Yes, getting your cookies means they have access to your account and which also means access to your server. Your own server can be compromised just because you are viewing others service remotely.
No doubt it is OS problem, it can be fixed via plex or the OS. Many web browser included their own bundle certificate to cater for older device. Look at this post, it was created when plex put WEBOS 3.5 as supported. They don’t even care to come in and put a one line comment saying “LG OS issue”. Do you think they will take little time to fix ? Plex just dont care at all.
Yes, i am a programmer and this is just few minute fix.
I’m pretty sure this is simply not true, because plex worked a long time before they ever provided secure connections.
But whatever, make all the assumptions and complaints you want, just keep the thread civil, or it will simply get closed.
Whether or when the plex team can/will provide updated info or a more permanent fix, like most things, they will make when they are ready, and no sooner.
I like the way you use “assumption”. Unsecure connection means anyone (man in the middle)can have access to your connection. That is a fact. Your cookies is send every time a request is made, that is also a fact. I did not assume anything. That is published, tested, proven and I am in this industry protecting people connections.
Yes, I reported the issue to LG too. either of them can fix it. I am well know this is not entirely plex issue. I wish the support can just put one line respond, it is LG OS issue. Despite over so many thread on same issue. Well at least we know PLEX wont bother to fix.
anyway, this was posted some 11 days ago, and emails were sent out too.
as far as your other assertions regarding cookies, I don’t have sufficient information or expertise or behind the scenes knowledge of plex’s implementation to prove or disprove your statement.
be that as it may, there simply isn’t anything that can be done in the mean time other than;
use a supported device that has updated certs.
use insecure connections as a (hopefully temporary) work around.
Well, like I say. It was listed as supported 10 days ago. Now the change to WEBOS 5.0 only. Maybe you did not follow the timeline. Scroll up 6 days ago, I posted that they made the change. Moving from supported to unsupported means they already giving up. No assumption made.
Even plex put up the bold font about unsecure connection.
If Webos 3.5 was listed unsupported from the beginning, i wont even start this thread.
See how they change Tizen to all version unsupported.
Anyway, i have mark this solved 4 days back. Given plex listed unsupported secure connection for any webos 5.0 below. Just accept the fact.
I’m sure they would have if they could have, at least it was updated at whatever point.
Sorry you, and others have had a poor experience.
My own family has an affected samsung, which I had to walk them through the insecure setup.
I do believe that if there is some kind of solution that plex can implement, they will try to do so, but as you may well know, they do work at their own pace, and I assume that not all devices can be retro-fixed, especially those which have been dropped from support from the manufacturers.
The truly unfortunate fact is, ‘smart tvs’ are anything but.
Most are already obsolete (both cpu/ram/storage-wise and software-wise) before they get released to the public.
Like many smart phones, tv manufactures want to provide continued reasons to ‘upgrade’ to the latest by implementing ‘planned obsolence’, instead of building things that last generations.
It also may have to do with curbing piracy sharing. Pressure from the content owners as the industry develops. Just like limiting the LAN port to 100mbs, makes me think…
Why spend money on a protection feature? Then again pressure from consumers pushed for Airplay support to older OLED and Nano LG TV and it happened. Is it just protecting new product sales or something else.
I really don’t see how that is relevant to manufacturers failing to keep old devices updated, but
It’s not like they are alone, even google can’t keep their phones updated more than 2-3 years.
Nvidia, seems to be the only manufacturer with the motivation/dedication to keep the shield devices maintained over the long term.
edit;
well, to be fair, most tvs and streaming devices are intended for actual streaming services (netflix et al), which run low bit rate streams which do not need gigabit ethernet.
it’s really only 4k bluray rips which need greater than 100mbs, which of course falls outside of the above intended usage of internet streaming services.
anyway, I think the thread has run its course, I am going to bow out and go back to playing state of decay 2.
if there is any changes or updates from plex, I have no doubt they will update the sticky post and/or create a new announcement.
Yes, you are Right it’s a Solution only for your Own Server,
but very Suspicious is, after i put in my own Cert in, all Playback Errors on Tizen are also gone, so it must maybe be the Backend of Plex that makes this error, and all Connections are Secure no Insecure Connection.
If you cannot change your Plex sever certificate to one signed by a valid certificate authority certificate trusted by your TV, then if your TV is rooted, you can update the trusted CA certs on the TV itself.
I wrote a bash script for my rooted B9, to remove the expired LetsEncrypt cert and add two new certs to the TV’s truststore. It may work for other devices.
On a rooted B9 or C9 you can open a shell on your TV and run the following four commands:
After updating the certs, the TV will reboot, and you should be good to go.
As I have no other LG devices on which to test this (filesystem layouts may be different), you may want to inspect the bash script and manually edit and run individual commands within instead, or at least use it as a guide for what to do on your own TV.
I don’t understand why the c9 is affected. I’ve got one and it’s running v5+, which should be fine according to their post. The OS received an update recently and all of my other apps get updated regularly. I’ve written software for tv and stb before. No idea what is going on here and plex’s explanations aren’t sufficient.
My father, his friend and my mother in law are all running webOS 5+ and having same issue, had to force insecure connections to access my server…very upset plex and LG cant get their stuff together to fix this in a timely manner its been nerly a month already
I got some good news and bad news.
The good news is LG developers has acknowledged the issue and the next security patch will fix this.
Bad news is there is no date and there is no mentioned which version will be patch. I only ask specifically version webos 3.5. So I gonna assume version 3.5 and above will be patch.
