- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Google could kill YouTube Vanced for good::The company is exploring an integrity API that could lock down WebViews with DRM
Wow, this article is just like 100% wrong. I’m surprised no one has mentioned this yet.
To get why this could be a problem for YouTube Vanced’s successors, we need to understand how they work. Rather than modding the YouTube app itself, Vanced apps are essentially tweaked and modded browsers that display videos via a WebView that shows YouTube, adding extra features to the experience like adblock and other YouTube Premium perks. If YouTube was able to check which apps or devices are trying to access its servers before displaying content, this would be an easy route to stop Vanced successors from working.
The YouTube-app, and Revanced in turn, does not utilize a WebView to display video. They are most certainly not ‘modded browsers’.
Seriously, who wrote this shit? An AI? It’s baffling.
ABOUT THE AUTHOR
Manuel Vonau • Senior Google Editor
(2251 Articles Published)
Given that Revanced patches the YouTube app, Monsieur Vonau is most certainly wrong.
Manuel Vonau
From his bio on that site (https://www.androidpolice.com/author/manuel-vonau/):
Manuel studied Media and Culture studies in Düsseldorf, finishing his university career with a master’s thesis titled “The Aesthetics of Tech YouTube Channels: Production of Proximity and Authenticity.” His background gives him a unique perspective on the ever-evolving world of technology and its implications on society. He isn’t shy to dig into technical backgrounds and the nitty-gritty developer details, either.
So he’s a marketing guy with possibly zero tech background beyond watching YouTube videos, who isn’t afraid to discuss “nitty-gritty developer details” despite apparently not actually understanding them.
To be fair, you can be a developer maintaining a website or an app for a company that operates on stuff you have no idea about. Working for a hospital doesn’t mean you can perform surgery.
I actually am a developer who works for a hospital. I wouldn’t write articles or otherwise create materials discussing the “nitty gritty medical details”.
deleted
I don’t know any apps that work like that. I’m pretty sure even the YouTube is just an app
deleted
I’m surprised no one had mentioned this yet
It’s because there’s an annoying trend of everyone reading the headline and not the article. Drives me bonkers
Headline: “THING IS HAPPENING”
Body: “Here’s 1000 words unrelated to the headline. Here’s some ads. Here’s interviews with three people saying nothing of interest. Here’s the thing you clicked under the headline for and it adds a bit of nuance to the headline along with a bunch of waffling and uncertainty. Here’s a pointless anecdote. More ads! Here’s a recipe for chicken wings and a bunch of pictures of celebrities. Oops! Article ended a full screen ago. Nothing down here but clickbait and more ads.”
Gee, I wonder why people just take the headline at face value.
The recipe thing… OMG lol…
Peanut butter and jelly recipe:
My family had a farm and my mother loved to run around with the chickens. We would play kick the neighbors dog all summer while the crows chased my father around. Donkey season can be a wonderful time when the leaves just start to turn and the beavers come home for winter. Three times in my life have I encountered such joy, one was when I had my first hit-and-run, the second was when I learned how to make napalm, and finally the last joy was in writing such absolute nonsense that just wont ever end when all you wanted was a goodamn simple fucking list of ingredients and maybe a temperature to cook at. Well the seasons change and I still waffle on, maybe one day you’ll get your recipe, but you won’t find it here. Or will you? Turn to page 36 for recipe, turn to page 4 to continue down this path into madness with me.
Recipe: Peanut butter. Jelly. Bread.
So many articles these days add nothing to the headline. They literally repeat the same paragraph, slightly reworded. It’s getting so bad that the first paragraph is usually made up of the same few sentences, repeated.
There’s no place like
homeReddit.There’s no place like
homeReddit.There’s no place like
homeReddit.
How does it work under the hood? I remember googling around and never found out
To play video, the YouTube app does API calls directly to the YouTube API instead of loading any web code, then gets a reference to the media to play back and plays it back in a native media playback SDK.
Revanced does their stuff the way they do by manipulating the bytecode that the YouTube app consists of, to add/remove things.
It’s a waste of time. People who bother installing Vanced are not likely to click a single god damn ad even if it’s forced on them.
So yes, Google can choose to bother some people and get higher statistics on ad views, but the companies paying for the ad will not see one single fucking sale more. This lowers the value of the ad.
They’re chasing imaginary revenue.
The value of exposure isn’t real either. The phone might play it but I don’t fucking watch something that I don’t want to watch. I’ve been online since before online ads were a thing and not once have I bought anything from any online ads.
Just let me opt out of that circus for fuck sake.
I don’t understand this toxic level of optimism found on this platform. if they do client integrity checks, nobody will be able to use an ad blocker. you will have to use an approved YouTube client. it will result in higher ad revenue to Google.
all of these folks who are using revanced will watch annoying ads repeating a thousand times over and the content of the ad will be stuck in their brains exactly as intended. the companies that pay for the ads don’t care if you think you are immune to propaganda. they want you to watch.
what part of this is imaginary?
companies that pay for the ads don’t care if you think you are immune to propaganda. they want you to watch.
They don’t pay for ads just to waste my time. They buy ads to sell products.
Forced advertising does not work on the kind of people who already do everything they can not to watch ads.
if you think you are immune
I’m literally not watching my phone if YouTube or other stream goes into ad mode. I do not see the ad.
The imaginary part is that Google gets paid just as much for showing ads that don’t work as they do for showing ads that do work.
Forced advertising is good for Google. It’s not good for the users nor the companies who pay Google.
That’s not true. Do you think, say, coca cola cares if you click on ads? Not all ads are looking for clicks. Some just want to get impressions.
Yes it is true. They don’t make an impression when I don’t see it.
Call me old fashioned, but I have hands. I physically put my phone away because I do not want to watch the screen on my phone when the screen is showing an ad instead of showing what I wanted to see.
Companies are paying Google to show me ads that I don’t see.
Coca Cola’s brand recognition does not come from YouTube ads. It comes from signs in the real world, visual merchandising in stores and product placement in shows.
Absolutely. There are petrol pumps that play fucking ads. What do I do? Enter car. That’s horrifying to me.
I haven’t had YouTube ads for a long time thanks to Firefox focus but if I did? I’d probably abandon the platform. Otherwise I’d just put my phone upside down for as long as the ad might be.
You’re entirely correct. I refuse to ads. I wish billboards were illegal here. Ads are a fuck.
Ads on the internet are a consequence of people not wanting to pay for internet services.
This is absolutely not true as Steam and other niche streaming sites have proven. When you make it easier to buy what you’re selling, rather than doing everything in your power to nickel and dime consumers to pad your stock price, people are fine paying for those services and you don’t need ads.
Historically speaking, your statement is false, and there are multiple examples to prove it.
Ads on the internet are fucking spyware, no thanks
I’ll take my PiHole and ublock and wipr and never see them again thanks
This is only true for large, legacy companies like Coca Cola though. This doesn’t work for startups shilling shitty headphones, flashlights, VPNs, mobile games, etc because you’re unlikely to randomly come across their product when walking around the grocery store for example.
The majority of ads are toxic on a medical need level for me. I’d sooner build an ai to prewatch and live record videos. Cutting out the cursed segment.’
Not all ads are cost per click, many are priced by impression, and that traffic to Vance’s costs money.
So they would make more money blocking Vance, but the impressions from Vance’s users are likely the seething “I’ll never buy from you for making me watch this ad” type.
If you aren’t paying them for Premium, or viewing their ads, you’re literally costing them money. They’d rather stop you from even consuming the bandwidth.
On the other hand, they are spending real money on development time to fight against an army of independents doing it for fun or personal satisfaction. That’s throwing money into a hole they can never fill up
Yeah, as someone in ops in another industry I would just chaulk this up to the cost of doing business, cut my losses, and move on. I can’t imagine most people are using ad blockers.
I doubt they think about the “army of independents” much at all.
With the multiple updates per day they’ve been hammering out against the ublock origin devs, I would disagree with that. Can’t think of a way they would be accidentally hashing it out against each other per matter of hours
They want to get paid, I just don’t think they see any competitor as a threat.
Well, that part is working really well. I’ve been using YouTube less and less every time they’ve worsened the free service. I don’t even bother with the revanced loopholes, I’ll just don’t use YouTube to find stuff. Most of the content is made for monetisation purposes anyway.
I’m not saying they shouldn’t do it, or that I don’t understand why. It’s just a prime example of the internet going to shit.
I’m not disagreeing you, just stating the facts. If we aren’t paying for it, and not watching their ads, we can’t expect to be considered at all. I paid for Premium for a few months, just canceled it while I catch up on some other things. We still have the freedom to pick and choose which services we pay for which is fine by me.
If you give thumbs ups and add comments, you’re still providing user generated content that increases the value of the content you watched, so they’re still getting something out of it. Your contributions could go on to drive someone else to watch the video which could end up seeing the ad you blocked.
It’s a question of what that value is that you’ve provided to the service. It’s the same question Reddit will be finding out the answers to over the next couple months.
You can try to look it up if you want, but I’d suspect those sort of interactions are fractions of a penny on the dollar compared to revenue from Premium or Ads.
Does it really cost them? If we take it to the extreme and say everyone collectively decided to stop costing them money by watching their content for free, what would that do to the value of their platform?
Yes, Bandwidth, servers, storage are all expensive. If everyone stopped paying or seeing ads they’d kill the product and you’d have nothing. There is no viable replacement for YouTube. Most channels would cease to exist. Only the larger ones would be able to afford to figure out how to keep going. The ladder would be pulled up for any small or new creator looking to break in.
It would suck but things would go on. I’m sure other places like tiktok would salivate at the idea of a YouTube exodus. Also there’s other platforms that would gladly have, at least, subsections of YouTube. Plenty of other places to post your gaming videos.
Letting TikTok win is not good. Unless something has changed, they pay shit to creators too.
I agree with you, it was more a point of YouTube needing us more than we need them.
No matter what, people will always find a way to mod the apps they really want to have free.
There’s definitely a danger if attestation becomes widespread enough that they can require it.
Not a danger of being unable to mod the apps, but they will be able to restrict access to their servers to the official unmodified app, when it’s running on specific trusted operating systems.
This is already quite easy to do technologically, it’s mostly a question of at what point Google feels it’s worth doing, since once they start they have to commit to closing whatever exploits people find. And deal with the fallout of blocking a bunch of people on random old devices that weren’t blocking ads anyway.
Of course people can still work around by running modified apps on rooted devices but it’ll be enough to defeat a probably fairly large slice of users too lazy to jump through hoops - and as a bonus it won’t just block Revanced (which is a fair bit of work to get running already) but also the other apps for media players like Smarttube, which were easier for people to set up.
And finally when all else fails they will spend the compute to embed the ads in the video stream, once they work out how to minimize the distribution costs for that.
Yup. I remeber the girls at school listening to bootlegged YouTube videos from shitty rip off apps from the appstore lol. Before revanced, there was vanced, after revanced, a new Phoenix will emerge. The people will it.
Rerevanced
Electric boogaloo
Reeeeeeeeeeevanced
I remeber the girls at school listening to bootlegged YouTube videos from shitty rip off apps from the appstore
That could have been yesterday or like 15 years ago
Haha fair enough. For what its worth they had iPhone 4’s and Ipod touches. It was close to a decade ago then it was to yesterday.
Imagine going to school when people had access to smart phones. Fuck I feel sorry for you younglings
I wouldn’t be so sure. If you hang around for 10 years I would love to have a conversation after that length of time and see if you agree with yourself here
This is just the mini version of what they tried to do in Chrome. Since you don’t have to use the built in webview it’s meaningless.
Apps can easily be redesigned with some kind of webview integration, and some apps already do have random things that bring up webview, and thia would kill them on a rooted device.
The inherent issue here is they’re arguing this will help prevent fraud, but they’re not looking for fraud. They’re looking for an altered device and assuming fraud.
I nuked a food app recently because instead of opening so I could give them money in exchange for food they decided to police my phone for PCAPdroid by way of refusing to run beyond showing a message stating that I can’t have PCAPdroid installed and closing after a 5 second timeout.
Fuck you, Papa Murphy’s. What’s your app doing that you’re afraid I’ll be able to see? You’re blacklisted for life now.
Why would someone download a fast food app in the first place, I’d pay to NOT have that on my phone lawl
I totally agree but my wife does have the McDonald’s app which gives decent discounts on food. I get to live the best of both worlds by not having to download the app while still benefiting from the discounts.
Very famous take and bake pizza place, literally not fast food.
Replace fast food with “corporate restaurant chain app” then
As a Papa Murphys lover, I can’t for the life of me understand why you’d ever need to install their app. You can order from the website just as easily.
I’ll give them a pass as I assume they got some bottom of the barrel developer to cheaply create their app and it doesn’t get anywhere near the level of attention that something like YouTube’s app would.
What I meant though was you aren’t necessarily stuck using Google’s webview, though they make it non-trivial to jailbreak from theirs.
https://github.com/bromite/bromite/wiki/Installing-SystemWebView
Of course they would, the bastards. I’m assuming that would also affect newpipe and freetube too?
At first I thought so too, but I believe those might still work as long as the attestation feature doesn’t end up in browsers. Those applications likely can still pretend to be web user.
ReVanced is special because it patches original YouTube. So if the original YouTube would start doing this kind of verification, after being patched it would stop working. To fix it the whole playback code would have to be replaced, but at that point why not use NewPipe or GrayJay.
BTW: Google is doing that because it has monopoly in that market. They similarly have monoly with browser market. Still after uproar they backed off. We really should try to break it and apps that support multiple platforms (like mentioned NewPipe and GrayJay are probably the best way to dethrone them)
Consumers have created this future by flocking to YouTube and nothing else.
I’m making good use of yt-dlp while I still can
Surely as long as there’s a way to access YouTube on devices without attestation, this won’t kill anything.
Indeed. And if they decide to brick or degrade all legacy apps, people will just transcode and torrent.
Information wants to be free, and millions of people have the skills to make it happen.
Alright, and Google doesn’t need to pay for that, so win win?
The irony is that it will probably cost Google way more due to the overhead of DRM for normal users than what they save on “lost” capacity in the current situation.
Can’t say I agree. I’d guess it’ll turn out like the Netflix shared passwords situation where everyone online predicted mass cancellations, and Netflix subs grew in actuality. Most people won’t give up YouTube, they will either stop blocking ads or pay for Premium. At least enough to increase their profits.
Can someone confirm whether YouTube ReVanced really uses WebView?
It’s the official app apk with some mods. So probably not.
In that case the premise of the entire article is wrong then.
Google can redesign the official app and kill functionality to the previous version.
I don’t think it matters. ReVanced patches original YouTube so it will use whatever YouTube is using. Even if current YouTube app doesn’t use WebView that’s nothing stopping them from adding it in the future.
If I’m reading article right, Google supposedly “discontinued” the attestation technology in Chrome, because of the shit storm, but looks like they are thinking of adding it to Android and use it to verify the devices and applications are genuine. The YouTube server for example might refuse to serve the video if the application is not genuine.
If they are testing application genuinity im more concerned they might break all the google services hacks etc used by graphene os.
Which would suck.
It would piss me off hopefully the eu covers that under there antitrust specificly with what they are hopefully going to implement with the new thing they are doing with 3rd party app stores but idk we will see.
Why would the EU cover how Google controls who uses Google’s services?
deleted by creator
Most people I know who use Graphene still use Google services and backend stuff. Just sand boxed so they have a bit more control.
Personally, I’m still looking for something that isn’t Google or Apple. Haven’t found it yet.
Ive completly killed google excepr for revanced am working on that tho.
And sandboxed is better than nothing gives more control ill take that over no control any day.
I mean they successfully destroyed any possibility to use banking apps in custom roms like LineageOS, with their new Play Integrity https://developer.android.com/google/play/integrity
Maybe there already is or there will be some circumvention, but when i had to do it there was none.
I mean they successfully destroyed any possibility to use banking apps in custom roms like LineageOS, with their new Play Integrity
This is a consequence of the security standards banks (and credit card companies) need to follow, not Google doing.
Banking apps work fine on graphene or at least mine does.
Talk to your bank and demand them to disable SafetyNet. You own your phone and by doing this they are trying to protect you from yourself.
My bank app works I think one credit card app displayed warning that my phone is rooted but still let me use it. Your banking app should not block you, but it can warn you if they less feel better.
Yeah me and the 50 nerds as customers won’t change a thing
If you don’t contact them and continue to use the back there is zero motivation for them to change anything.
I hear this pathetic argument over and over again. It is primarily used in politics. “my senator/representative is republican, he won’t listen” maybe he won’t but the others that already agree with you, don’t require convincing, your congressman does though so that’s why you need to have your opinion heard.
Unlike with politician, a bank is much easier to change for an individual. You can send email to them, threatening to change and if they refuse, you follow on it (worst case you go to bank that doesn’t do this). You would be surprised how effective this might be when it is connected in any way to their revenue. In most cases the management might not even be aware of the issue and devs simply enabled it because they were told the app needs to be secure, and checking phone integrity sounds like a secure thing to do.
What major change did you accomplish at big companies or political?
I don’t understand why YouTube doesn’t use the stupid blob video format (I don’t know the technical details, maybe it’s about drm protection) already. It almost makes it impossible to view a video in something other than the player it came with and I don’t like that.
Android WebView Media Integrity API
Is the WebView based on Chromium? If they add this WebView, how far off would it be from being added to Chromium?
The amount of copium I see in these comments is staggering. Google owns the Youtube app, they own the Youtube servers, they even own the damn operating system you’re running it on, and they’re one of the richest companies in history. Do you REALLY think they couldn’t shut down ReVanced if they wanted to? Are you really that naive?
The moment they decide to put even a small amount of effort towards shutting down ReVanced or the others, they’re as good as dead.
They’ve already tried to kill it like a year or two ago with their last major API changes. This is just another attempt at it.
Google may be wealthy, they may be in control. However, they’re still limited by how the technology fundamentally works. You can only secure something so much before you inadvertently damage your own product’s functionality by restricting its access too aggressively.
Another thing to remember, YouTube is used by literal billions of people across the entire planet from virtually every notable OS capable of doing so. Locking it down so that only one type of app and web browser can access it would cause them to lose millions of eyeballs and ears, i.e. hundreds of millions of dollars in revenue over time. It’d have the exact opposite effect of what they’re trying to do (increase ad profits).
Technically they could, but the effort and checks required to do so would be massive and very disruptive to android in general. They tried something kinda like it with SafetyNet, and it’s so trivial to bypass it’s being phased out.
Turns out root detection is kinda easy to circumvent if you have, you know, root access.The effort is so small that they decide not to?
Yes you know your stuff
deleted by creator
The moment they decide to put even a small amount of effort towards shutting down ReVanced or the others, they’re as good as dead.
Possible. Now what it is missing is the part that should convince the ReVanced user to accept the new situation (they must bear the Ads) instead of stopping to use the service. Remember, Google if fighting against people that are already taking active actions against them, not the Average Joe user.
And in all this, Google cannot risk to put too many hops in the path of the Average Joe users as there is the risk that the common user consider that, all in all, the service no more worth the headache to use it.