My understanding is that a specific binary needs to become popular for it to stop being flagged. This creates a chicken and egg problem. Users are not incentivized to use the program with the warning. But removing the warning requires many people to ignore the warning.
This is a big problem for anyone writing Windows software. An indie developer or small open source project is not going to do well with this.
Because AFAIK SmartScreen only applies to software downloaded outside the Microsoft Store.
Come to think of it, I suppose it does incentivize distribution through the Store, so you make a good point.
Given the recent npm axios compromise this sounds like a pretty smart move?
And I've seen other less tech inclined people click right through these without a moment's thought. They think it's just one of those things computers have to complain about.
https://stackoverflow.com/questions/48946680/how-to-avoid-th...
Maybe have overlapping sets of certificates and dual sign your binaries? That way there's always an "aged" certificate available.
EV was always going to be abused. It started out promising to be a human verified, $10k cert that meant you were GUARANTEED to be who it said you were. Now I can get one for a couple hundred bucks.
The solution is to separate identity from encryption. They never should have been linked.
Not sure of the exact number, but the "nowadays" here is more than a decade.
scans of it are fine.
probably just a heuristic-based false-positive, and not a news-worthy story of chrome abusing their monopoly or whatever.
The only speed bump that I find super annoying is when your browser tries to prevent you from going to a site with an incorrectly configured certificate (or a self signed certificate). The UX browsers make you navigate in this case is extra-horrible. Apparently, my use of a self-signed certificate for some local machines means I'm about to die.
Atleast in a corporate environment, they help
Google is terrified of users having access users control to their video content.
https://www.vice.com/en/article/youtube-tells-open-source-pr...
The only reason why we even know YouTube "has DRM" is because third parties have been able to plausibly allege DMCA 1201 circumvention claims against yt-dlp regarding a nebulously named "rolling cipher". These are not actual court findings of fact, just that you can say this in a legal filing and not immediately get your case thrown out on summary judgment. Which is a really low bar. Whether or not the rolling cipher actually qualifies as DRM is still an open question.
The way DMCA 1201 is written, basically anything intended to function as copy protection is considered DRM under the law. Like, those really annoying no-right-click scripts people used to put on sites probably could be argued to be DRM under DMCA 1201. However, in this case, there's a disconnect between the people offering the DRM (who don't actually claim it's DRM) and the people using it as DRM.
But as others have pointed out, it's probably a coincidence in this case. But who knows.
Dangerous download blocked yt-dlp_win_x86.zip is not commonly downloaded and may be dangerous. [Discard] [Keep]
I use a telegram/mqtt/homeassistant wrapper (1) to let my mother download audiobooks which are saved in jellyfin so she can listen or download them from my (home)server.
Keeping yt-dlp up2date (and therefore) working is not that easy, especially since I dont systemupdate every other week. There were a few phases yt-dlp version in nixpkgs-unstable were just not working. I created a little wrapper that updates a venv so I always have the HEAD running for my bot.
I'm equally not "surprised" by their bad behavior, but that shouldn't stop us from condemning Google for unethically misleading people and engaging in browser monopoly abuse.
---
EDIT: holding up (hilariously) RIAA lawyers as ethical role models only proves my point, thanks.
Our fantasy land gets better every time your reality gets worse.
...legitimately. While Google (I will reinforce: Google, not everyone) sees downloading of the videos and other content from the YouTube by third-party services as illegitimate because of YouTube's ToS. After all, they're making money from the YouTube Premium and "Download" option provided by it, so things like that are kinda expected to happen.
And no, I don't agree that it's right. While I can understand the position of Google, the method they (allegedly) used here... Well... I don't even know what to say. That's plainly wrong, in my opinion. After all, "download" is defined as "To transfer (data or a program) from a central computer or website to a peripheral computer or device." by The American Heritage Dictionary of the English Language (5th Edition), so when you just watch videos, you download them already, don't you? What about watching them in browser, somewhere in embed on some website? Does that constitute a legitimate client (I guess so, because most of embeds still use YouTube Player after all)? That just makes me laugh : )
Google is such an evil company, it is not even provided anything great anymore.
Anti-gravity paid plans suck, GCP is billing heavy. Today google sucks at most things
Their Android playstore hardly updates statistics once a day, so much for such a big data company with unlimited sources lol
It's also a tool used by e.g. journalists and government agencies that dabble in stuff like research and evidence, and it would probably be more cumbersome for everyone involved if Google instead had to process requests and provide copies of material for these purposes.
Otherwise they'd probably have made life much harder for the yt-dlp-developers already. Not that I think they're nice in any way, but I don't think they're seriously trying to fully eradicate yt-dlp or related software.
[1] https://github.com/yt-dlp/yt-dlp/releases/tag/2026.03.17
Ooooh, this is an executable, THAT'S VERY DANGEROUS! Are you sure you want to download it? Hmmmph?
uvx yt-dlp <yt_url>
firefox sadly is still what you should use.
For all of the (valid) criticism against FF, it's still the best available browser that's not just an experiment IMHO.
Edit to add: part of the switch back is that FF now supports, to some degree, all the features I was using Zen for: vertical tabs (needs customization but works well enough), custom search "engines" (ie, shortcuts), split view, not-Chrome
I don't want to burn out my battery quicker than usual, so I was forced to switch off. I'm currently trying Orion instead and have been loving it - aside from several poorly implemented websites just not working on it. And the Cloudflare false positives, but that's as much or more an issue on Zen.
I don't use macOS anymore, but when I did I used Firefox without missing out on anything Safari would have given me. Now that I've abandoned macOS I don't think I can name one advantage of installing a WebKit browser on my system versus something Chromium-based.
Google needs to be at least what four companies.. gcp, youtube, search, workspaces...
Apple needs to be at least two hardware/os, music/tv+
Microsoft, meta, etc, Monopolies are bad and our SEC/FTC/Government is doing a poor job of controlling them. At least as equally trecherous are these businesses that overly vertically integrate... anyways, we're fucked.
Then they stole it all for profit.
Probably not the first time in history this has happened.
> Comments should get more thoughtful and substantive, not less, as a topic gets more divisive.
none of that here
> Don't be curmudgeonly. Thoughtful criticism is fine, but please don't be rigidly or generically negative.
not followed here
> Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith.
none of that there
> Eschew flamebait. Avoid generic tangents. Omit internet tropes.
Lots of that here
The system is clearly automated. As others have pointed out, they've been able to download without incident. As other have also pointed out, Firefox also warns. The warning is reasonable, claiming that something isn't downloaded often is true, until it isn't. A few more downloads and the warning will likely go away.
Nothing to see here except a Google hater mis-interpreting something and the posting ragebait.