fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Angry YouTube-dl Users Flood GitHub With New Repos After Takedown

Angry YouTube-dl Users Flood GitHub With New Repos After Takedown

Users of the extremely popular YouTube-dl YouTube media downloader have flooded GitHub with new repositories containing the tool’s source code after GitHub took down the project’s repositories on Friday.

YouTube-dl is a command-line program that can be used to download multimedia content from YouTube and several other sites; before being removed, it used GitHub to host source code and compiled executables.

The utility is also used by journalists for various reporting tasks including downloading press releases, videos, and audio transcriptions.

On October 23, 2020, GitHub took down YouTube-dl’s repositories due to a DMCA (Digital Millennium Copyright Act) infringement notice filed by Recording Industry Association of America (RIAA), an organization that represents the recording industry in the U.S.

Before being removed, YouTube-dl’s repo was in the top 40 most starred GitHub repositories with more than 72,000 stars, between Node.js and Kubernetes.

Also Read: PDPA Breach Penalty Singapore: How Can Businesses Prevent

RIAA meet the Streisand effect

When trying to visit the original YouTube-dl GitHub repo or any of the other more than a dozen forks that were removed, you will see a message stating that the “Repository unavailable due to DMCA takedown.”

“We have disabled public access to the repository. The notice has been publicly posted,” the DMCA takedown notice also reads.

While almost everyone was expecting blowback from YouTube-dl’s angered users due to the Streisand effect, the number of new repos that showed up on the version control platform has surpassed most people’s expectations.

By targeting the project, the RIAA inadvertently exposed the project to a huge amount of new people given that YouTube-dl users and fans took to social media platforms and shared the story with tens of millions of other people.

As shown when doing a quick search for YouTube-dl, GitHub now hosts hundreds of new repositories containing the source code of the YouTube downloader or related to it (when using no search filters, thousands of such repos show up).

New youtube-dl GitHub repos

GitHub repo now also hosting YouTube-dl’s source code

Besides the huge number of new YouTube-dl repos that popped up since October 23, a copy of YouTube-dl’s source code was also added to an official GitHub repository used for hosting received DMCA takedown notices.

The user who committed the source code used a bug allowing anyone to attach commits to repos they don’t control.

According to security engineer Lance R. Vick, this is a known issue previously reported to GitHub that the company’s security team chose to ignore.

The problem with YouTube-dl’s takedown is that it sets a dangerous precedent when it comes to removing other repositories of software that isn’t violating copyright.

Also Read: Data Protection Authority GDPR: Everything You Need To Know

Ricardo Garcia, the original creator of YouTube-dl and a former project maintainer (between 2006 and 2011), now part of the ytdl-org group that managed the GitHub repo, told BleepingComputer that he didn’t receive any legal threats prior to the takedown.

“I don’t have a general statement on the current situation other than a personal opinion that it is indeed unfortunate that the repository is currently blocked,” Garcia said.

“Other people have also expressed this idea much more eloquently than I ever could. See for example the following article by the Freedom of the Press Foundation: https://freedom.press/news/riaa-github-youtube-dl-journalist-tool/.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us