Apple tells GitHub to fork off: iGiant steps outside DMCA law in quest to halt iBoot leaks

Demands blanket rather than specific repo shutdowns


Apple's fruitless attempts to remove its leaked iBoot source code from the internet have escalated into requests to have community code site GitHub disable all downstream forks made from identified infringing repositories.

In a DMCA takedown notice sent to GitHub on Sunday and published on Monday – its sixth since the proprietary iBoot code surfaced on February 7 – Apple has directed GitHub to remove two more repos with copies of its confidential source, along with 10 more repos forked from the first two that disseminated it.

A forked repo is simply a clone of a repo with a pointer that refers to the original repository, stored within the Git version control system. Code can also be manually copied by downloading it and re-uploading it to a new GitHub repo, one that doesn't include a reference to its birth.

Since its initial takedown notice, Apple has been asking for forks of flagged iBoot repos to be shut down, and GitHub has been complying, at least for those repos and forks specifically cited, because not doing so could open the code-sharing site to legal liability. When GitHub is alerted to copyright-infringing repos on its platform, it has to take them down swiftly to avoid heavy penalties in court under America's DMCA system.

This amounts to a game of Whac-A-Mole: despite demanding the removal of over two hundred infringing copies of its iBoot code, duplications of the leaked code – both forks and uploaded copies – continue to be available on the website, to say nothing of elsewhere on the internet.

man spits out beer in shock

Apple's top-secret iBoot firmware source code spills onto GitHub for some insane reason

READ MORE

Because GitHub's fork mechanism makes copies that point back to the parent repo, Apple wants GitHub to proactively disable any fork of an infringing repo, not just the ones it specifies.

"[B]ased on the representative number of forks we have reviewed... we believe that all or most of the forks in these networks are infringing to the same extent as the parent repositories," Apple's DMCA notice says. "Accordingly, and because there are a growing number of forks that contain the infringing content at issue, we respectfully request that GitHub disable the entire fork network(s)."

Now, it's fair to say all or most copies of the copyright-infringing material will also be infringing. We can't imagine someone forking the stolen iBoot blueprints, and then taking out all the Apple-eyes-only code – there wouldn't be much left, except maybe the source comments.

However, pedantically, Apple's approach doesn't quite follow the letter of the law, which states that a DMCA takedown notification must specifically identify the supposedly infringing work. Saying that you believe "all or most" of the forks are infringing falls short of certainty in every case.

"The DMCA requires people to identify specific infringing material," said Mitch Stoltz, senior staff attorney at the Electronic Frontier Foundation, a cyber liberties advocacy group, in an email to The Register. "There's no provision in the law for saying 'we see lots of infringement, so we want you to delete everything just in case.' Apple can ask, of course, but GitHub doesn't have to comply."

It's not clear whether GitHub is complying by removing forked repos not specifically called out by Apple. But the ones Apple has named have been removed.

Neither Apple nor GitHub responded to requests for comment.

For its next move, Apple may want to ask GitHub to disable its search functionality – simply searching for "iBoot" on GitHub turned up viewable copies of the unauthorized code at the time this story was filed.

Meanwhile, the closed-source bootloader software was leaked online after it was stolen from Apple by a rogue low-level employee, as opposed to hackers or similar miscreants, it was claimed last week. ®

Similar topics


Other stories you might like

  • Cheers ransomware hits VMware ESXi systems
    Now we can say extortionware has jumped the shark

    Another ransomware strain is targeting VMware ESXi servers, which have been the focus of extortionists and other miscreants in recent months.

    ESXi, a bare-metal hypervisor used by a broad range of organizations throughout the world, has become the target of such ransomware families as LockBit, Hive, and RansomEXX. The ubiquitous use of the technology, and the size of some companies that use it has made it an efficient way for crooks to infect large numbers of virtualized systems and connected devices and equipment, according to researchers with Trend Micro.

    "ESXi is widely used in enterprise settings for server virtualization," Trend Micro noted in a write-up this week. "It is therefore a popular target for ransomware attacks … Compromising ESXi servers has been a scheme used by some notorious cybercriminal groups because it is a means to swiftly spread the ransomware to many devices."

    Continue reading
  • Twitter founder Dorsey beats hasty retweet from the board
    As shareholders sue the social network amid Elon Musk's takeover scramble

    Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.

    Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair. 

    In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today. 

    Continue reading
  • Snowflake stock drops as some top customers cut usage
    You might say its valuation is melting away

    IPO darling Snowflake's share price took a beating in an already bearish market for tech stocks after filing weaker than expected financial guidance amid a slowdown in orders from some of its largest customers.

    For its first quarter of fiscal 2023, ended April 30, Snowflake's revenue grew 85 percent year-on-year to $422.4 million. The company made an operating loss of $188.8 million, albeit down from $205.6 million a year ago.

    Although surpassing revenue expectations, the cloud-based data warehousing business saw its valuation tumble 16 percent in extended trading on Wednesday. Its stock price dived from $133 apiece to $117 in after-hours trading, and today is cruising back at $127. That stumble arrived amid a general tech stock sell-off some observers said was overdue.

    Continue reading
  • Amazon investors nuke proposed ethics overhaul and say yes to $212m CEO pay
    Workplace safety, labor organizing, sustainability and, um, wage 'fairness' all struck down in vote

    Amazon CEO Andy Jassy's first shareholder meeting was a rousing success for Amazon leadership and Jassy's bank account. But for activist investors intent on making Amazon more open and transparent, it was nothing short of a disaster.

    While actual voting results haven't been released yet, Amazon general counsel David Zapolsky told Reuters that stock owners voted down fifteen shareholder resolutions addressing topics including workplace safety, labor organizing, sustainability, and pay fairness. Amazon's board recommended voting no on all of the proposals.

    Jassy and the board scored additional victories in the form of shareholder approval for board appointments, executive compensation and a 20-for-1 stock split. Jassy's executive compensation package, which is tied to Amazon stock price and mostly delivered as stock awards over a multi-year period, was $212 million in 2021. 

    Continue reading
  • Confirmed: Broadcom, VMware agree to $61b merger
    Unless anyone out there can make a better offer. Oh, Elon?

    Broadcom has confirmed it intends to acquire VMware in a deal that looks set to be worth $61 billion, if it goes ahead: the agreement provides for a “go-shop” provision under which the virtualization giant may solicit alternative offers.

    Rumors of the proposed merger emerged earlier this week, amid much speculation, but neither of the companies was prepared to comment on the deal before today, when it was disclosed that the boards of directors of both organizations have unanimously approved the agreement.

    Michael Dell and Silver Lake investors, which own just over half of the outstanding shares in VMware between both, have apparently signed support agreements to vote in favor of the transaction, so long as the VMware board continues to recommend the proposed transaction with chip designer Broadcom.

    Continue reading

Biting the hand that feeds IT © 1998–2022