Pardon my ignorance, but couldn't Plex just purchase a wildcard cert for a domain like plexservers.com. Make a service available to PlexPass holders where they assign you a subdomain for you (e.g. xyzserver.plexservers.com) and point it to your IP.
When you share your server it sends a request to the Plex servers with your IP address and automatically updates the DNS record for your subdomain.
Obviously you're going to have to deal with propagation delays when/if your IP changes, but I don't think you can really get around that.
I could write a service like this, it really isn't that difficult.
Pardon my ignorance, but couldn't Plex just purchase a wildcard cert for a domain like plexservers.com. [...] What am I missing?
No. If they do this, every PMS server would need the private key for that wildcard certificate. This gives anyone that uses PMS the keys to man-in-the-middle attack any remote request to any other PMS, bringing us right back to where we are now.
(IIRC, they actually tried this previously. Failed miserably, as would be expected.)
No. If they do this, every PMS server would need the private key for that wildcard certificate. This gives anyone that uses PMS the keys to man-in-the-middle attack any remote request to any other PMS, bringing us right back to where we are now.
(IIRC, they actually tried this previously. Failed miserably, as would be expected.)
I currently use a wildcard cert from StartSSL on my server that hosts Plex and a number of other things. It would be simple to just enable HTTPS on Plex Media Server and let it use the wildcard cert.
I do, however, agree with most people that the process of obtaining and setting up your own SSL Cert is definitely beyond most users. It will be interesting to see how the Plex Devs handle the issues of cost, complexity and security with the native solution they are developing.
It would be simple to just enable HTTPS on Plex Media Server and let it use the wildcard cert.
Unfortunately, it's not that simple. Issues with Plex clients and the way they communicate with PMS remotely and locally complicate this. Clients can still leak tokens, even after you've secured the connection between the remote clients and PMS.
Unfortunately, it's not that simple. Issues with Plex clients and the way they communicate with PMS remotely and locally complicate this. Clients can still leak tokens, even after you've secured the connection between the remote clients and PMS.
Sounds like a thorough redesign of the communication/responsibilities is in order. As I see it: the Plex.tv should only provide a Dynamic DNS-like function: I ask for a specific server and Plex checks if I'm authorized and returns the IP-address if it is granted. The rest really should strictly between client and your own Plex-server. There might be some "behind the scenes authentication/authorization checking" going on, but that shouldn't involve elements in the front-end (why isn't that locally cached anyway??). I've noticed some odd behavior of my server as well when the outside internet connection was down, but any interference of Plex.tv as an active proxy and/or authentication-server only weakens both performance and security of the Plex solution....
This is a little unnerving considering there have been vulnerabilities in the past, and those combined with grabbing tokens could equal an owned box...
This isn't about encryption as such, but the fact that many authentication is done through untrusted channels in plain text and that on some popular platforms the PMS runs under root. This is an exploit waiting to become a real attack, nothing more, nothing less...
Worrying that there's been no comments from Plex inc on this. I wonder if there's any liability for not patching known security holes in case a customer gets attacked?
I've started running mine on a VirtualBox VM that only runs Plex and has read only access to my shares. Not ideal but improves security.
Worrying that there's been no comments from Plex inc on this. I wonder if there's any liability for not patching known security holes in case a customer gets attacked?
It depends on the user and whether he is capable of knowing there are fundamental issues with Plex. When people here in this thread get hacked through a discussed vulnerability it is clear you as a user took a calculated risk and lost. You can't blame Plex for that. Knowing the risk, you should have taken additional measures or stopped using it.
For the majority of novice users, it is a different mater: they didn't have access to the info discussed here and Plex inc. didn't disclose it to them or warn them in any other way that installing Plex introduces significant risk to the host system. So these users aren't capable of assessing the risk on their own due to a lack of communication by Plex. What it comes down to is when someone's system gets hacked, the can sue easily because they have a product responsibility (please note that EULA's aren't considered binding when colliding with local law) for fixing these kind of issues ASAP and deliberately have kept this serious issue from users over 9 months, despite exploits being published etc.. That is quite a dangerous position to be in, to be honest.
EULA's generally speak about "as is" acceptance, but in many countries it does require responsible professional behaviour of a developer by either fixing the issue ASAP or at least publish a general warning when serious bugs are known to them.
Im a New Plexpass member. And I don't want to complain, as I really like Plex. But I bought a plexpass for the ability to access my media remotely. Only after do I find out about these major security issues. Because of this Ive been forced to use a vpn to keep my media private. I also don't like having to manage my local users on the plex website. So basically I dont use any of the plexpass features even though Im a member! lol! If these loose ends could be cleaned up, i would be more willing to encourage my friends to buy a pass. For now the complexity of setting vpns up on their network is to great of a hack for them to deal with. Everyone wants their data to be private. I fear most are unaware of the security issues. Which doesn't make plex look good when there are problems.
