The new rule of Google-owned YouTube is terrible news for researchers studying computer security and people interested to learn about countermoves to prevent hacking and phishing attacks.
The world’s largest video site with over 25 billion monthly visits — YouTube, which has been under scrutiny since inception for developing a business on other people’s copyrights and abrupt changes in policies on irredeemable content, has recently decided that it will not host instructional hacking videos.
Though the written policy on the matter appeared in the Internet Wayback Machine’s archive of web history in an April 5, 2019 snapshot but the video site has reportedly started blocking such content from the last couple of days. According to the new rules, the content that will now be banned by the platform is described as follow:
“Instructional hacking and phishing: Showing users how to bypass secure computer systems or steal user credentials and personal data.”
So, now that there is a written rule on YouTube’s strict new decision, concerns are raised on how the policy is being applied. A security researcher and educator who posts hacking videos to YouTube’s Null Byte channel, has tweeted that he posted a video to demonstrate launching fireworks over Wi-Fi, but that couldn’t be uploaded because of the rule.
We made a video about launching fireworks over Wi-Fi for the 4th of July only to find out @YouTube gave us a strike because we teach about hacking, so we can’t upload it.
YouTube now bans: “Instructional hacking and phishing: Showing users how to bypass secure computer systems”
— Kody (@KodyKinzie) July 2, 2019
Meanwhile, the permissibly of cybersecurity-related content is still not clear, as it has been an issue for years. Previously, hacking videos in years past could be removed if enough viewers submitted reports objecting to them or if moderators found the videos violated other articulated policies.
It is pertinent to note here that hacking techniques are often used for illegal purposes, but this doesn’t necessarily mean that their learning is illegal. They are practiced by many legitimate security researchers and computer system testers too.
Google has yet to comment on the matter.