Block YouTube ads on AppleTV by decrypting and stripping ads from Profobuf (2022)
345 comments
·March 18, 2025vitus
jeroenhd
On the protocol level everything is working as expected, but I think the flaw is that Google's way of dealing with these unknown fields in the ad data structure isn't to throw an error, but to pretend there are no ads to play. After all, Google will definitely release a new version of their app before they modify the protocol to make all the old versions not play ads anymore.
Google could shut down this method of ad blocking instantly by either doing basic certificate pinning or by altering their decoding logic to be less graceful of failures when it comes to extracting ad information. If I were on the YouTube team, I'd consider these flaws.
wongarsu
Smoothly handling missing or unexpected fields is half the value proposition of protobuf. May as well switch a a much simpler versioned binary protocol instead of all this schema and field tagging complexity if you want to reject every message that doesn't match the client's schema.
But rejecting unknown messages would likely degrade the user experience. Just because Google releases a new version doesn't mean everyone instantly has that new version installed everywhere.
Certificate pinning would be a solution, but the world seems to have decided that that's very difficult to get right. Probably easier to get right in an app than in a website, but I understand not using it.
They could manually sign the protobuf messages to ensure integrity. Duplicating some of the work TLS would already do, but doing it decoupled from TLS infrastructure may be easier.
But unless something like OP's hack becomes mainstream, Google's current approach could be the right one. Sure, it leaves them open to message manipulation, but the potential lost ad revenue from even a tiny failure rate around update time from the other approaches could easily outweigh what they lose from a handful of people running middleware boxes to block ads.
dcow
The point is that when ignoring unknown fields leads to users defeating your business model, even though the protocol requires it, the business logic of your software almost certainly should not. Protobuf working as intended, youtube client not so much. Agree that cert pinning is not the solution.
immibis
AFAIK ignoring unknown fields is a MUST in the protobuf spec. It's safe to assume all of their tooling is built around this. It wouldn't make a difference anyway. As vitus pointed out, deleting the field isn't much harder than changing it to an unknown field.
You can do cert pinning. And the user can modify the app to pin their own cert. And you can lock down the device so the user can't modify the app. And the user can get a different device where they can modifiable apps. And you can add device attestation. And it's not yet feasible to extract an attestation key from a device, but it probably will be in the future. And then you will switch it to a physically uncloneable function. And then someone will figure out how to physically clone it anyway. And so on.
The war on ad-blocking is fundamentally the war on general-purpose computing. By the time you achieve unskippable ad blocking,
You know, you could also just refuse to send any video segments until the time when the ad is supposed to be over. Then the user may try to download their videos in advance, but most of the time they don't know what they're going to watch that far in advance, so they'll sit through the ad to avoid sitting through a black screen. That seems like a more sane thing to try. And you don't have to destroy the fabric of society to do it.
wat10000
If you want to prevent MitM modification attacks, the way to do it is to sign the data. Trying to do it by making the serialization format less forgiving isn’t the right approach at all. It still has to be pretty flexible. It’s going to be pretty hard to come up with a format that cannot possibly be altered to make the client show no ads. Something like certificate pinning is way easier.
null
fastball
I'm very surprised Google isn't already certificate pinning.
tadfisher
Google still supports the YouTube app on the PlayStation 3. They are not going to rotate hashes/certs on that app because it's very likely there are between zero and two people who know how in the whole org. There are countless other supported devices like this that are either EOL or not receiving updates, and part of YouTube's value proposition is that they are available everywhere.
dcow
Cert pinning is not a solution and defeats legitimate traffic inspection cases. It also just moves the goalposts as the author discusses it can be defeated by a modified app binary. The industry has moved on. Sign your data if modification in-flight is a threat. I’m surprised google isn't doing that.
kbolino
The current YouTube certificate has a lifetime of 84 days. The next one will live that long or even shorter. Certificates are rotated too quickly nowadays for pinning to be viable. They'd be better off pinning their CA than their certificate, but that might cause issues for users in certain scenarios.
sgarland
> the bytes object returned by mitmproxy's API (`body: bytearray = bytearray(flow.response.get_content(strict=False) or b"")`) is immutable
Byte objects are immutable, but bytearray objects are not.
lima
A small C++/Go/... proxy can do the same thing with much, much less overhead. Been there, done that - for something well-defined like this, it is more stable and less work than fighting mitmproxy.
Routing everything through the proxy will degrade performance even with SNI interception.
Same with pfSense - a plain Linux server and a simple iptables rules set would do the job without having to fight against all the pfSense abstraction layers.
Write a .proto file with just enough of the reverse-engineered proto fields to auto-generate code and flip the flag. Cheaper than the Python implementation and easier to update when the proto changes.
Ignoring unknown field tags is an important Protobuf feature - it allows for compatible schema changes without breaking existing deployments.
WD-42
Sounds great, looking forward to the detailed blog post where you share how to do it!
s3p
You don't sound like you are actually looking forward to this.
haagendos
[dead]
pcardoso
I would love to degrade my YouTube experience and make it slower when switching videos, would make it a lot less addictive specially with shorts.
brainzap
I am experimenting a bit and definitly, a little bit loading delay helps to break the loop and „wake up“
ushiroda80
21th century will be remembered as the great digital drug crisis.
j45
Slowing down certain domains bandwidth can help too.
Narishma
Google has been doing that for you since they bought Youtube.
create-username
Isn’t Google degrading your user experience well enough?
Always42
Thought this was sarcasm till the end. Good idea
j45
This comment made me wonder if some folks have been compelled to find a way to block shorts.
My use of YouTube predates shorts, and I haven’t been a huge shorts consumer on social platforms, and I seem kind of indifferent to them. Anyone else?
Maybe there is something we can figure out and share with our friends who want to manage their shorts use.
Also, apps like opal can be really helpful.
dcow
Can you put together a guide in response showing where the inefficiencies are and how to mitigate them with more simple software?
It sounds like the author was aware of at least parts of your comment. The post is very thorough. They benchmarked using python and c++ and the final impl doesn’t even decode protobuf. They used various mitm solutions. They are using pfsense for more than just “it’s muh security router”—they are vlanning and vpning the traffic so they can target inly the appletv on their network.
Your comment is cheap and dismissive. The author’s post is not. You owe it to the community to put your money where your mouth is.
WD-42
Yup, I’m looking forward to the detailed post from this person (including screenshots!)
haagendos
[dead]
Starmina
Exactly my thoughts.
Razengan
> A small C++/Go/… proxy
Got any recommendations for lightweight proxies that can run on macOS and serve other devices in the home?
oefrha
https://github.com/elazarl/goproxy is pretty nice Go library for writing proxies, I used it once. Supports both HTTPS passthrough and MITM. Here's a trivial example MITMing connections to www.google.com and rejecting requests to https://www.google.com/maps while allowing everything else through:
package main
import (
"log"
"net/http"
"strings"
"github.com/elazarl/goproxy"
)
func main() {
proxy := goproxy.NewProxyHttpServer()
proxy.Verbose = true
proxy.OnRequest(goproxy.DstHostIs("www.google.com")).HandleConnect(goproxy.AlwaysMitm)
proxy.OnRequest(goproxy.DstHostIs("www.google.com")).DoFunc(func(r *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
if strings.HasPrefix(r.URL.Path, "/maps") {
return r, goproxy.NewResponse(r, "text/plain", 403, "Forbidden")
}
return r, nil
})
log.Fatal(http.ListenAndServe(":8080", proxy))
}
curl -k -x localhost:8080 https://www.google.com/
curl -k -x localhost:8080 https://www.google.com/maps
curl -x localhost:8080 https://www.apple.com/
Remember to use your own cert rather than the hardcoded one in "production" (a trusted network like your home of course, probably a bad idea to expose it on the open Internet).
Fokamul
I've opted to installing opensource youtube app with Adblock and sponsor block. LGTV Webos is so great, there is easy way to become "developer" and it will open official way to install homebrew apps on your own TV. Yeah, since you own it, it can be possible to do what you want with it.
Fu** you to all Golden-cage devices like Apple, Samsung, etc.
giancarlostoro
I prefer not to use the OS on my TVs and opt for never letting them online, I just hook up my Apple TV to it, this gives me complete control over my TV as things should be.
mubou
> I want to support content creators, so to be fair, after a few months of blocking YouTube ads, I am now paying for YouTube Premium; Just because I can break something, doesn’t mean I need to.
Does paying for YouTube Premium support creators? (If so, how much, compared to say Patreon?)
alwyn
Supposedly creators get a bigger share from YT Premium users' compared to regular, ad-watching views, simply because skipped ads mean no revenue. It's still marginal because most people don't have Premium though.
diggan
> Supposedly creators get a bigger share from YT Premium users'
I've heard this multiple times before, but every time I go hunting for a source from Google/YouTube, I cannot find any official statements or confirmed information about this, seems this is mostly based on 3rd party analysis afaik.
mrweasel
Linus tech tips had a break down of their income. One thing Linus highlighted was that YouTube Premium revenue was much larger than most would expect. See https://www.youtube.com/watch?v=-zt57TWkTF4&t=400s (it's a little under 20% of their total revenue from YouTube).
kalleboo
I found this screenshot of the partner program contract that says it's a 55% split for either https://imgur.com/YjOHAAr
But for Premium the amount is distributed by watch time, whereas for ad-supported users it's by number of ad views. This means that for short videos where the value of the ad is higher then the value of the watch time, a "free" user wins, but for longer form videos where the watch time is longer, the Premium user wins.
LinusTechTips once showed the YouTube income breakdowns for some of their videos that showed this - for their hour+ long PC build streams, Premium income was higher and for shorter videos, Ads income was higher.
parasti
I've released an album via Distrokid which distributes the release to YouTube as well. You can look at detailed reports there. Youtube revenue is split into Ads, ContentID and Red (which I believe is the old name for Youtube Premium). I just checked and I am currently getting a bigger share from Ads than from Red, per play.
dtech
> Does paying for YouTube Premium support creators? (If so, how much, compared to say Patreon?)
Yes. Recent info is sparse, but when they initially released it as Youtube Red it was generally much more than they got from ads per view.
ozzyphantom
Not much compared to Patreon but if you watch more than a couple YouTubers can you reasonably be expected to subscribe to every YouTuber’s Patreon?
I don’t doubt any given YouTube premium subscription provides a negligible amount of income to a creator but watching their videos ad-blocked provides nothing.
(I use ublock on Zen and do not make enough money to be a Patron of anyone unfortunately)
chii
> watching their videos ad-blocked provides nothing.
it provides the view count, for which the creator reaps rewards from as part of the boost in the algorithm from youtube.
Not to mention that a lot of creators on youtube also do sponsored segments.
dmonitor
Youtube has recently added a premium feature where if you skip ahead 5s, it will prompt you to skip an entire "commonly skipped" section. It seems like they've picked up on sponsorblock and are making it a feature for Premium users.
debian3
And that’s why there is SponsorBlock
chippiewill
Yes,.more than ads, less than patreon.
It's based off of watch time rather than ad impressions so creators with long form content do a lot better from it.
ta1243
Well it would be less than patreon, youtube the platform obviously costs more to run than patreon the platform
vachina
My gf’s YouTube account for some reason does not show ads on any device it is logged in, including the Apple TV. It is not premium, nor ever was premium.
Wonder what flag is set internally that disabled ads.
a12k
Interesting. If you can DM me the username and email associated with the account, I can look into this and get it fixed for her.
transcriptase
Perhaps set the account to only show ads until she’s caught up!
thunkshift1
And by fixed you mean.. show more ads??
pawelduda
"We're sorry for any inconvenience this error may have caused"
chuckadams
More like Mitch Hedberg would have said: "Sorry for the convenience."
pinoy420
[dead]
doublerabbit
Why would anyone want this fixed?
saaspirant
It's a joke
madmulita
How would you know what to buy without ads?!
Alifatisk
Woooosh
timmg
Your GF is essentially in the "control group" for ads. Her behavior can be compared to the behavior of people who see ads to better understand how ads affect those other users.
TN1ck
Maybe she is in a holdback experiment. To understand how a feature affects the metrics (such as running ads), they often have some people in a holdback. I worked there and we did have such experiments for our features.
HeatrayEnjoyer
Isn't that pretty unethical without an IRB and informed consent?
recursive
How does ethics even come into this? They didn't require consent to show ads in the first place. Why require consent to not show ads?
ta1243
The is the advertising industry, unethical is their middle name
MBCook
I mean, it’s Google.
duxup
Long ago a Google music subscription would disable ads on YouTube. When they discontinued it / I cancelled, it took a good 6+ months before YouTube ads started up for me.
But of a “oh I see what people are complaining about” moment for me ;)
pfooti
I am still paying for mine. My Google music all access I'm feeling lucky subscription turned into a YouTube music one, which includes YouTube premium, and I'm still only paying 8 bucks a month, which seems like a pretty good deal even if I also pay for Spotify.
manwe150
How did you manage to avoid the last price increase? I thought they’d ended that sweet deal for everyone (myself included)
xnorswap
I don't like to advertise this just in case it gets fixed, but I have that same experience for Twitch.
I don't run an adblocker and yet as long as I'm logged in, I get no ads. Not in the website nor in the mobile app. I don't have "turbo" and I don't even have amazon prime any more (which itself only very briefly suppressed adverts across twitch globally before they replaced it with a "Free sub" perk ). I don't have any of the other Turbo benefits, so it's not like I've been fully flagged as Turbo either.
I don't know if I accidentally bugged my account profile messing around back when they ran a bug bounty, but I'd happily provide more details in return for keeping this perk.
What's weird is that I vaguely remember once having a near-meltdown over the level of adverts on twitch when all I wanted to do was watch TV while I was heavily medicated and in pain in the hospital. Then some time a year or two later I was reflecting then suddenly realised I hadn't seen an advert for years.
I guess most likely there's some long forgotten ad-free A/B test that it's not worth cleaning up.
I've definitely benefitted over the years, I easily watch more twitch than any other platform. At £12/mo (roughly $15.50), twitch turbo is among the more expensive in the world. In the US and Europe it's $12 or €12, so we're getting straight ripped off in comparison.
chasd00
> some long forgotten ad-free A/B test that it's not worth cleaning up.
That sounds about right. Different context but I once got on the good boy list at work by accident and it wasn’t fixed for about 6 month. On the first of every month I got a little corporate swag box in the mail thanking me for going “above and beyond”. Lots of cookies, blankets, coffee mugs and other trinkets.
null
perching_aix
> I discovered that putting a man-in-the-middle proxy between my Apple TV and the world lets me decrypt HTTPS traffic
This surprised me quite a bit because normally that shouldn't work, but then that surprise was exchanged for a different one, when I learned later down that you can add CAs to the certificate store of an Apple TV.
Nice and thorough writeup, thanks for sharing. A good carousel through the entire stack involved.
windhaven
If I had to guess why Apple supports adding certificates, it’s probably to allow Apple TVs to work as AirPlay boxes in corporate/educational environments while playing nice with the IT/device management stuff that entails. For instance, when I was in college, getting something on the college WiFi either required allow-listing it’s MAC address or installing a certificate.
madeofpalk
This, and the fact that a fair bit of this would 'come for free' due to tvOS being based on iOS which has supported custom CAs for ages.
josephg
Unfortunately Google can trivially block this by checking which CA signed their SSL certificate in the YouTube app. I don’t know if they will - doing so might break YouTube within a lot of corporate environments. But it would be unfortunately easy.
pbasista
Of course Google can do this. And more. They could, if they wanted, to embed ads into the video stream itself with no way to distinguish them from the actual video content.
But they do not do it. They had so much time and opportunities to do that over the years. And yet, they did not do it.
I am not going to speculate why. But I suppose it is safe to assume that it is their intention to not do it.
ryao
Does anyone do that? The average developer likely would not think to do this because it is too computationally intensive to splice things into A/V streams on the fly.
A more clever developer could splice the ad into the video at an I frame, but then the ad needs to be a multiple of the number of frames that are both the I frame and follow the I frame. This also would mess with metadata on the length of the video that would need to be adjusted in advance. It is doable, but you give up flexibility and your HTTP sessions cease to be stateless. Then there is the need to handle splicing into audio and I do not know offhand if there is a cheap way of doing that at the server like you can do with video through I frame splicing.
It seems to me that they have lower server costs by doing things the current way.
m3kw9
Doing that across billions of streams a day will cost big computer costs to encode it as they are dynamic ads
ryao
I remember people promising a rogue CA would not work anymore due to certificate transparency requiring certificates to be published in order to be valid, but it is quite obvious here that certificate transparency was not even needed. A private CA is different from a rogue CA, but if the private CA was not forced to do certificate transparency, I wonder what is supposedly forcing the public CAs to do it for their certificates to be “valid”.
vlovich123
> I wonder what is supposedly forcing the public CAs to do it for their certificates to be “valid”.
The power of browsers and operating systems including the cert in the default store distributed to everyone. Participating in cert transparency is a requirement.
codemusings
> [...] when I learned later down that you can add CAs to the certificate store of an Apple TV.
Same. I would not have guessed that that's possible but I guess I never tried to access a resource without a valid certificate chain on Apple TV.
mzajc
Ironically enough Android TV (at least version 7.X) does not let you do that, which I found out the hard way when trying to work around untrusted Let's Encrypt certificates.
jeroenhd
Starting with Android 7, apps have to opt into user-installed certificates. Browsers often do (Firefox is an annoying exception, you need to turn it on in the dev settings and it doesn't work in the official release version of the browser), but apps usually don't even know that the setting exists.
Aside from that, Android has a very easy certificate pinning API where you can just assign a fingerprint to a domain name in the XML config files and it'll pin a certificate to that domain. Easy to bypass if you modify the APK file, but then you miss out on updates and other mechanisms could check if the signature has been tampered with.
With root access (shouldn't be too hard to gain on an Android device still running 7) you can add your certificate to the root certificate folder on the system partition. This will make Let's Encrypt work on all apps. It doesn't bypass certificate pinning, of course, but you don't need there for Let's Encrypt.
jisnsm
Most devices allow you to add CAs, but almost all apps nowadays use certificate pinning which means the system certificate store is ignored. I find it extremely surprising that YouTube doesn’t do that.
AnonHP
> but almost all apps nowadays use certificate pinning which means the system certificate store is ignored
Certificate pinning (or rather, public key pinning) is technically obsolete and browsers themselves removed support for it in 2018. [1] Are there many apps still really using this?
[1]: https://en.m.wikipedia.org/wiki/HTTP_Public_Key_Pinning
jeroenhd
HPKP, yes. Certificate pinning in apps is the norm.
The difference between HPKP and certificate pinning is that HPKP can pin certificates on the fly, whereas certificate pinning in apps is done by configuring the HTTPS client in the native application.
Apps like Facebook won't work on TLS MitM setups without using tools like Frida to kill he validation logic.
klausa
Mobile apps still frequently do, yes.
It's gotten less popular over the years as people keep asking "wait, what are we doing this for again?"; but it's still very popular in certain kinds of apps (anything banking related will almost certainly have it, along with easily broken and bypassed jailbreak detections, etc).
solarexplorer
I don't have any numbers, but I think this is still pretty common. On iOS for example Alamofire which is a popular network stack, still offers this as a feature. I think the use case is a bit different for apps and web sites, especially for closed ecosystems like Apple's where reverse engineering is not as easy/straightforward.
oarsinsync
Most personal banking apps I’ve used still do this. The bank is liable for your lost funds if your corporate IT department doesn’t secure the MITM solution properly otherwise.
(The end customer isn’t liable for the bank’s inability to properly secure their app from MITM attacks…)
boscillator
That sounds like you've just made it so your app doesn't work behind a corporate SSL proxy. I really need people to stop rolling there own SSL stores (looking at you python, java and nodejs). I spend way to much of my time getting things running on my work laptop that should just use the CA store IT pre-installed.
jeroenhd
Is that a problem? What segment of Google's Apple TV revenue comes from people behind shitty middleboxes?
YouTube won't work on Chromecast if you're trying to MitM it, so clearly Google doesn't think this situation is worth making an exception for in their logic.
myko
Certificate pinning seems like extreme overkill for nearly all applications. Are most folks really doing this?
mschuster91
> I find it extremely surprising that YouTube doesn’t do that.
Not surprising for me - it used to be only banks where it was required (sometimes by law) that any and all communication be intercepted and logged, but this crap (that by definition breaks certificate pinning) is now getting rolled out to even small businesses as part of some cyber-insurance-mandated endpoint/whatever security solution.
And Youtube is obviously of the opinion that while bankers aren't enough of a target market to annoy with certificate pinning breaking their background music, ordinary F500 employees are a significant enough target market.
dmos62
Love the engineering, but it's kind of sad the hoops we have to jump through to get some semblence of owning our hardware or software.
duxup
Well you own the device in this case. I don’t think there’s a justification to arguing you own YouTube or the content.
mystifyingpoi
What is "content"? I recently tried to use AppleTV Android app to play something and then use screen recorder app to record the phone screen. The recorder app was able to see the menus and even subtitles, but not the movie itself (black screen). Is the screen of my phone "mine"? Or does the manufacturer decide how can I use it?
knowitnone
The screen is yours, the content displayed is not. Same reason you can "buy" a movie, game, audio, ebook and have it disappear overnight. Same reason your security camera, car, oven may suddenly cease to work if the company shuts down their servers. Do we support it? You do because you paid for it.
kriops
Creative work, i.e. intellectual property. Much can be said about the state of copyright law in 2025, but the basic idea that you own what you create is the fundamental reason we (able to) prosper.
duxup
I'm thinking of the Youtube videos as content.
dmos62
> I don’t think there’s a justification to arguing you own YouTube or the content.
This actually gets to the core of my sentiment. I am influenced by these systems, but I can't directly influence them back. I don't know if this is somehow wrong in principle, but I definitely want more.
HumblyTossed
> but I can't directly influence them back.
Opting out of viewing is directly influencing.
duxup
As an individual viewer of course the creator of the content is the one with influence.
There's potentially millions of viewers, there's no magic influence that you'd ever notice.
rchaud
Any $30 Android shitbox with a nieuwpipe apk has been able to do this for ~ 10 years.
Zephyrix
I’ve tried implementing this a few times on my Apple TV to no avail. I think YouTube has implemented cert pinning on their app now or something. Has anyone else been able to get this working recently?
abricq
I really like everything related to network-wide blocking of shitty online services that are enforced on us !
On top of blocking adds (which is great), I wish there were more / easier ways to do network-wide blocking of all sorts of aggressive infinite scrolling (in my case : youtube shorts and instagram reels).
I often like to go on instagram to see posts / stories from the people I follow and I don't want to be suggested stupid videos that are especially designed to catch my attention. I know it's probably revealing a lack of strength on my side, but yeah, I often fall for watching a few of them and loosing 15 minutes of my life.
duxup
> that are enforced on us !
You don’t have to use them and you could pay for them.
The users of the internet have made their call and they often don’t want to pay, so someone does.
As a whole the users of the internet are not rewarding anyone for NOT showing ads. We want our content and we want if for free generally.
_Algernon_
The problem is that advertisement business infects everything.
For instance, I could pay for Youtube Premium to ostensibly not be shown ads, but it doesn't change the fact that all the content[^1] in the ecosystem is still produced for maximizing watch time and/or being advertisement friendly.
I could pay for news, but that doesn't change the fact that the news is written to receive clicks from the non-paying users.
Paying for things does not help escaping the second order effects of advertisement.
[^1]: To a close approximation.
wat10000
I don’t understand this complaint in the context of YouTube. It’s the only major streaming service with plentiful new content that isn’t clickbait, focus-grouped, lowest-common-denominator, metrics-chasing trash. I can hop on and watch hours of jets flying through the Mach loop, people playing chess, and people machining metal. If those aren’t your thing, I bet there’s plenty of stuff that is.
Sure, there’s a lot of crap. But you don’t have to watch that.
javcasas
You know who is the best target demographic for selling stuff? People with money.
So that's who you want to show ads to.
And do you know a proxy for "have money"? Paying for premium, when there is free.
Therefore, every time you pay for premium, all the advertisers look and say "I'd pay a lot to show ads to that guy". At some point, the premium service includes ads, because of so much potential extra revenue!
And that's why I don't pay for premium.
jnsie
Recently I've been annoyed with Youtube Premium. I pay for an ad-free experience and do not see ads in the traditional (wait 5 seconds to skip) way, yet more and more content has inline product promotion where time is spent thanking a sponsor and pitching their product. So I'm paying not to avoid ads, but I'm still seeing paid promotion...
carlosjobim
> it doesn't change the fact that all the content[^1] in the ecosystem is still produced for maximizing watch time and/or being advertisement friendly.
That's just not true. There is an enormous amount of content on YouTube right now, which is made chiefly with quality in mind, by some of the most professional people in the industry. There's more than you could watch even if you watched for a thousand years.
You just have to use the like/dislike and subscribe functions, so the algorithm knows what you want.
Jgrubb
Every one of the streaming services that I paid extra to go ad free decided to push ads anyway.
duxup
And they got their subscriber still I guess….
As users of these services as a whole we reward this kinda thing and then are upset when it happens again.
I don’t like any of this situation but I also think the user’s choices incentivize it.
choo-t
Paying make it worse, paying doesn't prevent ads to be forced later (e.g: Netflix, Prime, Disney+) and split people fight against ad, as the ones with enough money to avoid them will berate the other for not paying, will still providing benefits to an ad-driven company.
Never pays to avoid ad, block them or get the content by other means. It's akin to "never negotiate with terrorists" or "never pay ransom", you have to remove the incentive.
windexh8er
You could pay for them or Google could choose to take a different approach that is less intrusive. The assertion here seems to put the onus on the viewer. Considering YouTube pays little to nothing comparative to its profits based on content it does not make, I think a realignment of how Google operates YouTube could be an improvement for users of the service.
> The users of the internet have made their call and they often don't want to pay, so someone does.
Just because YouTube users put up with a broken system doesn't mean it's the correct, fair, or ethical approach. Beyond that many of the views are curated via algorithms that intentionally work against the user with an end goal to hold them in a viewing state regardless of the users original intent. With that in mind users should use tools against those malpractices and not feel bad about not paying for them. If someone is intentionally trying to manipulate you, what's stopping you from doing the same?
If Google were a fair and ethical company I think treating them the same would be more in line with your response. However, they are not.
friendzis
I'm not that old and yet old enough to remember internets before ad-supported free content, which was just infinitely better.
davidcbc
I've been on the internet since the mid 90s and that entire time it has relied on ad supported free content.
stingraycharles
People have voted with their wallets on YouTube that they don’t want to pay for premium, and prefer to watch ads or block them.
Ads aren’t “forced” upon YouTube users, people have the option to pay but they just don’t want to pay.
belorn
YouTube can always choose to package the content in a financial transaction. They have chosen not to do so, and instead they are supplying advertisement alongside the content for which the viewer may or may not watch.
They can always change it, but then there are legal consequences of making it a financial transaction.
abricq
I know that I, as a user, ultimately have 2 choices: to pay for a subscription, or the choice to not use these services.
Option (1) does not block infinite scrolling content, it only removes adds. So this is missing the point. All i want is to not see these dumb shorts videos that I genuinely give no fuck about, but that manages to catch my attention regardless.
Then sure, I can always delete my social accounts, and ultimately i might end up doing it. But let me try to explain why I think this is difficult, and also unfair.
I give 2 purposes to these social networks: First, they play a role in personal-life balance as a way to be more integrated in my group of friends / local communities. Second, they play a role as citizen of my region (in my case, France and switzerland) by being a (sorta reliable) source of information through following accounts and newspapper on them.
Initially, none of these social-networks came with this super-fast / addictive content. They only started to integrate it, in my experience, since 5 years. So it seems to me that these companies have broke the initial contract that they "sold" to us: to connect with our friends & communities and to allow us to follow a specific set of public influencers.
I guess that I am mad that we, as a society, have allowed these companies to gain such an important role in our daily lifes (social life and public life) that they can now say : we will allow you to interact with some of our friends, but you will also have to watch our stupid videos... And unfortunaltey, it's not easy at all to spin up a concurrent social networks that would be full-filling this initial contract. Probably lots of people actually like to scroll on insta Reels and youtube Shorts.
ed312
This is why you fundamentally cannot rely on private companies to build the "town square". This will _always_ happen because every company has a profit motive (even if its a loooong tail via SV-style funding). The problem behind the problem is people want great communities and tools, but don't way to provide any effort to build them.
carlosjobim
> All i want is to not see these dumb shorts videos that I genuinely give no fuck about, but that manages to catch my attention regardless.
My recommendations never shows any low quality content. All you have to do is like good stuff, dislike bad stuff, and subscribe to good channels. The algorithm works surprisingly well.
> we, as a society
There is no we and there has never been. You have to start taking responsibility for your own actions.
wffurr
Delete the app, use the webpage, and use a browser that allows user scripts. I found a good one that turns an Instagram page into just an image tag so you can just see the picture: https://greasyfork.org/en/scripts/5014-un-instagram
tecleandor
For web access, in Firefox I've been using the "SocialFocus" add-on, that allows you to remove certain blocks in "social" websites (for example, blocking Shorts or comments in YT), put a color filter to make it "black and white", or even blocking the whole site. I had to access Facebook a couple times some months ago, and the quantity of trash you can filter with this add-on is astounding. This developer has also a YouTube specific add-on I haven't tested yet, named "UnTrap for YouTube" that has almost 200 different options for blocking very specific stuff there. Their add-ons in [0]
For Android there's an App called Revanced that let's you apply patches on certain commercial apps like YouTube or Twitter modifying their behavior, and for example block shorts. See the patches available for YouTube in [1]. I'm still pending to test it, but if you do, go to their official site [2], or even better, to their GitHub releases [3] as it seems like there are a good bunch of scammy sites using their name.
--
0: https://addons.mozilla.org/ru/firefox/user/17777732/
1: https://revanced.app/patches?pkg=com.google.android.youtube
2: https://revanced.app/
3: https://github.com/ReVanced/revanced-manager/releaseswhywhywhywhy
Wouldn't risk trying to extract from IG too much, I used to yt-dlp from it a lot and use scripts to extract the images because I like to archive references, nothing on a massive scale we're talking <20 times a month and I got a warning that I could lose my username if I "use automated scraping tools".
tecleandor
Oh! Were you using your user cookie? I use yt-dlp a couple times a month, but I think I'm always unauthenticated (although I guess they could match my IP address in their logs)
prmoustache
Why would you use an account to do that?
andrepd
It's 11 years old, I'm impressed that it even works.
fumeux_fume
> I know it's probably revealing a lack of strength on my side...
I think these tactics exploit our natural sense of curiosity and the aesthetics that surround it. So I don't think it's so much a lack of strength, but more of a jadedness we have build up and I think that's pretty bad. I respect the effort and creativity it takes to fight back and make the platform work for us instead of vice versa.
rfgil
This has worked great for me to prevent the infinite scrolling on instagram: https://www.distractionfreeapps.com/index.html
aembleton
I'm not going to trust that until its on F-Droid.
mtsr
I feel this, particularly as a parent. It's difficulty watching your kids get lost in the algorithm. We regularly discuss this with them and they agree with our perceived harm, but it's just too difficult to resist. Heck, even I get lured into (doom)scrolling every now and then.
I've setup ad-filtering using pihole, where possible, but I'd prefer not to block youtube as a whole. But I'm definitely considering that in the future, to protect my family.
freehorse
Imo the best thing that can work is introducing delays to the loading of videos, increasing as time goes by. Youtube introduced sth like this to me, when they were presumable trying "punishing" users with adblockers, and it worked as a charm to get me disengage from the youtube rabithole. A lot of such addiction dynamics work based on how fast getting the reward is, and these interuptions disturb this.
zimpenfish
> I often fall for watching a few of them and loosing 15 minutes of my life.
If you're on iOS, set a time limit (Settings → Screen Time → App Limits → Instagram). Doesn't stop the initial scrolling but the "you've run out of time" pop-up is a good breakpoint. You can bypass it and give yourself another 15 minutes but making that choice is also a good breakpoint / reinforcement.
arnvidr
Hit that "For you" at the top and select the "Following" feed. Only the posts from the people you follow, no suggested posts, no ads.
rwmj
Until the company decides to unilaterally reenable that setting to "help you get more from their service".
david_arcos
That's not persistent :(
soraminazuki
YouTube still provides RSS feeds for individual channels. Combine that with mpv's yt-dlp integration and you can avoid the official web frontend altogether.
I don't know how long it's going to last though, with the current trend of rug pulls and enshittification.
rwmj
Youtube have been gradually cracking down on yt-dlp by blocking IPs that download (presumably without watching the adverts, or some other method to fingerprint it). Currently it's mostly annoying as I have to rotate through IPs every few days. But I imagine it'll get worse and worse until I stop watching youtube.
account42
I've been using the same IP for ages and never had problems with yt-dlp as a whole - it's always just some specific videos where it won't work.
ffsm8
Pretty sure it's only gonna get deleted if either a) enough people use it so that a MBAs notice or b) the way it's accessing the data blocks a feature that an MBA wants
desdenova
Or just use a localhost invidious instance.
thomasfl
For ad free Youtube, go to https://yewtu.be or any other Invidious instances https://docs.invidious.io/instances/
There is an arms race between YouTube and Invidious. From time to time Invidious is not working, but the team has always found new ways to circumvent YouTube and deliver the videos without ads.
xela79
there's a reason the author included "on AppleTV" in the title. Alternative clients/frontends etc simply don't work
orliesaurus
This wouldn't work on Roku TVs etc since there's no "browser" :(
Telemakhos
There are ads on YouTube? I guess my browser blocks them so well that I didn’t know.
The real problem here is that the AppleTV experience is so much worse than an ordinary web browser experience. Apple locked the hardware down to the point that it benefits YouTube’s ad profits more than it benefits the end consumer who pays for it.
timcobb
If we're getting to the point where we need to decrypt things and reverse engineer protocols, maybe we should... not use these devices? Maybe we should opt out of this economy? Maybe we should do other things to entertain ourselves?
wat10000
I realize it’s anathema to a lot of people, but you could just... pay for stuff. YouTube has an ad-free premium option.
ZaoLahma
While I do agree with you, I am a bit concerned about the recent developments with "paid, but still has ads" subscriptions and how Youtube might slip towards such practices as well as soon as they have a large enough number of paying customers. Their premium might suddenly not be so... premium.
chgs
And then you cancel. I did that with Amazon, will do it with others when I start seeing ads.
kittoes
I totally get it. That said, YouTube premium is worth every single penny and has only gained features over time; no other subscription I have comes close in terms of value.
bcye
Have they not already with Premium Lite or whatever it is called?
ToucanLoucan
With respect to that, YouTube premium has been around for over ten years, the majority of which I've been a subscriber because adblocking on Apple TV (my primary YouTube experience) is far too much of a fuckabout for me to willingly engage in it, and they haven't yet done it. I think Google is well aware of the fact that Premium with ads is an utter non-starter as a product. What would you even be paying for then? This isn't like TV+ or Prime where you have exclusives, almost everyone who posts to YouTube would happily jump that ship given enough reason to.
And while there are still ads (sponsored segments) I personally have less problem with those since those are substantial money for the creators I enjoy, and a lot of the ones I watch actually manage to make them pretty funny. And hell, a couple I've even used their codes for shit over the years for. Like, an ad is an ad and some people hate all of them, but I can personally say I've engaged with ads from creators I like at an exceptional rate compared to... virtually every other type of advertising I've ever encountered.
dsco
I wish I could do this for Spotify. Paid plans still include ads.
They cram ads into podcast episodes which themselves also have ads, so you'll get the read ads + Spotify's local ads + Spotify laughs all the way to the bank.
I believe over time not having ads will be a thing of the past, and you'll instead pay for fewer ads. Like where else are people going to go for exclusive content?
HelloMcFly
I've never heard an ad on Spotify, so this is true only for podcasts then, correct? In that case I can at least be thankful that Spotify is the worst option for listening to podcasts.
JKCalhoun
Just buy the content and play it from your local devices. I use streaming simply for "auditioning" new music (and there are podcasts, YouTube channels that do that without a subscription, FWIW). I prefer then to buy the tracks from Bandcamp. Hopefully the artists get a bigger slice of the revenue that way.
null
jvolkman
YouTube premium also includes ad-free YouTube Music. Yes there are still sponsorships in podcasts as usual, but no injected ads.
FuriouslyAdrift
I highly recommend Radiooooo. They're DJ curated and very good. Dirt cheap for what you get.
Hamuko
I don't really listen to much Spotify but I feel like just the free plan in Firefox with uBlock Origin gave me an ad-free experience the last time I used it.
timcobb
> Spotify laughs all the way to the bank
FWIW, I don't think Spotify makes much, if any, money lol
noja
It's not that simple. It's common enough now to classify some ads as.... not adverts. So even if you pay for no ads, you get ads.
kittoes
Completely untrue in the case of YouTube Premium. I literally haven't seen an ad for over a decade now.
onion2k
Or you can opt out. Both options are equally valid.
I won't pay for YouTube because the consistency of YouTube is massively variable. Sometimes channels I watch skip 6 months between videos. When I do watch stuff its usually in the background or when I just have a few minutes spare. Spending money to fill that time is unjustifiable unless it's a really low amount, and YouTube Premium isn't low enough yet.
Oddly though, if I could buy 100 'skip this ad' tokens for $10 that I could use when I'm pushed for time, but just suffer the ads when I'm not, I'd seriously consider it.
wat10000
You can, but the complaint rings hollow when we’re talking about a service with enormous amounts of actual good content, and a straightforward non-abusive paid plan. If you don’t think it’s worth it, that makes complete sense. If somebody decides there isn’t anything worth paying or watching ads and just bails out, totally sensible. But this “ads are so terrible we should just abandon the service” thing is weird here. YouTube is an example of doing it right. They use ads to support a free tier, and have a paid plan that removes them. They don’t do nonsense where they take your money and still show you ads. They don’t serve unvetted ads that infect your computer with malware or mine cryptocurrency. If people won’t even consider paying for this (not merely deciding it’s not worth it, but refusing to even consider it as a possibility) then I have to conclude that they just think they’re entitled to get stuff for free.
fzeroracer
I think most people don't have a problem paying for something that gives proper added value.
But what's happening is that companies are degrading the basic experience and expecting people to either be OK with it (like Roku's increasingly intrusive ad experience) or to pay up to avoid it (like with YouTube).
x187463
Perhaps on review of specific ad presentation practices, you could argue for a degradation of experience, but showing adds more or less within YouTube to free users seems like an acceptable method of generating revenue.
As an aside, the fact that people pay for cable and still have 4-7 minute ad-breaks every 15 minutes make anything YouTube does pale in comparison.
null
Etheryte
Netflix shows ads to paying customers. We've seen the same playbook across a wide variety of products and services, it's only a matter of time until paying users get milked too.
wat10000
When that happens, I’ll stop saying “just pay for it.” But until it does, I’ll continue paying for YouTube and being befuddled by people who get upset at their ads.
saintfire
Increasingly the "basic" paid plan has ads and you now have to pay even more to not have ads. Doesn't seem like playing the game is doing anyone any favours.
Having the ability to tell a company enough is a enough serves as a ceiling for bullshit.
kittoes
Where are you finding this "basic" plan? YouTube Premium has only a single tier that is completely ad-free. I hate Google as much as anyone, but shouldn't truth matter?
FuriouslyAdrift
I've gone back to pirating everything. I can afford to pay for all the services, it's just the service and content quality has gotten so bad that it's just not worth it. I DO pay for content from other markets (French, Israeli, and Japanese), just not mine.
It's just like vehicles. There isn't a single vehicle sold in my market that I would pay anything for (ok, maybe the Ford Maverick). There's a bunch in other markets (Europe, South America, Asia), just not mine.
timmg
> I've gone back to pirating everything. I can afford to pay for all the services, it's just the service and content quality has gotten so bad that it's just not worth it.
If the content is so bad, then why the need to pirate it?
JKCalhoun
OP said content quality so I'm assuming the streaming is shittier quality than, for example, BluRay quality you might get from torrenting.
FuriouslyAdrift
I stick to old stuf from the 1930s to 1990s
I will say the Criterion Channel is excellent and I do subscribe to them.
lordleft
I've started reading a great deal more. I'm tired of wrangling with my entertainment.
selykg
I started reading a great deal more at the start of the pandemic. I've kept it going since and it has been a real boon. I also switched back to physical books because I actually own them..
cookiengineer
I can recommend "minitube" [1]. It's super minimalistic, and requires you to actively search for things to find them. No ads, no feeds, no short videos, nothing - just playlists for search terms. Uses yt-dlp and mpv behind the scenes, so it's using less than 5% CPU on my small Intel NUC machine, too.
I can't stress enough how it is soooo much better in terms of what type of content I consume now. Mr-Beast-cutting-style dumb videos ain't stand a chance to get my attention now.
Ironically, the author built it to be a children-safe environment to consume YouTube.
42lux
Choice is a luxury for most.
flanked-evergl
Have fun!
ajsnigrutin
The problem is, that there is no alternative yet for that.
Movies are not an issue, there's piracy, music is not an issue, there's piracy, books are not an issue, there are libraries... and piracy, but youtube is still limited, and the only way to avoid the ads is to buy another device (computer), thus turning pretty much any smarttv (with features you paid for) into a dumb display (that you mostly cannot even buy anymore).
acdha
The alternative is paying for things you like so the people who make them can continue doing so. If you don’t think YouTube is worth paying for, it might be a good idea to reconsider the amount of time you spend on it or whether you want to help promote it.
davidcbc
> but youtube is still limited, and the only way to avoid the ads is to buy another device (computer)
YouTube premium is cheaper than another computer and works on all devices.
x187463
It's crazy how that option completely evades many people's reasoning on the subject.
ajsnigrutin
But you still get in-video ads ("this video is sponsored by shadow raid vpn"), that (on a computer) you can skip with sponsorblock.
timcobb
Alternatives:
- Not consuming exploitative entertainment
- "Piracy"
JKCalhoun
I like the download-YT-content-locally then play. A project hit the front page recently that used yt-dlp to more or less do this.
alistairSH
Piracy isn't an alternative - it's illegal/immoral.
But, the good news is there are two alternatives for all of the above... pay for the content. Or, don't consume the content.
timcobb
"Piracy" of digital goods is an oxymoron... I don't think it's immoral. If you pay publishers, the creators don't get paid. And about the legality, well, just ask Meta what they think about torrenting.
EDITED for tone.
ajsnigrutin
Piracy offers the best service there is. You used to be able to buy DVDs, vhs tapes, etc., and you'd get the media, and even then you had to sometimes fast forward through ads.
Now, it's impossible to buy media in many cases, even if you click "buy", it might be gone after a month, because some contract somewhere expires, there are ads even in paid plans, there are limits, to what I can do with that media, and more and more services require you to continue paying for content you already "bought".
When they fix the "buy" button to actually mean "buy", and when they remove ads from "no ads" plans, i might reconsider. Until then, they're not getting any of my money anyway, piracy or not.
> instead, I found a flaw in the Protobuf format which allows me to reliably change one byte to obliterate ads.
Let me guess, the author changed the field number to a large unused number.
> Now, all we have to do is scan the Protobuf bytes for classic ad URL signatures like /pagead/ to bound our field search, then move backward from there until we find the target(s) field tags and thus field keys we would like to denature (e.g. 49399797 –> 49399796).
Yeah. This isn't a flaw, this is intended behavior.
If you're willing to go through the effort to find the tag, it's really not that much additional effort to then read the (varint) length right next to the tag and... just skip those bytes.
Yes, you'd need to copy your buffer to do this, or at least slide your bytes around. But the proof-of-concept script already has to perform a copy because the bytes object returned by mitmproxy's API (`body: bytearray = bytearray(flow.response.get_content(strict=False) or b"")`) is immutable, and even a memoryview isn't going to bypass this limitation.