Getty Images | Future Publications
Recently, some of Twitter’s source code was published on GitHub. Twitter is trying to force GitHub to identify who posted code.
GitHub disabled the repository on Friday shortly after Twitter filed a DMCA (Digital Millennium Copyright Act) takedown notice, apparently not providing the information Twitter is asking for. Twitter’s DMCA takedown notices ask GitHub to provide the code submitter’s “upload/download/access history,” contact information, IP address, and session information, or “relevant logs related to this repo or fork.” I was.
The username of the GitHub user who posted Twitter’s source code is “FreeSpeechEnthusiast,” presumably referring to Twitter’s owner Elon Musk, who claims to be a free speech defender. is.
“It’s unclear how long the leaked code was online, but it appears to have been publicly available for at least a few months,” the New York Times article said. Nevertheless, the NYT article notes that Twitter “only recently became aware of the source code leak.”
The profile of GitHub user FreeSpeechEnthusiast shows that the user joined GitHub on January 3, 2023 and made their only code submission on the same day. Twitter’s DMCA notice on his GitHub explains that this code is “proprietary source code for Twitter’s platform and internal tools.”
Suspect list could include thousands of former employees
The leaker may have been one of about 5,500 employees who left Twitter through layoffs, layoffs, or resignations after Musk bought the company. Twitter also reportedly laid off about 5,000 contractors shortly after its acquisition of Musk. However, there were probably many employees who did not have access to the specific source code that was leaked.
“Twitter has launched an investigation into the leak, and executives who handled the matter speculate that the person responsible left the San Francisco-based company last year,” the NYT said, according to two people briefed on the internal investigation. said.
Musk Said March 17th Twitter plans to open source “all code used to recommend tweets” by March 31, but the leaked code may be more sensitive. The NYT said Twitter executives said the code “contains security vulnerabilities that could provide a means for hackers or other motivated parties to extract user data or take down the site.” The NYT said sources indicated they were concerned that there would be
Twitter sent out a takedown notice on Friday and asked a federal court to issue a subpoena later the same day. “The DMCA subpoena is directed to her GitHub service provider,” he said in a Twitter subpoena request. “GitHub operates his website where the infringer (identified by her GitHub username of FreeSpeechEnthusiast) has posted various excerpts of his Twitter source code, and these posts are said to be infringes the copyright held in the material of
Twitter asks for ‘all identifying information’
Twitter’s proposed subpoena “seeks all identifying information, including users’ names, addresses, phone numbers, email addresses, social media profile data, and IP addresses.” You are: FreeSpeechEnthusiast.” We also ask for “all identifying information provided when this account was established, and all identifying information subsequently provided for billing or administrative purposes.”
Subpoena requests will also look for all identifying information about “users who have posted, uploaded, downloaded, or modified data” in Twitter’s repositories where source code was posted.
When contacted by Ars, GitHub did not comment on Twitter’s requests for user identities or attempts to obtain subpoenas. “GitHub generally does not comment on decisions to remove content. However, to ensure transparency, we publish all DMCA takedown requests,” a GitHub spokesperson said. His DMCA takedown notice for Twitter was posted here by GitHub.
GitHub is owned by Microsoft. Another of his Twitter court filings includes an email thread between Twitter and GitHub that led to Friday’s deletion. Less than an hour and a half after Twitter submitted the takedown notice, GitHub apparently disabled the repository.
