I agree that encryption is a must!
I hate hate BITCASA! Sorry, just had to vent!
Plex Cloud could be the solution to all our Plex needs… once it adds strong client side encryption. And yes, I liked the first post.
If you encrypt the data in ACD, Plex Cloud needs to be able to decrypt it. This means you need to supply your private keys to Plex Inc, allowing them to read the data.
From various reports on these forums / irc / reddit, Plex Cloud appears to be running on AWS instances, so the decryption keys are effectively being given to Amazon at that stage.
So rather than providing Amazon plain text, you’re providing them with cipher text and giving them the decryption keys via a side channel.
While that arguably does add a layer of security (albeit a pretty small one), it does make things more complicated for Plex Inc, as they’re now responsible for your private keys.
While the idea is noble, due to the implementation of this, it’s not practical. If it’s a deal breaker for you, the previously linked amc.ovh page gives you details on how you can implement your own version of Plex Cloud, with full encryption up to your own self-controlled PMS instance “in the cloud” / on a VPS / whereever you want.
But with the amc.ovh you have only the Amazon Storage and your Server is local.
With the Plex Cloud, all is on Amazon side…means more “Upload” etc.
I also think, Plex have to use an encryption
Private encryption is needed.
I too came here hoping for an encryption solution as I don’t want Amazon causing me any issues with my uploaded content of which is all legal.
Would it not be possible to use say Boxcrypter to encrypt everything and have Amazon Cloud as a virtual drive. You can then point PLEX to the virtual drive on your local network and have Boxcrypter download and decrypt were necessary? Just a thought.
like amc.ovh, is a virtual encrypted Amazon Drive possible.
But that is not the idea behind Plex Cloud.
Plex Cloud not only use the Drive, also the Plex Server is on Amazon Side.
So you have the full speed of Amazon Server and Internet Speed of Amazon.
This is a must have for Plex Cloud. The last thing we want is Amazon (or others) identifying our media as “illegal copies” and pulling the pin on our account. Should be easy to implement for Plex, encrypt the media files and unencrypt for use at the plex server side.
Completely agree, but… how naive are we on a scale from 1 to 10 if we trust plex with the key and believe that neither amazon nor NSA or other parties will then also have access to it?
Id say encryption is definately needed, but in this scenario it would be a pure cosmetical feature that would have no real world security gains. A clean 10 on the naivity scale 
@deepseth said:
If you encrypt the data in ACD, Plex Cloud needs to be able to decrypt it. This means you need to supply your private keys to Plex Inc, allowing them to read the data.
From various reports on these forums / irc / reddit, Plex Cloud appears to be running on AWS instances, so the decryption keys are effectively being given to Amazon at that stage.So rather than providing Amazon plain text, you’re providing them with cipher text and giving them the decryption keys via a side channel.
While that arguably does add a layer of security (albeit a pretty small one), it does make things more complicated for Plex Inc, as they’re now responsible for your private keys.
While the idea is noble, due to the implementation of this, it’s not practical. If it’s a deal breaker for you, the previously linked amc.ovh page gives you details on how you can implement your own version of Plex Cloud, with full encryption up to your own self-controlled PMS instance “in the cloud” / on a VPS / whereever you want.
I think Deepseth says it all.With the current design, adding encryption is purely cosmetic. The best privacy solution is the one presented on amhc about local server with encrypt amazon drive. This is my current setup. I am able to stream from amazon without issues original (13Mbps) format. Plus if you use the unionfs you can have a mix of local cache for a couple of days before delete from your local drive.
@Mike12421 said:
I too came here hoping for an encryption solution as I don’t want Amazon causing me any issues with my uploaded content of which is all legal.
Of course is it all legal - in which region or state?
There are places where it’s legal to own releases gathered by sickrage or similar.
And there are places where it’s NOT legal to rip your own DVD or Bluray.
Well, that’s the point. There has to be an solution so no one is getting in trouble.
Many Plexers would be happily paying Plex a good Penny for Plex Cloud - IF they are safe.
They won’t (and keep on bying bigger WD Reds forever) - IF they are not safe.
Encryption is just one idea to solve this - and, no, I have no other.
So +1 
Even if the encryption key is somehow in another place on Amazon, that would one be relevant when there is an active investigation. The encryption of the files in the drive is cutting off the automatic scanners.
@plxin said:
It is a fair point that Cloud providers need to make a profit and Bitcasa is an example of what not to do. I don’t want to think about what I lost there.I don’t know that Cloud providers depend on deduplication or similar technologies for their margins though. In most cases, using my family as an example, the data generated wouldn’t be deduplicated anyway even without encryption. Photos/videos taken with phones, voice memos, tax returns, film projects from school using footage she shot with a dashcam style camera, and more for hundreds of gigabytes. That is a typical, home user generating data they need a secure place to put. That is increasing rapidly as 4K video is adopted and hundreds of gigabytes becomes 10TB+.
It is similar to how residential ISPs oversell to profit. Most users don’t use as much as they are actually allocated, some use a lot more, and targeting the most abusive users keeps things under control. Profit after costs. Amazon is doing the same at scale doing what Bitcasa probably couldn’t. Amazon is larger on the scale of Walmart and hosts huge parts of the internet including parts of Netflix.
Encryption is becoming the norm rather than the exception for more users as desktop and sync apps adopt it for their next paid version. Plex needs to be skating to where the puck will be rather than where it is.
@plxin said:
It is a fair point that Cloud providers need to make a profit and Bitcasa is an example of what not to do. I don’t want to think about what I lost there.I don’t know that Cloud providers depend on deduplication or similar technologies for their margins though. In most cases, using my family as an example, the data generated wouldn’t be deduplicated anyway even without encryption. Photos/videos taken with phones, voice memos, tax returns, film projects from school using footage she shot with a dashcam style camera, and more for hundreds of gigabytes. That is a typical, home user generating data they need a secure place to put. That is increasing rapidly as 4K video is adopted and hundreds of gigabytes becomes 10TB+.
It is similar to how residential ISPs oversell to profit. Most users don’t use as much as they are actually allocated, some use a lot more, and targeting the most abusive users keeps things under control. Profit after costs. Amazon is doing the same at scale doing what Bitcasa probably couldn’t. Amazon is larger on the scale of Walmart and hosts huge parts of the internet including parts of Netflix.
Encryption is becoming the norm rather than the exception for more users as desktop and sync apps adopt it for their next paid version. Plex needs to be skating to where the puck will be rather than where it is.
@plxin said:
It is a fair point that Cloud providers need to make a profit and Bitcasa is an example of what not to do. I don’t want to think about what I lost there.I don’t know that Cloud providers depend on deduplication or similar technologies for their margins though. In most cases, using my family as an example, the data generated wouldn’t be deduplicated anyway even without encryption. Photos/videos taken with phones, voice memos, tax returns, film projects from school using footage she shot with a dashcam style camera, and more for hundreds of gigabytes. That is a typical, home user generating data they need a secure place to put. That is increasing rapidly as 4K video is adopted and hundreds of gigabytes becomes 10TB+.
It is similar to how residential ISPs oversell to profit. Most users don’t use as much as they are actually allocated, some use a lot more, and targeting the most abusive users keeps things under control. Profit after costs. Amazon is doing the same at scale doing what Bitcasa probably couldn’t. Amazon is larger on the scale of Walmart and hosts huge parts of the internet including parts of Netflix.
Encryption is becoming the norm rather than the exception for more users as desktop and sync apps adopt it for their next paid version. Plex needs to be skating to where the puck will be rather than where it is.
Clear to me, you have not been exposed to to enterprise deduplication algorithms, everything you pointed out will be deduplicated at very low level, think that most of the computing for deduplication is not usually done realtime but as batch process using queues and doing very large number (the larger the better) distributed parallel processes using mostly specific hardware, not your run of the mill CPU, the calculations are done initially by rather cheap GPU to determine optimal block size, proximity, compressibility, divide it and set the pointers data and then, ASICs (preferably) and FPGA units do the actual deduplication and compression of these blocks (if the compression gain is worth the cycles) and this is an ever repeating progress, which becomes more intensive and optimized as the data consolidates and stops changing becoming almost a read only file.
What you said will get deduplicated by any of the major cloud providers, even if you don’t see anything in common among them or they are encrypted, but it can be proven mathematically (statistically) that given enought population and optimized blocks there will be others in that same cloud equal or so similar to that a delta will make fit on to the other.
And the size, amount of raw data, hosted on their clouds together with the capability to invest in “proprietary” hardware and software (ASIC) to deduplicate and compress gives the three largest players quite an edge to out price the smaller players.
Rather than implement encryption from scratch, perhaps Plex Cloud could be interoperable with the vaults of the open-source Cryptomator.
That way you could easily use Plex Cloud with the same set of encrypted files you can up/download with one of Cryptomator’s own clients or other apps that support it. Currently (Cyberduck supports it in beta; hopefully more will follow and if Plex were one of them it would raise Cryptomator’s profile considerably.
some form of file level encryption/decryption such as PGP would make Plex Cloud more appealing to the masses. an implementation example would be that the files are uploaded with PGP encryption already done (for which the user is responsible) and the the private key can be copy pasted on the client side. another option would be to partner with companies that provide at rest encryption such as spideroak.
i’m hesitant to put any of my data up a cloud services that doesn’t support encryption at rest.
+1
This would be a great feature, I thought it would be a more popular feature request. Needs more visibility I guess, we’ll probably have to wait until cloud providers start deleting content or reporting users.
Early 2021 clean-up: obsolete (Plex Cloud has been discontinued)
