YouTube Bans All ‘Instructional Hacking and Phishing’ Videos
Along with the number of users on the platform and the influence it has on public discourse, YouTube's list of 'banned content' has grown a lot over the years too. The video hosting service even began including links to articles from Wikipedia on some videos it deems as 'misinformation'. The latest wave of bans resulted in a lot of educational videos getting deleted and today, we may see more as, 'instructional hacking and phishing' videos now violate YouTube's Terms of Service.
To make matters worse, some creators reportedly received a strike for hosting such content. One YouTube creator noticing a strike on their channel that creates “videos for aspiring ethical hackers, computer scientists, and the infosec community.” YouTube appears to be applying the rule retroactively as even existing content is being flagged and pulled, with the strike preventing them from uploading new videos for a week. Here's a Tweet thread by an infosec professional detailing why this is a bad idea.
We made a video about launching fireworks over Wi-Fi for the 4th of July only to find out @YouTube gave us a strike because we teach about hacking, so we can't upload it.
YouTube now bans: "Instructional hacking and phishing: Showing users how to bypass secure computer systems"
— Kody (@KodyKinzie) July 2, 2019
Even though the verbiage explicitly states that only videos that 'Show users how to bypass secure computer systems or steal user data or credentials" will be removed, other infosec-related topics will very likely be affected. There is no way YouTube's algorithm can distinguish between a video that instructs users on how to commit credit card fraud from a video that highlights the security flaws of a device. We can already see the changes affecting creators negatively and things will only get worse in the coming days.
It is disturbing that videos that instruct people on how to secure their devices are lumped together with content that can potentially risk someone's life. We're increasingly relying on smart, internet-connected devices to make our lives easier. Which is why infosec is more important than ever. There is a very good chance of your entire network being compromised due to an unpatched vulnerability in your IoT-enabled smart juice maker.