“I can see that one of my friends is apparently watching a ton of cheesy, soft porn stuff,” a user said of Plex’s Week in Review email and Discover Together feature.

Many Plex users were alarmed when they got a “week in review” email last week that showed them what they and their friends had watched on the popular media server software. Some users are saying that their friends’ softcore porn habits are being revealed to them with the feature, while others are horrified by the potentially invasive nature feature more broadly.

Plex is a hybrid streaming service/self-hosted media server. In addition to offering content that Plex itself has licensed, the service allows users to essentially roll their own streaming service by making locally downloaded files available to stream over the internet to devices the server admin owns. You can also “friend” people on Plex and give them access to your own server.

A new feature, called “Discover Together,” expands social aspects of Plex and introduces an “Activity” tab: “See what your friends have watched, rated, added to their Watchlist, or shared with you,” Plex notes. It also shares this activity in a “week in review” email that it sent to Plex users and people who have access to their servers.

This has greatly alarmed a wide swatch of Plex’s user base, who have blown up the Plex forums, the Discover Together blog post comment section, and Reddit with posts about disastrous overshares created by the feature. A sampling of posts: “Discover Together and Week in Review emails are a MASSIVE breach of privacy and trust!,” “Security breach: Why is my friend receiving notifications to rate movies I’ve watched?,” “Weekly review emails data leak,” “Plex crossed a line with ‘Your week in review’ emails today.’”

The feature is opt-out, meaning that many people were very surprised to get these emails and see this feature, as it’s up to users to proactively turn it off (instructions here and here).

“I can see that one of my friends is apparently watching a ton of cheesy, soft porn stuff (think classic ‘skinemax’ fare) from some server (it’s not mine) or Plex channel, and I am 100 percent sure they would be mortified to know that I know this,” one user wrote on the Plex Forums. “Now replace this friend, who’s just enjoying their downtime with some cheeky T&A, with a teenager who may be having difficulty figuring out feelings about their sexuality and are just trying to explore by watching LBGT dramas to see if anything there resonates or can help them figure things out. Suddenly, one of their intolerant friends or parents gets a detailed email report with a cheery title listing every little thing they’re watching…This is a dystopian nightmare of a feature and I honestly can’t believe it’s been rolled out as opt-out like this. SHAME ON YOU, PLEX!”

“I wonder how many people just had their week’s porn selections emailed to their Plex friends,” another user posted. “I just got an email about a friend’s watching habits which he definitely didn’t want to share. He insists he’s never opted into any data sharing, but…it went out anyway.”

“I’m sure there’s a certain percentage of people who want to know what kind of porn their grandma likes, but I’m hoping it’s not the majority,” another posted.

Otto Kerner, who is a moderator of the official Plex forums, said that porn viewing habits would only be shared if Plex can make a “match” of the media with online databases like IMDb. “Many pr0n titles are either not listed there at all [sic],” Kerner wrote. It’s worth noting, however, that there are many adult titles on IMDb.

There are hundreds of posts about the issue on the official Plex forums, many of which point out that many Plex users chose to use the service in the first place because it is a “self-hosted” alternative to streaming that many people go into believing they will have more control and privacy than is offered by Hulu, Netflix, and other streaming services. Plex is also used by many users to play and stream files that they have illegally pirated (the ability to do this is largely behind the initial popularity of Plex), though the company has been trying to move away from the perception that most people are using it to play pirated content. “The fact that this data is available to you AT ALL … That is just … Mind boggling, and completely against the very notion of self hosting,” one user wrote. “I feel betrayed that was done without telling me that this data was going to be collected. Let alone acted upon. It’s dangerous. Certain entities would LOVE to have that data…which could mean jail time for some.”

“The ‘See what your friends are watching’ will be great for all the people with secret porn libraries. Or when you start watching a Jan 6th documentary, and you see Aunt Becky start commenting about it being part of a satanic conspiracy,” a commenter on Plex’s blog post announcing the feature wrote. “I can also say that not one person I have talked to has ever liked the idea that I can see what they’re watching from my server.”

Plex did not respond to requests for comment sent from 404 Media. Plex employees have been posting regularly in the forums explaining that people can opt out of the data sharing, and have also said media watch “sync events,” which it uses to track viewing history, do not tell the company the nature of the file played: “There is no way to know whether something being ‘watched’ occurred because you went and saw it at the theater and then marked it on the Discover page when you got home, you watched through a personal Plex Media Server Library, or anything else.”

  • @AtariDump
    link
    English
    11 year ago

    It’s easy to get started; not as easy to maintain.

      • @AtariDump
        link
        English
        1
        edit-2
        1 year ago

        Saving data outside containers so that updates don’t hose said data.

        Only updating one project’s container at a time and not all of them.

        Backing up data.

        And the fact that there’s no good GUI I can install on windows (without WSL) to manage a remote docker system.

        • @[email protected]
          link
          fedilink
          English
          01 year ago

          I’ve never had issues with their data. Logs, configs or media. Just set up the volumes and you’re done afaik.

          Updating single container can be done with a simple pull and recreate or with compose by having a single docker thing on that particular compose file. Not that I’ve chosen to do that, many services are simpler since a lot of them work together anyway.

          Backing up should be as easy as backing up anything. Put all your docker configs in the same location, save the compose file(s), check that the paths are same in new system and you’ll be up and running.

          • @AtariDump
            link
            English
            11 year ago

            It’s tough when the directions leave out making a folder outside of the container to store configs. That’s burned me once.

            I’m not looking to update a single container but a single project’s container; just because I want to update project A’s containers doesn’t mean I also want to update project B’a containers. The only instructions I’ve found update all projects at the same time.

            I’m not so worried about the config files as I am worried about backing up the data inside the containers being created from data outside the containers.

            • @[email protected]
              link
              fedilink
              English
              11 year ago

              It’s tough when the directions leave out making a folder outside of the container to store configs. That’s burned me once.

              It seems to be step #3 here https://jellyfin.org/docs/general/installation/container/

              I’m not looking to update a single container but a single project’s container; just because I want to update project A’s containers doesn’t mean I also want to update project B’a containers. The only instructions I’ve found update all projects at the same time.

              If you’re using docker compose, put them into a different compose file. Then you can manage them separately.

              I’m not so worried about the config files as I am worried about backing up the data inside the containers being created from data outside the containers.

              Data inside the containers? All the important and necessary data should be outside of them. That’s sorta one of the big points. You shouldn’t have anything changing inside them.

              • @AtariDump
                link
                English
                11 year ago

                I appreciate that; I wasn’t talking about Jellyfin. A different project.

                It was a general gripe about Docker in general.