I’m ‘guilty’ of posting videos showing various techniques to bypass security controls. They’re for illustration, not tutorials for bad actors. Haven’t had Youtube knocking on my (metaphorical) front door yet…:
Earlier this year, YouTube added hacking and phishing tutorials to its examples of banned video content — and that ban has been publicized thanks to an apparent crackdown on an ethical “white hat” hacking and computer security channel.
Kody Kinzie is a co-founder of Hacker Interchange, which describes itself as an organization dedicated to teaching beginners about computer science and security. Hacker Interchange produces the Cyber Weapons Lab series on YouTube, but yesterday, Kinzie reported that they were unable to upload new videos because of a content strike. “Our existing content is being flagged and pulled, just got a strike too,” noted Kinzie.
The rule is laid out on YouTube’s “harmful or dangerous content” page, which bans “instructional hacking and phishing,” i.e. “showing users how to bypass secure computer systems or steal user credentials and personal data.”
As Kinzie and others on Twitter pointed out, even if that could stop some illegal behavior, it’s potentially terrible news for anybody studying computer security — as well as people interested in countering hacking and phishing tricks. Hacking techniques are often used illegally, but they’re not necessarily illegal. They’re practiced by many legitimate researchers and computer system testers. YouTube has a similar ban for teaching theft techniques, but that’s a much less popular (and expansive) pastime than learning about computers.