Security researcher Fabian Faessler – aka LiveOverflow – speaks to The Daily Swig about the growing appetite for hacking videos
YouTube hacking tutorials get a pretty bad press. Earlier this year, for example, UK police chiefs condemned “brazen” channels for showing users how to break into school servers, create ransomware, and crash computer systems.
Despite the controversy that’s being generated by some less-than-reputable content creators, YouTube channels offering more ethical approaches to hacking and security are proliferating, too.
LiveOverflow, created by security researcher Fabian Faessler, is an educational security channel that now boasts more than 300,000 subscribers.
Faessler says he originally started with live streaming, and was inspired by Geohot (aka George Hotz), the hacker best known for successfully unlocking the iPhone. But, he says, “I realized I was not that entertaining, so I moved to YouTube, where I could edit them [the videos] down.”
Content on the LiveOverflow channel can be split into three main areas: binary hacking, Capture the Flag (CTF) challenges, and general web security.
These videos cover basic memory corruption techniques such as buffer overflows, format strings, and heap exploitation; walkthroughs of CTF challenges from areas such as reverse engineering, crypto, web, and exploitation; and a basic introduction to web hacking.
“In general, you could separate them into categories,” says Faessler.
“I want to have the very technical videos that are downright educational, that a university student could watch or a security professional. They’re quite dry and boring in that sense.
“On the other side, I have more entertaining videos in the hopes to draw in new people and motivate them. These videos are watched way more.”
His most popular video, created late last year, shows Faessler attempting to reverse engineer a mysterious Raspberry Pi device that was found in a college library.
The video attracted millions of hits, and still accounts for around half of his channel’s monthly views.
However, says Faessler: “The videos I’m most proud of are the more technical videos where I show people something that they maybe haven’t realized. For example, there’s a video explaining URLs and how complex a URL actually is. It’s the videos like that I like the most.”
In August 2018, YouTube allegedly censored a number of users for apparently breaching its “acceptable content” policy by offering hacking tutorial clips – despite the channel owners’ insistence that the tools should only be used for good.
While many hacking tutorial channels have, rightly or wrongly, fallen foul of YouTube’s content policy, Faessler says he’s never had any difficulties.
“I personally have had zero problems – no issues with monetization, or even the channel being blocked,” he said.
“I think it’s down to small details of how they phrase the titles, and also maybe a bit about the content of the videos. My videos tend to be more generic, while other videos might give real life examples; and from the outside, that could look worse.”
RELATED YouTube content creators are facing denial-of-service attacks of a different variety