The issue is that the problem is systemic and there is just too many of them to just weed out and ban the channels. The only way to fix issues like this is to change the culture around the way the bots make money so it isn’t beneficial for them to do it anymore.
1 Like
Can’t just assign a unique thing to uploaded videos and weed out any newly uploaded videos that have that same unique thing?
1 Like
its not worth the processing power when most videos get 1-2 views and makes little to no money. Why spend the $0.05 on trying to ID and tag the video when it does not even return that much money. There are also other simple ways around that like just scaling the video a small amount, making it slightly blurry, putting a watermark on a small part of it, etc.
This solves 2 things. It removes a fairly large portion of the demonetization problem where the bot channels are just straight up pirating content and making money off of it and it prevents the bot channels from exsisting in the first place preventing them from making money
1 Like
(AI bird painter)
The Ai that paints birds is using a technique that isn’t that far removed from what some concept artists use. It’s a layering technique; where you begin by creating a background that is pretty much a suggestion of structure that sets a mood and lighting dynamics. Then layers of detail are added to it.
(BitCoin)
A lot of flux should probably be expected with BitCoin right now. There needs to be some incentive to grow the network. As it stands, the overwhelmed network is making the miners a lot of money; via transaction fees. Large dips may cause something to give. Not sure, but maybe.
3 Likes
It really doesn’t. Bots will sub to bots and bots will “watch” videos. 
Still Using my lg-g3 =) new battery but its still faster than my laptop o.0
2 Likes
The opening joke should have been a joke inside another joke.
blah blah non essential personnel blah no more humans… we are robots.
I thought they already spent time scanning videos for automatic content ID and matching audio?
1 Like
If you are curious about undocumented instructions
Breaking the x86 Instruction Set
GMail ad profile
About half a year ago, Google stopped using emails for ad profile data:
Drone lifeguard
isn’t that a scene from The Circle?
Call centre software
I have to ask @ryan, did you add shibboleet support?
2 Likes
Content ID is a technical solution to a social problem. Sure it helps but they are always way around the blocking mechanisms and we know how bad YouTubes content ID system can be. This should prove much more effective as YouTube won’t have to rely on the content ID system to police the bot channels because it wouldn’t be profitable for them to exist anymore.
Plastic pizza? It already exists… its called Little Caesar’s
2 Likes
Still not working for me. Download fails at 58.1MB on muh Android.
Just did a manual refresh. Podlisten lists today’s episode as 8MB (usually they are around 60-80MB) and says it was uploaded 15 hours ago. Looks like the file wasn’t updated on the server. (I did point Podlisten to https://level1techs.com/podcasts/feed)
Already watched it, so I hadn’t noticed that until just now.
trying now https://level1techs.com/system/files/audio/normal/GR7E9O0UiCY.mp3 I am past the 8 min mark but I need to allow random seeks on the mp3 so skipahead works
3 Likes
Yup, now it’s seeing (and downloading) a 60MB file.
EDIT : I started it and moved my slider to around 2/3 of the audio track, which made me listen to the GM/Waymo/Tesla self-driving thing around the 1h mark. Seems like it’s solved now.
Works now. Thanks buddy!
1 Like
So were all of those people on porn hub watching porn, or watching pirated content before the false alarm in Hawaii hit?
Also, Ryan brought up an interesting thing about insurance companies controlling peoples self-driving cars with Logitech gaming wheels. I wonder if it would be possible to hack a PC gaming wheel and pedals into a self driving car for manual control?
Or what about car thieves that can get into the driving software via WiFi or wireless or whatever and hijack the car with a PC and a logitech gaming wheel?
Appreciate the talk about PCI DSS compliance by @wendell @ryan as I’ve spent a chunk of my career working on complex eCommerce solutions — typically interfacing legacy (warehousing/logistics) backends with a modern site solution. It is super simple (as you know) to interface form input in JS.
What we’d need is a new browser API - ‘sandboxed’ input fields (does this exist, I haven’t checked?). So the browser encrypts the data, and the encrypted payload is sent to the backend - here’s a quick demo of that aspect -
Gist link: https://gist.github.com/bsodmike/4d25c4dc4407644127aea02aa558a2e1
# Copyright (c) 2018 Michael de Silva, CTO Secure Cloud Solutions (siliconcloud.tech) & Inertialbox (inertialbox.com)
# Blog: mwdesilva.com // Expertise: desilva.io // Twitter: @bsodmike
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
require 'psych'
require 'openssl'
class BrowserSimulator
def initialize(api)
@api = api
end
end
class SandboxApi
def initialize(encrypted_card)
@encrypted_card = encrypted_card
end
def decrypt_card(encryptor, iv, salt, password)
encryptor.decrypt(iv, salt, password, @encrypted_card)
end
end
class Encryptor
def initialize
@cipher = OpenSSL::Cipher.new 'AES-128-CBC'
@cipher.encrypt
@iv = @cipher.random_iv
end
def encrypt(payload, password)
salt = OpenSSL::Random.random_bytes 16
iter = 20000
key_len = @cipher.key_len
digest = OpenSSL::Digest::SHA256.new
key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
@cipher.key = key
encrypted = @cipher.update payload
encrypted << @cipher.final
{
iv: @iv,
salt: salt,
encrypted: encrypted
}
end
def decrypt(iv, salt, password, encrypted)
cipher = OpenSSL::Cipher.new 'AES-128-CBC'
cipher.decrypt
cipher.iv = iv # the one generated with #random_iv
salt = salt
iter = 20000
key_len = cipher.key_len
digest = OpenSSL::Digest::SHA256.new
key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iter, key_len, digest)
cipher.key = key
decrypted = cipher.update encrypted
decrypted << cipher.final
end
end
card = {
merchant: 'AMEX',
card_number: '1234123412341234',
name: 'Mr. Krzanich Meltdown'
}
puts "Card object (Hash), to be encrypted\n"
puts card
serialised_card = Psych.dump(card)
encryptor = Encryptor.new
password = 'e6279ea77e8aa17bd530d047d4a555e6c9708fffe90c248d9f818429e3e16b13'
puts "\n\nPassword used to encrypt card details: #{password}"
# Serialise card object to YAML first.
encrypted_hsh = encryptor.encrypt(serialised_card, password)
# This is only exposed here for POC's sake to be quick.
encryption_iv = encrypted_hsh[:iv]
encryption_salt = encrypted_hsh[:salt]
api = SandboxApi.new(encrypted_hsh[:encrypted])
puts "\n**** Transmit Encrypted card payload to backend\n #{encrypted_hsh[:encrypted]}\n****\n\n"
decrypted = api.decrypt_card(encryptor, encryption_iv, encryption_salt, password)
card = Psych.load decrypted
puts "Decrypting card payload\n"
puts card
When run this is the output-
-> % ruby secure_forms.rb
Card object (Hash), to be encrypted
{:merchant=>"AMEX", :card_number=>"1234123412341234", :name=>"Mr. Krzanich Meltdown"}
Password used to encrypt card details: e6279ea77e8aa17bd530d047d4a555e6c9708fffe90c248d9f818429e3e16b13
**** Transmit Encrypted card payload to backend
�~x�x !:<�Қ'XM;����%�3h����k���|�<��U���0��v��}�xeBКI���E�0T����}|�TH�P��-��*
****
Decrypting card payload
{:merchant=>"AMEX", :card_number=>"1234123412341234", :name=>"Mr. Krzanich Meltdown"}
The private key should be held client side. I wonder if this could work as I’m spitballing here - once the XHR request is done, the backend could make a websockets connection to the client offering the token, for the client to decrypt and return the “actual value”. I’d assume the “session” could help here to provide context, or storing some reference in say Redis etc.
Do bare in mind - I’m highly sleep deprived so I haven’t most likely thought this through fully.
TL;DR the current archaic mechanism leaves FAR too much room for client-side JS to interfere with JSON payload (or form-data) being POSTed to the backend and room for mutation needs to be rethunked.