GitCode, a git-hosting website operated Chongqing Open-Source Co-Creation Technology Co Ltd and with technical support from CSDN and Huawei Cloud.
It is being reported that many users’ repository are being cloned and re-hosted on GitCode without explicit authorization.
There is also a thread on Ycombinator (archived link)
China cares of nothing, from patents to licences. Culture of steal and copy, rebrand and sell/use
I would argue that this culture would possibly be good to learn from them, first. It didn’t come to existence as some kind of social evolution, but was impressed by power.
Second, at least they are behind Europeans in the culture of genocide.
With the obligatory “fuck everyone who disregards open source licenses”, I am still slightly amused at this raising eyebrows while nearly no one is complaining about MS using github to train their copilot LLM, which will help circumvent licenses & copyrights by the bazillion.
I complain all the time. But that’s not the subject of this post…
Yeah exactly, fuck llms that don’t honor licenses
nearly no one is complaining about MS using github to train their copilot LLM
What rock have you been living under??
while nearly no one is complaining about MS using github to train their copilot LLM,
Lots of people complained about that. I’ve only seen this single thread complaining about this.
Came here to say this. As much as I don’t like china, there is really nothing to see (apart from the source, that’s for everybody to see).
This could be illegal for git repos that do not have a open source license that allows mirroring or copying (BSD, Apache, Mit, GPL, etc.) Sometimes these repos are more “source available” and the source is only allowed to be read, not redistributed or modified. I would say that this is more of a matter for each individual copyright holder, not Microsoft.
But ultimately I agree, this really isn’t as big of a deal as people are making.
edit: changed some wording to be clearer
China is a sovereign entity. I’m pretty sure they can decide foreign licensing laws don’t apply there.
China is a soverign state and they should make their own laws. However, China has promised repeatably that they will take IP concerns more strictly (trade deal with Trump in 2020 is one example of this promise). It seems of this moment they still use the World Intellectual Property Organization for inspiration for their IP laws. At one point, China did not acknowledge IP rights at all but chose to acknowledge them in order to secure foreign business trade. Being consistent is good for business; especially when it comes to international business.
In 1980, China became a member of the World Intellectual Property Organization (WIPO). As of at least 2023, China’s view is that WIPO should be the primary international forum for IP rule-making. - Wikipedia
China has never been consistent. Doing business there is all about relations with the CCP. This is a perfect example of how an authoritarian regime differs from a liberal regime. One is bound by it’s promises and rules and the other binds it’s rules to it’s needs.
Not like MS couldn’t be sued.
It may be expensive but possible.
Unlike China. Good luck suing china (or the chinese government) as a whole. Maybe you’ll get out a domestic ban but I can hardly believe that they will care and probably will continue with their operation. But now it’s not on very legal grounds.If I look at a few implementations of an algorithm and then implement my own using those as inspiration, am I breaking copyright law and circumventing licenses?
That depends on how similar your resulting algorithm is to the sources you were “inspired” by. You’re probably fine if you’re not copying verbatim and your code just ends up looking similar because that’s how solutions are generally structured, but there absolutely are limits there.
If you’re trying to rewrite something into another license, you’ll need to be a lot more careful.
What’s the limit? This needs to be absolutely explicit and easy to understand because this is what LLMs are doing. They take hundreds of thousands of similar algorithms and they create an amalgamation of it.
When is it copying and when it is “inspiration”? What’s the line between learning and copying?
I disagree that it needs to be explicit. The current law is the fair use doctrine, which generally has more to do with the intended use than specific amounts of the text/media. The point is that humans should know where that limit is and when they’ve crossed it, with motive being a huge part of it.
I think machines and algorithms should have to abide by a much narrower understanding of “fair use” because they don’t have motive or the ability to Intuit when they’ve crossed the line. So scraping copyrighted works to produce an LLM should probably generally be illegal, imo.
That said, our current copyright system is busted and desperately needs reform. We should be limiting copyright to 14 years (as in the original copyright act of 1790), with an option to explicitly extend for another 14 years. That way LLMs can scrape comment published >28 years ago with no concerns, and most content produced >14 years (esp. forums and social media where copyright extension is incredibly unlikely). That would be reasonable IMO and sidestep most of the issues people have with LLMs.
First, this conversation has little to do with fair use. Fair use is when there is an acceptable reason to break copyright. For example when you are making a parody or critique or for education purposes.
What we are talking about is the act of reading and/or learning and then using that information in order to synthesize new material. This is essentially the entire point of education. When someone goes to art school, they study many different artists and their techniques. They learn from these techniques as they merge them together in different ways to create novel art.
Everybody recognizes this is perfectly OK and to assume otherwise is absurd. So what we are talking about is not fair use, but extracting data from copyrighted material and using it to create novel material.
The distinction here is you claim when this process is automated, it should become illegal. Why?
My opinion is if it’s legal for a human to do, it should be legal for a human to automate.
What we are talking about is the act of reading and/or learning and then using that information in order to synthesize new material.
Sure, but that’s not what LLMs are doing. They’re breaking down works to reproduce portions of it in answers. Learning is about concepts, LLMs don’t understand concepts, they just compare inputs with training data to provide synthesized answers.
The process a human goes through is distinctly different from the process current AI goes through. The process an AI goes through is closer to a journalist copy-pasting quotations into their article, which falls under fair use. The difference is that AI will synthesize quotations from multiple (many) sources, whereas a journalist will generally just do one at a time, but it’s still the same process.
As I am a big proponent of open source, there is nothing wrong even with copying code - the point is that you should not be allowed to claim something as your own idea and definitely not to claim copyright on code that was “inspired” by someone else’s work. The easiest solution would be to forbid patents on software (and patents altogether) completely. The only purpose that FOSS licenses have is to prevent corporations from monetizing the work under the license.
Well let’s say there’s an algorithm to find length of longest palindrome with a set of letters. I look at 20 different implementations. Some people use hashmaps, some don’t. Some do it recursively, some don’t. Etc
I consider all of them and create my own. I decide to implement myself both recursive and hash map but also add certain novel elements.
Am I copying code? Am I breaking copyright? Can I claim I wrote it? Or do I have to give credit to all 20 people?
As for forbidding patents on software, I agree entirely. Would be a net positive for the world. You should be able to inspect all software that runs on your computer. Of course that’s a bit idealistic and pipe-dreamy.
again, I don’t have a problem with copying code - but I as a developer know whether I took enough of someone else’s algorithm so that I should mention the original authorship :) My only problem with circumventing licenses is when people put more restrictive licenses on plagiarized code.
And - I guess - in conclusion, if someone makes a license too free, so that putting a restrictive (commercial) license or patent on plagiarized / derived work, that is also something I don’t want to see.
I have no problem copying code either. The question is at what point does it go from
- I’m reading code and doing research
To
- I’m copying code
How abstracted does it have to be before it’s OK? If you write a merge sort, it might be similar to the one you learned when you were studying data structures.
Should you make sure you attribute your data structure textbook every time you write a merge sort?
Are you understanding the point I’m trying to get at?
My trivial (non legal ;) answer is: If you are working for a corporation that is looking to patent something / make something closed license: the moment you ever looked at a single line of my code relevant to what you are doing, you are forbidden from releasing under any more restrictive license. If you are a private person working on open source? Then you be the judge whether you copied enough of my code that you believe it is more than just “inspired by”.
Are you just trying to make a bad pro-China argument or have you never been online before?
I see it more as a good anti-Microsoft argument 🤷🏻♀️
“Why does no one say murder is bad unless China is murdering”
Isn’t a good anti-murder argument
“Why does no one say murder is bad unless China is murdering”
I can not fathom how you absolutely nailed the essence of my comment, yet misunderstood it (and - arguably - your own example) so fundamentally.
Let me try to help, once:
“Why do most people not complain about murder when Microsoft is doing it, but when China is doing it, the very justified outrage can be heard?”
❤️
I cannot fathom how you absolutely nailed the essence of my comment, yet misunderstood it (and - arguably - your own example) so fundamentally.
People do criticize Microsoft for using open source data to train LLMs, just like people criticize murder
Hence the query about having never been on the internet before
It is not illegal is it?
If it is legal, then thank you China for the free backup.
I do believe it’s illegal if they take a repository with a restrictive license (which includes any repository without a license), and then make it available on their own service. I think China just doesn’t care.
If it’s hosted in a public repo, anyone can clone it, that’s very much part of most git flows.
What you can do with the software, how you can use it, that’s another matter, based on the licence.
That of course assumes China will respect the copyright…
Sure, you can probably clone it - I’m not 100% sure, but I think laws protect that as long as it’s private use.
You can also fork it on GitHub, that’s something you agree to in the GitHub ToS - though I think you’re not allowed to push any modifications if the license doesn’t allow it?
Straight up taking the content from GitHub, uploading it to your own servers, and letting people grab a copy from there? That’s redistribution, and is something that needs to be permitted by the license. It doesn’t matter if it’s git or something else, in the end that’s just a way to host potentially copyrighted material.
Though if you have some reference on why this is not the case, I’d love to see it - but I’m not gonna take a claim that “that’s very much a part of most git flows”.
Illegal according to who?
The US? Why would China care, they are their own country with their own laws.
International courts? Who is enforcing those judgments?
deleted by creator
It’s not about laws at this level but about whether it is worth to do vs possible repercussions
Again, what repercussions? Who will enforce an ICC judgement against the CCP? Laws aside, what possible actions could be taken? I guess sanctions but that’s unlikely over something like this.
You can buy pirated software or pre-cracked consoles in stores there. They don’t care.
Law do not exist by itself; it’s the result of balance of power. How would you know that your State do not use illegally free software ? And if you know it, could you sue it ? Even if it’s a classified administration ?
Apply laws Internationally is even worse. It usually depends of the imperialist relationship between States. For exemple, Facebook rules was illegal in France, but France changes it’s laws rather than sue Facebook. A decade later, the whole European Union could forte RGPD upon the GAFAM.
China have nothing to fear in ignoring those licence, and we shouldn’t rely on it to protect our work. However we could strengthen our common defenses, through FOSS for people in the US … and maybe trade unions elsewhere.
Yeah… The main thing I see here is that China (read; government , not the people, not being racist here) will take this code, they will make improvements on it, they will NOT give back. Basically like Microsoft, but now an entire country.
Chinese government hasn’t exact had a good reputation when it comes to taking technology and not giving anything back
Not like I’d want contributions from the chinese state programmers.
Feels like an easy entry for state level supply chain attack.Who says they aren’t trying right now? I recall SSH had an attempt quite recently, I can guarantee that China is trying hard to include anything to out in back doors
If we steal IP from China does the American government give us a business loan?
China has no IP
I love how this image is a pun
I’m not getting it. Explain, please?
IP Man. Great movies.
Ahh, thanks. I think that may be a grandad level pun
Bs
I think the major issue is here is that they are “mirroring” with the same username without clear indicating they are mirrors and they are modifying all the github links in Readme to GitCode. But if you want to claim your project, they want to only comment using the issue section of a project which requires account; but then you have to have a Chinese phone number to register account, and you will automatically get a Huawei Cloud account when you registering it
Edit: also some background info about the company behind GitCode from my other comment: the company behind GitCode is funded and owned by CSDN (China Software Developer Network) and the actual infrastructure and service is provided by Huawei Cloud. On the website they have written this statement in the registration page.
CSDN is mostly a platform to share posts on software development, but it is known to have a lot of issues, including:
- poor content and directly copied posts from other people without consent, which to a point people is considering the site a content farm; it is even a top blocked site on Kagi;
- All code provided there requires “coins” to download, even they are open-sourced code; it was reported multiple people in China got scammed via CSDN;
- You have to login to copy code on the post, and sometimes hides half the post to require you to login to read.
- All code provided there requires “coins” to download, even they are open-sourced code; it was reported multiple people in China got scammed via CSDN;
- You have to login to copy code on the post, and sometimes hides half the post to require you to login to read.
Oh fuck! Capitalism with beastly grin strikes back.
GitHub are not some bastion of righteousness - they are literally owned by Microsoft. And they work hard to stop people from getting too much Open Source from them, with rate limits and the like, so essentially gate keep.
I think CSDN probably want to gatekeep their clone even harder, but in general having archives of GitHub on the Internet is a good thing.
Yes. Fuck CCP, but having mirror is good.
EDIT: https://lemmy.world/comment/10853810
It appears to be scam-type(capitalism with beastly grin type) mirror.
Yeah, though the Chinese government isn’t doing this out of the goodness of their heart, this is what open source is about.
God damn it, Jiaan Yang!
I call my uncle, he’s very corrupt
New New Internet.
Great! Now I know who to contact when I accidentally delete all the plaintext API keys and passwords I had stored in a public github repo.
Apart from the dozens of scrape bots that already stole them?
You’re supposed to revoke API keys that are leaked. Not try to “unleak” them
Oh boy, Lemmy really doesn’t get sarcasm without the “/s”, huh?
If it’s a public repo do they need permission?
Not saying this is good, but you can’t really argue that it’s not a natural consequence of open source.
I’m noticing this misconception in a lot of places.
Just because something is on GitHub, doesn’t mean it’s open source.
I get what your saying, in that open source projects normally have a licence that applies to how it’s used - but this has always been open to abuse.
Nothing has ever stopped things like this happening - see how industry has taken advantage of open source for decades (often productising things as their own in the process).
The industry takes advantage of open source projects that have permissive licenses. This is an important distinction.
If you didn’t release your code with a permissive license (or even with a license at all), you have rights that protect you and your code. The only issue is that copyright infringement can often be hard to prove if you didn’t plan ahead for it.
Obviously it functionally very much is. If you wanted to keep it closed source you’d host it on your own servers or even keep it offline.
No, this is not correct at all! You keep limiting yourself to the terms “open source” and “closed source”.
Any code you create, you own by copyright. Even if it is public on GitHub, you’re still the lone copyright owner and no one is legally allowed to do with it what isn’t allowed by a license.
Projects on GitHub without an open source license are only “functionally open source” to the same extent that pirated games are “functionally free”.
If you want to use piracy language then this is privateering. It would be piracy except for the fact that they’ve got the backing and protection of a major country.
Copyright is an arbitrary concept. If a country decides to ignore it, then they can do what they want with a publicly-visible resource.
Don’t forget that “open source” has a different definition than “source available”.
Oh I get the theoretical difference. I’m talking about functional difference. Good luck taking China to patent court.
Open source doesn’t mean source available. You simply aren’t using the term correctly.
No, I’m pointing out that China doesn’t care about your dictionary.
If someone infringes on a copyright that doesn’t mean the work isn’t copyrighted. You can’t just say things that are source available are open source. Even if someone is infringing on the rights holders they’re still only source available.
If it’s on the internet, I save, I pirate, I protect. Don’t like it ? Then get off MY internet !
Depends on the license I suppose.
All major licenses allow it. GPL-family, BSD-family, MIT/X11, CC-family. Anything FSF-approved or OSI-approved.
Most projects on GitHub don’t have a license, which means it’s not allowed.
I’m surprised this wasnt done already
Preparation for war.
Lmao the murican propaganda worked wonders on this guy
and the Chinese propoganda worked on 2 websites.
Classic Chinese tech co, if you can’t create something on your own just download the source files and say you made it. The money spends the same after the fact, anyhow.
It is a new “internet” archive without copyright bla bla? ¯\_(ツ)_/¯
