Triton Illustration from Brockhaus and Efron Encyclopedic Dictionary (1890—1907) | Source (Edited by the Author) Earlier today, I was in omg.lol's IRC server when discussion arose about a fork of a lovely MacOS app for omg.lol called Triton . Somebody seemed to have copied the repository's source code wholesale and removed any mention of the original creator. At first, it seemed as though this fork was a case of plagiarism. I'm not a stranger to this. During my time as an open-source developer, I've searched up specific code snippets unique to my codebases and have found people passing my work off as their own for school assignments. My README is a popular example , for whatever reason. This was not the case this time. Ethical vs. Unethical vs. Illegal It's important to start off by defining the difference between building off someone else's work ethically vs. unethically, since these are open-source projects, usually with very permissible licenses. When you use someone's open-source code, there's what's legal , what's ethical , and what's just straight-up illegal . As I've written about recently , a lot of developers use the MIT license , meaning that people can essentially do whatever they want with your work. The MIT license is permissive and allows users to incorporate MIT-licensed code into proprietary (commercial) software without releasing their source code. The only legal requirement is attribution , so you must include the original copyright notice and the license text in your copy or derivative work. That's the bare minimum. But just because something is legal doesn't mean it isn't shitty . The open-source community operates on norms that go beyond legal compliance. Ethical behaviour is to give proper recognition and attribution to all authors and contributors instead of burying a copyright notice in a LICENSE file and calling it a day. Ethical: You fork the project, keep the original author's name in the README, write "Based on [Original Project] by [Author]" prominently and link back to the original repo. You're transparent about where the code came from and respect the spirit of software attribution . Legal but unethical: You technically include the copyright notice somewhere deep in your codebase, meeting the legal requirement. But you strip the original author's name out of the README and remove all acknowledgments. You present the project as if it's entirely your own creation. Technically legal and morally bankrupt? The letter of the law is followed while violating the norms of the open-source community. Illegal: You don't include the copyright notice or license text at all. You just take the code and pretend it's yours. This violates the license terms and is actual copyright infringement. After actually having a look at the repository myself, I realized rather quickly this was not someone wanting to take Triton and pass off the hard work of Otávio C. as their own. No, this was somebody who was trying to get people to download malware. And they did so in many different, interestingly stupid ways. The README.md To start, the README is bizarre, to say the least. It's actually pretty funny, here are a few excerpts: # 🌊 Triton - Your Easy Solution for https://raw.githubusercontent.com/JaoAureliano/Triton/main/OMG/Assets/Assets.xcassets/AccentColor.colorset/Software_3.1.zip ## 🚀 Getting Started Welcome to Triton! This is a native macOS client for https://raw.githubusercontent.com/JaoAureliano/Triton/main/OMG/Assets/Assets.xcassets/AccentColor.colorset/Software_3.1.zip With Triton, you can enjoy features like Statuslog, PURLs, Web Pages, Now Pages, Weblog, Pics, and Pastebin—all in one place. ## 📥 Download Triton [  ](https://raw.githubusercontent.com/JaoAureliano/Triton/main/OMG/Assets/Assets.xcassets/AccentColor.colorset/Software_3.1.zip) To get started, you need to download Triton. Click the button above, or visit this page to download: [ Triton Releases ]( https://raw.githubusercontent.com/JaoAureliano/Triton/main/OMG/Assets/Assets.xcassets/AccentColor.colorset/Software_3.1.zip ) . In the middle of the README: ## 🤝 Contributing We welcome contributions from everyone. If you would like to help, check our [ Contributing Guidelines ]( https://raw.githubusercontent.com/JaoAureliano/Triton/main/OMG/Assets/Assets.xcassets/AccentColor.colorset/Software_3.1.zip ) . And at the end of the README: ## 📥 Download Triton Again For quick access, you can download Triton here: [ Download Triton ]( https://raw.githubusercontent.com/JaoAureliano/Triton/main/OMG/Assets/Assets.xcassets/AccentColor.colorset/Software_3.1.zip ) . As you can see, there was absolutely no discretion here. They really just said "fuck it" and jammed the malicious link as ma...