I found this interesting.
Steve is excellent to point out some platforms’ (in this case YouTube’s) negligence in terms of being accessible to its users!
I had something similar with Google at a previous employer a couple of years ago.
A rogue Google server was DoSing our Internet connection (we had a 10mbps leased line and the server was sending 1gbps down the line). It pretty much brought the whole company to its knees, no VPN for external workers, no email, no cloud access, no web access.
I ran a trace on the server doing the “attack” (in all fairness, it was probably a wrongly configured server sending its data to our IP address instead of another Google server) was using a registered Google IP address and was supposedly in a server farm in California.
I first rang Google. Nada. Voice queue system, which allows you to select the type of call you are making, one for being attacked by Google isn’t available, but I tried a few options, they all lead to the call being spat out after 10 minutes or so and the line going dead.
While I was in the queue, I wrote an email to abuse@ and webmaster@, two standard email addresses for registering problems. Both sent back an automated email “we receive so many emails on this account that they are just deleted and they are not read, please refer to the relevant part of our website” or words to that effect. Only, I couldn’t find a section of their website dealing with being DoSed by Google.
I then went to Twitter and messaged Google and Google Germany. Nothing, no response. I also used a web form for another part of the company to register the problem, nothing, no response.
I then went to our service provider. They confirmed the traffic, confirmed it was coming from a Google address and they put a block on the IP address at their border. The first month was free, but this falls under their DoS prevention service and costs 70€ a month extra!
As luck would have it, I was already testing a replacement 100mbps line with another provider, so we accelerated the cut-over to the new line and the old line was already on cancelled and on its run-out period. After a month, I had still not heard anything from Google and I checked back with our ISP, the traffic was still there, still being stopped at the border. Now they wanted money to keep the block in place.
We finished the swap over and let the traffic keep bombarding the old IP address. When the line was decomissioned, 3 months later, I did another quick check of the line. That Google server was still spamming the line.
But, short of actually registering it as an actual cyberattack with the police, I don’t think we would ever have got any response out of Google.
These big tech corporations put all their trust in AI and “the web”, but if anything actually goes pear-shaped and you need to contact them and contact them quickly? Just forget it, the AI hasn’t spotted a problem, so there isn’t any problem.
Crazy story big D. Wow.
Good on Woz for sounding some alarms about this. User support isn’t a glamorous part of being a software dev, but it is a critical one, especially at the scale of a property like YouTube. Also one that shouldn’t be outsourced to the lowest bidder. Maybe even some regulation is warranted in order to ensure a timely response for legal matters such as this.
However, I do think it’s kind of ironic that Woz said a couple times - “any human would look at this and recognize it’s a scam.” Well… I guess not any human. Am I allowed to also be irritated at the people who fell for this silliness, or is that a faux pas now?
Whatever happened to “Do no evil”?
I stopped using all Google products a couple of years ago.
It was “Don’t be evil,” and Google removed that from their mission statement right around the time of restructuring to form Alphabet, I believe. That said, I still love all my Google/Alphabet stuff.
This is similar to people being locked out of Google, Facebook, Twitter and other accounts and spending days and weeks trying to recover access, and in some cases never getting their login and data back.
I am increasingly moving photos, calendars, email and documents to multiple hosting, or backup locations.
It also allows me more privacy by removing calendar and contact information from people like Google.
A demonstration of a degree of paranoia, but safer is better!