It is a well-known fact that the moment YouTube goes down, the collective productivity of Earth increases by approximately 4,000%, which is immediately squandered by everyone going to Hacker News to read comments about YouTube being down. I myself have taken to podcasts… an ancient medium in which people simply talk at you for ninety minutes without a single sponsorship for a mobile game, and this is considered a failure
At least it is somewhat relevant. Hearing ads about Irish telecom operator ads at the other side of europe is pretty goofy. What's the actual point? Just worsening the podcast experience?
VPN to Sweden to get the IP geolocated ads to retarget. The ads still exist but they're less obnoxious, and they're often in Swedish so you don't have to know what they're on about anyway.
Careful, I enjoyed this bonus (being in Japan and not being able to keep up with the ads)... so much so, that I started ignoring the Japanese. Including my wife. You can imagine how well that went.
Give it another 10-20 years and your 2 hour podcasts will be 30 minutes of morning zoo DJ banter, 10 minutes of guests, and 1.5 hours of ads.
We’ll have reached peak 90s all over again. With any luck we’ll avoid recreating the conditions for another Nickelback and can stay in the weird zone where Trip Hop and pop punk could chart at the same time.
The 00's podcasts I listened to were often in 2-3 hour episodes, rarely well scripted (or scripted at all?), but a lot of fun and very amateurish. I re-listened to several entire series recently and the episode lengths were the only thing I think was worse than in newer podcasts.
On the other hand, if ads etc gets too annoying, I already have run all my downloaded podcasts through whisper to get transcripts with timestamps. Running some LLM to find ranges to delete would probably be quite easy. As a bonus I would be happy to also cut out all the filler repetitions that seem popular these days ("yes, X, I absolutely agree, [repeats everything X just said]"). Could probably cut 1 hour episodes to 20 minutes without losing any content.
Well one must also argue the opposite. I myself have gained immense knowledge from YouTube. I have learned things like phone screen replacements or phone battery replacements. I call myself a mechanic from the school of YouTube and have saved myself at minimum $10k in repairs doing the work myself. I have learned to make endless food recipes or create things like giant bubbles or slime for my kids. My point is that I bet sure for some YouTube is a massive time sink waste of time. But I also wonder how much it has improved the knowledge, skills and ability of others.
My dad often mentions how had he had YouTube when he was younger how much it would have done for him. He talks about having to go to the library and if lucky there was a book that could show you the knowledge you were looking for. He says but now you can find not just the knowledge but for example specific knowledge like car make model and year and how exactly to do job xyz.
Ultimately I just can not imagine life without the wealth of knowledge YouTube has given me.
Personally, I just scroll through them. They break the feed into well defined "chapters" at the end of what I can decide to look into the next one or go somewhere else because there's nothing good there today.
Also there's this woman that makes very funny shorts about software development and good long videos that aren't as good. I look for her shorts too.
Lol I laughed out loud reading this comment. When shorts first came out they annoyed me to no end. I searched for how to block them through settings or other ways to just make them go away.
But now days I can admit there are a few, very few, content creators who create shorts that are very informative and straight to the point that can cover a topic and give you many facts and let you decide if you want to seek more. Sometimes it is nice to have the 30 seconds Coles notes verses a video stretched out to 10 minutes to be eligible for monetization.
BUT, and this is a big but, the shorts and similar video platform trends scare me as a parent. I can see how my kids find a 1.5 hour movie boring but can scroll endlessly through shorts. It might seem harmless letting your kid just scroll on YouTube from my perspective is like an addiction and kids are getting that dopamine hit watching a clip and seconds later watching something else. I've learned that it is very important to be aware of what your kids are being accustomed to and push them in the right direction.
I watched a movie, same late night talk show host, something like "welcome night owls".
I "loved" the style but I haven't found any actual radio on the internet of that style or a podcast. Not sure about name of movie but I do remember it being in the last 10-15 years.
People went ballistic on me a few months ago for bringing this up, but this is exactly the kind of outage that makes me really, really worried about extremely short lived certificates. https://news.ycombinator.com/item?id=46118371
I'm not sure I follow. This outage seems like it occurred for less than 1 day. The post you link to is about having certificates expire after 45 days. What's the connection you see?
Some CAs are experimenting with shorter, 7 day certificates as well.
still not an outage that would endanger anyone's ability to renew in time, but for small or extremely shitty CAs (and there are a lot of those) such an outage may take enough time to cause issues in theory I guess?
It doesn't comply with one or more root store policies (which all incorporate the Baseline Requirements by reference, which incorporate various specs, such as RFC5280, by reference).
There are countless examples of non-compliant certificates documented in the Bugzilla component I linked above. A recent example: a certificate which was backdated by more than 48 hours, in violation of section 7.1.2.7 of the Baseline Requirements: https://bugzilla.mozilla.org/show_bug.cgi?id=2016672
"There is an ongoing incident that will force issuance to be halted."
Feels like they were alerted to some current problem severe enough that "turn it off now" was the right move. Breaking the baseline requirements somehow maybe?
That feeling when you finally get the timelock safe open and have to do certificate work that shatters YouTube’s connection to the account personalization systems.
Yeah, this could end up as the actual root cause of The Great Oops that I've been raving about for years. And Google probably would be the right company to fuck it up in the worst way possible since Google Knows Best In All Situations.
It's inevitable that one of the major cloud providers will irrecoverably delete all customer data with one single fat-fingered command. Though in google's case I'll also consider the prophecy to be fulfilled if they delete their own data.
There are a few things that can cause tremendously widespread outages, essentially all of them network configuration changes. Actually deleting customer data is dramatically more difficult to the point of impossible - there are so many different services in so many different locations with so many layers of access control. There is no "one command" that can do such a thing - at the scale of a worldwide network of data centers there is no "rm -rf /".
Ah, but you fail to account for Google's incredible knack for building tools designed to do things at scale. Or put AI in things that don't need it.
The possibility Google will either manage to unleash a malicious AI on their infrastructure and/or develop a way to destroy a lot of data at scale quite efficiently or some combination of the two is far from zero.
"We deployed this private cloud with a missing parameter and it wasn't caught" is as different from "we wiped out all customer data" as hello world is from Kubernetes.
No one promised this "should be impossible". Did you confuse "we'll take steps to ensure this never happens again"?
You contend there's no global rm rf for a global cloud provider, but clearly a missing parameter can rm rf a customer in an irrecoverable manner.
The only half you're missing is... how every major cloud outage happens today... a bad configuration update. These companies have hundreds of thousands of servers, but they also use orchestration tools to distribute sets of changes to all of them.
You only need a command to rm rf one box, if you are distributing that command to every box.
Now sure, there are tons of security precautions and checks and such to prevent this! But pretending it's impossible is delusional. People do stupid stuff, at scale, every day.
The most likely scenario is a zero day in an environment necessitating an extremely rapid global rollout, combined with a plain, simple error.
And the most telling thing about most of these outages is that the provider later admits in their postmortem that they just didn't really understand how the system they made worked until it fell over and were forced to learn how it really works.
It's the sort of thing that used to keep me up at night.
The release process, monitoring checks, etc. for a customer's private cloud is generally significantly different from the release process for a global product. I'm not going to get any more specific for all the standard NDA reasons, but having worked for Google and Microsoft among others....no, the risk you describe doesn't translate from one to the other.
I understand you believe the checks cannot fail that catastrophically, and I agree that the likelihood they do is quite low.
But it can happen, and it only has to happen once. (Also FYI, telling me your work history just tells me you've drunk the koolaid, ain't proof you know more.)
The idea that all customer data will be deleted is far fetched, but I feel like there have been some massive incidents. Crowdstrike comes to mind, but I feel its entirely possible that Apple/Google/etc could push out some kind of config update which bricks phones in a way they are unable to download another update to fix them.
Though I'm sure the major players are all over this risk which is why it hasn't happened.
There's at least five free ACME CAs, with failover it doesn't matter all that much if one of them falls over. If all of them fall over at once there's probably a more pressing issue like nuclear holocaust or alien invasion going on.
For one, Cloudflare uses four different CAs almost interchangeably. Caddy also makes it easy to configure ACME failover if you're self-hosting, and defaults to using two different CAs if you don't specify any.
Frankly even with no CA redundancy, downtime would have to drag on for weeks to actually disrupt renewals. ACME certs usually get rotated after about 2/3rds of their duration has expired, so the upcoming 45 day certs will still have about 15 days of wiggle room.
They aren't all drop in replacements for each other though. For example, Let's Encrypt offers free wildcard certs (with dns verification), but for ZeroSSL, it requires a paid subscription.
ZeroSSL is weird, if you use their classic non-ACME interface then the free tier is indeed limited to 3 active certs which can't be wildcards, but if you use ACME then there's no limits and wildcards are allowed.
> By using ZeroSSL's ACME feature, you will be able to generate an unlimited amount of 90-day SSL certificates at no charge, also supporting multi-domain certificates and wildcards.
So the question is why this hit Youtube and Youtube TV so hard. Presumably they’re relying on ephemeral instances being able to get certs immediately, or something like that.
I was thinking about the time some software influencer said that if you are afraid to deploy on Friday then there's something wrong with you. Eff that! Murphy's Law! (allen holub - https://x.com/allenholub/status/1637111242610610182)
I often deployed on Friday evening. Several factors contributed to this decision.
1. Sales volume was lowest on weekends so if something went wrong it would affect fewer customers.
2. If something went wrong and I needed to revert, nobody was at work on weekends so it would not disrupt coworkers.
3. I always made it so reverting would be easy.
4. Most of my weekends were just relaxing at home, mostly doing online stuff (games, reading, videos) or doing offline stuff at my computer (programming my personal projects). It wasn't much of a bother at all to have an ssh open to something at work monitoring the new deployment for problems for the rest of Friday night and Saturday.
I worked at RSADSI when I was a kid and supported the custom spin of TIPEM Hayden and Sophia used at Verisign. This brings back some very bad memories.
But... hopefully... people created overlapping windows of cert validity so there's always a valid cert available for their services and can tolerate the CA being out of action for 8(?) hours. Imagine if your TGS/Kerberos or AWS IAM IdP was down for 8 hours.
For persistent services using the affected ACME API, the window is usually 30 days.
But that didn’t stop Youtube and Youtube TV from going down hard. I imagine they’re provisioning ephemeral VMs or service instances and relying on them being able to get certs immediately, or something like that.
> I browse logged out. Interact when them I do not.
The logged out experience is closer to the interests of the average person. So if you're not pruning (and savings) your interests, that's hardly surprising.
OCSP is deprecated and basically dead at this point. Some clients still use it but I don't think many (any?) have actually enforced OCSP for years since it was notoriously fickle anyways.
Interesting. If you go to youtube.com it's all messed up; missing all the videos in the listings. But if you follow a video embedded in another site to youtube, it'll show and play fine. It'll break if you try to browse away from it.
Yeah, YouTube is not one server, it's hundreds of them. The videos are served mostly from CDNs (the Content Distribution Network). It's a different set of servers than handles account logins, routing, etc.
Some Google Services are also down at the moment, unrelated to YouTube, so probably a failure along some common infrastructure pipeline.
Your History, Subscriptions and search should all work. You should be able to see any creator's page if you go to it directly. The videos are all still watchable. It's primarily the home page and recommended videos that are having issues. Basically any place they recommend videos you haven't seen is broken right now, but the videos are still there and accessible.
I've tried via VPN from the U.S., U.K., Sweden, Germany, Russia, Colombia, etc. Same issue across the board.
Isn't that the thing that a bunch of YouTube creators pitch inside their channels along with VPNs and supplements? I would never consider it because the ads rub me the wrong way. Or is it some alternative frontend for YouTube that happens to have a similar sounding name?
It is a co-op where creators make videos without the threat of being demonetized or algorithmically punished - and it’s not garbage in the way you might expect people fearful of being demonetized might be.
Lots of excellent legal analysis, history, logistics, engineering content there.
It was initially founded by some of the most popular information YouTubers like CGPGrey, but he mysteriously left the project (I suspect one side wanted to be evil and the other side did not)
It's a place for creators to host long form content (that the google algorithm now disincentivizes) as well as history content that can't show a lot of history because of "violence" (like the holocaust).
Youtube is demonetizing channels left, right, and centre.
Oh I am more than happy to tell people how I took down entire Google Cloud 11 years ago. I mean, of course to the level of details Google is comfortable with to share externally :)