• chevron_right

      Piracy Shield Source Code & Internal Documentation Leak Online

      news.movim.eu / TorrentFreak · 2 days ago - 21:30 · 3 minutes

    Logo piracy shield Ever since Italian authorities announced their intent to introduce an even more aggressive anti-piracy blocking system than the one already in place, controversy has rarely been far behind.

    Recent reports of avoidable overblocking, a reluctance to admit that the Piracy Shield system is fallible, and new reports that telecoms regulator AGCOM is now rejecting complaints from wrongfully blocked Cloudflare customers, are just some of the ingredients in a volatile mix that has always threatened to boil over.

    Piracy Shield: Source Code Leaked Online

    In what could develop into the biggest crisis yet for the Piracy Shield system and those who operate it, nine repositories of source code, internal documentation, and other related data, claiming to be the various components of the Piracy Shield system, appear to have leaked online.

    An announcement in Italian and English, posted on GitHub a few hours ago, criticizes AGCOM and SP Tech Legal, the law firm-linked developer behind Piracy Shield, for creating a “tool of censorship disguised as a solution to piracy.”

    The main ‘fuckpiracyshield’ repository on GitHub was created by a user of the same name; they appear to have joined the site for the purposes of leaking the code online and, after signing up at 15:55 on Tuesday, by 16:50 they were gone. Aside from the leaked material, a message was left behind.

    “This is not the way to stop piracy. This is a gateway to censorship,” the bio message reads.

    Content Allegedly Leaked

    The apparently leaked collection spans nine repositories; they are named and described as follows:

    frontend (The frontend of Piracy Shield), data (Guides for the ISPs and reporters that use Piracy Shield), variations (Some code that was probably used for testing for Piracy Shield?), service (Services and main logic of the Piracy Shield API), data-storage (Storage and filesystem management for the Piracy Shield API), data-model (Data models of objects used by the Piracy Shield code), component (Components needed by other Piracy Shield packages), api (This is the API for Piracy Shield)

    For those unfamiliar with Python or no interest in code, period, the ‘data’ repository probably offers the most interesting information. It contains what appears to be up-to-date operations manuals for Piracy Shield, with the ‘ISP TECHNICAL MANUAL – PIRACY SHIELD’ described as v2.4.1, current on February 2nd when Piracy Shield made its full debut.

    All documents are named and presented in Italian and the titles suggest that there are two versions of two distinct manuals: ‘Piracy Shield Manual’ and ‘Piracy Shield Error Codes’. One version seems to be directed at those reporting domains and IP addresses for blocking and the other toward the ISPs expected to carry out the blocking.

    Unusual Feature of the Leak

    When browsing the source code and attempting to work out its purpose, on some repositories something immediately stands out. With no assumptions as to who the name refers, a contributor to the Piracy Shield project appears to be someone called Daniele Maglie. Their name appears time and again throughout the code, which in itself isn’t especially unusual.

    However, when looking more closely at the leaker’s bio, which includes an image of AGCOM’s president apparently deep in thought, leaving the mouse pointer in place for a moment produces a piece of popup text, as highlighted in the image below.

    piracy shield popup

    What the text means, if indeed it means anything at all, will be just one of the questions being asked in the days to come. In the meantime, AGCOM has yet another blocking target to contend with, although a DMCA notice will be much more effective.

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      Code Scanning Autofix – GitHub lance la correction de vulnérabilités par IA

      news.movim.eu / Korben · 7 days ago - 10:09 · 1 minute

    Les failles de sécurité dans le code sont le cauchemar des développeurs et des équipes de sécurité et font surtout le régal des hackers. Alors pour y remédier, GitHub a décidé de sortir l’artillerie lourde avec Code Scanning Autofix ! Attention les yeux, cet outil mêle IA et analyse statique et nous fait la promesse de corriger les vulnérabilités en un clin d’œil pendant que vous codez.

    Concrètement, Code Scanning Autofix (actuellement en bêta publique) est activé par défaut sur tous les dépôts privés des clients GitHub Advanced Security. Et devinez quoi ? Il gère déjà plus de 90% des types d’alertes pour JavaScript , TypeScript , Java et Python . De quoi mettre une sacrée claque à la dette de sécurité applicative !

    En coulisse, cette magie opère grâce à deux technologies de pointe made in GitHub : Copilot pour l’IA et CodeQL pour l’analyse statique. Une fois Code Scanning Autofix activé, il vous propose des correctifs quasi tout cuits qui sont censés régler les deux tiers des vulnérabilités détectées, le tout sans trop d’efforts de votre part.

    Voici un exemple de correctif proposé :

    Pour chaque faille repérée dans un des langages pris en charge, vous obtenez une explication en langage naturel du correctif suggéré, avec un aperçu du bout de code à valider, modifier ou rejeter. Cela peut inclure des changements dans le fichier en cours, d’autres fichiers, voire des dépendances du projet. Bien entendu, vous gardez le contrôle et pouvez vérifier si le correctif résout bien le problème sans casser la fonctionnalité.

    L’intérêt est donc de décharger les experts en sécurité de la fastidieuse traque aux vulnérabilités introduites pendant le développement. Ils pourront alors se concentrer sur la sécurité globale de leur projet.

    GitHub promet d’étendre prochainement Code Scanning Autofix à d’autres langages, en commençant par C# et Go . Et pour en savoir plus, foncez sur la doc de GitHub !

    Source

    • chevron_right

      DMCA Notices Took Down 20,517 GitHub Projects Last Year

      news.movim.eu / TorrentFreak · Friday, 8 March - 21:24 · 3 minutes

    github logo dark With over 420 million code repositories, GitHub takes pride in being the largest and most advanced development platform in the world.

    As with other platforms that host user-generated content, this massive code library occasionally runs into copyright infringement troubles.

    Pirate Devs

    In some cases, people use code without obtaining permission from the creators, while others use GitHub to store pirated books or even music. And there are also developers whose projects are seen as pirate tools or apps, which often leads to copyright holder complaints.

    A few high-profile takedowns have grabbed headlines over the years, including the RIAA’s takedown of YouTube-DL , which was later reversed.

    Other rightsholders were more successful, with GitHub removing a variety of piracy apps last year, including Vancedflix and CloudStream . Following the demise of the original torrent site, hundreds of RARBG magnet link repos were taken down as well.

    The RARBG repositories appeared online last May, quickly after the popular torrent site closed its doors . In response, some archivists collected the site’s magnet links and posted them on GitHub. Others copied these repositories to keep the data safe, but most of this effort was nullified by a single takedown request .

    20,517 Downed Repos

    This week, GitHub updated its latest transparency report with the latest data, revealing the total number of notices received and projects affected. The report shows that the platform processed a little over 2,000 takedown notices in 2023, which affected 20,517 repositories.

    Of all notices received, just 35 were contested or retracted, and a total of 65 repositories remained online as a result.

    projaff

    As seen above, most repositories were taken down in March. After looking at the reported notices we couldn’t immediately find one responsible for this large uptick, but with many hundreds of “ Eaglercraft ” repositories flagged by Minecraft’s parent company Mojang, that certainly left a mark.

    GitHub says that it will continue to take a developer-first, approach to content moderation, minimizing the disruption of software projects while protecting developer privacy. These transparency reports and the publicly posted takedown notices are a means to that end.

    The transparency report also shines light on how takedown activity evolves as the platform grows. This historical data shows that, in relative terms, the number of repositories on GitHub grows faster than the takedowns.

    For example, Github hosted just under 40 million repositories in 2015, of which 8,268 were taken offline. Today, the platform has more than ten times as many repositories, yet takedowns failed to triple in the same period. In fact, the number of takedowns in 2023 is lower than a year earlier .

    Surge in Circumvention Notices Explained

    Last year, GitHub did report a notable uptick in DMCA circumvention claims. These more than quadrupled compared to the years before and this wasn’t just a fluke, as the most recent transparency report shows.

    circum

    At least initially, the reasons for this were unclear, prompting GitHub to launch an investigation. The results of this exploration, released this week , show that the explanation is quite straightforward.

    In the fall of 2021, GitHub updated its DMCA takedown submission form with questions explicitly related to circumvention. Providing that option triggered many more submitters to tick that box, raising the number of ‘circumvention’ claims.

    notice

    These additional circumvention ‘claims’ don’t necessarily mean that more notices were processed for this reason. According to GitHub, many of these notices were processed for other reasons instead, including as regular takedown notices.

    “[W]hile significantly more notices we process allege circumvention, the rate at which we process takedown notices because of circumvention hasn’t accelerated,” GitHub writes .

    Processing circumvention notices is quite costly for the company as all requests are reviewed by a team of lawyers and engineers, to ensure that developers’ projects are not taken down without valid reasons.

    This extra scrutiny was first brought to the fore during the youtube-dl takedown saga, after which GitHub launched a million dollar Developer Defense Fund .

    GitHub is now actively engaged in policymaking in this area. The company previously urged the US Copyright Office to expand the DMCA anti-circumvention exemptions to benefit developers, while eliminating FUD .

    All in all, it’s good to see that GitHub remains committed to takedown transparency, and we will keep monitoring these and other trends going forward.

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      GitHub besieged by millions of malicious repositories in ongoing attack

      news.movim.eu / ArsTechnica · Wednesday, 28 February - 22:12 · 1 minute

    GitHub besieged by millions of malicious repositories in ongoing attack

    Enlarge (credit: Getty Images)

    GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency from developer devices, researchers said.

    The malicious repositories are clones of legitimate ones, making them hard to distinguish to the casual eye. An unknown party has automated a process that forks legitimate repositories, meaning the source code is copied so developers can use it in an independent project that builds on the original one. The result is millions of forks with names identical to the original one that add a payload that’s wrapped under seven layers of obfuscation. To make matters worse, some people, unaware of the malice of these imitators, are forking the forks, which adds to the flood.

    Whack-a-mole

    “Most of the forked repos are quickly removed by GitHub, which identifies the automation,” Matan Giladi and Gil David, researchers at security firm Apiiro, wrote Wednesday . “However, the automation detection seems to miss many repos, and the ones that were uploaded manually survive. Because the whole attack chain seems to be mostly automated on a large scale, the 1% that survive still amount to thousands of malicious repos.”

    Read 11 remaining paragraphs | Comments

    • chevron_right

      Sky Italia Targets Pirate Streaming App VancedFlix Through GitHub

      news.movim.eu / TorrentFreak · Tuesday, 23 January - 12:17 · 2 minutes

    vancedlogo Legal video streaming platforms such as Amazon, Disney, and Netflix have gained massive userbases in recent years.

    Not everyone is willing or able to pay for multiple subscriptions, however, which in turn has helped to create a flourishing market for pirate streaming tools.

    These pirate services often use slick designs and easy-to-use apps that appeal to a broad audience. And unlike the legal options, they offer all popular titles under the same roof, without charging a subscription fee. Needless to say, rightsholders are not happy with this competition.

    VancedFlix

    VancedFlix is one of many unlicensed apps available today and in common with the others, it’s a thorn in the side of rightsholders. The official website has over 100,000 monthly visits and, since the app is available through a variety of other download portals, the total userbase could be well over a million.

    vancedflix

    The app openly promotes the availability of free content from paid services such as Netflix, HBO Max, and Disney+ , although the operators suggest that legal responsibility for the streamed content lies with third-party services.

    “VancedFlix functions just like any other as a search engine, such as Google. VancedFlix does not host, upload or manage any videos, films or content on it’s servers [sic],” the site reads .

    “Any legal issues regarding the content on this application should be taken up with the actual file hosts and providers themselves as we are not affiliated with them. In case of copyright infringement, please directly contact the responsible parties or the streaming websites.”

    Sky Italia Takes Action

    Copyright holders tend to see the legalities quite differently. They argue that since these types of streaming apps are specifically designed for piracy purposes, their operators are liable for copyright infringement.

    This week, anti-piracy outfit Kopjra took action against VancedFlix. On behalf of Sky Italia , it requested developer platform GitHub to remove several related APK files.

    “The VancedFlix app, an app that allows you to watch movies and TV series totally for free. In this application you can see all the tv series of our client Sky Italia Srl, including all Italian tv series,” the takedown notice explains .

    “The developer of the application is not in possession of any type of license for the transmission of the Sky Italia Srl contents, therefore this application is considered illegal.”

    vancedflix github takedown

    Following this request, GitHub disabled access to the files, replacing them with a DMCA removal notice. The entire github.com/VancedFlix/Apps/ repository is now unavailable, and the same applies to github.com/ysnlek/st/ .

    Download Link Stops Working

    While these removals are a success for Sky Italia, these types of app developers are not always easy to defeat. The VancedFlix.com website remains available, for example, although it’s been temporarily decapitated.

    One of the targeted APK files on the official website was linked under the official “download” button, which now redirects to GitHub’s DMCA removal notice .

    The download link will probably be updated soon enough with a new one. The developers still have the option to file a counter-notice but simply reuploading the file on GitHub probably won’t work, unless they want to see more of this.

    github dmca

    From: TF , for the latest news on copyright battles, piracy and more.

    • In chevron_right

      GitHub counts 20 million US software developers

      pubsub.slavino.sk / infoworldcom · Thursday, 18 January - 20:00 edit · 1 minute

    GitHub’s Innovation Graph , a repository containing structured data files of public activity on GitHub, counts more than 20 million US software developers using the platform.

    Just-released findings incorporating data from Q3 2023 provide a comprehensive breakdown of global developer activity including top languages, numbers of users by country, and economy collaborators, GitHub said. GitHub released the GitHub Innovation Graph findings on January 18. Key findings include:

    • More than 20,226,000 US developers and more than 1,132,400 US organizations are building on GitHub.
    • US developers uploaded code from GitHub more than 23.7 million times.
    • US developers and/or organizations own more than 56.7 million repositories on GitHub.
    • The three top collaborators with US developers were developers from Canada, Germany, and India. The Innovation Graph tracks collaboration between global economies as the summation of Git pushes sent and pull requests opened between one economy to another.
    • JavaScript was the highest ranking programming language in the United States based on the number of unique developers who uploaded code, followed by Python and Shell.

    The GitHub Innovation Graph was first launched in September 2023. Raw data date back to 2020. New data represent a significant update to help policymakers and researchers better understand the nuances of global software development, particularly regarding cross-country collaboration, GitHub said.

    To read this article in full, please click here


    Značky: #Rozne, #GitHub

    • chevron_right

      Tachiyomi Manga Reader: Threats Motivate Pirates & Boost Engagement (Update)

      news.movim.eu / TorrentFreak · Saturday, 13 January - 21:32 · 7 minutes

    tachiyomi For those not fully engaged in the global manga/webtoon phenomenon, the scale and depth can be a little bewildering.

    Fans are knowledgeable, passionate, and growing in numbers, with many older enthusiasts having been introduced to the content via pirate sites, at a time when content was impossible to buy legally.

    Availability is much improved today but old habits die hard; pirate sites haven’t gone away either, a major challenge for content owners everywhere, in every content category.

    One of the companies attempting to reduce piracy of its ‘webtoon’ content is South Korea-based Kakao Entertainment. Unlike other large copyright holders that have coupled strong anti-piracy responses with generally moderate public profiles, Kakao prefers a different approach. The company’s anti-piracy team constantly engages with the public on social media, often with controversial results.

    Of course, Kakao is entitled to these freedoms. The company owns the content it seeks to protect and since almost all anti-piracy strategies fail to a greater or lesser extent, trying something different could inject new life and lead to fresh ideas.

    That being said, the history books show that some scenarios should be approached with caution; when certain ingredients are combined, there’s a heightened risk of unpredictable results.

    Open Source Manga Reader ‘Tachiyomi’ Receives Legal Threats

    For the last ten days or so, open source software ‘Tachiyomi’ has found itself under the spotlight following an approach by Kakao’s anti-piracy team. But first, what does the software do? A manga aficionado familiar with the software informed TorrentFreak as follows:

    “Tachiyomi is probably the ultimate Android-based manga/webtoon reader with plenty of features and extensibility. The development team behind it has been hard at work for close to 9 years since 2015, and has tirelessly iterated upon it, to create possibly the best kind of reader there is today.”

    Tachiyomi is free to use, with the added bonus of being completely open source. In common with similar tools, such as web browsers or torrent clients, Tachiyomi contains no third-party content and makes no attempt to lock users into specific sources.

    However, through various extensions, users are free to choose their own, including unofficial sources from where it’s possible to download content, including pirated content, without ever paying a penny.

    We’re informed that on January 2, 2024, project contributors received communication from Kakao’s representatives who made several demands in respect of this functionality.

    A source familiar with events informs TorrentFreak that the main developer of Tachiyomi was instructed to terminate the nine-year-old project by deleting all versions of the app, including those on GitHub.

    He was further ordered to delete any comics uploaded to the app, despite the app carrying no third-party content, period. A further demand sought the immediate removal of all Tachiyomi forks on GitHub.

    Tachiyomi Begins Removing Extensions

    We understand that later on January 2, Tachiyomi’s main developer advised Kakao that the best way to take actual content down would be to file DMCA notices at problematic sites, over which the project has no control. He also offered to help, advising the company that he was willing to remove individual sources from Tachiyomi’s separate extension repo if those were considered an issue.

    Three days later, Kakao reportedly presented a spreadsheet that listed allegedly infringing content available from five third-party sites. For one of those sites, Tachiyomi had no extension; for the remaining four, the Tachiyomi team would soon take appropriate action.

    New versions of Tachiyomi were released between January 6 and January 8 without a list of extensions being preloaded. Moving forward, those who download Tachiyomi will find that extensions are no longer part of the ‘out-of-the-box’ experience.

    January 9: Official Announcement

    An announcement on tachiyomi.org dated January 9 spoke of “extenuating circumstances” and a decision to purge extensions to “ensure the long-term sustainability of Tachiyomi.”

    “As of now, Tachiyomi is transitioning to a fully bring-your-own-content model. What this means is that you can still enjoy Tachiyomi for manga reading, but you’ll need to source and add your own content,” the statement added.

    24 Hours Earlier

    As detailed above, the Tachiyomi team responded to Kakao’s complaints quickly and went on to take significant action. Arguably the new versions of the app could’ve been pushed even sooner absent a 48-hour delay to determine certain details.

    However, what appeared to be an amicable solution triggered an unexpected Twitter post by Kakao’s anti-piracy team. It implied that installing Tachiyomi carries a risk of viruses.

    The post has now received 59K views and to quickly summarize the first few dozen responses, people didn’t especially appreciate a long-established open source app being described as a virus risk. One of the more polite responses can be seen below.

    For reasons that can vary from person to person and sometimes between communities, people often feel protective of open source projects. In some respects, their open nature seems to provide a small oasis of trust and when that’s surrounded by free, open source software, any perceived threat risks an unpredictable response.

    It appears two can play that game.

    January 10: Kakao Threatens Tachiyomi Forks

    Having obtained compliance from the Tachiyomi team without a struggle, and then declaring the software a virus risk regardless, on Wednesday Kakao’s anti-piracy team took to Twitter once again, this time to threaten people who forked the Tachiyomi repo.

    kakao v forks

    With over 154K views, this post reached a considerably larger audience and prompted almost 500 comments. If any weren’t critical, we apologize for missing them; they aren’t particularly easy to find. The same can’t be said about the Community Notes panel featuring user responses to the claims in the original post.

    Kakao is a huge company overall so it’s possible that communications policies vary from unit to unit. Anti-piracy issues may even be completely exempt or considered fair game, but it would be interesting to see how the negative results so far dovetail with a report published earlier this month.

    According to The Korea Times , reform measures are being prepared to “reverse the negative public sentiment” toward the company in general, not necessarily Kakao Entertainment in its own right, but nothing exists in a vacuum.

    At Least Things Didn’t Get Any Worse….Did They?

    When any type of site, service, or application is subjected to legal threats, the possibility of unintended consequences or mere fallout is something worth keeping an eye on. From basic DMCA notices through informal discussions to full-blown demands, the overall aim is usually evident from the nature of the requests.

    In this case, it appears that a complete end to Tachiyomi or an effective end due to limited functionality, would both amount to the same thing; a massive loss of interest in the software and ultimately, game over. However, while Tachiyomi no longer supports any third-party extensions, it does support third-party repositories, suggesting that extension development and functionality is now the responsibility of others.

    Meanwhile, Tachiyomi’s popularity appears to be trending up, not down as intended.

    ‘GitHub Trending’ is a daily report that features repos trending in popularity on a particular day. Via RSS feeds, trending repos arrive here on a daily basis; this week the Tachiyomi repo has featured in the list, along with at least two others, one of which may have even appeared twice, at least from memory.

    Trending Up…. repos

    But at least things didn’t get any worse from here, surely? Well….

    There are many mechanisms to measure an app’s popularity on GitHub, with some more accessible than others by default. Since receiving a gold star on GitHub is universally considered a positive for most projects, another project on GitHub offers a great way to quickly visualize current and historical star data for a given project.

    The image below shows that between December 14 and December 29, Tachiyomi received an average of 15.87 stars each day. In the two weeks that followed, during which Tachiyomi found itself under threat, the daily average more than doubled to 43.92 stars each day.

    Despite the efforts to shut the project down and the imposition of decreased out-of-the-box functionality, it appears that support for the software actually increased. While somewhat counterintuitive, targeting open source software always risks unpredictable result.

    Update January 13 : There’s a new statement on tachiyomi.org suggesting that the software will no longer be actively developed.

    “Tachiyomi will no longer be actively developed. It may continue to work for you for the foreseeable future but there will be no support for it nor the official extensions,” it reads .

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      Azure Cost CLI – Pour suivre les coûts liés à Microsoft Azure

      news.movim.eu / Korben · Monday, 18 December - 08:00 · 2 minutes

    Aujourd’hui les amis, j’aimerais vous faire découvrir un outil en ligne de commande qui va bien vous aider si vous évoluez dans l’écosystème de Microsoft Azure.

    En effet, en fonction de ce que vous faites avec vos instances et vos services Azure, le coût n’est pas forcément le même, et ce n’est pas super pratique de suivre tout ça uniquement via le site web. Heureusement avec l’outil Azure Cost Cli , vous allez pouvoir garder un œil sur les dépenses liées à votre utilisation des ressources, directement depuis votre terminal.

    Ce logiciel utilise l’API Azure Cost Management pour récupérer les coûts et présente les résultats directement dans la console ou sous format JSON. JSON que vous pouvez ensuite exploiter dans vos outils ou scripts.

    Hormis l’affichage des coûts cumulés comme vous pouvez le voir ci-dessus, il peut également afficher les coûts journaliers, extraire les ressources par coûts et répertorier les budgets.

    Et il peut même détecter les anomalies éventuelles et les tendances d’évolution dans les coûts, ce qui permet d’automatiser encore plus les rapports générés.

    Pour l’installer, c’est simple, ouvrez un terminal et utilisez la commande suivante (il vous faudra dotnet ) :

    dotnet tool install --global azure-cost-cli 

    Ensuite, vous pouvez commencer à afficher les couts cumulés associés à un abonnement Azure spécifique en lui passant votre ID :

    azure-cost accumulatedCost -s 12345678-1234-1234-1234-123456789012

    Pour générer un rapport CSV des coûts par ressource, rien de plus simple :

    azure-cost costByResource -s 12345678-1234-1234-1234-123456789012 -o csv

    Imaginons maintenant que vous souhaitiez afficher les coûts quotidiens pour le mois de janvier 2023, regroupés par nom de service ( ServiceName ) :

    azure-cost dailyCosts --dimension ServiceName --from 2023-01-01 --to 2023-01-31

    Pratique non ? Et si vous souhaitez faire de la détection d’anomalie au niveau des coûts générés durant une certaine période :

    azure-cost detectAnomalies -g myResourceGroup --timeframe Custom --from 2023-01-01 --to 2023-01-31

    J’ai également découvert que cet outil pouvait être utilisé dans un GitHub Workflow pour obtenir le coût de notre abonnement et stocker les résultats en markdown. C’est vraiment génial pour avoir un aperçu rapide des frais liés à notre abonnement.

    Voilà, si ça vous intéresse pour suivre vos coûts sur Azure, le projet Azure Cost Cli est disponible ici sur Github.

    • chevron_right

      Site Blocking Fallout Keeps GitHub Unusable for Some Indians

      news.movim.eu / TorrentFreak · Wednesday, 29 November - 22:52 · 3 minutes

    github barred Like many other countries around the world, India’s copyright law allows rightsholders to limit access to pirate sites.

    Major entertainment industry companies regularly obtain injunctions that require local Internet providers to block websites to prevent piracy.

    In essence, these measures are straightforward as specific domains are identified for blocking. However, injunctions can be issued before infringements take place and can be dynamic or temporary, depending on the situation.

    In the early years, blocking injunctions were used as a blunt instrument, instructing Internet providers to block legal platforms such as Vimeo , while GitHub and the Internet Archive also ended up in the crosshairs years ago.

    GitHub Blocking Troubles

    Accuracy-wise, some progress has been made over the years but that doesn’t mean that overblocking is no longer an issue. Throughout this year, several GitHub users have reported persistent problems accessing the platform.

    The issues related to GitHub appeared in January of this year, when several Indian developers noted that they could no longer use the site properly. The main Github.com domain was still accessible but raw.githubusercontent.com, where code is typically stored, was blocked.

    This made it impossible for developers to work on projects and several applications that used GitHub-hosted code started to return errors.

    This URL has been blocked under the instructions in compliance with the orders of a Hon’ble Court ,” a typical error message read.

    Since some pirate apps use GitHub it’s possible that raw.githubusercontent.com was listed in a copyright-related injunction, resulting in massive overblocking. As far as we know, the court order in question hasn’t been published but several ISPs were affected.

    Problems Persist Despite Reversal

    After some backlash, the underlying order was reportedly retracted , after which GitHub started working properly again for most Indians; but not for all. After nearly a year, there are still widespread reports from people who can’t use the site.

    The problem is discussed repeatedly on social media and local news outlets with users from ISPs such as JIO and Hathway complaining that raw.githubusercontent.com is not accessible.

    “From the past few weeks I am unable to access raw.githubusercontent.com on my Jio network,” one Redditor writes, with many others sharing a similar experience. On X, several users are reporting that they continue to have issues too.

    Not all subscribers appear to be affected and other Internet providers don’t appear to have the same issue. This suggests that the affected ISPs didn’t properly unblock the URL earlier this year when the court order was retracted.

    GitHub Responds

    GitHub is aware of the problems in India. The Microsoft-owned platform informs us that it’s investigating the issue to see if full access for all users can be restored.

    “As the global home for all developers, we firmly believe that everyone should be able to contribute to the future of software development regardless of where they live,” GitHub informed us.

    “We are aware of reports that there may be issues with accessing the raw.githubusercontent.com domain in India and are investigating to determine how access can be restored.”

    Transparency / Speculation

    The lack of transparency regarding Indian court orders and retractions doesn’t help to solve the problem. To the public at large, it still isn’t clear on what grounds GitHub was partly blocked.

    One potential tie-in could be the PikaShow app. After becoming the official sponsor for the Afghani cricket team during last year’s Asia Cup, Indian rightsholders pulled out all the stops to block the app.

    Through an injunction, GitHub was ordered to disclose information on the developers behind the PikaShow account, but it’s possible that a separate blocking order also targeted the site’s raw.githubusercontent.com URL.

    The above is pure speculation, which emphasizes the need for more transparency. That’s especially important now that Indian authorities are requiring domain registrars to comply with blocking orders too if they want to continue operating in the country.

    Meanwhile, the developers affected by the continuous blockade have to find ways around the technological restrictions. Luckily, that’s not too hard for this tech-savvy audience.

    From: TF , for the latest news on copyright battles, piracy and more.