It’s a nice journey, and you can also start to look into proxmox for self hosting things. It really feels amazing to have your own little lab of stuff rather than using the public web for all services.
if you’re a developer, there’s a very easy and practical way of testing this without trusting anyone’s (not even Google’s) word:
compile the most basic of flutter apps or some demo and see if the app makes any kind of request to the internet.
edit: a single web search reveals that Flutter has indeed Google telemetry enabled by default. developing your web searching skills is a good habit for developers.
edit: a single web search reveals that Flutter has indeed Google telemetry enabled by default. developing your web searching skills is a good habit for developers.
I already know this, just flutter config --disable-analytics solve this problem.
But there are more than this. For example, Flutter itself doesn’t work correctly. It needs the Android SDK (that is installed separately). And with this you need to accept the licenses and other stuff. That’s the point.
compile the most basic of flutter apps or some demo and see if the app makes any kind of request to the internet.
Needs to be either a percentage of yearly gross revenue averaged over the last 5 years, or a multiple of whatever they stood to gain from the policy (not just the individual plantiff).
Whichever is higher.
And don't let them write it off. You still have to pay taxes on the fine
I understand all the downsides of RCS. I am not saying I will drop everything and proudly use RCS, but the fact of the matter is it is a massive improvement over SMS in terms of privacy and security and just quality. I want to know how I will be able to do this using Google’s Messages app on a currently deGoogled phone running GrapheneOS, while providing the least amount of data possible (ideally would like to avoid installing sandboxed Google Play services)
in that case, you’d be better by not using Google Messages. According to the discussion I linked there seem to be a few other proprietary RCS clients in the Play Store, other than Google’s and Samsung. Not sure of this myself, but it’s worth looking into it.
If you don’t want to install Google Play services, your best bet is trying your luck with any RCS client other than Google’s. Even Samsung’s (if it even works outside of Samsung phones) has a bigger chance of working without Google Services installed.
Once you find one that works on a degoogled Android, just follow the usual recommendations: install it in a separated profile, give it as little permissions as possible, maybe a VPN if you don’t want them to get your IP (although given that your RCS provider will probably be your ISP this might prove pointless), etc.
And remember to assume that it is not private at all and they are harvesting all your metadata. The encryption is proprietary too, so there’s that.
Edit: I just remembered that encryption is probably exclusive to Google Messages. So you’re screwed, I highly doubt Google Messages will work without Google Services.
I’m guessing that in the near future when Apple launches RCS, we will have more options in Android too. So just keep up with the RCS news.
You always had access to see what your friends were watching on your own server. This is a consequences of being an admin, you kind of have to have access to that kind of data to manage your system and streams.
This seems to just extend it to showing you what they’re watching on other servers, as well.
Anyway, if the concern is that Plex, the company, has access to this data, then yeah, you probably should have read the privacy policy a little closer.
Jellyfin is there and doesn’t have a parent company to “phone home” data to.
It’s unfortunate that Jellyfin is just slightly worse than Plex at pretty much everything. Playback is smooth, sure, but set up is harder, getting good metadata is harder, logging in is harder, etc.
The metadata one really put me off. I set up a Jellyfin instance with the exact same media set as my Plex instance, and it immediately started “recognizing” standard movies and shows as porn and hentai. I’m still going to push through and get it properly set up eventually, but even so, I’m not looking forward to manually managing accounts when people can just SSO with Plex.
I mean, I have a ton of media that Plex recognizes automatically and Jellyfin doesn’t, so… Agree to disagree, I guess. I’m not trying to defend Plex’s recent enshittification, but that doesn’t change the fact that it’s generally a better experience than Jellyfin right now.
Anyway, if the concern is that Plex, the company, has access to this data, then yeah, you probably should have read the privacy policy a little closer.
come on, you know this is a non answer. also plex shouldn’t have this data, it should be for the admin only.
What? Plex is not one of those open source, self-hosted, privacy-centric services. Plex can do whatever the hell Plex wants with your watch history, because you agreed to their broad terms of service that said exactly that when you signed up. You chose to run your traffic and authentication through Plex servers because it’s convenient, not for privacy reasons.
If you don’t like it, use Jellyfin. I’m personally looking into moving, as Plex seems to be getting slowly shittier.
why are you defending them? sure, they’re allowed because they’re a big company so they make the rules, but that doesn’t mean you have to lick their boots and say oh actually that’s fine you made the choice. even big companies SHOULD be ethical. we DESERVE ethical treatment, furthermore, even people who didn’t wade through the terms.
I don’t know how you could read that and think I’m defending them.
I’m just telling you how the world works. If you want real privacy, you need to PAY somebody with a rock-solid privacy agreement or fully host it yourself. Plex is neither of those things. Remember, if something that costs money to run is free, then YOU are the product.
They say they use it to sync up your watch history to your account so it can sync across devices, but I wouldn’t be surprised if they were selling your watch telemetry to advertisers as well.
It’s a non-answer that their privacy policy explicitly states that they will collect this type of information and that they stipulate what kind parties they can share that info with?
That’s the straightest answer that you’re going to get. Privacy policies like this are bullshit, but they’re also the norm so acting like it’s a non-answer after 20 years of this being the norm seems a little… naive, perhaps?
My favourites are the ones that let you set a 35-character password and, presumably, happily hash it and store it in the database, but then provide a login screen that requires passwords to be 20 characters or less.
My HP printer had a hard limit of 16 characters. My password manager generated 20 characters. The login form had no issue accepting 20 characters, which were of course wrong.
I was under the impression that even just letters (no case) would take a lifetimes to brute force if you exceeded 15 characters. And that drops to just 11 if you mix cases, numbers and special characters.
One of the worst offenders I’ve seen was a bank I used to use. I think they limited to 16 characters and also got angry about a couple different special characters I tried to use. The problem beyond that? The form would let you submit any length and just silently chopped off characters 17+ or whatever. I had to reset my password several times to figure out what was going on. Pathetic…
Earlier this year I signed up as a member to a professional organization that also grants IT-related certifications… I couldn’t figure out why the account registration wouldn’t let me proceed, until I typed a super short password instead.
We are stupid fucking peasants as they have regulatory capture so they know the worst that will happen is they get a small slap on the wrist. Most people don’t actually care and those that do don’t have the money to buy the laws that we need.
Why waste time pretending when it doesn’t make 2 cents of difference. It is just a waste of money.
You are falling for daddy's trick biggest trick....
Sure plebs have no political power but there are two things left: Personal direct action and organizing both as consumers and workers.
While with things like food shelter medical, not much choice left. With other products, people can vote with money. People can limit how much data they let out.
People can job hop, demand higher wage, this is mostly limited to older, higher paying folk but them doing this helps everyone.
Finally, organize as consumers and labour.
I see voting being pushed as solution, you can keep voting but don't be naive haha
Funnily enough people who push voting as the only solution will down vote direct action posts into oblivion. I am starting to assume the poltiics crowds are indeed either bad actors, ie bots or shills.
Fascism is not holding [us] back... shit wages, healthcare and hi prices are tho
Keep in mind that RCS is still SMS to anyone without Google Messages.
Also, the encryption in RCS is problematic - last time I read how it worked I wasn’t convinced it was as secure as advertised (I don’t recall why, but I think it’s because it’s not really E2E).
It’s 2023 and I still see signup forms that are like “must have at least one of each: number, lowercase letter, uppercase character, special character (but not , . " & / + < > {} [] )”
That, plus no single sign-on (privacy issues aside) and login flow design so bad that password managers don’t know what the fuck is going on, and it’s no wonder password security is still a huge issue.
Huh? It’s far easier, throw in your server IP+Port or DNS and quick connect your clients with a short code.
The bullshit claim solution by Plex makes me pull my hair out, especially on remote instances.
Even when running, it managed to break the database 3 times, with no repair tool of working, interestingly there are plenty, community built and official ones, so that problem is common.
Rebuilding takes a whole day with the intro-outro detection.
What a nightmare to administrate.
As someone who has bought a lifetime subscription a year ago i was enraged as my girlfriend told me that she got ads in Plex, turns out they just added their free streaming service in there without even asking, fuck them, Jellyfin evolved great!
This is terrible advice when you’re encouraging people to open up their network to the broader public without full understanding of what they’re doing.
That is my advice to the people not having a clue what i’ve wrote. You don’t want to tell me that people not able to setup Jellyfin are full aware of anything they are doing with Plex?
Not everyone should self-host, especially not people unable to watch a 10 minute setup tutorial of Jellyfin, or god forbid, reverse proxies.
Dumbing down self-hosting below the bare minimum is dangerous, but to each their own.
Plex is definitely easier to set up. I’ve done it multiple times over several servers. I’ve literally never heard of the database breaking, and I’ve deleted media that was actively being watched. Meanwhile, Jellyfin fails basic metadata matching on the exact same media set and also lacks built-in SSO. One of the biggest niceties of Plex is inviting people to join and they can just immediately login with Google.
I’m not saying Plex is better, and I’m not defending their recent enshittification. It’s gotten worse, for sure. And I’m sure Jellyfin is great, but I haven’t had time to put the effort in to fix the metadata issues or create accounts so my users can switch over.
privacy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.