20 January 2023

YouTube’s Policy on Hacking Videos Makes Everyone Less Safe


There are certain cybersecurity mistakes we seem destined to repeat over and over and over again: forcing people to change their passwords at regular intervals, for instance, which research has shown does not make accounts more secure, or acquiescing to online ransom demands, or punishing people for figuring out clever ways to compromise computer systems and then trying to inform others about the flaws they’ve discovered. That last mistake came up just last week, when many people noticed that YouTube had updated its examples of videos that violate its policies against “harmful or dangerous content” to include “Instructional hacking and phishing: Showing users how to bypass secure computer systems or steal user credentials and personal data.”*

YouTube told the Verge that the updates to its examples of policy-violating content actually occurred in the spring, but the decision drew attention just before the holiday weekend when Null Byte, a channel devoted to ethical hacking, was unable to upload a July 4 video on how to launch fireworks over wireless networks. It turned out that that YouTube was punishing the channel because of a previously uploaded video highlighting a technical vulnerability. After significant outcry from the security community, YouTube later reversed its decision to block Null Byte from uploading new videos. A platform as large as YouTube will inevitably make some wrong calls about what videos should or should not be blocked. But the larger issue is not whether one video—or one channel—crosses the line from ethical to dangerous content. It’s whether tech companies like YouTube’s parent Google view security researchers and their findings as threats and mischief-makers or as useful and important allies.

A quick scan of the video titles on the Null Byte channel makes clear how it could have drawn unwanted negative attention. Sample videos include “Take Over Sonos Smart Speakers With Python” and “Steal User Credentials Stored in the Firefox Browser With a USB Rubber Ducky.” Null Byte isn’t the only channel on YouTube dispensing hacking tutorials, of course, but it has some of the more useful and educational ones. (For comparison, try a YouTube search for videos on “how to hack someone’s Gmail account.”)

The notion that the videos posted by Null Byte are harmful or dangerous dates back to a deeply misguided idea espoused by some tech firms that anyone who finds a vulnerability in their products or figures out a way to compromise their software is an enemy—and a criminal. It’s not a new idea. For two decades, companies have taken advantage of both the Computer Fraud and Abuse Act and the Digital Millennium Copyright Act to go after security researchers looking for vulnerabilities, even when they clearly just want to raise awareness about the problems they identify.

But while companies like Oracle, Sony, HP, and Blackboard have been going after security researchers for years, it is new to see Google, by way of YouTube, embracing this particularly counterproductive approach to blocking content on “instructional hacking.” The whole point of making videos like the ones Null Byte publishes is to make everyone more aware of security vulnerabilities and better informed about how they work and what to do about them. Blocking those types of videos just serves to make us all less secure by allowing the vulnerabilities they describe to remain unaddressed.

Of course, it is possible to use the techniques described in some of these videos for malicious—and illegal—purposes. But if the video-makers actually wanted to steal sensitive information or sell their vulnerabilities on the black market, then, presumably, they would not be making videos that give away the information for free to any interested viewer. If you should someday find yourself in the position of discovering a computer security vulnerability, arguably one of the most responsible (and least lucrative) things you could do with that information is create a detailed tutorial explaining your discovery and then make it available to everyone free of charge.

What’s truly harmful and dangerous is not instructional hacking videos but the ethos that leads companies to treat the people who make them like criminals, or list them alongside videos that provide instructions on how to “create drugs” or “build a bomb meant to injure or kill people” or videos “promoting or glorifying violent tragedies, such as school shootings.” Certainly, there are risks to making videos publicly available that provide information on how to steal credentials or take over smart speakers. But the risks of not publishing those videos at all are much, much greater.

Correction, July 10, 2019: This article originally misstated that YouTube had updated its policies on what constitutes “harmful or dangerous content” to include “instructional hacking and phishing.” YouTube did not update its policies; it added “instructional hacking and phishing” to examples of content that violates its policies.

Future Tense is a partnership of Slate, New America, and Arizona State University that examines emerging technologies, public policy, and society. 



17 January 2023

Global elites slammed for ‘distasteful hypocrisy’ at Davos World Economic Forum

Global elites who travel to the Davos ski resort for the World Economic Forum have been blasted for their “distasteful hypocrisy”.

Greenpeace has slammed global elites travelling to Davos in “ultra-polluting, socially inequitable private jets”.

The lobby group slammed the “hypocrisy” of attendees of the World Economic Forum (WEF) who largely use private jets to travel to the event to talk about climate change in the Swiss Alps.

The NGO said it had commissioned research which showed that people who attended last year had made roughly 500 private flights in and out of airports near the exclusive ski resort.

Klaus Schwab, founder and chairman of the World Economic Forum. Picture: Salah Malkawi/ Getty Images

Organisers have again promised to make climate change one of the central themes of this year’s summit, while efforts have also been made to reduce the carbon footprint of the meeting and encourage VIP guests to take public transport.

“Given that 80 per cent of the world’s population has never even flown, but suffers from the consequences of climate-damaging aviation emissions, and that the WEF claims to be committed to the 1.5C Paris Climate Target, this annual private jet bonanza is a distasteful masterclass in hypocrisy,” Klara Maria Schenk, transport campaigner for Greenpeace, said in a statement.

Socialist Party activists take part in a protest against the World Economic Forum. Picture: AFP

The group said its research, carried out by Dutch environmental consultancy CE Delft, analysed flight records from airports near Davos during the week of the World Economic Forum last year and compared them to the weeks before and after.

“During the week of last year’s World Economic Forum 1040 private jet flights arrived and departed out of airports serving the Swiss luxury ski resort Davos, with about every second flight attributed to the meeting,” it said.

One flight was for only 21 kilometres while most originated from France, Germany and Italy.

The flights generated emissions equivalent to those of around 350,000 average cars in a week, Greenpeace said.

WEF organisers face annual criticism over the emissions caused by the event that sees policymakers, CEOs, academics and journalists along with an army of caterers and support staff head to the Alpine village.

Since 2017, the forum offsets its emissions each year, and has a sustainability policy that encourages the use of electric vehicles, seasonal produce for food, and recycling.

The use of private jets by corporate bosses has come under renewed scrutiny in recent years thanks to Twitter accounts that track the flights of planes known to be used by high-profile CEOs.

One of American billionaire Elon Musk’s first acts after taking over Twitter was to order the suspension of the @elonjet account following his own aircraft, on the grounds that it represented a security threat.

Executive Director of Oxfam International Gabriela Bucher. Oxfam says the number of billionaires should be reduced by half. Picture: AFP

The WEF responded and told Fox News the figure was likely an over-estimate, but admitted the more accurate number was closer to 500 private jets, a year-over-year decline that it argued showed participants were “taking the environmental impact of their travel more seriously.”

“We have been offering incentives to participants to use public transport for some years,” WEF said in a statement in January 2019. “We also ask that they share planes if they have to use them; something that has been gaining popularity in recent years.”

In the past, billionaires and world leaders like John Kerry, Bill Gates and George Soros have attended the Davos summit.

Billionaires targeted

Meanwhile, the number of billionaires should be reduced by half by 2030 through higher taxes and other policies to make the world more equal, Oxfam says.

In a report titled “Survival of the Richest”, Oxfam said billionaires had doubled their wealth over the last 10 years, with the wealthiest one per cent gaining 74 times more than the bottom 50 per cent.

The very wealthy have grown richer amid the cost-of-living crisis sparked by the Covid pandemic and soaring food and energy prices following Russia’s invasion of Ukraine, the report said.

The situation is extreme in India, where the top 1 per cent owned more than 40.5 per cent of the total wealth in 2021, according to Oxfam.

Adani Group chairman Gautam Adani is one of the richest people in the world. Picture: AFP

Since 2020, billionaire wealth has surged by $2.7 billion a day even as inflation outpaced the wages of at least 1.7 billion workers worldwide, Oxfam said.

Food and energy companies, it noted, had more than doubled their profits last year.

Oxfam called for taxes at rates that progressively redistribute wealth and reduce extreme inequality.

For starters, it said, “the world should aim to halve the wealth and number of billionaires between now and 2030, both by increasing taxes on the top one per cent and by adopting other billionaire-busting policies”.

Such steps would bring billionaire wealth and numbers back to levels last seen in 2012.

- AFP and Fox News