March 31, 2026

Download drama, now buffering

Article URL →HN comments →

Tell HN: Chrome says "Suspicious Download" when trying to download yt-dlp

Chrome calls a popular video downloader “suspicious” — web rebels vs Big Browser

TLDR: Chrome warned that the popular video-downloader yt-dlp was a “suspicious” file, igniting a fight over security vs. control. Commenters split between blaming clumsy protections and corporate self-interest, while others point to false positives and suggest installing through trusted package managers to avoid the scare.

Chrome threw up a big red “Suspicious Download” when a user tried grabbing the latest yt-dlp — a beloved, open‑source tool people use to save online videos (hi, YouTube). And the internet promptly erupted. One camp thinks it’s corporate vibes, with one wag noting the irony: Google’s browser flagging a tool that downloads from Google’s site. Another camp says it’s just clumsy security heuristics — those automated checks that sometimes freak out over new or rarely seen files.

Developers piled on with chicken‑and‑egg angst: Chrome and Windows Defender often trust a file only after lots of people download it, but who downloads it if it’s flagged first? Others cite the recent npm axios compromise to argue stricter warnings make sense. That sparked a counter‑blast: if everything unknown screams “danger,” users learn to ignore warnings — exactly the opposite of security.

Amid the chaos, the practical crowd chimed in: binaries built with PyInstaller can trigger antivirus false alarms, Safe Browsing shows the release links as clean, and you can dodge drama by installing via Linux or Termux package managers. Then came the mood‑setting black‑pill: the old, open web has been “appropriated for profit,” so of course tools that empower users look shady.

Is this Big Tech protecting users or protecting its ecosystem? The thread reads like a meme in motion — part security PSA, part culture war, all download drama.

Key Points

  • A user reported that Google Chrome labeled a yt-dlp download as a “Suspicious Download.”
  • The warning appeared when attempting to download the newest version of yt-dlp.
  • Chrome did not provide any explanation beyond the “Suspicious Download” label.
  • The post notes the incident occurred on a newest version (implied to be the browser).
  • The report received notable attention on Hacker News, with 250 points and 81 comments at the time.

Hottest takes

"So, Google’s browser says downloading a tool to download files from Google’s servers is 'Suspicious'?" — ompogUe
"Here, Microsoft is training users to ignore a security warning." — dqv
"Given the recent npm axios compromise this sounds like a pretty smart move?" — gruez

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.