The Service That Lets You Build Your Own Streaming Library Just Announced a Wild Price Increase
www.ign.com
The price of Lifetime Plex Pass plans will be increasing to $749.99 on July 1.

Plex has announced a massive price increase on the service’s Lifetime Plex Pass. On July 1, the lifetime subscription option will go from $249.99 to $749.99, an increase of 200%. The price hike will only apply to new subscribers, with no changes to monthly or annual subscription pricing.

  • xnx@piefed.socialEnglish
    6·
    4 hours ago

    I wish jellyfin and the apps could ship with something like wireguard setup by default so people that use the jellyfin apps could instantly watch media outside their house without learning what wireguard/tailscale is

    • LordKitsuna@lemmy.worldEnglish
      1·
      3 hours ago

      The fact that’s needed at all is the problem. Developers need to stop making monolithic structures that have access to everything ever and putting it on the user to maintain to maintain a VPN network for security.

      There’s no reason I should not be able to just use an nginx reverse proxy for remote access to my jellyfin and have that be safe. It should at worst give people a copy of my media if there’s a security issue.

      Personally I went out of my way to make this be the case, i have my instance locked into an unprivileged lxc whitelist only on syscalls which took a while to figure out the minimum needed for function but I got there. The host System is using the hardened kernel from Upstream and a series of sysctl lockdowns for example P Trace is not allowed even if you are the root user.

      So I do indeed just nginx reverse proxy my instant because the worst case scenario even if they got complete shell access to the system they would be locked into an unprivileged container that had no access to any files other than my media files but the fact that I have to go to this level is already ridiculous

      • WhyJiffie@sh.itjust.worksEnglish
        3·
        2 hours ago

        It should at worst give people a copy of my media if there’s a security issue.

        that’s not the worst possibility. the worst possibility is an RCE into your server.

        Personally I went out of my way to make this be the case, i have my instance locked into an unprivileged lxc whitelist only on syscalls which took a while to figure out the minimum needed for function but

        that’s a pretty exotic setup. Exciting, but for most people learning to manage a VPN is easier

      • WhyJiffie@sh.itjust.worksEnglish
        1·
        2 hours ago

        It should at worst give people a copy of my media if there’s a security issue.

        that’s not the worst possibility. the worst possibility is an RCE into your server.

        Personally I went out of my way to make this be the case, i have my instance locked into an unprivileged lxc whitelist only on syscalls which took a while to figure out the minimum needed for function but

        that’s a pretty exotic setup. Exciting, but for most people learning to manage a VPN is easier

        • LordKitsuna@lemmy.worldEnglish
          2·
          2 hours ago

          I am aware that an rce is the worst possibility I’m saying it shouldn’t be. The web portion is already its own isolated binary that you have to install but it’s designed with seemingly very little attention to security.

          To the point that jellyfin has already had several major RCE and despite having full support for running over the web with http developers are basically just like you should not be using this without a VPN which is overall a pretty pathetic stance for a media server