Tell HN: Chrome says "suspicious download" when trying to download yt-dlp

The heuristics powering this, as well as the Windows Defender whitelisting, are terrible.

My understanding is that a specific binary needs to become popular for it to stop being flagged. This creates a chicken and egg problem. Users are not incentivized to use the program with the warning. But removing the warning requires many people to ignore the warning.

This is a big problem for anyone writing Windows software. An indie developer or small open source project is not going to do well with this.

for what it is worth, when downloading the latest .exe from github, firefox says "this file is not commonly downloaded" and i have to select "allow download".

scans of it are fine.

probably just a heuristic-based false-positive, and not a news-worthy story of chrome abusing their monopoly or whatever.

The binaries they offer are complied using PyInstaller, which can give false positives in anti virus software.

Reminds me of how Bing search for Google takes people to a page meant to resemble Google.com. Can't trust huge companies.

But as others have pointed out, it's probably a coincidence in this case. But who knows.

I tried to reproduce this on their download page for the latest release[1]. Only the windows exe gets the warning, the other releases (macos, linux, etc) all download just fine. That makes me think it's an automated system that messed up, not an attempt at anticompetitive behavior.

[1] https://github.com/yt-dlp/yt-dlp/releases/tag/2026.03.17

I can reproduce when downloading https://github.com/yt-dlp/yt-dlp/releases/download/2026.03.1.... But it did provide a line of explanation:

Dangerous download blocked yt-dlp_win_x86.zip is not commonly downloaded and may be dangerous. [Discard] [Keep]

This entire thread it almost entirely proof that HN is now reddit. No facts, no consideration, just accusation and crowd think

> Comments should get more thoughtful and substantive, not less, as a topic gets more divisive.

none of that here

> Don't be curmudgeonly. Thoughtful criticism is fine, but please don't be rigidly or generically negative.

not followed here

> Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith.

none of that there

> Eschew flamebait. Avoid generic tangents. Omit internet tropes.

Lots of that here

The system is clearly automated. As others have pointed out, they've been able to download without incident. As other have also pointed out, Firefox also warns. The warning is reasonable, claiming that something isn't downloaded often is true, until it isn't. A few more downloads and the warning will likely go away.

Nothing to see here except a Google hater mis-interpreting something and the posting ragebait.

It's funny such a big corporations can't let such a small tool live.

Google is such an evil company, it is not even provided anything great anymore.

Anti-gravity paid plans suck, GCP is billing heavy. Today google sucks at most things

Their Android playstore hardly updates statistics once a day, so much for such a big data company with unlimited sources lol

Which is why I download it from my Linux distribution's package manager. It's available on Termux too.

So, Google's browser says downloading a tool to download files from Google's servers is "Suspicious"? Not surprising.

Clear conflict of interest enabled by anti trust not being enforced.

`brew install yt-dlp` or `scoop install yt-dlp` :)

Linux user here unaffected as I get it straight from my command line.

Which link exactly did you try to use? Or what specific version on the Github releases page? I checked both the latest windows and macos versions against Google Safe Browsing and all were fine.

Interesting to inspect any telemetry on this. Could end up on a list.

You wouldn't download a downloader.

Chrome for work, Safari or Arc for everything else. I envy you if your use of yt-dlp is work related.

Chrome and YouTube are both owned by Google. There's an obvious reason why they want to discourage use of that extension.

break this shit up, break all of this shit up.

Google needs to be at least what four companies.. gcp, youtube, search, workspaces...

Apple needs to be at least two hardware/os, music/tv+

Microsoft, meta, etc, Monopolies are bad and our SEC/FTC/Government is doing a poor job of controlling them. At least as equally trecherous are these businesses that overly vertically integrate... anyways, we're fucked.

It's over. The internet culture of the 20th and early 21st century has been appropriated for profit.