not the best project but yeah still something
For those that missed it: https://techcrunch.com/2025/07/03/who-is-soham-parekh-the-se...
My take is both OP’s tool and the blatant plagiarism of it are examples.
https://www.pcgamer.com/dreamworld-infinite-world-mmo-kickst...
I’m sure there’s much more we don’t know about. They just didn’t get caught. Yc used to have this reputation of being one of the good guys but I guess nothing is really immune to corruption.
let's not freak out - you can't "steal" open-source code, they used an incompatible license. that was accidentally too free.
people monetizing something you open-source isn't stealing.
I feel like ycombinator leads may want to look more deeply into this one. If they are presenting it as something they've achieved that's an integrity issue right?
If someone else has a better idea of what “forking GPL 3 source code and using a different licence” would be, then please let me and others know.
BTW, the X Formally Known As Twitter company is not the only one who conduced the world to this, all big names do link restriction. Look what we've become, such nice world :)
The point is being "GPL evil" is GPL. Taking the code, not obtaining the copyright, and re-licensing it is a clear violation of copyright law and immoral.
We are not little children in the playground. Two wrongs do not make a right, and rights are most important for bad people
If a corporation is stealing your OSS code (and violating a license) then that implies that they think your code has value, they might have paid a person to write that code but instead some hobbyist built it for free and a corporation steals it.
A few months ago, I made a pull request to LMAX Disruptor, which was merged. I was initially excited because even if my PR was simple it’s still a big project that I contributed to. But after a few minutes it occurred to me that I just did free labor for a for-profit trading company. If they merged in my code then must have thought it had some value, and I decided to dedicate my time to saving this multi million dollar company some money.
My PR there was pretty simple and only took me like 30 minutes (if that), so I am not going to cry too hard over this, but it’s just something that made me realize that if a company is going to use my work, they should pay me. I don’t think it’s wrong or weird to want to be compensated for my labor.
I am still a hobbyist. Turns out you can still be a hobbyist without sharing everything you’ve ever done on GitHub.
GPL is supposed to viral, if you are using project adopted that, you are taking the risk with it. If you are just changing the license and took the code, that's wrong and need to get an attention. If anyone could go just yoink and relicense the GPL code to other permissive license was "legal", the https://gpl-violations.org wouldn't exist in the first place (i.e. you can just take the linux kernel code and rename it something like "mynux", redistribute in bsd-3 clause and "don't distribute the derivative part").
He sure discovered this new open source thing and it's very confusing. It's not like it's almost 40 years old at that point. I'll never understand people who lie like toddlers.
Why am I telling this story? Because it suggests to me that companies will only use these libraries if there is a guarantee of ongoing free labor; presumably they could use an old appropriate library and pay people to fix any issues as they come up. Admittedly, I know that some companies do exactly that, and that’s great, but I do not think it’s the majority.
I don’t think the people doing Open Source are bad people at all, far from it, in fact. I think a lot of these people are very smart and hard workers, and I think they should be compensated for their work, even if they are just “hobby projects”. If my project is creating value for a company, then that company can afford to pay me.
I don’t like the gig economy either but I don’t think it’s relevant to my complaints.
Really? If you find a piece of proprietary software does basically the same thing as yours, and the binaries contains the same strings/artwork, then it's reasonable to make a legal case of it. You can even contact FSF and they'll take it further.
A lot of open source stuff is libraries and utilities though that is pretty entrenched in the code. It is hard to even find out about a violation, let alone prove anything.
Imagine I came up with a new algorithm to do Fourier Transforms 10% faster than FFTW (or whatever the current market leader is) and make a library and I release it as GPL. A company could fairly easily just import it to whatever project they’re doing, and it would be extremely difficult for me to prove anything, especially if I don’t have any obvious things like strings in there.
That’s not even taking into account that it would be relatively easy for a corporation to just pay a junior engineer to do a direct “port” of the library to another language and pretending it’s their own independent work.
For example, in a project which generates images I usually set a specific set of pixels.
Not at all in favor of the person stealing someone else's code and slapping a new name on it in violation of the license, just that I think I see why people might list that as matching the same intent as a question like that.
lol, I'll bet you $10 that the name is exactly why they got themselves into this mess. Had the name been something like "meeting-agent" or some corporate friendly name like that, they probably wouldn't have tried to hide it so much.
I'm guessing they just looked at it as a jumping point. It probably went something like:
- We know how to polish an electron app
- here is a barebone electron app with an interesting idea
- Can we build a polished UI around this, and give a demo?
The baffling part is, had they just disclosed that, no one would have given a shit. Plenty of demos begin like that: "here is a cool idea we found, here is that idea on crack". is a very common demo pattern. But of course you can't give a shout out to 'cheating-daddy' at YC demo.
It's like a fine student at a fine college, in a class they are doing fine in, then they decide to copy their friend's cover letter because "eh", then they get caught and now what? wtf would you do this?
Previously, a different YC company (Pear AI) copied Continue, changed the licenses, and "launched".
https://news.ycombinator.com/item?id=41707495
I wonder if Pear AI is dead or pivoted, their open source repos have not been updated since May.
The difference is that the tool "cheating daddy" was specifically created for the purpose of cheating. Electricity, the Internet, and Google were not created for that purpose.
Cheating daddy's tagline is "If you're gonna cheat, cheat better".
Not that I'm in any way defending Cluely/Glass. Cluely's X bio is "cheat (noun) – an advantage so good it's unfair; rewrites the balance between effort and outcome."
Disclosure: I work at Google by my thoughts are my own.
It's pretty spineless for the Pickle team to come out and pretend they mistakenly re-licensed GPL code. Hilarious.
> in initially building it we included code from a GPL-licensed project that we incorrectly attributed as Apache
How can you write a sentence like that in good faith?
The original product actually sounds kinda cool, but selling it as a cheating aid is incredibly low-value, and we'd be better off without it.
This principle goes right back to pg days, and was the first thing he taught dang [1].
That said, it doesn't mean we avoid moderation at all and it doesn't mean the guidelines all go out the window.
Different factors influence the story's rank and visibility on the front page: upvotes, flags, the flamewar detector, and settings to turn these penalties on/off. I'm actively watching the thread to keep it on the front page, as per the rule.
That said, the guidelines ask us to avoid fulmination and assume good faith. Whilst it's fair enough to criticize and question a company when they do something like this, we can also be adult enough to look the evidence before us and recognize that this was most likely a dumb mistake that they've moved quickly to correct.
[1] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
That's probably the right thing to do Git-wise, because licences might not be retroactive.
i personally dont feel good using things that are not opensource, yeah i use closed source softwares but i try to limit them
It seems more likely that they didn't think anyone would notice.
Maybe, but if that's what they thought (and I have no idea, I haven't spoken to them or anyone else about it), it's very foolish, because this kind of thing will always get noticed eventually, especially if the project becomes successful.
You won't be forgiven unless you credited sohzm and state that cheating-daddy is a direct inspiration
There is no fix. Your work is derived and should be/will be licensed as GPL. You do not want to accidentally succeed and then find you have nothing. You are being a smart-ass here.
[1] https://github.com/pickle-com/glass/commits/5c462179acface88...
[2] https://github.com/pickle-com/glass/commit/4c51d5133c4987fa1...
They claim they wrote the whole thing in 4 days. They did not attribute the original author in ANY way.
They clearly showed they intended to steal the authors work and sell it as if they wrote it. YC has just become such a dumpster fire if that kind behaviour is even remotely accepted or called a 'dumb mistake'
For the company, making use of Open Source code is free labor. That's good for them. You are free to offer that labor or not.
For some developers, it's cool to write code that's used by zillions. That's reward enough.
Other developers release the code for free, but build an eco system around it. They get paid for related work etc.
New developers use it to flex their skills, and demonstrate ability (and then get upset when someone else turns it into something profitable, but that's another story).
Personally I write code, and ship as source, but it's under a commercial license (cause I like to eat.) Other companies have business models around whatever they do.
You are free to act as you wish. Which is great. We live in an economy that allows each his preferred path.
You're right. Many startups open source their products specifically to get free labor, free marketing, or whatever. As payment they release the code they write to you. Whether you think that deal is right for uou or not us up to you.
If you believe you can add value to a company then reach out to them. It's not like they're "making" you work for free.
You may decide its worth people using it, reading it, learning from it, exploiting it, or you may not. It's your choice.
Of course your work may be used outside of the license terms. That's pretty much impossible to enforce. That's true for most-all software, commercial or open or free. If that's your main objection to writing code then I recommend a different career. All good code is pirated. That's just how it is.
I'd be happy for a platform that encourages and facilities cheating to disappear and not be used anymore. So, on that front, I'd agree. As a side point though, the fact that someone big is funding something like that means, it's not really an issue for, atleast some, people.
The license violation is a problem independent of this. If this becomes acceptable for any reason (including the one that your post seemed to suggest - original work is unethical), it will have detrimental effects on a lot of good players as well.
Unless you have transparency on flagging and mod actions, these are just your words. And as these events keep happening, your credibility erodes.
Propel and fund into the world the product with sole purpose to pretend, to cheat, to fraud everyone, then to make "open source" version on this, and then to complain that someone stole it from you, to fund and sell even more sophisticated product with sole purpose to pretend, to cheat, to fraud everyone.
This maliciously deliberate hustling behavior, fake it till you make it, feel good, superiority complex, reality distorted, this version of society, a bubble, a community, open source, call it, or wrap it too sell whatever you want it, this all post-post-modern obscenery will be ruin of you all.
Not fixed, covered up.
> let's not freak out - you can't "steal" open-source code, they used an incompatible license. that was accidentally too free.
What a poetic formulation? In reality, they deleted history and they put a license that allows the "freedom" to let them monetize the code. I wonder how's the original author more free with this license? How is anyone more free? Sounds like the license was "accidentally" "too free" in a way that only made themselves more free.
> people monetizing something you open-source isn't stealing.
It's, in fact, the precise definition when the open-source project uses the GPLv3 license.
They've squashed the history to hide their earlier "error". This isn't compliant with section 5a of the GPLv3[1].
"sketchy at best" is a polite description of this pattern of behaviour.
Please correct me if I'm wrong, but is the license also viral if there's a network connection involved? i.e. I run the code in a container with a little network interface added ?
And yet Microsoft have release code with different licenses that make's use of Ultralytics code.
I potentially would be interested in using these wildlife detection models in a commercial (Not open source) context but simply don't trust the claim that it would be okay to do so, sounds like a big business risk to me.
What is the opinion of the community of the MIT licenses associated with PyTorch wildlife from Microsoft okay to use in a closed source commercial context? Microsoft have put an MIT license on this, but their code does imports of ultralytics libraries, which I thought were AGPL.
Note: The GPL 3 license from the official yolov9 differs in this, it must be possible to run the same code on the platform, but your usage may be closed source.
It was in my interest to do so, because it means I benefit from fixed packages in the Linux distributions I use. This saves me a ton of time in not having to maintain my own packages with my fix included.
If it helps Canonical make money, then it’s no skin off my nose because I still got the benefit I wanted.
I’m not going around fixing bugs that don’t affect me, or adding features I don’t need.
I think you can notice that output looks similar, error messages are similar, etc. If the program is non-trivial its usually pretty obvious if its a copy or a reimplementation.
If it sounds plausible, presumably you could sue and read the source in discovery (ianal, not sure precisely how that works)
IMO This sounds pretty fair to me. Publicly apologize somewhere, and link OP to it. I like that. Or come on, at least Venmo "the kid" $1000 -- "a kid" who saved you time, and is putting food on your table.
"A kid" whose idea you took and profited on. Wow, just realizing upon writing this -- what if Pickle CEO has kids, and one your kid reads this?
> "Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice."
Quite ironic how YC touts technical founders > "non-tech" ones -- when acts such as this strip ones chances of wanting to become one, or even continue showcasing their talent publicly on platforms like GH.
Love to know for sure. Maybe someone from Ultralytics can point out their view on this?
If you're doing something algorithmically different and unique, presumably that would show up in the assembly.
> That’s not even taking into account that it would be relatively easy for a corporation to just pay a junior engineer to do a direct “port” of the library to another language and pretending it’s their own independent work.
Important to keep in mind that copyright is not patents. If they are just stealing the "idea" of your algorithmic improvement, that probably isn't even a GPL violation. (This isn't fully right as they would probably have to use a clean-room design to avoid copyright infringement. My point is more that such a situation is pretty muddy and might actually be allowed)
If YC has no ethics code, that's your answer right there. If they do but it fails to mention basic things like lying, cheating, deceiving especially when done intentionally, bingo again. If breaking the law isn't an automatic termination of the collaboration, it takes you to the same conclusion. If YC explicitly supports the startups when knowing about these problems, or implicitly by skirting due diligence and turning a blind eye, or accepts startups having no commitment to an ethics code, then ethics or integrity are not core values, or even are completely absent.
There are more nuanced topics and methods but if it doesn't pass the smell test with the basic ones, it won't pass it with any.
If you're not ok with that possibility than you probably shouldn't be participating in open source.
And to be clear, there is nothing wrong with that. Its up to each individual to decide how they want to spend there time. There are pros and cons to open source, and you have to weigh how you feel about them yourself.
However, its not like this is some secret trick. Its the central tenant of Open Source (esp. When using that name instead of Free software). It should be very clear that this is happening. Its the entire point.
It kind of feels a bit like someone who doesn't like oranges, eats oranges, and then are surprised that they taste like oranges. By all means if you don't like oranges don't eat them, but if you knew you didn't like them why did you eat it in the first place?
Software Engineering is more than coding. Basic license management incl. library vetting is part of it. If you decide to ignore that, you do not run a business enterprise, you run a criminal enterprise.
I guess that's the game, but they do seem a lot more cavalier about it of late. Increasingly resembles the crypto 'community' (derogatory).
I am not sure that they weigh it in the direction you are thinking of, though.
1) I once was in a position where I had root on the linux boxes at a large corporation because I had been a sysadmin there and even when I changed roles, I was never removed from sudoers. Years later there was an accusation that someone had stolen source code and taken it with them to a new job. On its face this made absolutely no sense whatsoever - the system they were accused of stealing was a complete pos in the middle of a complex ecosystem so even if you had it, you couldn’t use it without all the other pieces and in any case, it was old and outdated and just total garbage. Anyway this accusation was somewhat hush—hush so the cto came to me and asked me to just look into whether or not it could be true. Sure enough, there in his bash history I could see him checking out the code and pushing it to an external repo. It made absolutely no sense, but he had indeed stolen the source code to a system that was a total piece of junk. He ended up with a criminal conviction, he lost his shiny new job, his wife left him etc. It was very said and baffling.
2)Second example, fast forward some years and I was working for a saas provider. We had won an initial proof of concept and were negotiating a 5-year, multi-million dollar contract. At the same time, our client asked us to just do a free two-week spike on something unrelated. We had to sign a (different) zero dollar contract to cover licenses, liability etc for the free spike. The same purchasing lawyer was working on both contracts. The usual contracting process is you send the contract over to the other side with some markup and comments, they make some markup and comments, you propose language, they amend it, they propose language, you amend it, eventually everyone agrees and you make a clean copy and both sides sign. While we were doing this for the big contract, we got to the point of signing the zero dollar contract. At the last moment with everything agreed, the other side said they would make the clean copy. They sent it over to us and when we did our final check before signing we found the guy on the other side had meticulously gone through and made a version which accepted all their changes and backed out all of our changes. This required a lot of extra work and could not have been an accident (think cherrypicking commits and fixing all the merge conflicts using only MS Word revision history), and it was on the zero dollar contract so there was no conceivable upside except he could say he “won” somehow by tricking us. All this while we were negotiating the multi-million dollar multiyear contract. It made absolutely no sense whatsoever to do what he did. There is no way to understand why he decided to do it, but he did it.
So yeah, don’t even try to understand why some people do the unethical things they do. Scorpions gotta sting. It’s just what they do.
Why would anyone encourage building such a tool, I can't fathom.
Doing one bad thing does not necessarily justify other bad things done to you.
That said, I don’t like this cheating-enabling software either and think the world would be a better place without it.
Cut the grandoise talk. You stole someone's work and now you just shrug it off as "incorrectly attributed as Apache". That's not a mistake, that's a deliberate action plan. The force push others have mentioned is the proof. Atleast be honest in your apology.
I hope YC takes serious action and eliminates you guys from their cohort if you're still in one. This reflects very poorly on them otherwise.
A large corporation can just roll over you and then say sorry and maybe pay some pocket change money
Less about building something meaningful - more about manufacturing hype in hopes of catching a trend before it crashes!
Being a great software developer does not make you a lawyer (not even a bad lawyer).
This depends on whether you consider Compliance to be part of software engineering or a separate discipline. At least in most companies the compliance department is different from the software development/IT department, because the necessary skills are very different and barely transfer.
...some latent passive aggressiveness and YC's founder ethics code not YC's own ethics code. You need an anchor for the chain of trust. That must be the VC's (YC in this case) integrity and ethics code first.
You stopped reading after the first few words, misunderstood even those, and rushed to answer didn't you?
I addressed exactly how to evaluate ethics and integrity prefunding, and ensure it post with 2 very simple concepts that would have worked perfectly at least for this easy to catch incident:
1) Do your due diligence. In this case "15 seconds of search" would have turned up the original code and the license mismatch.
2) Have clauses to ensure breaches of law or ethics have severe consequences to the founders.
The founders indisputably breached YC's founder ethics code, in particular "Being honest in the YC application and interview process" and "Generally operating in good faith and behaving in a professional and upstanding way". Or maybe the founders were honest and YC accepted this but then we circle back YC's own ethics code.
YC had means to check for this prefunding, and has means to deal with the problem now. If there's no transparency that any of this happened, it didn't happen. So the point of "checking integrity and ethics" becomes moot.
Or rather consequential? ;-)
> If YC has no ethics code, that's your answer right there. If they do but it fails to mention basic things like lying, cheating, deceiving especially when done intentionally, bingo again.
--------
> YC had means to check for this prefunding
How would YC check in December 2024 for a copyright violation that was discovered in July 2025 and probably happened in 2025 during the batch (after funding)?
This is indeed a problem that Pickle/YC have to deal with, but I'm not nearly convinced that this was findable in 15 seconds pre-funding.
YC's funded over 4000 companies. How many have had ethics scandals of any size? Less than 5%? Less than 2%? They're betting on founders, probably rejecting some on ethics grounds, and trying to nudge those funded to stay ethical while being aggressively fast. If they're hitting over 95% "no scandals", that's pretty good from a 2 page application and 15 minute interview process.
https://www.theverge.com/news/697846/soham-parekh-startups-m...
By your argument, I can just torrent moviez and appz because I'm not a lawyer and can't be bothered with minutae of copyright law.
That is why when such a marketing claim comes up, the first question to ask is from which base they built the respective product in 4 days, and which kind of additional value the respective company added during this process.
Indeed, there exist people who argue that in many areas law has become so complicated and unclear what is allowed or not that you cannot thus expect from ordinary citizens to obey the laws anymore - even if these citizens are willing to.
Thus politicians do have an obligation to make the laws as clear, logical and comprehensible as possible, otherwise they loose their legitimization of expecting citizens to obey them.
We're happy to be judged on the outcome, which, in this instance, is that the story has been on the front page for hours and everyone is able to have their say.
> And as these events keep happening, your credibility erodes.
YC has invested in thousands of companies by now and hundreds of new ones per year. That includes many founders who are young and inexperienced, and also plenty from diverse backgrounds, which, now that I've had time to dig into it, seems to apply here. Screwups are going to happen, as in every part of life; the law of large numbers guarantees it. What matters is what people do to make it right.
In a twist of fate, YC itself seems to be gamed like those broken companies.
So this is the third counterintuitive thing to remember about startups: starting a startup is where gaming the system stops working. Gaming the system may continue to work if you go to work for a big company. Depending on how broken the company is, you can succeed by sucking up to the right people, giving the impression of productivity, and so on.
Taxes are a nitpicky example, but indeed in Germany where everything is full of regulations and red tape that only some bureaucrats understand, there indeed exist founders who argue this way for these convoluted laws:
For example have a look at the popular videos of the following channel (in German): https://www.youtube.com/@Nordwolle/videos
There exist people who are anti-copyright, which has the implications that such people are (by the golden rule) also basically fine with having their works copied.
That's no excuse for a VC-backed startup just ignoring it and YOLOing their way.
This actually disincentivises small creators (open source maintainers and contributors, in this case) from participanting in the very thing copyright is supposed to foster.
If cheating means asking someone in the company you're interviewing for a peek at what will be asked then great. In my book that's using leverage.
Reviewing previously posted interview tests is probably recommended.
Hooking up a copilot to answer interview questions for you in real time is probably less so.
Did they copy Ultralytics code and change the licence from AGPL to MIT? Or does their code rely on AGPL code without copying it?
The first is not allowed but the second is, because the combined work can still be used under the terms of the AGPL.
This sound a bit of "thief thinks everyone steals". Interview preparation is normal and common but I don't think cheating is. May depend on the location of course.
This is a fair point. Just to clarify, I still think open source theft/license violation is bad and should not be happening, even to a scummier project like this.
> As a side point though, the fact that someone big is funding something like that means, it's not really an issue for, atleast some, people.
Unfortunately some people have no issue with ethical concerns around what they fund as long as it stands any chance of making them money.
Half serious: why do you think a free tool focused on real time gen ai would also have a faked task manager feature?
Personal attacks like this are not ok.
Sure, criticize their actions, but don't parlay that into this kind of personal swipe at the individuals and their families; that's when the line is crossed from valid critique of actions to nasty mob pile-on, and that's never ok here.
Not that it should matter but as far as I can tell, the Pickle founder/CEO grew up and studied in Korea, and we have no idea what their family circumstances were.
It even asks (or at least it did the last time I checked) in the application form, if you wrote your code yourself, to raise the issue of IP ownership/licensing from the start.
We didn't notice that we copied your codebase, changed the name then pretended to have built it in four days?
Good grief.
This is the market YC is breeding. When these guys float to the surface, what did you think would happen?
YC, you’re one of the greatest generators of value ever. Do better.
Why people continue to give them money, and praise their "work"?
Instead of making (indirect) ads for them we should publish their name and the company's name into shame publicly, and let their reputation die slowly...
I have no respect for them, and you should not too (if you care about justice).
A particular project I'm working on will be on a private Git server until I complete and open it as a package. Even after that, I might keep the development closed and release tarballs only (aka Catherdral Model).
All code I write is also AI-Free.
It won't be possible to trust in people for a long time, it seems.
No. I don't believe that. I personally want my code to outlast me and help people in the future, but I don't want allow anyone to just scrape it, strip its license and use for whatever. I use (A)GPLv3+, because I believe in "Freedom for the user", not "Freedom for the developer" which permissive licenses provide.
My code is not free labor for anyone. It has conditions attached.
Legal correctness does not necessarily imply moral correctness.
So that you don't get caught?
It is depressing to be a software developer now. Especially if you have a good heart.
I really hope the founder to have his career f**ed now, and other "founders (of nothing)" as well.
Really it's more of the gesture, to set the example, since we've all seen this before, and AFAIK, there haven't been too many amicable outcomes.
Do you owe everyone you have ever read a royalty for influencing your writing style or voice? How about for all the other things you have leaned and become competent in?
There is a bigger issue here that is related to what humanity actually is and how we have been abused for many decades and several generations now, to the point that the abused generations have become the abusers of future generations simply because they are mentally trapped, addicted even.
A good uncontroversial example of this may be the excessive and deficit spending of governments, all based on what otherwise would be considered loan fraud, which is called national debt. It is used to keep perpetuating this system we call an economy because it has been so “successful” over ~100 years of “line go up”, solely because everyone wants the gravy train of reckless good times to continue forever.
Unfortunately for some generation of the future (maybe even our own), it simply cannot go on forever, so it won’t, because it is by definition unsustainable. But the goods times and “success” everyone sees everyone else having, keeps people from stopping the insane and utterly suicidal process of not only consistent, but accelerating addiction to every greater deficit and debt loan frauds called the national debt. It isn’t “Trumps fault” it “Biden’s fault”, or any other totem that can excuse or own actions. These are forces we don’t even understand any more than we are blindly changing at breakneck speeds. And if anyone tells you they understand these forces they are simply lying, when we cannot even understand the most basic concept of the fact that there is no alternative to this planet… as we destroy its ecosystem that produced us at ever accelerating speeds, in millions of different ways.
It’s quite similar if not the same as any other process we call addiction; we know it will cause ruin, yet we cannot extract ourselves from the endorphins, so we just keep lying to ourselves.
If the software in question was explicitly intended for illegal purposes, would you still take the same position?
For me, moral lines exist. I don’t defend the right of people to profit from immoral acts.
Humans don't read other codebases en masse. Hell, I haven't read the entirety of our own codebase. I learned by doing, from books (that I paid for or legally borrowed), and yes, by looking at a small amount of other people's code (permitted by the respective licenses).
Humans are not remix machines, AIs (currently) are.
Moreover humans learn and evolve their knowledge from other experiences other than books and others’ code.
As you said LLMs just remix something semi randomly according to a weighted graph with no underlying knowledge or understanding whatsoever.
Which is why I have stopped participating in it. If I am doing work that provides value to a company then they should pay me for it.
When I started you'd send a mail to the company directly about a position, you'd go to the office, have a short interview, meet the team and they'll let you know. That's it.
Now it's 2 rounds of HR bs, 3 layers of tech interviews, then meet the CEO/CTO/etc. And then references and then a final "chat". And you still can get ghosted at literally any step, even at the final cozy chat, just because of "vibes".
And throw in companies sending you leetcode even before talking to you and you can see why one would want to get through the bs.
I still stand about my favourite approach for tech jobs: intro and tech chat (1-2h) about your resume, what you'll be doing and anything you might have questions about (no challenges or stupid riddles). Then, if everything goes smoothly, you get a 2 weeks contract and you are in probation. If everything goes well, you get another contract for 3-6 months (up to you to accept or not) and then you get converted to permanent if everything went well for both parties.
You’re obviously free to disagree, but it’s why I have become disillusioned with it. I think it’s an exploitative relationship.
You meant: this was illegal and unethical work.
You might be lucky with the original author not suing you. I'm not sure your backers will be equally kind. I certainly wouldn't, depending on what exactly you told your investors we may be looking at straight up securities fraud here.
If so, well, I guess good for you; but the rest of us sometimes screw up. There needs to be a path for redemption. Admit you were at fault, make it right, do better next time.
ETA And, it doesn't matter whether people do the above steps because they "really mean it", or because they're just afraid of the consequences otherwise; any more than it matters, from a societal perspective, if people refrain from stealing or murdering because they're good people, or because they're afraid of being thrown in jail.
But... but... but... Velocity! And moats! And we're VC-funded! Doesn't that mean we can do whatever we want?
I don’t think it is realistic to expect a developer to load every executable that might use their software into Ghidra or something and try and find a smoking gun about how their code might be used, and then hire an attorney to put together a case on that. In the case of my example, Fourier transforms are used everywhere in a wide variety of applications, and if my implementation is only like 10% faster it wouldn’t be very clear to an outside observer.
> Important to keep in mind that copyright is not patents. If they are just stealing the "idea" of your algorithmic improvement, that probably isn't even a GPL violation.
I am not saying it’s legal or not, I have no idea, just that that is why I have become disillusioned with the idea of open source, and I am not convinced that a well-meaning license like GPL is a realistic safeguard against corporate exploitation.
Lying and cheating on a job interview isn't a victimless crime. You're harming the company and all your coworkers when they hire you into a job you're not qualified for; you're harming all the other actually qualified candidates that didn't get hired instead; you're harming yourself, when your salary comes from a company who rely on you to give something you can't give them.
It's the same with another Soham, who was moonlighting for years. I would not be surprised if he starts a company soon, given the fame he has gained.
Marketing wins.
Side remark: Since YC claims all the time that they invest in people, not in ideas, YC should perhaps part from the people behind Pickle very fast, since by their investment YC rubber-stamped that the people behind Pickle are great ones (but not necessarily the product of Pickle), something that YC perhaps does not want to uphold anymore. :-)
You’re free to do what you want. I just find a lot of the entire FOSS process kind of exploitative and why I have become disillusioned with it.
ETA:
To be clear, I have a fair active GitHub and I still post stuff on there fairly often, and even a few non-trivial things. I just have stopped compulsively putting every line of code I write in public repositories.
The models isn't generally recreating your software, but might be spreading your way of thinking in pieces.
I get it from the artists and to a lesser degree, writers. I just don't understand it from software projects.
I guess if you think of it as something to replace you, but since you are already a creator, it is also a way to unlock much greater capacity for turning your ideas into solutions.
This issue could have been caught earlier and solved if YC checked for this earlier. And maybe it could even have been prevented if YC imposed harsher penalties for breaking the ethics code or the law. But instead it was caught and made public by someone else, and it's that public pressure that caused any reaction from the founders.
> that's pretty good from a 2 page application and 15 minute interview process.
You're damning YC with praise. 15min to assess potential for profit but also ethics and integrity doesn't make it look like they'll put much focus on the latter. Always good to have confirmation.
It's your choice to take the strawman argument and fight that instead because it's more accessible to you. It's your choice to pretend you don't get the meaning of words (like what YC's own code of ethics could mean, of the "if" that preceded every one of those sentences you keep quoting) and drag the conversation down just to save face. It's your choice to keep finding weak defense arguments for VCs who are sacrificing integrity for money in a 15min interview.
Which reminds me, it's about that time.
And even if they handled it very gracefully afterwards, don’t expect everyone to be happy about it. That’s Mashimo’s problem isn’t it, someone’s gonna criticize regardless. No shit!
Btw, I have never ever taken someone else’s work and brand it as my own without credit, or cheat someone in any other way (or at the very least, never intentionally). Thank you for asking. I don’t think that’s a high bar to clear.
Setting that difference of interpretation aside, It’s difficult to figure out how and when exactly you think YC could have surfaced the problem with the repo that was published in the last 24 hours months ago when they made the funding decision.
Could you help me understand the notional timeline of actions that you think would have avoided this?
If i order fast food im not hiring the worker because i pay them.
Hiring means one thing, investing means something else.
Engagement hacks, outrage, eyeballs, distribution, attention at all cost. Welcome to tech in 2025.
An LLM unburdened by restraint could like produce page upon page of story nearly identical to the original.
Any company that props up their AI bet is the most valuable to them now, even if it provides no real value for users...
Funding people means having a lot of trust in them. What's unsaid is if the investor believes coloring outside of the lines to make everyone more money is a breach of that trust, or just the normal cost/risk of business.
While it is a personal attack, it is pretty tame compared to (non-flagged) comments I see here every day. I especially don't see it as a swipe at their family. Yet this is a pretty strong rebuke.
While I highly doubt it's because the subject is a YC pick, the optics aren't great.
It doesn't work like that.
The code linking with AGPL code needs to be AGPL (or compatible license) to comply with the license.
That doesn't mean that if you link some code with AGPL code it automatically becomes AGPL. It just means it doesn't comply with the license and therefore does not have the right to use the AGPL code.
The remedy to a license violation is not necessarily complying with it. In fact, I've never seen a case where a company using (A)GPL code in such a way was ordered to release their own code with that license. Generally, they have to simply remove the (A)GPL code, pay some damages and that's it. If they want to keep using the AGPL code, then they of course would have to comply with it, but that's their decision at that point.
Also in this AI era I've learned something else: it isn't intelligence that builds institutions. It's philosophy, and it's faith. The AI industry is full of smart people, but If you lack a set of beliefs you won't know why you're working or what you're working towards or how to put one foot in front of the other day after day to make steady progress towards helping people over the longest time scales.
In the AI era our industry has found itself with one of the more bizarre problems I could imagine: in accepting that it builds products for AIs and not for humans, it has become philosophically bankrupt
If your code is 0% derived from GPL/AGPL code in a copyright sense then there is no virality and you can generally use them together without license worries if you're careful about how you link.
Which is, I think, a corruption. It's being missed in the discussion about the license violation which, to be fair, is what this thread it about but in my mind, that is the major issue.
That's an extremely charitable interpretation.
A more realistic interpretation is that the law was up to date, just that enforcement couldn't keep up because 1) nobody expected such a brazen level of breaking the law and 2) justice doesn't really apply when you have enough capital.
https://www.pcgamer.com/dreamworld-infinite-world-mmo-kickst...
https://news.ycombinator.com/item?id=27319457
https://news.ycombinator.com/item?id=26898266
https://www.ycombinator.com/companies/dreamworld
To be sure, there's nothing wrong with the idea that modern computers and distributed computing techniques can handle streaming updates for a significantly higher scale of concurrent same-world users than prior-generation MMOs. But clearly something unexpected happened here, and while I completely understand the lack of a public post-mortem, I hope that YC has examined why its mentorship model and community were unable to set up this team for, if not success, at least having greater integrity in its relations with its userbase.
- the original software is clearly unethical, and I bear no goodwill toward its developer
- I support the consistent enforcement of the GPL
In a case like this, I think it's natural to state both points. If we only focus on the second, we may be contributing to a groundswell of support for the original project/developer. That's distasteful when we only want to narrowly support their right to have their licensing terms respected.
If I tried to enter the mindset of a VC, I could potentially see that as a "Is this person at the 'edge of progress' currently" flag, although I wouldn't trust it more than a "Is this person chasing hype" warning personally. Maybe it's a good way of getting some specific type of person to apply, in some other way?
While I wouldn't disagree with your sentiment, just keep in mind that the General Data Protection Regulation (GDPR) got implemented 2018.
Don't pay your debts as a person: you quickly get hit with fees, chased by collections, etc.
Don't pay your debts as a company: sorry, it was merely a clerical error by our accounting department. Nothing to see here.
Lie and profit from it as an individual: that's called fraud and could land you in jail.
Lie and profit from it as a company: sorry, our website/documentation was out of date, our CS clerk was wrong and has since received additional training. Nothing to see here.
There's a perfectly good noun, "lessons" and a verb, "to learn" that, when combined, provide everything "learnings" does, without the pretension of using a verbed noun. It's like "diarize" and other even worse monstrosities.
Sorry to this poster, no personal attack intended, you just pushed one of my pedant buttons.
Oh, and now they have their own rendition of the "Aviator" game often advertised by unregulated Eastern-European online casinos: https://members.withyotta.com/moonshot/. You can't make this shit up!
I wrote off YC after this. Maybe early on it was a mark of quality and good due-diligence, but now I'd argue it's the outright opposite - if it's funded by YC, buyer beware.
As an aside, GDPR enforcement is so lacking (even today) it doesn't register on anyone's radar beyond those that fear-monger about it or sell snake oil to pseudo-comply with it. But even then, keep in mind most of what the GDPR has was already part of many countries' own legislation, and things like spyware were illegal even in the US (but again laws don't apply if you are a company and have enough capital).
YC doesn't invest that much into any individual company and that's the most they would lose in the worst case scenario. So even if they behave badly they have a capped risk but unlimited upside
They're far more likely to just fail for other reasons, lawsuit is not going to happen regardless
But lots of programmers don't get properly compensated. Some by choice, some by external factors.
I'm saying that's a reality. How you feel about other programmers and the choices they make for themselves is up to you.
Clearly there's no obligation to post anything yo public repositories, send the vast majority of programmers never do.
In my book that is unambiguously unethical and should get the contact fired. I am shocked to see this approach promoted in such a blasé manner.
So just to point out, here you're complaining about them not performing step 1 on the redemption path sufficiently well. That's a fair criticism; but I'd point out that the "Just admit you screwed up and don't try to explain because you're just making excuses for yourself" principle is neither so self-evident nor so well-known that it's fair to expect everyone to magically know it.
What Mashimo's problem is that with regard to the "make it right" step, it's really not clear what to do in this case regarding the git history. Do you take it out? People complain you're trying to hide your sins. Do you leave it in? People complain the other way too.
This shows that the right answer is not self-evident; which means we need to cut people slack. It also means that we as a community need to figure out what is the right way to "make it right" when people do a bogus relicensing, so that there's a clear path to redemption.
But your response to Mashimo wasn't trying to help define a clear path to redemption; your response was basically, "If there's no path to redemption, that's your problem, you shouldn't have screwed it up in the first place."
That attitude is only going to harm our community in the long run. If there's no way to redeem yourself, why bother doing anything at all? Just keep claiming rights over the source code and tell the author "so sue me", knowing there's no way he'll get a fraction of his legal fees back. Or, abide by the letter of the law but don't admit fault.
> Btw, I have never ever taken someone else’s work and brand it as my own without credit
So it's, "Some things need a path for redemption and other things don't." And as it happens, the things that don't need a path for redemption are things you've never done.
It ended up meaning something else, but back then this is how I understood it.
Morality and restrictions are two different things. Just because someone makes up a rule doesn't mean it's morally enforceable.
I always did it without any expectation of gains from it, and with the intention for people to use it for whatever they want. That calculation hasn't changed, even considering machines will slurp it up now.
I do agree that it sucks for people who do care about what the code is used for, and I hope these people migrate to other licenses that support their ideas about control and ownership.
"I only harmed the company and my coworkers and myself for a year, before they had built up enough of a case to fire me."
That's a year they could have been paying someone competent, rather than working around your incompetence.
Any time you see egregious comments on HN that aren’t flagged/dead, you should flag them and email us so we can take a look.
So we're clear, because this implies I'm "supporting" it, I'm not. Just saying that this is more tame than many personal attacks I've seen, with a stronger response than I've seen (when there is a response). And, in this case, that gives off some bad optics/more ammo to people who are critical about when & why you moderate.
Without moderator transparency (which I've read the reasoning for, and can agree with!), optics is really all you've got.
At least they attempted: https://news.ycombinator.com/item?id=44461271
I am merely explaining why I choose not to partake in FOSS when I think it’s exploitive. People are free to disagree, or not care, and that’s obviously fine, but I choose to not directly contribute to it.
Doesn’t seem to match the natural algorithm.
They rather sell themselves as early-stage startup incubator.
See https://www.ycombinator.com/
"We help founders at their earliest stages regardless of their age."
"We improve the success rate of our startups."
"We give startups a huge fundraising advantage."
and https://www.ycombinator.com/about
"The overall goal of YC is to help startups really take off. They arrive at YC at all different stages. Some haven’t even started working yet, and others have been launched for a year or more. But whatever stage a startup is at when they arrive, our goal is to help them to be in dramatically better shape 3 months later."
“Roasting” is one word for something that can be described in far more serious terms. It’s against the HN guidelines and the guidelines still have to be upheld to some degree.
It’s also false that they will face no real consequences. They’ll never forget this experience and these sorts of things are often terminal for a company.
Software interviews and hiring have definitely changed over time, and I know it’s harder right now, but I think we’re seeing the past with slightly rose-tinted glasses here. It was never only just one short interview, there were applications and emails and phone screens. In my career, I’ve always had multiple interviews and technical discussions during job applications, even back in the 90s. Getting hired, for me, has always taken several weeks end to end, if not longer.
There are a bunch of reasons interviews are getting harder, and people trying to game the system and trying to cheat are one of them, a big one. Think about it from the company’s perspective: what would you do if the volume of applications you got started far exceeding the number of positions available, and an increasing percentage of the applications you got were people unqualified for the positions but adept at pretending? More face time vetting before hiring seems like the only reasonable answer.
Other reasons why interviews are getting harder is that software jobs are more competitive now, and possibly relative pay has gone up. If interviewing was easier back in the day (and I agree that it was), it’s because there wasn’t as much competition.
Canonical is at least a little better since they’re a much more FOSS-first company as opposed to a trading corporation, but my opinion still is the same with them.
Also, completely unrelated, if anyone at Canonical is reading this, your hiring process is terrible. Making people write nine-page essays about how smart they were in high school and then forcing them to take some absurd pop-psychology IQ tests and then multiple dedicated projects is insane. Whomever designed the interview process there should genuinely be ashamed of themselves and consider literally any other career.
At least in Germany at the time of GDPR, the startups (and also bigger companies) were struggling with the insane amount of compliance requirements, and the uncertainty how to actually interpret these legal requirements also in terms of federal law.
In other words: these (German) companies (and startups) clearly obeyed the spirit of these, as you say, 40 year old laws, but struggled hard with the formal red-tape requirements of GDPR.
I just don’t feel like directly contributing to helping a corporation make money without being paid. I have a finite amount of time on this planet, I don’t need to provide unpaid labor to make Mark Zuckerberg richer.
Right. They'll learn to be more discreet about it next time. Do you really believe "I got flamed on the Internet" is a memory that will counterbalance "I can make millions out of selling stolen code if I don't get caught" ? (especially considering that you flag such comments, therefore their shielding their poor egos from seeing mean words.)
>these sorts of things are often terminal for a company.
Starting a company is not hard. Thousands are created, and destroyed each day. If they're smart, under someone else's name. Maybe, maybe one person will see <generic AI company name> and think to look at the CEO, remember what he did and potentially try to warn people about it, and they'll be promptly ignored. Helped by people like you, under the guise of muh guidelines
>“Roasting” is one word for something that can be described in far more serious terms
I'd love to hear those terms. Because the worst that comes to mind that could apply is "disparaging", and unfortunately for them, "being mean on the internet" isn't something they can or will sue over.
If enough good candidates have that reaction, it will become a prestige marker for a company to not use AI screening to give them access to the best candidates
"using daddy's money" when talking about a VC funded founder is such a safe bet that if Berkshire Hathaway could invest in it, they would.
* waterfall
* design up-front
* source control systems that
* defaulted all files to read-only
* required you to "check-out" files, potentially locking other devs out from editing them [1]
* probably didn't have unit tests so "deploying to prod" meant "doing a full QA pass, done by human beings"
* there was no CI/CD (We had "Build Engineers")
[1] Reserved Checkouts: https://www.ibm.com/docs/en/clearcase/11.0.0?topic=ucm-check...
Plenty of people stay in violent abusive relationships when they really should leave, presumably because they feel like they’re getting something out of the relationship. That doesn’t give a free pass to the abuser.
I am not saying that companies using open source software are anywhere near as bad as a physically violent husband, I’m just saying that just because the contributor to OSS feels like they’re getting something from the relationship doesn’t absolve the corporation of its sins.
The current FOSS ecosystem feels like the tech equivalent of the “working for exposure” scam.
I'm guessing my comments are pushing on a sore spot, because you've implied that I support the personal attack when I've said clearly I don't, and now you're implying that I'm lying.
Sorry. I'll bow out.
I can totally understand thinking this way out of desperation, and being lulled into thinking it’s this simple, but it seems short sighted with hidden complexities. First of all, it’s risky. If you get caught, you don’t eat, and it could follow you and prevent you from even getting in the door elsewhere. Companies are always going to be watching for cheaters, they are always going to have more visibility than you into what interviewees are doing, and they are always going to have more resources. Even if you do cheat and get hired, it quickly becomes obvious that you’re unqualified and can’t do what you claimed, and even if you don’t lose your job, you’re less likely to get promoted. Being lazy and amoral about interviews seems like a trap people set for themselves.
The good news is that a lot of companies are starting to allow AI during the interviews, and suddenly it’s not cheating. But of course that means you need to be good at using AI and interviewing and programming, you won’t be able to cheat and rely on the AI to do your talking for you.
That’s not really true, every app offers some version of “Download your data” these days as a result of GDPR.
I'm not putting them in jail. I can't even criticize them online? Who's in the way of their redemption, whatever that means? Yeah I'm proud I'm not guilty of shady shit, now kindly get off my lawn with your moral relativism.
But in the context of this thread, it has largely been the free-for-all that people want it to be but I’ve drawn a line at one point where things crossed over into being personally nasty and I haven’t yet seen a reason why what was a wrong call. I know some people will criticize me for that and I’m comfortable with that.
The response could’ve been better worded but you can see how no one would want to moderate a community that makes it a habit to disparage specific people outside of a good faith discussion.
This comment broke the guidelines. I'm not saying it shouldn't have been moderated. I made a meta comment on the overall moderation on HN, which sometimes surprises me in which comments get reprimanded and which ones don't (and with what amount of vigor the reprimand is delivered with).
If there are comments that are that bad or worse floating around HN, which aren't getting flagged and/or replied to by moderators, we really need to see them. If you can recall where any of them are, and can dig up links, we'd appreciate it. Failing that, if you (or anyone) see cases of this in the future, we'd appreciate a heads-up.
The one thing I can imagine you might be referring to are some of the recent politically charged threads where people were really going after each other. Those are hard to moderate without coming across as taking one political side against another (which we're careful not to, but this is easy to miss when passions are high). But even in those cases we do our best to make sure that the guideline-violating comments get flagged.
I realize you already alluded to this when you say "Yes, I know, you can't see everything," but that really is the only reason why comments of this sort should be going unflagged or unmoderated on HN. There's a lot that we just don't see here—there's far too much for us to read it all, and we rely on users bringing it to our attention.
Especially now, business ethics are for the "little people." The modern billionaire class no longer cares about even keeping up the appearance of decency.
I am not trying to really convince anyone of anything, do whatever you want. I am just explaining why I have become disillusioned with FOSS.
Let’s suppose I make a slight more efficient implementation of green threads, for example. I do not see how that would affect the output in a way that would be obvious, even if the library is non-trivial. Even if I slapped it with a GPL, I don’t see how I would realistically be able to check if they broke the license without first auditing the code, which I couldn’t do without a discovery request, which I likely wouldn’t have grounds for even if I could afford the lawyers for a lawsuit.
Edit: Fun fact, I cannot edit my original comment. But over-zealous flaggers seem to have taken care of it on my behalf. Unclear as to what about that comment deserved flagging, I guess raising concerns for the OPs admittedly problematic project is broadly the same behavior as the racist troll account who was previously active in this thread. Well done moralizing my original moralizing. The irony is…well pretty mundane in this case, really.
It's a wild world.
This faux-outrage is just showing how broken the whole hiring process is in tech.
Stop giving people puzzles and just talk to them. If you're unable to evaluate if someone's a good fit for a role then you either need to learn more about effective interviewing, learn more about the role, or find someone else who is good at hiring/interviewing.
This has all been a long time coming.
I've noticed that a lot of the supposed hallmarks of "AI slop writing" (em-dashes, certain multisyllabic words, frequent use of metaphor) are also just hallmarks of professional and academic writing. (It's true that some of them are clichés, of course.)
It seems like most efforts to instruct people on how to "fight back against AI writing" effectively instruct them to punish highly literate people as well.
I think it's often still possible to tell human writing that uses some of the same tropes or vocabulary apart from AI writing, but it's very vibes-based. I've yet to see specific guidance or characterizations of AI writing that won't also flag journalists, academics, and many random geeks.
I really, really hope this does not become a "standard". Ugh.
Not really sure what I can do for the author but say "that sucks, bro".
That's good, but what if the goal is min-maxing money making? Everything else becomes secondary.
https://hnrankings.info/44455787/
https://hnrankings.info/44460552/
...in any case, what's the "joke" about this? GPL violation is very serious, Tesla was forced to publish a substantial amount of proprietary code after a similar infraction.
- Posts with high comment-to-vote ratio often have political, scandalous or other kinds of heated themes
- Highly popular/engaging posts already act as self-amplifying snowballs
- High-volume discussion triggered by emotions is hard to navigate, is repetitive, and attracts the dumbest trolls even in HN
- The truly important topics tend to become visible anyway
I hope the strongest appropriate consequences for this come their way, though likely nothing will happen.
Meanwhile you're just trying to handwave it all away
Many LLMs will be derailed into giving entertainingly wrong answers:
You're just having some abstract, theoretical conversation that has no basis in what has happened
But yeah, I've pretty much come to the same conclusion myself too - ship source, but ship it under ARR.
I think there's another innovation which hasn't really been explored yet - an "anti-copyright" cartel-style licencing, where you only have permission to use the product to make something dependant on the original product itself, and whatever you make can freely be used by the original creators and all the other participants in the cartel
The effect would basically be creating a "closed" ecosystem encouraging innovation inside it but protecting it from people stealing shit from the outside...
You yourself admitted that your original comment was harsh after the author responded to you.
https://github.com/Respect/Config/blob/master/docs/README.md
Then, two years later, toml (by a GitHub founder) appeared. It is almost an exact clone of it.
https://github.com/toml-lang/toml
--
You could say that is just a coincidence, and it's an obvious idea that anyone could have had.
But then again, also around that time, a sibling component for the configuration language was featured on "The Changelog" (then, a very popular website featuring interesting projects).
https://changelog.com/posts/validation-the-most-awesome-vali...
It stayed on trending PHP repositories for months.
--
So, either toml was stolen or I independently invented it years prior.
Don't do easy to implement DSLs kids, there's no way of licensing them.
The best thing that happened with my early projects was the local community I was able to help build here in Brazil.
I've seen many local contributors that helped with my early projects do things well beyond what their dreamt of at the time, and I'm sure I had a positive influence on the careers of many people. All with honest, simple hard work.
I am sure many people remember I did some things first, and without any investment or marketing attached to it. Just a kid, making things.
To me, that is worth a lot more than VC money.
How does this trash get supported by YC so easily and real stuff doesn’t get a chance?
In 50 years they'll be useless anyway when computers are just plotting every iteration and combination of 1's and 0's that might be.
I too see no difference in machines learning from the works of others than man standing on the shoulders of those before them to reach higher plateaus.
It's all a big to-do about nothing.
I'm having a conversation about principles; and my principle is that there should be a path to redemption. When people screw up, instead of just knee-jerk piling on because we can, we should ask, "What would be a reasonable thing to expect them to do to make it right?"
> Whatever the path is - could even be paying or even hiring the original dev
Sure, this would be a strong action on the "making it right" direction.
> they haven't done ANYTHING in that direction.
This just isn't true. They said they said they were in the wrong. They changed the license, removing all traces of the illegal license. That's not nothing.
Yes, they also downplayed their mistake, which kind of undermines the "admit fault" step. Yes, they could have gone much further to make things right, by for instance hiring the original dev.
They could have done better, but they also could have done worse.
Maybe they don't know that the history is still there? https://github.com/pickle-com/glass/activity?ref=main
https://web.archive.org/web/20250704222510/https://github.co...
That's because you have either not read enough or have been dismissing the very sound case: Scale.
In law, scale matters. It might be legal to possess a single joint while at the same time being illegal to possess a warehouse of 400 tons of weed.
Now, at least, you cannot say anymore that you have not heard a convincing case for why ingesting every single piece of work by an artist with the intention of out-producing them is a bad idea.
You have heard at least one, supported by precedent in law in multiple jurisdictions.
If you want to convince people to steer away from ad-hominem, don't get all touchy-feely from the thought of a business breaking the law.
For me, it was obvious to use `parse_ini_file` because it greatly improved performance (I didn't had to parse it by hand) and familiarity (PHP users already know ini).
On the other hand, there is no reason for toml to have chosen ini. Almost no other language had efficient ini parsers at the time, or any culture related to ini files whatsoever. It sounds like a strange choice outside the PHP context.
As of right now, I just feel like the best thing to do is not put my code out there, and just binaries. If a company likes what they see then they can pay me for the code.
And, as such, when your favorite AI generates code similar to my code after having read my code, that's infringement, the same as if a human had done the same thing... only, the AI doesn't bother to consider that angle, and, even if you know to care, you have no way to know what is going on, in the way a human at least usually can know when it is cribbing off of what it knows (though even a human can do this accidentally).
Any sensible person would agree with you in the abstract.
But you're having the conversation in a thread where the person who should be seeking redemption has done the opposite. What you seem to considerinimally redeeming and seemingly even applauding, MANY people consider to be making the situation worse - a disingenuous apology, and only because they got caught. THAT is what we're piling on about, not the initial (egregious) infraction.
Anyway, I'm done here.
This mentality is relatively new. Or more like invented by Facebook and got marketed the heck by PRs and marketing firms.
And now we have people who code before they think.
HN seems to be fine with that (!).
However, when you look at the license of the software I release, there are some terms I put forward. In short, it’s called GPLv3+ or AGPLv3+ depending on the thing I have written. You can use/develop/fork/integrate/sell it. I don’t care, as long as you obey the license terms.
Don’t obeying these terms, and running with the code is wrong. Even if you put the laws aside, that’s unethical. This is what makes my blood boil.
I do not develop software as a job. I do it as a side quest, and more importantly as research. I don’t want my research to be laundered and closed down, but be available and free as much as possible. This is why I use copyleft licenses.
If you care about developer freedom, you write Open Source code with permissive licenses. If you care about users’ freedom, you write Free Software with copyleft licenses.
I care about users’ freedom, not developers’ freedom to rip any code and embed into their code bases, which permissive licenses are designed for.
This blatant selfishness of “we are doing something great, we need no permission” is angering me.
Otherwise, get my scrappy code and make a million dollars with it. As long as you obey the license, I don’t care. On the contrary, I applaud you.
Open Source software is not about users generally. It’s about other developers. Like a trade gathering. People in the know get there, get the tools they need, build the things they need with these open things and sell them to make a living. That’s fair. I understand, agree, and respect them.
Free Software’s different. Think like end users get the things they need with all the blueprints and specifications of that thing. They can do anything to these things, but if they want to share it, they have to share the new blueprints and specifications as well, to keep the thing available and free from abuse.
I’m in the second camp. I give you something for free, but there are terms attached. If you modify the thing, you have to give modifications away. Plus, you can’t integrate it into a tool which is or can be closed.
I just don’t want the thing i built for you to be closed and used against you to make your life more difficult. Because the aim was to make your life easier in the first place.
The entire process is absurd. I wasn't joking when I said that the application required me to write a 9 page essay to even move forward. It took me two hours, and then I'm told I have to do some pop-psychology horseshit to prove my "intelligence" to these assholes.
I don't really like insulting people if there's any chance of the person actually seeing it, but I genuinely have to question the competence of anyone who thinks that this is a good use of the company's or candidates time. I genuinely think that the world would be better if they chose a different career.
I'm sure some middle manager read some article about the best way to hire candidates and implemented that, and maybe it really is the absolute best way of hiring, but it certainly rubbed me the wrong way.
Again, this doesn't have to be this way. Either Y-Combinator needs to boot the thiefs and invite the original dev, the thiefs need to invite them in with a fair equity share, or else we continue to perpetuate this culture. And, I agree with others, creatives have already become more and more afraid of sharing their work and having it stolen. Ours was covered with a bullet proof contract that the other party presented us with. We also have a patent pending. Neither of those stop someone from stealing from you and it's your job to protect your IP (and money). It almost bankrupt us... but because it was their contract, our lawyer constantly was scratching his head since it was a slam dunk case.
Steve Jobs and Apple stole the UI from Xerox, Tesla wasn't Elon Musk's, and you can go down the list. Look up the history of Arduino and wiring. I have no problem buying Arduino knockoffs because of it. (The two profs that didn't give their grad student attribution have a history of stuff like this as well as infighting)
But it doesn't have to be like that, it's our choice to continue perpetuating it and it will lead to emergent properties that people won't like. The question is: how long can the party last for investors, incubators, and thief startup founders in our highly connected age?
Instead of waiting to find out, I hope that Y-Combinator and associated investors pioneer a better culture of rejecting these people when they find out and promoting the actual creators. Michael Seibel talked about the best creators not being the best networkers back at startup grind 2019, and that the old model of investing is broken. 6 years people. (I've been building a network of us who are expert at going out and finding the best creators, but it would be nice to have the resources and platforms of larger institutions).
Why don't we promote the actual creators OR pair those good at identifying the opportunities and pitching and marketing them. That would be WAY better, and everyone wins while making a better, long term sustainable culture and model.
I know there's been cases of big projects successfully suing companies that break the license (e.g. BusyBox), but if I just make some small utility on Github, even if it's licensed with AGPL, I don't have a ton of recourse. I don't have the ability to audit every project that might be violating it, and even if I did I don't have the capital to pay an attorney to sue for every possible violation.
If you're working for a company and that company is paying you to work on a project that they decide to FOSS later, great, you're being compensated for your work and I have no objection to that. Hobby projects are generally not compensated and as such I think it's better to keep them closed source.
My code will never be publicly available. That's a key trade secret of our business. When investors and others tell us that someone else could build it, I let them know that they could build their own, similar version, but it wouldn't be what we have.
We've verified that by having friends and family, some of the best coders that we know - Stanford, MIT, and other CS alum, as well as top FAANG programmers - try to reproduce it. It's always something done in their own style that doesn't do the job as it needs to be done (they work ok, but they all miss some key crucial parts of why our system succeeds at what it does).
GitHub is good for those looking for a job or to share their projects openly. I wouldn't even trust a private repo. Everything is either on systems and servers that we have control over or in my head. As we grow and scale, we have a roadmap for how to keep control over those trade secrets until it's time to pass off the company (if we do). At that point, I'm confident that whoever takes over will realize that this will be like the Coca Cola recipe, or any other trade secret which could be reproduced but not necessarily in the same way. (Knowing the history of that recipe and what others have created that tastes identical, it's more apocryphal and maybe not a perfect example, but you get the idea).
Anything controlled by another company is something out of your hands. Pick and choose wisely where you keep your stuff.
Use value of OSS remains high. Because of that, when I can add to the body of OSS, I do. People will do what they do.
All I control is me. They do them.
We all benefit from the high use value.
I do wish those who have made fortunes would contribute more and keep their roots, and the labor of many high quality humans just a bit more firmly in mind.
At best the license.txt that accompanies a particular revision can serve as a sign post of what license applies it is not dispositive and if the sign post is wrong it was your bad for failing to understand what license applied before distributing.
I would have loved to be paid to work on FOSS stuff, but this interview process was too stupid.
From the earliest time I became involved with YC (nearly 17 years ago) it was drummed into us that you don’t mess around with IP, because it kills funding rounds, acquisitions and commercial deals, and harms one’s reputation and stirs up unwelcome attention just like this.
I’ve been subjected to suspected theft of my IP by a client and I can absolutely empathize with the feeling of outrage from people who’ve been subjected to this; it was one of the very worst things I’ve experienced in my career.
But there are well-established conventions for how to deal with it, which begins with a demand to stop doing it and not do it again (“cease and desist”).
Of course this company should stop and not do it again and it’s completely reasonable for them to be held to account on that.
But if HN commenters are demanding someone else be honest and honorable, they need to be willing to hold themselves to the same standard, and it’s a basic societal norm that we allow legal processes to progress and not take matters into their own hands with personal vilification/mockery or exaggerated/unfounded allegations.
It’s a surprisingly efficient and low-bullshit process.
This is the opposite of what happens and YC drums this into founders from the start; at least they did in my day, because pg's main startup (Viaweb) was nearly brought undone by an IP dispute, and it scarred him deeply.
What YC tells you is that the more successful you are, the more likely it is that you'll be caught if you mis-use IP, and auditing this is one of the biggest parts of the due diligence that investors, acquirers and commercial partners will undertake.
In fact, pg explicitly addresses this very thing in his 2005 essay How To Start a Startup [1], which was the original inspiration for YC:
One of the worst things that can happen to a startup is to run into intellectual property problems. We did, and it came closer to killing us than any competitor ever did.
As we were in the middle of getting bought, we discovered that one of our people had, early on, been bound by an agreement that said all his ideas belonged to the giant company that was paying for him to go to grad school. In theory, that could have meant someone else owned big chunks of our software. So the acquisition came to a screeching halt while we tried to sort this out. The problem was, since we'd been about to be acquired, we'd allowed ourselves to run low on cash. Now we needed to raise more to keep going. But it's hard to raise money with an IP cloud over your head, because investors can't judge how serious it is.
If the point of the interview were "answer those questions AND know enough to answer the follow up questions" _once told what to expect and prep_, they’d be sharing those questions with all candidates. If you feel that saying to the interviewers "by the way, I did know this because [X] told me they’d be here" wouldn’t impact outcomes, then great. If you feel you’d need to hide that, then you’re aware this involves dishonesty - and if you still struggle to see how that’s unethical, lets just make sure we never need to work together.
Seeing as how you seem to prefer to let everyone else steal a march on you in interviews in the interest of "fairness", that's not likely to happen anytime soon.
English is a composite slut of a language, sucking in words from all over the place.
"Learnings" is a relatively new "corporate speak" English word invented to try to make people sound more intelligent when speaking or writing emails.
But even if you put binaries out, they can steal them, it's just harder... I guess, making it harder is the point as a form of deterrence. Dunno, these things are hard questions :)