Comment by segfaultbuserr

> fingerprint binaries compiled from GPL code

I think it's actually a good idea for discovering GPL violations, but false-positives are a real issue: it's trivial to reuse public-domain or BSD code and relicense them in a GPL program, and it's not uncommon obtain a separate license/exemption from the copyright holder. Also, some things are not even copyrightable (e.g. a lookup table of generic data). Discovering identical code snippets don't always mean a GPL violation.

But as long as the threshold is not too low and a real human (instead of a robot) is reviewing them case-by-case, I think it's okay.