Yahoo Messenger Blocking youtube.com URLs?

wesleyye writes, "This morning I attempted to copy and paste a youtube.com URL to two of my friends via Yahoo IM. But they kept complaining they did not see anything. Actually they saw all the text message lines except the line with the youtube URL. Is YIM blocking the competitor out?" We verified in this office that a fully formed youtube.com URL could not be passed on YIM; changing the URL to read youtubex.com caused it to go through. Any other URL we tried worked. Update 10/10/2006 20:58 GMT by SM: Additional testing shows that there is something else going on for well formatted URLs. Even search results from search.yahoo.com had trouble when included with other text on the same line. Still awaiting comment from Yahoo!.

They seem to have fixed it

[Great_Jehovah (3984)]

either that or slashdot is seriously FOS

Can't imagine they'd want to.

[Kadin2048 (468275)]

Very strange.

I just did some Googling and there doesn't seem to be anyone else talking about it, at least that I could find -- if Yahoo really was engaging in this, you'd think it would have created more of a hue and cry.

I'm starting to suspect hoax, unless someone besides the article submitter can come up with evidence that it happened.

I can't imagine that Yahoo would want to demonstrate that it has the capability of selectively filtering messages based on content. That just opens the door to lots of problematic demands -- e.g., why don't they block links to warez sites, or porn, or gambling, or (in other countries) various political websites. If you have that sort of capability, even if you don't want to use it for evil purposes, people are going to try and make you use it. So it's better just to never develop the capability in the first place, and if it is technically possible, never reveal that it can be done on demand, so that you can maintain your plausible deniability.

Re:

[setecastronomy (116560)]

I don't know how I could "prove" it, but I can verify that this has indeed been happening for at least 4+ months*. Any message with youtube.com in it was silently discarded, but outube.com, utube.com, etc. all went through fine. I suppose I could post chat logs from my two machines, but obviously I could have altered them to suit my own purposes...

I just tested it now, and youtube URLs no longer appear to be filtered. However, they were as recently as two weeks ago.

* In fact, I submitted this when I first n

Re:Can't imagine they'd want to.

[Firehed (942385)]

You could always post a screenshot of the logs, since that seems to be admissable in court nowadays.

Re:Can't imagine they'd want to.

[joe_bruin (266648)]

Yahoo filters out certain messages, and it has nothing to do with YouTube. Near as I can figure, the algorithm is like this:

If the first message you send to someone in a period of time contains only a URL (doesn't matter where it links to), it will be filtered out. I'm guessing this is to reduce spam.

Way to overreact, Slashdot.

Maybe worm-spread prevention?

[Kadin2048 (468275)]

That actually makes a certain amount of sense. There were some worms floating around that would replicate themselves by sending an infected URL out as a message to all of your AIM contacts.

There was a period of time a few years ago when I was getting 10-15 of these URL-messages a day. Didn't affect me any, because I used a Mac, but it might explain Yahoo's paranoia.

However, I would find such a limitation incredibly annoying, since I often use IM applications to send people links. For example, let's say you'

Re:Can't imagine they'd want to.

[wdr1 (31310)]

Editor 1: I'm having basic tech support problems!!!
Editor 2: Quick, post it to the home page!

-Bill

Yahoo: Now even creepier!

[Kadin2048 (468275)]

If true that's almost creepier, since it suggests that in addition to just scanning the message for content and looking for some simple strings ("http://", "google", "youtube") that it's actually following the link and analyzing the content at the end of it.

I guess the test would be to find a link that's blocked, and a link that's allowed; then put each one into a TinyURL and see if the same rules apply, or if they're both rejected or both accepted.

I agree with some other people though, based on other things that Yahoo has done, this seems like a provision that was probably originally implemented to stop the spread of spam and malware, not necessarily for any nefarious purpose. However, it's overly broad and IMO they'd be better without it, both for their own good and so as not to aggravate their users.

Re:

[smbarbour (893880)]

Ahh, but that wouldn't hold true if you told your friend not to access it. Then, if activity shows up immediately, either YIM is checking it... or your friend is an idiot.

Not one.

[SanityInAnarchy (655584)]

I have a Jabber ID that comes out to be the same place as my email address, and I flaunt both on every web forum I'm ever on. The email address gets 30-60 spams per day (nicely filtered by BogoFilter), the Jabber ID doesn't get a single one.

I have two AIM accounts, two MSN accounts, a Jabber ID, a Google Talk account (as in, a Jabber ID @ gmail.com), and a Yahoo account.

I do occasionally pop into AIM chatrooms for a laugh, and those are completely dominated by spambots. But even there, the bots simply spam the channel in predictable ways, waiting for someone to IM them so they can reply with a URL, or tell you to look in their profile for a URL.

I also used to have some people as friends who were not too careful with their security, and were thus loaded with spyware. Their spyware sent me spam occasionally, I told them about it, they didn't care, so I blocked them.

Those are the only two places I've seen spam over IM. I mostly use Gaim on Linux and Adium on OS X, and I've also used Fire, iChat, and Yahoo natively on OS X. I only get unsolicited messages when I'm in chatrooms, or when I bother to try to make Qunu work. Neither of those are spam.

Frankly, I think either spammers haven't discovered IM networks, or a lot of effort has been made to make it hard to spam through them. The centralized approach probably helps a lot, too -- you can't exactly implement a CAPTCHA for Jabber, since anyone can set up their own server and register as many users as they want, but it's easy to implement a CAPTCHA for any of the other systems I'm on. Still, I'm never comfortable with any organization silently acting on my behalf, with no way to control that -- it smacks of ISPs putting VOIP traffic on high priority and ignoring SKYPE traffic. If you want to block messages to me, at least give me the option to unblock them, and default to off (prompt me when I sign up). Same with traffic shaping -- let me control how my own traffic is shaped, or at least let me turn off the shaping.

Re:

[Tackhead (54550)]

Great_Jehovah (3984) writes:

> either that or slashdot is seriously FOS

Welcome to Slashdot! So, how much did you pay on eBay for that four-digit ID? :)

Re:They seem to have fixed it

[hank (294)]

I then wonder what my 3 digit id would fetch. ;)

Re:

[Jon Abbott (723)]

I remember the grand old days of no user IDs on Slashdot (yes kids, no joke!). That was fun, being able to impersonate whoever you wanted... Flame wars would erupt between Bill Gates and Linus Torvalds. It eventually got out of hand, and then everyone became a number...

Slashdot recently hit user ID 1 million right? Wow.

Wow, Yahoo...

[Ant P. (974313)]

Ever heard of subtlety?

That's great for Google!

[KingSkippus (799657)]

Before everyone gets to feeling sorry for Google for this grave injustice against them, you should realize that Yahoo is well within their rights to block anything they want to from going through their IM service, and once people figure out that it's broken as a result, they'll start using an alternative.

...like, say, Google talk [google.com], maybe?

Re:

[spectral (158121)]

Yahoo's been doing this for a while, with videos.google.com as well. My friend attempted to submit this MONTHS ago and it was rejected.

Re:That's great for Google!

[IANAAC (692242)]

My friend attempted to submit this MONTHS ago and it was rejected.

Have your friend start a blog, then post the "article" to slashdot anonymously. Seems to regularly work.

here's what happened

[porkThreeWays (895269)]

(yahoo guy in the back browsing slashdot at work)

Shit! *click* Whew.

Politics?

[xcrunner (969694)]

Does this story really belong in Politics? I think it more has to do with competition then politics.

Re:Politics?

[timster (32400)]

I think it's partially intended as a hint about what a future without network neutrality might be like.

Re:

[monkeydo (173558)]

Free (as in freedom)? If you don't like the service Yahoo! provides, use their competitor.

Re:

[AKAImBatman (238306)]

kdawson mistakenly put it in politics and had to leave the office.

Geez. Kind of harsh don't you think? I mean, the guy has only been here a month or two. No need to fire him over a simple mistake!

(I kid! I kid!)

Tin foil time

[ahknight (128958)]

Time for the foil hats, I guess.

I know at work there were days that every URL except for fark.com would work and then it would come back. Some monkey having fun is all.

And .. why aren't you using Jabber? I mean, really...

Block happening server side?

[Necroman (61604)]

I'm guessing this block is happening in the YIM servers and not in the client (would be harder with all the 3rd party clients out there). So, the only option is to not use them? If they are going to filter your chat because of their Marketting departments idea of business, don't use them. There are many alternatives out there (GTalk, AIM, MSN...), why use someone that would even consider filtering their users messages?

Re:

[Ironsides (739422)]

I'm guessing this block is happening in the YIM servers and not in the client (would be harder with all the 3rd party clients out there).

It would also be harder as this would probably require a client update. As most people don't always run the most recent version...

More interesting is, if this is being run on the server side, then they are scanning every single message that goes through their servers. I wonder what else they are scanning for?

Re:

[denbesten (63853)]

> More interesting is, if this is being run on the server side, then they are
> scanning every single message that goes through their servers.
> I wonder what else they are scanning for?

Unfortunately, we know that they are not scanning for viruses, spyware or phishing.

subscription benefits

[qw0ntum (831414)]

News from the future: "Yahoo! Messenger blocks links from slashdot.org"

Loss of communication can mean only one thing...

[suv4x4 (956391)]

... but I hate movie quotes, bring your own conclusions.

Blocked by the client software

[Mwongozi (176765)]

Just tested this with a friend - the URLs get through fine when sent with Adium. So they're being blocked by the client software - not the network itself.

Re:

[CustomDesigned (250089)]

Maybe due to malware, rather than Yahoo?

Drawing a pretty fine line there...

[Kadin2048 (468275)]

Maybe due to malware, rather than Yahoo?

Wait -- there's a difference?

Blocking?

[by Anonymous Coward]

It would be more Yahoo's style if they just changed the URL to something else...

(see http://en.wikipedia.org/wiki/Medireview [wikipedia.org] for the history)

They've done this before

[Jugalator (259273)]

Since they've done this before [quickwired.com], and now done it again, I assume they'll keep doing it until discovered with it in the act. In which case they'll call it a temporary glitch or something. They're skilled [wired.com] in this work internationally too, and are building quite a reputation with all this.

Video.google

[zenithcoolest (981748)]

Google video URLs are also blocked I guess. Isnt this antitrust?

Re:

[99BottlesOfBeerInMyF (813746)]

Google video URLs are also blocked I guess. Isnt this antitrust?

Umm, what are you proposing Yahoo has a monopoly on?

Re:

[truthsearch (249536)]

Maybe he means it goes against the trust people have in Yahoo's service. Or he thought we're talking about MSN.

Skimming?

[by Anonymous Coward]

Any thoughts that YIM is skimming the URLs you type for personal use ?

Maybe Youtube's links are being tracked as they are passed via YIM service ? Nothing says the messages are confidential. What's the likelyhood of this ? You could get customer data on the popularity of your viral (youtube) marketing , or make statistics as links traverse across these (IM) networks.

We all know IMs aren't secure, but the thought of catching links with statistics drawn up by links being shared is a scary proposition.

I am saved

[sarathmenon (751376)]

They haven't blocked http://www.pornotube.com/ [pornotube.com] yet!

Not just YouTube...

[g_attrill (203506)]

I have recently noticed that many URLs sent in IM's will disappear without a trace. It seems that often the FIRST URL sent will not get through, but subsequent ones will. For example I will open an IM window, send a URL then say "did you get that?" after they don't reply, then the person will reply "did I get what?". The ones I can recall where links to Photobucket.

I think they are basically trying to stop the IM spam where URLs are randomly sent to users.

YouTube links pass well in

[Neuropol (665537)]

IRC. We pass links back and forth like that all day.

you could always try Tinyurl-ing [tinyurl.com] them and see what happens.

WTF?!

[delirium of disorder (701392)]

Why the hell aren't you using a free software chat client (so yahoo can't block anything client side), with encryption (so they can't block anything server side)? The are many benefits to free software and encryption beyond this particular situation. A proprietary chat client using a cleartext protocol just seams like idiocy from a security standpoint, especially in the age of Criminal/Corporate/ISP/NSA snooping.

This is apparently an old, old bug.

[shark72 (702619)]

Sending URLs of any sort as Yahoo! IMs has been unreliable for me and my friends for at least a year. There seems to be no rhyme or reason to it; some URLs just don't go through. I've noticed it when both parties are using Yahoo! Messenger and also when one or both parties are using Adium, so unless the bug also exists within Adium, it may be a server-side issue.

I've found that preceeding the URL with some random text (I end up typing "click here:" or something similar) addresses the issue. It's only when the IM line consists solely of a URL that it randomly goes into the bit bucket.

MSN Messenger guilty too!

[Bake (2609)]

If you try to write a message to someone a URL that contains gallery.php or download.php, the entire message will not be delivered at all.

I'm calling bullshit unless ppl can reproduce it

[tacokill (531275)]

I just tried this with a friend. I use Trillian. He uses Yahoo.

We could both send Youtube links back and forth with no problem. We tried about 30 different times both with youtube.com as well as deep links directly to videos. No problems whatsoever.

Is anyone else able to reproduce this? Until so, I am calling bullshit.

3 words....

[golgoj4 (993133)]

porn bot spam. I noticed yahoo started doing this with most urls and that i had to break them up for them to show up. I think this was in response to all the phishing and general scams via links posted. I dont know if youTube should feel special...it even blocks my website when I try and prove I have a job ;)

Interesting Addition

[Nom du Keyboard (633989)]

Get a chat client that adds an MD5 signature. It could tell you if the message was altered, unless they recompute the MD5 as well.

AIM blocks URLs too

[elyograg (15945)]

I have found that an AIM chatroom will not accept certain URLs. It eats any message containing something it doesn't like. One notable example is anything from theonion.com. None of the URLs that trigger this behabior make any kind of sense to me. If you run any of the banned links through tinyurl, it is allowed through.

A direct IM of the problem link outside the chatroom will make it through just fine.

Re:

[monkeydo (173558)]

Please provide a link to the FCC decision that says Yahoo!, or any instant message service is a common carrier.

Not "common carriers" but close.

[Kadin2048 (468275)]

I'm not sure that you're correct to call them a "common carrier." That term has a specific meaning under both traditional common law, and as used in U.S. law, and to my knowledge, ISPs -- much less network operators -- have been considered "common carriers" by neither. At least, so far. I think that you could come up with a very good argument for doing so, but I'm not sure it's been done by a court.

However, as "Online Service Providers" (OSPs) computer communication networks are given certain 'Safe Harbor'

Re:They are doing it with passwords too!!! AWESOME

[From A Far Away Land (930780)]

I tried sending ***** and it went through. So did 12345.