm so good at networking and system administration" braggadocio to the "I'm such a dangerous anarchist criminal that doesn't give a crap about the rules because I'm so good they can't catch me" stuff.
FWIW, I do care about self-hosting as a viable commercial alternative and about a legal framework to support it, but even if I didn't think it was possible (which it is, and some people at least are working along those lines) I am not ready to give up on the changes required to get there just to feel cool on the Internet. You do you, though, just... try not to scare the normies away. Not that there are any normies around here anyway, so I guess we're safe on that front.
That's almost exactly what I was saying, except that using both actually increases your risk just by capturing more detailed logs of your server activity and the associated accounts. Your users could use anonymous usernames or share login credentials if they wanted to without it, but being forced to use google SSO means each user is personally identifiable even if they're protecting themselves otherwise. It's the same reason I would never use google's SSO for another web service if I had an alternative, even if for something completely innocuous. Why give them extra information about my web activity and tie it directly to my verified account, even if it's something trivial like what plex servers i use or how I'm watching my media and on what devices?
But mostly my point was that using google's SSO by itself, with your own self-hosted server is dumb because it unnecessarily exposes you where you otherwise would have been fine. That was the whole point of this conversation - not that plex was specifically bad because they used it, but that it isn't a desirable feature for plex or for a self-hosted alternative. Maybe you just misunderstood that, idk.
Where I am people are being black bagged for less than just breaking DRM. I could be disappeared on my way to work tomorrow just for saying something silly like "from the river to the sea". Maybe you're privileged enough to feel secure in your legal standing, but that's not one that I share. Like I said, i've gotten burned for using napster when I was young and dumb, and I thought I was safe then, too.
For most people this side of the pacific, ripping DVD's for personal use is not legal, and streaming them to others is even less so. Any service hosted within the US is subject to that law. You being outside the US but using a private service hosted within it puts you squarely within that jurisdiction, but since you fancy yourself a lawyer, and since IDGAF anyway, i'll let you mull it over for yourself. If all you're afraid of losing is access to your plex account then all the power to ya. I just don't agree with that value judgement.
I'm honestly not sure why you feel so cavalier about your data privacy. If you're really one of those 'i've got nothing to hide' folks, I have a larger gripe with you than what a silly 'plex vs jellyfin' debate can cover. It's incredibly shortsighted and normalizes apathy and complacency. There's no reason to be exposing your private server usage data to private for-profit companies, especially when that activity is already borderline legal at best. My actual fear is that plex gains mainstream attention and comes under legal scrutiny. we go through another tightening of the screws because our bloated media market is bleeding and dragging the rest of the stock market down with it. That's what happened with napster and the record industry, and it'll happen with streamers and plex if we're not a little more discrete.
Yes, rip your dvds. Yes, share them with whoever you want. Go pirate some animes or download a car, IDGAF. But don't pretend like you're somehow safe from punitive copyright action just because you're off in Greenland or whereverthefuck. You'll end up teaching normies bad habits and poor judgement when it comes to protecting their data privacy.
Again, just don't be a dumbass about it.
Well there you go. I would really rather self-hosting not even be commercial.
Lmao yes look at me and my data hygiene, you'll never be as cool as me. It's clear that you have some misgivings about FOSS as a concept, I guess you can feel good about donating your money to a for-profit entity as a way to stick it to those hippies. God forbid I had tried selling you on linux in this thread, that could have really snowballed.
I mean, my Plex server is on a Fedora machine, it seems to be doing fine. I have gotten into arguments here about how frustrating it is that Linux advocates pretend every usability problem for Windows users is solved and that "just use Mint" is a valid solution to that issue. If you want to know how that goes, it goes a lot like this conversation.
On topic, using any external login or remote access third party service for your self hosted services is a significant change in how much info is not controlled by you, nobody is arguing that. There's a conversation to be had about whether that's worth it for most users. Like I said earlier, is it a good thing for Home Assistant to provide a paid subscription service that will handle that for you? For most people I'd say yes, it's still a much safer, more flexible alternative to Google's or Amazon's ecosystem, so why not? Baby steps.
But if you're already using a commercial service that already has a proprietary login then no, it doesn't matter. Plex already knows which clients go to your server. It does not need Google for anything here, having Google's SSO doesn't give them any information they already have. It does give that to Google, but if your concern is the cops are going to bang on your door for all your illegal pixels that you stream then you're just as boned. It's borderline irresponsible to pretend otherwise.
As for the "I have nothing to hide" thing... look, if you want to have this argument with someone else go pester them instead. It's not "I have nothing to hide", it's "this commercial service that I use does something that is legal and I intend to both take advantage of that and defend my right to own my media". How you get "I have nothing to hide" out of that is your own pretzel logic.
I have a right to store, backup and access my own media and to keep a copy of it for private use. I will exercise that right regardless of how many US corpos pretend that hey own the very concept of showing video to people. I am doing nothing illegal here and of the perfectly legal software options to do this perfectly legal thing I chose the one that had better usability for my family to be comfortable using it. This comes at the cost of an external service storing some of our data, just like our Netlfix and Disney+ subscriptions do, but since I'm not keeping a media server performatively that is a tradeoff we have made on a bunch of places because not everybody who lives here is willing to do homework to be able to use their devices. That cool with you?
For the record, I don't have any misgivings about FOSS as a concept. I do have remarkable contempt for people who want it to keep being a minority option because they like being in the secret treehouse and don't want everybody else learning about it. Widespread, successful FOSS doesn't look like half-baked UX and hobbyist programmers working for nothing in their spare time, and I would certainly like to see a landscape where alongisde hobby projects we have a solid stable of financially sustainable professionally made open source alternatives that anybody can get into. Jellyfin isn't even the worse offender here. If nothing else it's frustrating because it could be a more approachable sustainable alternative in the vein of your Blenders or Home Assistants... but it's kinda not, and that sucks.
Yes, that was the joke
There are so many differences between HA and Plex that it's almost difficult to pick which one is most significant. All i'd say is - if plex was at all the same as HA, I would have zero problem with it. If jellyfin adopted HA's model of paid development, I'd be thrilled. But HA's strategy is actually pretty unique, it'll take time for that structure to be stress-tested and propagate.
Yea but not really - google accounts are usually pretty specifically identifiable to a person/ad account/collected internet and device activity. Might not be a big deal to you, but having those things tied together is problematic on a number of levels. You can self-host an SSO, and you can also have a security-focused third-party SSO - both would be marginal improvements over using google's auth system in terms of privacy.
Yes, 100%. If you're at all concerned about privacy, plex is a terrible idea, with or without SSO. I'm glad you agree.
"What i'm doing is perfectly legal so it doesn't matter if they have my detailed data". You're not hiding it because you think you don't need to - that's exactly the argument you're making. Every step toward data privacy is valuable, even if your total data hygiene practice isn't perfect. It still matters.
Good for you. Most of us do not.
Neither am I, but I guess I do feel quite passionately about keeping it private and I'm not shy about advocating for the practice. Probably for the same reason you're very tight lipped about what country you're from - you don't necessarily think you'll get swatted if you do, just that it's a pointless detail to share with strangers if you don't have to. Most of my family doesn't care enough about not using netflix or disney+ that they're happy to keep using them if my offering is too complicated. I'm happy to help them set up and learn how the server works if they're interested, and a number of them have become enthusiastic self-hosters themselves as a result. If I was operating a mission-critical service on my server then maybe i'd care more about minimizing UX friction but since it's not, I'm happy with prioritizing privacy and control over polish. That's a pretty common mentality for a server administrator - i'm not running a SAAS here. At most I'm just the enterprise IT manager trying to keep the office slack channel running.
You can say that, but boy oh boy is that hard to believe. You certainly don't think FOSS is worth any level of inconvenience. Looks to me like you're the kind of person who wants the best tool for every job, regardless of if you could get by with a middling one that supports a FOSS project. That's fine. I use adobe products for work because I can't really get by without it, but I still use GIMP or Inkscape when I can and I support those ecosystems with my time and money because it draws more people in. And I actually do want my FOSS tools to be built as side projects, at least at first. There's a place for polish and professional support, but a lot of this stuff needs to be built out and tested before that kind of thing happens. A lot of these projects act as beta testing for forks that will end up doing one thing really well to a high level of polish. Having a product that's maybe a little complicated but extremely accessible from a configuration standpoint lets more tech-minded people build on top of them and work toward more polished solutions.
But I certainly don't find VC backed projects entering into the FOSS space as a good thing. Maybe that competition drives positive movement in the open-sourced ones, but usually they turn out to be 'embrace, extend, extinguish' projects. Like, I don't think meta's Threads is a positive thing for federated social media, even though by this logic they are making it 'more mainstream' by their adoption of activitypub. There just isn't a way to separate the product they produce from the economic model they operate under, and plex has chosen a model that inevitably leads to enshittification and walled-off content gardens.
I just don't see any reason to blow smoke for plex. Their UX is fine (great, even), but they're doing basically everything else wrong. They're reliant on VC capital, they're collaborating with private media and tailoring their TOS to protect copyright holders, they're collecting data they don't need and forcing features that reduce privacy, they're changing their privacy policies to enable data sales and monetization, they're bait-and-switching users by placing popular free features behind paywalls, they're banning lifetime paid users for perfectly legal use of their services.... the list goes on and on. At some point, a company like Plex crosses the line from 'reasonable profit-seeking' to 'actively user-hostile', and I think they've already crossed that line. Maybe you think their UX is worth the abuse, but I certainly do not - not when there's a perfectly fine alternative that fits my needs and more.
Well, hey, there we agree, then. I'd say that the setup for HA is actually fairly Mozilla-like, and people don't seem thrilled with THAT, so it wasn't a given you'd agree. Plex certainly isn't that. For one thing it's commercial and closed source. But crucially HA's commercial branch WILL have a bunch of your data, including voice processing and login info, if you do buy into their paid subscription service.
As for the rest of the argument, most is redundant so I'm not gonna go through the loop again, I am actually busy. But I will add a few things. For one thing, whether I think FOSS is worth "any level of inconvenience" is irrelevant. I do, and I do live with the inconvenience in some cases. But if the goal is for FOSS to be mainstream and a primary choice (and it can absolutely be, there are plenty of examples), then it doesn't matter what I think. The reason the privacy tradeoffs make sense for Plex is that Plex is an app your family is likely to use. Mine does, and they sure won't put up with bad UX for the sake of using an open alternative. OBS didn't crush Xsplit out of the market because of ideology, it did it because it became more powerful, usable and reliable.
And let me clarify I don't "blow smoke for Plex". I opened this whole subthread by saying I wanted to use Jellyfin (hence all the testing we've been nitpicking about) but couldn't justify it. I've said this above. I'd drop Plex in a heartbeat if Jellyfin was just as good to use for me and the rest of my household. But it isn't. There's no reason to blow smoke for Plex, but there is a reason to not delusionally pretend that open source alterantives are better than they are. You're not going to gaslight normies into using them that way and the complacency just makes it less likely for them to succeed at what they're trying to do. It is, after all, the year of Linux desktop.
It would be great if JF did something similar, but I think they don't specifically because they'd be liable for their users illicit use of it. That's basically the whole reason OSS streamers exist. Plex started out that way, but when they decided they wanted to compete with the big boys they were forced to lock it down more to protect themselves against legal challenges. That's why I think you're kidding yourself if you think it's a long-term solution for streaming ripped media. That'll only last until copyright owners decide to push plex to take action against it.
I don't think that should be the goal - FOSS as a model will never outcompete for-profit corporate models. IMO the goal should be to encourage people to learn the minimal amount of tech self sufficiency so that they can choose FOSS when they need it, rather than pushing FOSS to become OSS, and then eventually just SAAS. Firefox is a good example of what can go wrong with chasing mainstream adoption. There's a place for projects like Plex, but im pretty adamant that those should be halfway solutions more than end-goals. I'm fine with leaving that as a disagreement.
Nobody is saying JF is easier to use than plex, we just prefer the flexibility and privacy and aren't bothered or slowed down by the complexity. That's fine. You just have different priorities than the rest of us. I'm glad there's an option for you.
I think your read on what people typically do with Plex probably doesn't align with reality. I also think in the end you're way less optimistic about the potential of open source software than I am. There are multiple areas where OSS options are either dominant or very competitive, but I am also clearly way less picky about how that gradient of openness to commerciality than you are. We can agree that it's fine that there are options for both or all steps in that gradient, but there is a ton of snark and all-or-nothing attitude in that community as well.
I will say that If you have a commercial option like Plex and a couple of open alternatives (say Kodi and Jellyfin for the sake of argument) I would prefer one of those to have the type of UX that can compete with the closed commercial product because you can compete with open alternatives.