Comment by progbits
1 day ago
> Ge0rg3’s code is “open source,” in that anyone can copy it and reuse it non-commercially. As it happens, there is a newer version of this project that was derived or “forked” from Ge0rg3’s code — called “async-ip-rotator” — and it was committed to GitHub in January 2025 by DOGE captain Marko Elez.
Original code: https://github.com/Ge0rg3/requests-ip-rotator
Forked: https://github.com/markoelez/async-ip-rotator
Code is pretty much the same, with comments removed, some `async` sprinkled in and minor changes (I bet this was just pasted into LLM with prompt to make it async, but if that worked why not).
Except... Original GPL3 license is gone. Obviously not something you would expect DOGE people to understand or respect.
The repository has been deleted. In addition, 26 other repos have been removed from the account. This is in line with DOGE members' quick response scrubbing data whenever put into spotlight, as previously seen with another "teen hacker". [0]
Archived repo page: https://archive.ph/LI7tt; archived previous repo count: https://archive.ph/tgkg5
0. https://arstechnica.com/tech-policy/2025/04/i-no-longer-hack...
Archived repository: https://archive.softwareheritage.org/browse/origin/directory...
You can download it as a Git repository from https://archive.softwareheritage.org/api/1/vault/git-bare/sw...
Legally, they're allowed to modify and use GPL code internally without redistributing the source. The only mistake was publishing the source code to a public git repo without the LICENSE file, which may be a GPL violation.
I say "may", because I'm not sure if you have internal code on a public git or FTP server, is that consider "distributing"?
1 reply →
[flagged]
> speculative articles like this... speculative articles like this
But we know it isn't speculative based on these public data. You're arguing they should have covered up better. I agree. But that doesn't make (a) it okay or (b) this article speculative.
1 reply →
These are government employees, you don't get to do that.
14 replies →
[dead]
> On February 6, someone posted a lengthy and detailed critique of Elez’s code on the GitHub “issues” page for async-ip-rotator, calling it “insecure, unscalable and a fundamental engineering failure.”
“If this were a side project, it would just be bad code,” the reviewer wrote. “But if this is representative of how you build production systems, then there are much larger concerns. This implementation is fundamentally broken, and if anything similar to this is deployed in an environment handling sensitive data, it should be audited immediately.”
The "critique" is nuts. Surely AI generated. If I didn't trust the domain, I'd assume the author to be incredible for seriously referencing something like this.
Look at the critique [0] and then look at the code [1].
[0] https://web.archive.org/web/20250423135719/https://github.co...
[1] https://github.com/ricci/async-ip-rotator/blob/master/src/as...
Yea clearly AI with the keyword bolding, numbered arguments, and so on. Feel like lots of AI produced content follow this structured response pattern.
16 replies →
Lol that's so funny. Can't imagine writing that. (the critique, not the code).
Seeing Krebs link to this downgrades my impression of how trustworthy his assessments are.
> it should be audited immediately.
Certainly Elon made him print it out on paper to personally code review.
FYI the Fork got hidden/deleted in the last minute or so -- did anyone manage to clone it before it disappeared?
I did. It's essentially just a single .py file: https://gist.github.com/whalesalad/06804fd734efe6bd2e0c84906...
lol
7 replies →
GPLv3 requires the license to be kept. Seems reportable to the owner of the repo and or GitHub.
The only person who has standing to say anything is the original author of the code, the holder of the copyright.
It's possible, but very unlikely, the copyright license wasn't actually violated because, for example, the fork could have arranged a separate license.
The best example of this is the Qt Project's code: https://www.qt.io/qt-licensing
You can get it under a GPL license for free. You can pay them money to get it under a Commercial license that would let you modify the code without releasing changes.
So, while I doubt it happened, the person who forked it here could have contacted the original author, the copyright holder, and asked for an exemption from the GPL terms.
I'm sure the people who work for an administration that by and large flaunts court orders responsible for this will get right on that.....aaaand it's gone.
flouts
> I bet this was just pasted into LLM with prompt to make it async, but if that worked why not
Vibe coding
> Original GPL3 license is gone. Obviously not something you would expect DOGE people to understand or respect.
Why would they? They don't give a FF about courts.
The GitHub part makes it... weird.
You are only required to keep the GPL3 license if you re-distribute it. Putting it in a GitHub repo, is ambiguous whether or not it is re-distributing it, at least morally.
If you want to delete the license in a personal copy, that is perfectly valid according to the license terms. If you then happen to upload that to a private GitHub repo, also perfectly valid.
If you then happen to upload that to a public GitHub repo, because of, say, restrictions on free private repos, without intent to distribute, then what?
Putting it on a GitHub repo IS redistributing it. By putting it on GitHub you agree in the ToS that you have the rights to distribute the code. Which you only have if you don’t violate the license.
> If you then happen to upload that to a public GitHub repo, because of, say, restrictions on free private repos, without intent to distribute, then what?
Then you keep the license eh? Distributing without an intent to distribute is distributing.
Git is free and open source. If you want version control and collaboration and NO unintended distribution completely for free you can just use Git. It even has a built in server to share with your work buddies.
The fork has been deleted it seems.
posted above ^^
>not something you would expect DOGE people to understand or respect
To be fair I see in my daily life folks who copy and paste from stack overflow or random GitHub repo and move on with their day. They ignore the Creative Commons Attribution-ShareAlike or whatever license is applied to the code they copied.
I see on this very site people who will share copyrighted articles that are behind a paywall (just because it is on some archive site doesn’t make it right).
Please don’t take this as support for DOGE and the headaches they are causing. To make a cheap jab at a group of people while ignoring the group that you associate with is bad form.
I'd say it's wrong in both cases, but we shouldn't ignore degrees of wrongness.
Copy pasting from stack overflow without attribution is wrong but it's also harder to claim "ownership" over single lines or small snippets. It depends how "obvious" they are. You definitely can't copyright trivial functions. There's a lot of gray here but yes attribution is always good.
But things get a lot less murky when we're talking about forking a project. That's usually nontrivial and non obvious. I think what's most important is that removing a license is an active decision. Certainly that would make a critical difference in a court [0]
Then there's further escalation by who is doing the action. The more power and influence you have the greater responsibilities. All men are not created equal. Men with more power can disproportionally do more damage and require higher accountability. So yeah, I care a fuck ton more about a government employee doing something bad especially while performing official duties more than some rando. The ability to do harm is very different.
The reason I dislike your comment is because it's dismissive of the action. "Other people do it!" Is not a defense nor excuse. It is even worse by ignoring multiple points of context.
[0] though protecting open source has been traditionally hard for many reasons. Specifically it's hard for small developers to take legal action, especially against larger bodies. But isn't this something we should want to be fixed? Credit for our own contributions?!
>To make a cheap jab at a group of people while ignoring the group that you associate with is bad form.
What group does the person who makes the comment associate with?
< To be fair
irony