Let me guess, the author changed the field number to a large unused number.
> Now, all we have to do is scan the Protobuf bytes for classic ad URL signatures like /pagead/ to bound our field search, then move backward from there until we find the target(s) field tags and thus field keys we would like to denature (e.g. 49399797 –> 49399796).
Yeah. This isn't a flaw, this is intended behavior.
If you're willing to go through the effort to find the tag, it's really not that much additional effort to then read the (varint) length right next to the tag and... just skip those bytes.
Yes, you'd need to copy your buffer to do this, or at least slide your bytes around. But the proof-of-concept script already has to perform a copy because the bytes object returned by mitmproxy's API (`body: bytearray = bytearray(flow.response.get_content(strict=False) or b"")`) is immutable, and even a memoryview isn't going to bypass this limitation.
Google could shut down this method of ad blocking instantly by either doing basic certificate pinning or by altering their decoding logic to be less graceful of failures when it comes to extracting ad information. If I were on the YouTube team, I'd consider these flaws.
But rejecting unknown messages would likely degrade the user experience. Just because Google releases a new version doesn't mean everyone instantly has that new version installed everywhere.
Certificate pinning would be a solution, but the world seems to have decided that that's very difficult to get right. Probably easier to get right in an app than in a website, but I understand not using it.
They could manually sign the protobuf messages to ensure integrity. Duplicating some of the work TLS would already do, but doing it decoupled from TLS infrastructure may be easier.
But unless something like OP's hack becomes mainstream, Google's current approach could be the right one. Sure, it leaves them open to message manipulation, but the potential lost ad revenue from even a tiny failure rate around update time from the other approaches could easily outweigh what they lose from a handful of people running middleware boxes to block ads.
Cert pinning for YouTube would actually be quite easy, as Google runs its own CA. They can just hard pin their root CA and update the app in twenty years or so when that expires.
You can do cert pinning. And the user can modify the app to pin their own cert. And you can lock down the device so the user can't modify the app. And the user can get a different device where they can modifiable apps. And you can add device attestation. And it's not yet feasible to extract an attestation key from a device, but it probably will be in the future. And then you will switch it to a physically uncloneable function. And then someone will figure out how to physically clone it anyway. And so on.
The war on ad-blocking is fundamentally the war on general-purpose computing. By the time you achieve unskippable ad blocking,
You know, you could also just refuse to send any video segments until the time when the ad is supposed to be over. Then the user may try to download their videos in advance, but most of the time they don't know what they're going to watch that far in advance, so they'll sit through the ad to avoid sitting through a black screen. That seems like a more sane thing to try. And you don't have to destroy the fabric of society to do it.
Especially now that they’re individually and programmatically targeted to showcase and inflame the neuroses, health concerns, and predilections of each of the specific people in the room around the television.
Amazing how the HIV commercials only appear when individuals in risk groups are around. Those outed a friend once—luckily in a supportive environment.
And the random miscellaneous cancer drug ads come on when the friend who’s an older cancer survivor comes to visit. And the sports betting ads when friends facing gambling addiction are around. And if I hear one more ad hawking supplies for squealing tiny humans when new parents are around, so help me…
PS. spent 5 minutes on "a dog sleeping" without stupid music and couldn't find one. Search these days, man...
Locally to me, far from anywhere it belongs, an independent-spirited Japanese man operates a little izakaya as a solo enterprise. Jazz, shockingly varied menu for the square footage and manpower; the whole deal.
He keeps a television set up at the bar he works behind—pointed away from the bar, toward him. He shows only kittens playing and views from train drivers’ windows…
- they are for a product that I just bought x 20 times;
- they are for a product that I do not need x 20 times;
- “we know you are old, so do this stupid thing… (have I said “x 20 times”?)
- “we know you are rich, so do that stupid thing…
And so it goes.
Bold claim.
Yes, but there isn't only an unknown field, but also a missing field. (The old field index) Thus it doesn't meet the requirements of the client.
Now that probably could be circumvented by doing more edits to the protobuf message. If nothing else works by injecting 0s length ads instead.
As I understand it, many ads are skippable after a certain amount of time, so you'd have to allow for that, but that does seem like a sensible idea.
(This is a similar approach to what Twitch does, by the way.)
It's pathetic how Google pulls this douchebaggery and then whines when people fight back.
How exactly should you deploy client code to the edge, which may not be updated, to handle "unknown" tag number fields? You don't, because that's crazy. Nobody should write software like that because it creates a maintenance hell where you can't upgrade or downgrade because "smart" applications are doing stupid, undeterministic things with the protocol.
It's impossible to reason and engineer backward / forward compatibility when you don't treat the wire format and API with respect.
Most of the major migration headaches I've had in my career have been the result of engineers trying to be clever in the time and place they wrote the code.
I agree, what they are doing with proto is much better
We originally used "required" for fields that must be present and it screwed us over later due to that. Switched everything to "optional" with the code checking for those fields' existence instead.
Security controls weren't the reason the devices broke, which is why applications that didn't care about things like DRM still played just fine. The internal CA for the Chromecast hardware certification expired, which requires updating all Chromecasts or temporarily ignoring the expiry date in client apps. It seems like apps are doing the latter while Google is figuring out how to update the Chromecast certificate infra on short notice.
So cert pinning in this case would go from "anyone with a pihole or equivalent can block YT ads on their Apple TV" to "people who jailbreak their Apple TV and install a cert pinning breaker and have a pihole type setup can block ads".
If you are google and your goal is to get people to watch ads, cert pinning is clearly a win if you are at all worried about things like the OP. Clearly they are not very worried, presumably because the bar set by the OP is already too technical for most people (even if it was packaged in a more consumable way).
From a user perspective, you'd want to break all TLS connections and sniff every bit of data on your network, but that's not the perspective Google has when developing their code.
Signing data is just duplicating TLS security measures with a second key. TLS already signs the data, Google just needs to verify the root of trust.
Which effectively pins a different key in the binary. Might as well use certificate pinning, which provides both signing and encryption without a second layer of crypto.
As a sibling comment has also pointed out, signing the data won't help against a user who's modifying the client. You can change the signature the client is expecting on your certificate... and you can also change the signature the client is expecting on your data.
You might be interested to know that this is official policy on Android. Yes, I'm appalled too.
Byte objects are immutable, but bytearray objects are not.
mitmproxy's API is flow.response.get_content(strict=False), which returns a bytes object; the proof-of-concept script then copies it into the bytearray using the code that I've cited.
Routing everything through the proxy will degrade performance even with SNI interception.
Same with pfSense - a plain Linux server and a simple iptables rules set would do the job without having to fight against all the pfSense abstraction layers.
Write a .proto file with just enough of the reverse-engineered proto fields to auto-generate code and flip the flag. Cheaper than the Python implementation and easier to update when the proto changes.
Ignoring unknown field tags is an important Protobuf feature - it allows for compatible schema changes without breaking existing deployments.
Video quality does decrease, and sometimes that's good a good thing.. :)
- Lower video quality is lower resolution = less addictive.
- Decreasing saturated colors reduces children's brain heroin. (Try to put the tv in normal or movie color mode and see the addictiveness fall off).
- Lowering the sound helps kids hear less of the background addictive noises and strain their hearing a little more and can help them get tired.
- Lowering brightness can help with as well.
- Kids device for viewing could be different than adults to allow filtering and shaping.
As for content, I agree.
- Recently I heard there's more and more fraudulent content under official channels that includes bad content inside the good stuff. This needs to be caught.
- Managing access to shorts is important, if not limit outright.
Do you have a youtube premium account that removes ads by chance?
My use of YouTube predates shorts, and I haven’t been a huge shorts consumer on social platforms, and I seem kind of indifferent to them. Anyone else?
Maybe there is something we can figure out and share with our friends who want to manage their shorts use.
Also, apps like opal can be really helpful.
I do hate the pushing of shorts and the algorithm that seems to have a 3 video memory, but aside from that I’m pretty happy, I don’t get the weird right wing stuff or creepy videos pushed at me or my kids.
It sounds like the author was aware of at least parts of your comment. The post is very thorough. They benchmarked using python and c++ and the final impl doesn’t even decode protobuf. They used various mitm solutions. They are using pfsense for more than just “it’s muh security router”—they are vlanning and vpning the traffic so they can target inly the appletv on their network.
Your comment is cheap and dismissive. The author’s post is not. You owe it to the community to put your money where your mouth is.
I am, however, very familiar with this particular engineering challenge (specifically, attempting to build on pfSense and using mitmproxy scripts in production), so I wanted to share my personal experiences to hopefully save someone else some time and frustration while attempting the same thing.
Should I not have commented at all?
Got any recommendations for lightweight proxies that can run on macOS and serve other devices in the home?
package main
import (
"log"
"net/http"
"strings"
"github.com/elazarl/goproxy"
)
func main() {
proxy := goproxy.NewProxyHttpServer()
proxy.Verbose = true
proxy.OnRequest(goproxy.DstHostIs("www.google.com")).HandleConnect(goproxy.AlwaysMitm)
proxy.OnRequest(goproxy.DstHostIs("www.google.com")).DoFunc(func(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
if strings.HasPrefix(r.URL.Path, "/maps") {
return r, goproxy.NewResponse(r, "text/plain", 403, "Forbidden")
}
return r, nil
})
log.Fatal(http.ListenAndServe(":8080", proxy))
}
curl -k -x localhost:8080 https://www.google.com/
curl -k -x localhost:8080 https://www.google.com/maps
curl -x localhost:8080 https://www.apple.com/
Remember to use your own cert rather than the hardcoded one in "production" (a trusted network like your home of course, probably a bad idea to expose it on the open Internet).
Does paying for YouTube Premium support creators? (If so, how much, compared to say Patreon?)
I don’t doubt any given YouTube premium subscription provides a negligible amount of income to a creator but watching their videos ad-blocked provides nothing.
(I use ublock on Zen and do not make enough money to be a Patron of anyone unfortunately)
it provides the view count, for which the creator reaps rewards from as part of the boost in the algorithm from youtube.
Not to mention that a lot of creators on youtube also do sponsored segments.
I use SponsorBlock and haven't had any issues. I enjoyed when it skipped 99% of an MKBHD video, it was kind of funny.
I admit I've marked segments on videos, e.g. skipping cringy jokes when I find the presenter annoying.
If so, then it is a plain case of internet vandalism. I would just ignore such segments.
But if the segments were marked correctly and there were too many of them in the video, that is the problem caused by the video creator, not by the community which publishes the segments.
> If you're a YouTube Premium member, you won't see ads, so we share your monthly membership fee with creators. Best of all, the more videos you watch from your favorite creators, the more money they make.
https://www.reddit.com/r/youtube/comments/177353i/you_should...
From what I see ad views tend to net about $1-5 per thousand views, or well under 1 cent per video.
Ie a creator makes 20-100 times as much per view from me rather than a typical viewer.
Im not sure how it works if you end up watching music on repeat for 200 hours a month and 10 hours of new content. Probably fairer than the way Spotify distributes my subscription fee.
I've heard this multiple times before, but every time I go hunting for a source from Google/YouTube, I cannot find any official statements or confirmed information about this, seems this is mostly based on 3rd party analysis afaik.
But for Premium the amount is distributed by watch time, whereas for ad-supported users it's by number of ad views. This means that for short videos where the value of the ad is higher then the value of the watch time, a "free" user wins, but for longer form videos where the watch time is longer, the Premium user wins.
LinusTechTips once showed the YouTube income breakdowns for some of their videos that showed this - for their hour+ long PC build streams, Premium income was higher and for shorter videos, Ads income was higher.
Yes. Recent info is sparse, but when they initially released it as Youtube Red it was generally much more than they got from ads per view.
It's based off of watch time rather than ad impressions so creators with long form content do a lot better from it.
Wonder what flag is set internally that disabled ads.
But of a “oh I see what people are complaining about” moment for me ;)
I don't run an adblocker and yet as long as I'm logged in, I get no ads. Not in the website nor in the mobile app. I don't have "turbo" and I don't even have amazon prime any more (which itself only very briefly suppressed adverts across twitch globally before they replaced it with a "Free sub" perk ). I don't have any of the other Turbo benefits, so it's not like I've been fully flagged as Turbo either.
I don't know if I accidentally bugged my account profile messing around back when they ran a bug bounty, but I'd happily provide more details in return for keeping this perk.
What's weird is that I vaguely remember once having a near-meltdown over the level of adverts on twitch when all I wanted to do was watch TV while I was heavily medicated and in pain in the hospital. Then some time a year or two later I was reflecting then suddenly realised I hadn't seen an advert for years.
I guess most likely there's some long forgotten ad-free A/B test that it's not worth cleaning up.
I've definitely benefitted over the years, I easily watch more twitch than any other platform. At £12/mo (roughly $15.50), twitch turbo is among the more expensive in the world. In the US and Europe it's $12 or €12, so we're getting straight ripped off in comparison.
That sounds about right. Different context but I once got on the good boy list at work by accident and it wasn’t fixed for about 6 month. On the first of every month I got a little corporate swag box in the mail thanking me for going “above and beyond”. Lots of cookies, blankets, coffee mugs and other trinkets.
Use a proxy server/VPN and go ad free.
This surprised me quite a bit because normally that shouldn't work, but then that surprise was exchanged for a different one, when I learned later down that you can add CAs to the certificate store of an Apple TV.
Nice and thorough writeup, thanks for sharing. A good carousel through the entire stack involved.
But they do not do it. They had so much time and opportunities to do that over the years. And yet, they did not do it.
I am not going to speculate why. But I suppose it is safe to assume that it is their intention to not do it.
yet. They are moving forward with measures. YT webpage player.js no longer fetches individual video/audio stream URLs. It fetches single bundle pre-packaged on the server. Its a POST request now with only one URL parameter changing &rn=x, where x increments with every request, and ~2000 byte binary encoded body.
It requests pre sliced segments in form of
"itag_251_type_3_src_reslicemakeSliceInfosMediaBytes_segsrc_reslicemakeSliceInfosMediaBytes_seg_492_range_77715493-77757871_time_4920.0-4922.6_off_0_len_42379"
"itag_251_type_3_src_reslicemakeSliceInfosMediaBytes_segsrc_reslicemakeSliceInfosMediaBytes_seg_492_range_77757872-77879973_time_4922.6-4930.0_off_42379_len_122102_end_1"
"itag_251_type_3_src_reslicemakeSliceInfosMediaBytes_segsrc_reslicemakeSliceInfosMediaBytes_seg_493_range_77879974-77987247_time_4930.0-4936.5_off_0_len_107274"
"itag_251_type_3_src_reslicemakeSliceInfosMediaBytes_segsrc_reslicemakeSliceInfosMediaBytes_seg_493_range_77987248-78044561_time_4936.5-4940.0_off_107274_len_57314_end_1"
A more clever developer could splice the ad into the video at an I frame, but then the ad needs to be a multiple of the number of frames that are both the I frame and follow the I frame. This also would mess with metadata on the length of the video that would need to be adjusted in advance. It is doable, but you give up flexibility and your HTTP sessions cease to be stateless. Then there is the need to handle splicing into audio and I do not know offhand if there is a cheap way of doing that at the server like you can do with video through I frame splicing.
It seems to me that they have lower server costs by doing things the current way.
They're not using it simply because it increases server and bandwidth costs. YouTube is still positioned as part of Google's "moat" by driving down video ad price so no one else can build an ad empire off video instead of being a profit generating division on its own.
> your HTTP sessions cease to be stateless
There's already pretty heavy magic around preventing people from simply grabbing all the HLS blocks, I think? All the work that yt-dlp does.
These identifiers could be collected automatically by plugins like SponsorBlock in a community effort and then combined together to identify parts which are common for every viewer, i.e. the ones representing the original video content.
In other words, it seems to me that even putting ads directly into a video stream would not prevent people from being able to block these ads.
Same. I would not have guessed that that's possible but I guess I never tried to access a resource without a valid certificate chain on Apple TV.
YouTube won't work on Chromecast if you're trying to MitM it, so clearly Google doesn't think this situation is worth making an exception for in their logic.
Certificate pinning (or rather, public key pinning) is technically obsolete and browsers themselves removed support for it in 2018. [1] Are there many apps still really using this?
[1]: https://en.m.wikipedia.org/wiki/HTTP_Public_Key_Pinning
The difference between HPKP and certificate pinning is that HPKP can pin certificates on the fly, whereas certificate pinning in apps is done by configuring the HTTPS client in the native application.
Apps like Facebook won't work on TLS MitM setups without using tools like Frida to kill he validation logic.
It's gotten less popular over the years as people keep asking "wait, what are we doing this for again?"; but it's still very popular in certain kinds of apps (anything banking related will almost certainly have it, along with easily broken and bypassed jailbreak detections, etc).
(The end customer isn’t liable for the bank’s inability to properly secure their app from MITM attacks…)
Not surprising for me - it used to be only banks where it was required (sometimes by law) that any and all communication be intercepted and logged, but this crap (that by definition breaks certificate pinning) is now getting rolled out to even small businesses as part of some cyber-insurance-mandated endpoint/whatever security solution.
And Youtube is obviously of the opinion that while bankers aren't enough of a target market to annoy with certificate pinning breaking their background music, ordinary F500 employees are a significant enough target market.
Looking forward to Americans being forced to install the DOGE-CA, X-CA or Truth-CA or whatever...
1) https://blog.mozilla.org/netpolicy/2020/12/18/kazakhstan-roo...
Aside from that, Android has a very easy certificate pinning API where you can just assign a fingerprint to a domain name in the XML config files and it'll pin a certificate to that domain. Easy to bypass if you modify the APK file, but then you miss out on updates and other mechanisms could check if the signature has been tampered with.
With root access (shouldn't be too hard to gain on an Android device still running 7) you can add your certificate to the root certificate folder on the system partition. This will make Let's Encrypt work on all apps. It doesn't bypass certificate pinning, of course, but you don't need there for Let's Encrypt.
The power of browsers and operating systems including the cert in the default store distributed to everyone. Participating in cert transparency is a requirement.
On top of blocking adds (which is great), I wish there were more / easier ways to do network-wide blocking of all sorts of aggressive infinite scrolling (in my case : youtube shorts and instagram reels).
I often like to go on instagram to see posts / stories from the people I follow and I don't want to be suggested stupid videos that are especially designed to catch my attention. I know it's probably revealing a lack of strength on my side, but yeah, I often fall for watching a few of them and loosing 15 minutes of my life.
You don’t have to use them and you could pay for them.
The users of the internet have made their call and they often don’t want to pay, so someone does.
As a whole the users of the internet are not rewarding anyone for NOT showing ads. We want our content and we want if for free generally.
For instance, I could pay for Youtube Premium to ostensibly not be shown ads, but it doesn't change the fact that all the content[^1] in the ecosystem is still produced for maximizing watch time and/or being advertisement friendly.
I could pay for news, but that doesn't change the fact that the news is written to receive clicks from the non-paying users.
Paying for things does not help escaping the second order effects of advertisement.
[^1]: To a close approximation.
Sure, there’s a lot of crap. But you don’t have to watch that.
The way people complain, I genuinely think they don't know about this option.
For example, Mr. Beast content isn't for me. But I was also living blissfully under a rock for years without knowing who the heck he was. Now that I know about him I simply don't click on his content and therefore never see it in my feed.
"But what if I click by accident?" - glad you asked. Simply delete it from your watch history and see your recommendations improve.
But even non-crappy content will be steered toward some direction by the advertisement, most videos are made just long enough to fit whatever is the new optimum time for revenue per view. And some subject will be censored to not displease advertisers.
Some people are not doing that, but it's simply because they don't rely on YouTube revenues.
Reddit is still awesome if you curate your subscriptions and avoid the big subs.
Is it cherry picking to say Reddit is awesome because I’ve carefully made it that way?
> Sure if you ignore everything wrong, you can say the system is alright.
This framing doesn’t make sense. It’s an ecosystem, and it’s not so much about “ignoring” things as much as it is about making active choices. If you go to a shopping district, there is nothing forcing you to shop at every store. If the district still has the stores you care about, shop at them.
There ton of people that won't go to some shopping districts because the rest of the area is an intolerable mess.
In the same spirit, look a Twitter/X, sure, there still plenty of people making good content there, but you can't deny that the website policies are steering it in a peculiar direction, and lot of users choose to leave Twitter entirely to not be complicit.
But there is still a major difference between “this shopping area is mostly stores I don’t care about but has a few that I care about significantly” and “this shopping center is a complete nightmare and not worth wading through the nightmare for the the few stores I care about.”
I can easily think of a few real places in my city that fit into each category.
YouTube is still arguably in the first category.
I'm not paying for YouTube, really. I'm paying for access to the output of various creators. The service also includes access to a bunch of other creators I'm not interested in. And that's fine, I don't access them, just like I pay Verizon and T-Mobile but don't use their service to access instagram.com.
I mean, yeah! Cherry-picking is the entire point of an on-demand video service. Are you just watching whatever it gives you in order? I seriously cannot comprehend what would possess someone to write this.
I’ve been unsubscribing from folks who do that a lot. Instant unsubscribe if the product is questionable.
I’m not going to judge their business decision, but it tea sets an odd tone when I’m watching something informative and they bust out into a “someone paid me to say this”.
And when you're at it, ublock origin also skips the youtube ads.
There's also: https://freetubeapp.io/ , but it's a constant cat and mouse game with youtube, where you now have to refresh a video a few times before it starts playing (then it works fine), until they upgrade the software and then it works, until youtube changes something again.
So that's who you want to show ads to.
And do you know a proxy for "have money"? Paying for premium, when there is free.
Therefore, every time you pay for premium, all the advertisers look and say "I'd pay a lot to show ads to that guy". At some point, the premium service includes ads, because of so much potential extra revenue!
And that's why I don't pay for premium.
If they do that thing then just cancel! It's incredibly easy to do!
Worst, your money was partially used against your interest, by financing people unilaterally altering a contract they made with you.
This is such a bizarre way of looking at something. I've canceled many subscriptions because of changes made by the company and I never felt like the time I already paid for was a waste. I got the thing I was paying for, then it changed in a way I felt like it was no longer worth paying for so I stopped. It doesn't change the time I was using it at all.
If a company taking your money and using it to make the service works is your line in the sand I've got bad news for you about how almost every single companies uses the money you pay them.
The whole point of a subscription is to support an ongoing service _to you_, if your money is used to enshitify the service and make it work _against you_, there no point of paying it altogether, you will be better serve by piracy (as you don't provide them with money to enshitify it, nor to lobby against your interests).
It’s rather entitled to think that your monthly payment gives you some kind of veto authority over their product plan. If you don’t like how they run their business, that doesn’t magically create the right to use their work on your terms.
I didn't ask for that content. I don't understand why I have to pay it.
The mental gymnastics people employ to not pay for content with either money or ad impressions is just silly.
That's just not true. There is an enormous amount of content on YouTube right now, which is made chiefly with quality in mind, by some of the most professional people in the industry. There's more than you could watch even if you watched for a thousand years.
You just have to use the like/dislike and subscribe functions, so the algorithm knows what you want.
As users of these services as a whole we reward this kinda thing and then are upset when it happens again.
I don’t like any of this situation but I also think the user’s choices incentivize it.
This ensures that people start and stop subscriptions just to watch a single series, instead of sticking with a single service all year.
Never pays to avoid ad, block them or get the content by other means. It's akin to "never negotiate with terrorists" or "never pay ransom", you have to remove the incentive.
> The users of the internet have made their call and they often don't want to pay, so someone does.
Just because YouTube users put up with a broken system doesn't mean it's the correct, fair, or ethical approach. Beyond that many of the views are curated via algorithms that intentionally work against the user with an end goal to hold them in a viewing state regardless of the users original intent. With that in mind users should use tools against those malpractices and not feel bad about not paying for them. If someone is intentionally trying to manipulate you, what's stopping you from doing the same?
If Google were a fair and ethical company I think treating them the same would be more in line with your response. However, they are not.
Ads aren’t “forced” upon YouTube users, people have the option to pay but they just don’t want to pay.
They can always change it, but then there are legal consequences of making it a financial transaction.
Not that it matters: I pay for the bandwidth and hardware too. So I decide what it serves and runs.
Option (1) does not block infinite scrolling content, it only removes adds. So this is missing the point. All i want is to not see these dumb shorts videos that I genuinely give no fuck about, but that manages to catch my attention regardless.
Then sure, I can always delete my social accounts, and ultimately i might end up doing it. But let me try to explain why I think this is difficult, and also unfair.
I give 2 purposes to these social networks: First, they play a role in personal-life balance as a way to be more integrated in my group of friends / local communities. Second, they play a role as citizen of my region (in my case, France and switzerland) by being a (sorta reliable) source of information through following accounts and newspapper on them.
Initially, none of these social-networks came with this super-fast / addictive content. They only started to integrate it, in my experience, since 5 years. So it seems to me that these companies have broke the initial contract that they "sold" to us: to connect with our friends & communities and to allow us to follow a specific set of public influencers.
I guess that I am mad that we, as a society, have allowed these companies to gain such an important role in our daily lifes (social life and public life) that they can now say : we will allow you to interact with some of our friends, but you will also have to watch our stupid videos... And unfortunaltey, it's not easy at all to spin up a concurrent social networks that would be full-filling this initial contract. Probably lots of people actually like to scroll on insta Reels and youtube Shorts.
My recommendations never shows any low quality content. All you have to do is like good stuff, dislike bad stuff, and subscribe to good channels. The algorithm works surprisingly well.
> we, as a society
There is no we and there has never been. You have to start taking responsibility for your own actions.
For Android there's an App called Revanced that let's you apply patches on certain commercial apps like YouTube or Twitter modifying their behavior, and for example block shorts. See the patches available for YouTube in [1]. I'm still pending to test it, but if you do, go to their official site [2], or even better, to their GitHub releases [3] as it seems like there are a good bunch of scammy sites using their name.
--
0: https://addons.mozilla.org/ru/firefox/user/17777732/
1: https://revanced.app/patches?pkg=com.google.android.youtube
2: https://revanced.app/
3: https://github.com/ReVanced/revanced-manager/releasesSo passing to yt-dlp would be traceable back to me in that case.
Definitely wasn’t cookies that’s what surprised me.
Not that it should matter I don’t think I’m the one at fault here.
I think these tactics exploit our natural sense of curiosity and the aesthetics that surround it. So I don't think it's so much a lack of strength, but more of a jadedness we have build up and I think that's pretty bad. I respect the effort and creativity it takes to fight back and make the platform work for us instead of vice versa.
I've setup ad-filtering using pihole, where possible, but I'd prefer not to block youtube as a whole. But I'm definitely considering that in the future, to protect my family.
If you're on iOS, set a time limit (Settings → Screen Time → App Limits → Instagram). Doesn't stop the initial scrolling but the "you've run out of time" pop-up is a good breakpoint. You can bypass it and give yourself another 15 minutes but making that choice is also a good breakpoint / reinforcement.
I don't know how long it's going to last though, with the current trend of rug pulls and enshittification.
Sure but traditionally this was a purely legal mechanism. There was no technological measure preventing you from copying a book, only a legal threat looming over _what_ you do with the copy.
Nowadays we have this very corporate-positive situation where copyright holders have their cake by embedding DRM and eat it too by leveraging the DMCA to prevent DRM circumventions. So you can be screwed even if you only want to take private screenshots, make backups, or exercise fair use.
FWIW, I am no longer paying for netflix.
As far as youtube's wishes go, I don't think people should have much concern for a company that's engaged in predatory pricing for years to develop a monopoly through network effects.
This actually gets to the core of my sentiment. I am influenced by these systems, but I can't directly influence them back. I don't know if this is somehow wrong in principle, but I definitely want more.
Opting out of viewing is directly influencing.
There's potentially millions of viewers, there's no magic influence that you'd ever notice.
The real problem here is that the AppleTV experience is so much worse than an ordinary web browser experience. Apple locked the hardware down to the point that it benefits YouTube’s ad profits more than it benefits the end consumer who pays for it.
Same with browsing the web on an iPad outside of the home pi-hole'd network. Howwww do people deal with this every day?
The iPad is a work-issued device so I don't often use it for personal things. Every time I do it's a reminder of how irritating it is to do so.
It's kindof odd; before being issued an iPad I thought they were only useful as content consumption devices. Turns out it's super handy for quick remote access to work resources but locked to an ad-infested wasteland for general web browsing and streaming media. Who knew?
There is an arms race between YouTube and Invidious. From time to time Invidious is not working, but the team has always found new ways to circumvent YouTube and deliver the videos without ads.
The UX is not great, though.
And while there are still ads (sponsored segments) I personally have less problem with those since those are substantial money for the creators I enjoy, and a lot of the ones I watch actually manage to make them pretty funny. And hell, a couple I've even used their codes for shit over the years for. Like, an ad is an ad and some people hate all of them, but I can personally say I've engaged with ads from creators I like at an exceptional rate compared to... virtually every other type of advertising I've ever encountered.
Youtube is one of the platforms where I find real value, usually in making/maintaining/repairing things, being able to skip through videos to find answers without worrying about ads definitely saves me significant time and therefore money.
They cram ads into podcast episodes which themselves also have ads, so you'll get the read ads + Spotify's local ads + Spotify laughs all the way to the bank.
I believe over time not having ads will be a thing of the past, and you'll instead pay for fewer ads. Like where else are people going to go for exclusive content?
Moved to Apple Music and so far so good.
FWIW, I don't think Spotify makes much, if any, money lol
The issue is that the current streaming services have cost billions to develop and companies and investors want that money back, times a 100. The money hasn't gone into a long term product that people will be happy with for decades, it has gone into a product that needs to return large chunk of money in a short time frame (and cover up other failed ventures).
per their financial statements, about 150Mio in operating profits per quarter. Gross profit of 1.000Mio per quarter.
I'd like to have that kind of "not much money"
But what's happening is that companies are degrading the basic experience and expecting people to either be OK with it (like Roku's increasingly intrusive ad experience) or to pay up to avoid it (like with YouTube).
As an aside, the fact that people pay for cable and still have 4-7 minute ad-breaks every 15 minutes make anything YouTube does pale in comparison.
I also don't like companies aggressively trying to get me to buy stuff I don't want. Show a static image on the right somewhere with a link. Hell, show a dozen of them. Still less intrusive than an ad that shows up while you're in the middle of a video.
But the poor ad companies are apparently on the brink of bankruptcy based on how hard they are pushing things. Just a little bit of composure or any respect for the people that they are pushing these on and I'd have a different viewpoint. But they are always all-in on this.
I won't pay for YouTube because the consistency of YouTube is massively variable. Sometimes channels I watch skip 6 months between videos. When I do watch stuff its usually in the background or when I just have a few minutes spare. Spending money to fill that time is unjustifiable unless it's a really low amount, and YouTube Premium isn't low enough yet.
Oddly though, if I could buy 100 'skip this ad' tokens for $10 that I could use when I'm pushed for time, but just suffer the ads when I'm not, I'd seriously consider it.
Careful... In the Kingdom of the Netherlands your comment will be considered by a court of law as aggravated assault.
Having the ability to tell a company enough is a enough serves as a ceiling for bullshit.
It's just like vehicles. There isn't a single vehicle sold in my market that I would pay anything for (ok, maybe the Ford Maverick). There's a bunch in other markets (Europe, South America, Asia), just not mine.
If the content is so bad, then why the need to pirate it?
I will say the Criterion Channel is excellent and I do subscribe to them.
I can't stress enough how it is soooo much better in terms of what type of content I consume now. Mr-Beast-cutting-style dumb videos ain't stand a chance to get my attention now.
Ironically, the author built it to be a children-safe environment to consume YouTube.
Movies are not an issue, there's piracy, music is not an issue, there's piracy, books are not an issue, there are libraries... and piracy, but youtube is still limited, and the only way to avoid the ads is to buy another device (computer), thus turning pretty much any smarttv (with features you paid for) into a dumb display (that you mostly cannot even buy anymore).
YouTube premium is cheaper than another computer and works on all devices.
- Not consuming exploitative entertainment
- "Piracy"
But, the good news is there are two alternatives for all of the above... pay for the content. Or, don't consume the content.
Now, it's impossible to buy media in many cases, even if you click "buy", it might be gone after a month, because some contract somewhere expires, there are ads even in paid plans, there are limits, to what I can do with that media, and more and more services require you to continue paying for content you already "bought".
When they fix the "buy" button to actually mean "buy", and when they remove ads from "no ads" plans, i might reconsider. Until then, they're not getting any of my money anyway, piracy or not.
This pretty much sums it up for me. I lost so much money over the years for so much content I technically should still "own access to".
And not just media, games and books, too. It's so ridiculous how important things like anna's archive have become because otherwise science would be so crippled that it wouldn't even function anymore.
EDITED for tone.
---
Meta, however, is hoping to convince the court that torrenting is not in and of itself illegal, but is, rather, a "widely-used protocol to download large files." According to Meta, the decision to download the pirated books dataset from pirate libraries like LibGen and Z-Library was simply a move to access "data from a 'well-known online repository' that was publicly available via torrents."
To defend its torrenting, Meta has basically scrubbed the word "pirate" from the characterization of its activity. The company alleges that authors can't claim that Meta gained unauthorized access to their data under CDAFA. Instead, all they can claim is that "Meta allegedly accessed and downloaded datasets that Plaintiffs did not create, containing the text of published books that anyone can read in a public library, from public websites Plaintiffs do not operate or own." While Meta may claim there's no evidence of seeding, there is some testimony that might be compelling to the court. Previously, a Meta executive in charge of project management, Michael Clark, had testified that Meta allegedly modified torrenting settings "so that the smallest amount of seeding possible could occur," which seems to support authors' claims that some seeding occurred. And an internal message from Meta researcher Frank Zhang appeared to show that Meta allegedly tried to conceal the seeding by not using Facebook servers while downloading the dataset to "avoid" the "risk" of anyone "tracing back the seeder/downloader" from Facebook servers. Once this information came to light, authors asked the court for a chance to depose Meta executives again, alleging that new facts "contradict prior deposition testimony."
Sure they do. The amount they get paid might not be enough. But by pirating, your guarantee the creator gets nothing at all. So... I stand by my statement. But, I will definitely agree that the whole "digital media" economy is fundamentally broken and hostile to both creators and consumers.
> the whole "digital media" economy is fundamentally broken and hostile to both creators and consumers.
This is why I think it's actually our moral imperative to not pay into this system wherever possible. (But personally, I choose to not consume rather than pirate. I'll pirate something to check it out. If it's nice, I'll buy it.)
Fu** you to all Golden-cage devices like Apple, Samsung, etc.
- Comes with a simple remote control which in addition to controlling the AppleTV also allows muting and changing the volume of your TV. As someone who uses my TV exclusively with the AppleTV this means my TV's remote simply sits in a cupboard.
- If you have an iPhone you can use it as a remote over WiFi, I do this all the time to turn off the TV from a room over when the kids need to stop watching. The iPhone can also act as a remote keyboard which can be very convenient for text input.
- The voice search feature works very well in my experience. The remote has a mic in it and you simply hold one button and dictate what you're searching for and 99% of the time for me it works perfectly.
- It's very fast and responsive, allows quick and easy switching between apps.
- It's popular such that any streaming provider probably has an app for it.
In the past, I used gaming consoles to stream, which I thought worked well.
I finally, angrily caved and bought an Apple TV because I had an app (LFC TV) that would only stream via AirPlay. After using it for a bit, I have to say I love the thing.
I liked it so much that I bought a second for my other TV.
Reasons:
- Build quality. The remote is machined aluminum and feels like a weapon.
- HDMI CEC implementation. I used HCMI CEC on the consoles I owned, but there was always something that didn't work quite right. The Apple TV seems to nail it on both setups I have YMMV.
- AirPlay. This one makes me a little angry, but if you find a need to stream from an iPhone, the Apple TV is pretty much the only game in town.
I'm based in Australia so maybe it's a region thing?
Having done the Windows Media Center version of that: it sucks a lot. Remote-control friendly interfaces are actually hard.
https://www.amazon.com/Wireless-Keyboard-W1-Multifunctional-...
With modern smart TVs I don't think you need any external boxes, but if you like to separate the smart from the TV, I don't think there are that many better options than either Apple TV or Chromecast with Android TV, depending on what tech company you'd like to share your data with.
I'm currently watching Canadian and world championship curling, and the rights-holder in Canada (TSN) has a website that logs me out between every single game.
Otherwise I watch mostly Plex, and while there is a 10-foot interface (Plex HTPC), for whatever reason it stops my PC from sleeping when content is paused, so I'm forced to use the non-HTPC interface.
When watching TV, people enjoy using a remote to navigate the interface, instead of with keyboard/mouse/trackpad, potentially having to get up and go to the laptop to do that.
Neat post to learn about the current way the video stream works.
Has anyone else found enough utility in paying for a YouTube premium acct maybe for their entire household vs other streaming services?
And clearly all these "reasoning" LLMs trained heavily on Eric Draken's refreshingly introspective monologue full of interjections and discoveries.
I’ll probably cancel it soon, only because I need to stop watching so much of this stuff, and I need to get rid of things in life that I shouldn’t be paying for. Once I do that, I’ll never be able to watch YouTube again, because it was unbearable with the number of ads injected. I hate being reminded over and over that I am nothing but a consumer that they try to influence with ads over, amd over, and over, and over.
Off-topic, I recently got another free month of Amazon prime. I was watching some shows on there, and the ads are f’n annoying there too. I can’t believe they make people pay more now to remove the ads. I’ll never pay for Prime in any fashion.
1. Sponsored in-video ads.
2. Ad overlays on videos (at the discretion of content creators).
3. Merchandise store ads below videos (also at the discretion of content creators).
4. YouTube and Google ads for various products and services in the video feed.
For me it’s the best middle ground. I pay one bill, everyone gets paid.
The ability to download videos is super duper useful, and the higher streaming quality is a nice extra.
But most of all, no ads while still rewarding the creators I watch is great.
I went back to my PC and immediately cancelled my subscription. That is a restriction that I don't have when I am not paying anything at all.
There were plenty of platforms out there that could not rely on Google's bottomless coffers to sustain their operation. Were you paying for those as well?
If DancingBacons posted other places, I'd go other places.
Saying something like this completely ignores the realities of network effect.
Why hack your Apple TV like this, so you can afford an Apple TV but not YT premium? Or just use adblocker.
For movies yea Bittorrent is alive and well not that I would know :)
How many months of YT Premium does it take to exceed the cost of the Apple TV? They're like $150...
However, as we all know, it's basically a monopoly.
Because we are hackers and everything we don't like (or don't want to pay for) is automatically a "monopoly".
On Reddit, all the subreddits are constantly bombarded with Trump/Elon/Political content and there is currently no way to mute that content on mobile.
It would be cool if someone can come up with a raspberry pi based system to do this for reddit.
Also Hacker News community: F paying for the service, let's block the ads instead and get the service for free.
Why hack your Apple TV like this, so you can afford an Apple TV but not YT Premium? Or just use adblocker ublcok origin with a PC then instead.
For movies yea Bittorrent is alive and well not that I would know :)
Fixed that for you.