China is attempting to mirror the entire GitHub over to their own servers, users report
infosec.exchange
GitCode, a git-hosting website operated Chongqing Open-Source Co-Creation Technology Co Ltd and with technical support from CSDN and Huawei Cloud.
It is being reported that many users' repository are being cloned and re-hosted on GitCode without explicit authorization.
There is also a thread on Ycombinator (archived link)
You are viewing a single comment
I'm noticing this misconception in a lot of places.
Just because something is on GitHub, doesn't mean it's open source.
I get what your saying, in that open source projects normally have a licence that applies to how itโs used - but this has always been open to abuse.
Nothing has ever stopped things like this happening - see how industry has taken advantage of open source for decades (often productising things as their own in the process).
The industry takes advantage of open source projects that have permissive licenses. This is an important distinction.
If you didn't release your code with a permissive license (or even with a license at all), you have rights that protect you and your code. The only issue is that copyright infringement can often be hard to prove if you didn't plan ahead for it.
Obviously it functionally very much is. If you wanted to keep it closed source you'd host it on your own servers or even keep it offline.
No, this is not correct at all! You keep limiting yourself to the terms "open source" and "closed source".
Any code you create, you own by copyright. Even if it is public on GitHub, you're still the lone copyright owner and no one is legally allowed to do with it what isn't allowed by a license.
Projects on GitHub without an open source license are only "functionally open source" to the same extent that pirated games are "functionally free".
If you want to use piracy language then this is privateering. It would be piracy except for the fact that they've got the backing and protection of a major country.
Copyright is an arbitrary concept. If a country decides to ignore it, then they can do what they want with a publicly-visible resource.
Don't forget that "open source" has a different definition than "source available".
Oh I get the theoretical difference. I'm talking about functional difference. Good luck taking China to patent court.
Open source doesn't mean source available. You simply aren't using the term correctly.
No, I'm pointing out that China doesn't care about your dictionary.
If someone infringes on a copyright that doesn't mean the work isn't copyrighted. You can't just say things that are source available are open source. Even if someone is infringing on the rights holders they're still only source available.
In countries following that legal regime.
You're being obtuse. I get the point you're trying to make -- you've been heard. I'm just saying those aren't the terms you should be using to make it. Open source has a very distinct definition and it has to do with the licenses covering the code. It has nothing to do with whether different countries have differing laws. Code cannot be open source in one country and not open source in another because the definition has nothing to do with countries. In fact, that would specifically not be open source because it gives rights to some and not others.
The problem is we aren't in a thread talking about Apple stealing code. We're in a thread about China doing it. And people in here are like, "that's illegal! It's not actually open source!"
Which is why I'm driving this point so hard.
Just because it might be legal to violate copyrights in other countries doesn't make the code considered open source though lol.
It does where they're concerned.
๐
If it's on the internet, I save, I pirate, I protect. Don't like it ? Then get off MY internet !