YouTube Ban on 'Hacking' Content Snares Educational Infosec Videos
YouTube has used its policy banning "Instructional hacking and phishing: Showing users how to bypass secure computer systems or steal user credentials and personal data" to stop educational infosec videos from being uploaded.
In what can be described as a case of 'lost in translation', the policy that is there to prevent the spread of cybercrime knowledge mistook an instructional video by a computer security channel as dangerous. The channel in question, Cyber Weapons Lab channel, is produced by Hacker Interchange and makes videos that teach about computer science and security. When their latest video couldn't be uploaded to YouTube, Kody Kinzie, co-founder of Hacker Interchange, tweeted:
The strike mentioned in the tweet relates to YouTube's 'three strikes' policy. While the first strke won't allow the user to upload videos, "Three strikes in the same 90 day period will result in your channel being permanently removed from YouTube. Also, note that each strike expires in 90 days from the time it is issued and that deleting the content will not remove your strike."
YouTube’s rules allow videos that depict dangerous acts "if the primary purpose is educational, documentary, scientific or artistic (EDSA), and it isn't gratuitously graphic." Because Hacker Interchange teaches about hacking (for the purposes of good), the word 'hacking' set off alarm bells at YouTube and the ban/strike was put in place.
A 'back and forth' between Kinzie and YouTube on Twitter ensued and the ban was eventually lifted.
"Our policy team reviewed the flagged video and determined that it was taken down by mistake," YouTube tweeted. "We have gone ahead and reinstated the video and resolved the strike on your channel. We hope you can upload the 4th of July fireworks video now!"
*YouTube estimates that around 500 hours of video is uploaded to the site every minute (Techdirt). Working on the assumption that each video is five minutes long, that equates to around 6,000 videos/minute, 8.6 million videos/day, 250 million videos/month. If moderation is 99.99% correct, that's still around 26,000 mistakes a month.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.