Call it survivorship/selection bias if you want, but basically every hack I’ve been exposed to is from centralized servers getting exploited that serve millions of people. Plex, along with any other public facing service with lots of users, receives targeted attacks constantly. All my server receives is automated bots looking for 10-year-old Wordpress .php exploits (I don’t even run php on my server).
Yeah, I’m not really worried about it. I changed my password and moved on. It’s just that hackers have every reason to try and exploit Plex, while individual servers are hardly worth someone’s time and effort to go after when the payoff is maybe 1-2 usernames and emails
If you have a static IP, or dynamic DNS set up, you can set up your own remote access with a reverse proxy like nginx. The nice thing is I get to use my own SSL certificate and all the actual streaming goes directly to my server, not through their proxies.
The only “hacky” part about it is that the Admin dashboard shows “Not available outside your network”, even though everything works perfectly.
The security thing is ironic because my personal Jellyfin server (nor anything else on it) has been hacked, but Plex itself has had their database leaked recently. It’s actually the main reason I switched because I don’t like their auth servers being a giant common target. (Also, technically it theoretically means Plex employees can just let themselves in to people’s private servers)
They just want Sam Altman to run a filesystem integrity check, what’s so hard to understand? /s
Lol, this is news? Where have they been the last 15 years?
In other news, the sky is blue.