Mastodawn

An interesting stunt: Malus.sh will take your money and in exchange it will ingest any free/open source code you want, refactor that code using an LLM, and spit out a "clean room" version that is freed from all the obligations imposed by the original project's software license:

https://www.404media.co/this-ai-tool-rips-off-open-source-software-without-violating-copyright/?ref=daily-stories-newsletter

-

If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2026/04/23/poison-pill/#kobayashied

1/

Cory Doctorow Apr 23

Malus was co-created by Mike Nolan, who "researches the political economy of open source software and currently works for the United Nations." Nolan told 404 Media's Emanuel Maiberg that he shipped Malus as a real, live-fire business that will exchange money for an AI service that destroys the commons as a way to alert the free software movement to a serious danger.

2/

Cory Doctorow Apr 23

As Maiberg writes, Malus relies on a precedent set in 1982, when IBM brought a copyright suit against an upstart called Columbia Data Products for reverse-engineering an IBM software product. IBM's argument was that Columbia must have copied its *code* - the copyrightable part of a work of software - in order to reimplement the *functionality* of that code. Functions aren't copyrightable: copyright protects creative expressions, not the ideas that inspire those expressions.

3/

Cory Doctorow Apr 23

The *idea* of a computer program that performs a certain algorithm is *not* copyrightable, but the *code* that turns that idea into a computer program *is* copyrightable.

Columbia's successful defense against IBM involved using a "clean room" in which two isolated teams collaborated on the reimplementation.

4/

Cory Doctorow Apr 23

The first team examined the IBM program and wrote a specification for *another* program that would replicate its functionality. The second team received the specification and turned it into a computer program. The first team *did* handle IBM software, but they did not create a new work of software. The second team *did* create a new work of software, but they never handled any IBM code.

5/

Cory Doctorow Apr 23

This is the model for Malus: it pairs two LLMs, the first of which analyzes a free software program and prepares a specification for a program that performs the identical function. The second program receives that specification and writes a new program.

6/

Cory Doctorow Apr 23

The Malus FAQ performs a "be as evil as possible" explanation for the purpose of this exercise:

> Our proprietary AI robots independently recreate any open source project from scratch. The result? Legally distinct code with corporate-friendly licensing. No attribution. No copyleft. No problems.

7/

Cory Doctorow Apr 23

This business about attribution and copyleft is a reference to the terms imposed by some free software licenses. The point of free software is to create a commons of user-inspectable, user-modifiable software that anyone can use, improve and distribute. To achieve this, many free software licenses impose obligations on the people who distribute their code: you are allowed to take the code, improve the code, give it away or sell it, *but* you have to let other people do the same.

8/

Cory Doctorow Apr 23

Typically, you have to inform people when there's free software in a package you've distributed (attribution) and supply them with the "source code" (the part that humans read and write, which is then "compiled" into code that a computer can use) on demand, so they can make their own changes.

9/

Cory Doctorow Apr 23

This system of requiring other people to share the things they make out of the code you share with them is sometimes called "copyleft," because it uses copyright, which is normally a system for restricting re-use to require people *not* to restrict that use.

Companies *love* to *use* free software, but they don't like to *share* free software.

10/

Cory Doctorow Apr 23

Companies like Vizio raid the commons for software that is collectively created and maintained, then simply refuse to live up to their end of the bargain, violating the license terms and (incorrectly) assuming no one will sue them:

https://pluralistic.net/2021/10/20/vizio-vs-the-world/#dumbcast

11/

Pluralistic: 20 Oct 2021 – Pluralistic: Daily links from Cory Doctorow

Cory Doctorow Apr 23

Malus's promise, then, is that you can pay them to create fully functional reimplementations of any free/open source software package that your company can treat as proprietary, without any obligations to the commons. You won't even have to attribute the original software project that you knocked off!

12/

Cory Doctorow Apr 23

This is the risk that Nolan and his partner are trying to awaken the free/open source community to: that our commons is about to be raided by selfish monsters who serve as gut-flora for the immortal colony organisms we call "limited liability corporations," who will steal everything we've built and destroy the social contract we live by.

13/

Cory Doctorow Apr 23

This is a real problem, but not because of AI. We *already* have this situation, and it's *really bad*. Most of the foundational free software projects were created under older licenses that did not contemplate cloud computing and software as a service. The "copyleft" obligations of these licenses are triggered by the *distribution* of the software - that is, when I send you a copy of the code.

14/

Cory Doctorow Apr 23

But cloud services don't have to send you the code: when you run Adobe Creative Cloud or Google Docs, the most important code is all resident on corporate servers, and never sent to you, which means that you are not entitled to a copy of the new software that has been built atop of our commons.

15/

Cory Doctorow Apr 23

In other words, big companies have "software freedom" (the freedom to use, modify and improve software) and we've got "open source" (the impoverished right to look at the versions of these packages that are sitting on services like Github - itself a division of Microsoft):

https://mako.cc/copyrighteous/libreplanet-2018-keynote

Then there's "tivoization," a tactic for stealing from the commons that wasn't *quite* invented by Tivo, though they were one of its most notorious abusers.

16/

How markets coopted free software’s most powerful weapon (LibrePlanet 2018 Keynote)

Several months ago, I gave the closing keynote address at LibrePlanet 2018. The talk was about the thing that scares me most about the future of free culture, free software, and peer production. A …

copyrighteous

Cory Doctorow Apr 23

Tivoization happens when you distribute free software as part of a hardware device, then use "digital locks" (sometimes called "technical protection measures") to prevent the owner of this device from running a modified version of the code. With tivoization, I can sell you a device running free software and I can comply with the license by giving you the code, but if you change the code and try to get the device to run it, it will refuse.

17/

Cory Doctorow Apr 23

What's more, "anti-circumention" laws like Section 1201 of the US Digital Millennium Copyright Act make it a *felony* to tamper with these digital locks, so it becomes a *crime* to use modified software on your own device:

https://pluralistic.net/2026/03/16/whittle-a-webserver/#mere-ornaments

18/

Pluralistic: Tools vs uses (16 Mar 2026) – Pluralistic: Daily links from Cory Doctorow

Cory Doctorow Apr 23

There's no question that the tech industry would devour the free software commons if they were allowed to, and the AI threat that Nolan raises with Malus seems alarming, but while there's *something* to worry about there, I think the risk is being substantially overstated.

19/

Cory Doctorow Apr 23

That's because copyleft licenses - and indeed, all software licenses - are *copyright* licenses, and *software written by AI is not eligible for a copyright*, because *nothing made by AI is eligible for copyright*:

https://pluralistic.net/2026/03/03/its-a-trap-2/#inheres-at-the-moment-of-fixation

Copyright is awarded *solely* to works of *human* authorship.

20/

Pluralistic: Supreme Court saves artists from AI (03 Mar 2026) – Pluralistic: Daily links from Cory Doctorow

Cory Doctorow Apr 23

This fact has been repeatedly affirmed by the US Copyright Office, which has fought appeals of this principle all the way to the Supreme Court, which declined to hear the case. That's because the principle that copyright is strictly reserved for human creativity isn't remotely controversial in legal circles. This is just how copyright works.

21/

Domestic Supply

@pluralistic I anticipate thousands of "clean room" versions of open source software that will be unmaintained from the moment they are created. Short term gain for the people doing this will become long term technical debt paid for by the people using it. This is actually a strong incentive for those of us who actually understand the consequences to rally behind real projects with real security updates.

Khleedril Apr 23

@ddgulledge @pluralistic On the other hand there will be long-legacy programs which the serious distributions will gravitate towards.

Alan Langford 🇨🇦🧤🧊摏 Apr 23

@ddgulledge @pluralistic I look forward to hearing the horror stories from organizations who are so unethical to think this is a good way forward.

Many moons ago I was asked to do some due diligence on a company. They proudly explained to me how they had extended a FOSS product, but failed to contribute back or to integrate patches from the original. They were a major release out of date and getting up to date would be major work.

For that reason my recommendation was that the investor give this one a pass.

DNAvinci Apr 23

@ddgulledge
Academic scientific software authors have been slitting each other's throats this way for decades.

You have a grad student re-derive all the features in a competitors software and swear that they never saw the code. You write a paper with a few cherry picked benchmarks to show how your software is the same or better.
Then the grad student leaves and new grants don't pay for maintenance on old software.
This is basically a 5 year cycle.

Boyd Stephen Smith Jr.Apr 23

@dnavinci @ddgulledge @pluralistic Reminds me of https://tomlehrersongs.com/wp-content/uploads/2018/12/lobachevsky.pdf

Alien software, human hardware Apr 23

@ddgulledge @pluralistic that's a good argument that this service is a sustainable business: the customer has to come back and pay for "license laundering" for each major release or important security fix they need.
Courts will eventually have to decide if this despicable practice is legal.

Domestic Supply

@mavu @pluralistic I suspect anyone cheap enough to use it isn't going to pay for updates to be run through it too. There's going to be a lot of code out there that doesn't acknowledge where it came from that won't get security updates.

Joshua Miller Apr 24

@ddgulledge @pluralistic Honestly, I see no such risk. There could be thousands of forks of open source things today! That's perfectly legal and trivial to do.

Using this to shift open source into a proprietary product (eg. violating the GPL) is a legit risk.

Using this on proprietary software is another likely outcome (ex. take that custom SAP app, get clean room implementation, stop paying).

@unrtst @ddgulledge @pluralistic legal, probably. But as mentioned, it'll have no support, no progress, and probably new and interesting bugs.

Joshua Miller Apr 24

@guigsy @ddgulledge @pluralistic You may have missed my point. @ddgulledge suggested Malus.sh would lead to thousands of "clean room" reimplementations of open source software; I'm saying the same could happen today with less work, so it's very unlikely.

The lack of support is a separate matter, and one that's actually easy to resolve, especially for anyone with an existing software support team for their own products.

@unrtst @ddgulledge @pluralistic I don't think this would work very well with closed source targets as I suspect the relative "success" of this is that the open source projects are likely already in the training sets of both the specifying and the implementing models.

Joshua Miller Apr 24

@xinniw @ddgulledge @pluralistic LLM's would only struggle with this if the closed source code actually contained novel concepts not found elsewhere.

Let's put this another way - if a person was trained on every line of open source code in existence, and all the books on programming, do you think they'd have any problem within a proprietary codebase?

This isn't prompting to get it to spit out copywritten works; It's getting it to code to a very detailed specification. It excels at that.

Domestic Supply

@unrtst @pluralistic I think you may have misunderstood what I was saying about the risk. Publically acknowledged forks that aren't done to hide the origin of the code don't int price the kind of risk I was talking about. I use a number of open source tools that have forked over their history. In the case of X11, GCC, and LibreOffice, the major fork became the mainstream. You could legitimately argue that every Linux distro is maintaining forks for at least some of what they package, but they acknowledge the origin and incorporate upstream changes.

Domestic Supply

@unrtst @pluralistic When the true identity of the upstream origin is deliberately hidden, security experts and end users are hindered in their ability to monitor for risks.

Joshua Miller Apr 24

@ddgulledge @pluralistic Oh, I get it! But what if the intent isn't to hide it (they don't need to hide it cause they just did a clean room implementation!). Ex.

* TurboCAD finds leaked AutoCAD source.
* Shove AutoCAD through Malus.sh
* Rename the result: TurboCAD++ - now fully compatible with AutoCAD!
* Market and support it as their own.

@ddgulledge , maybe you could give an example that would expose said risk? ... I can't think of any that aren't easier to do already.

Domestic Supply

@unrtst @pluralistic I'm aware of a number of incidents where open source libraries were used by contractors without the knowledge of the company that would ultimately sell the product. They were used to save time or money, which is a completely legitimate reason to use a good library. Hiding that information from the client meant that the client wasn't aware that any vulnerabilities published regarding those libraries were risks to their product as well, because they didn't know it had been used. The cases I know about are obviously ones that were discovered.

The attitudes about using open source libraries in commercial products are complicated, but they've shifted over time. It's accepted now that there are ways to use open source in full compliance with both the stated terms and the intent of the licenses. Any tool that is designed to circumvent the need to comply with those licenses creates any incentive to hide the connection entirely. The copyright holders of the open source code aren't going to want the license they chose to be cast aside while someone can still effectively use their work. And companies that want to remain in real compliance with licensing terms aren't going to want it either. Yet it creates a perverse incentive for middlemen, whether contractors or people wanting to create forked projects without the burden to them of the original license. Those 3rd parties have a perverse incentive to hide the connection from the rest of the world.

Another risk of forked projects is that it dilutes the pool of developers to support them. When some of the forks are closed source, the developers supporting them will be limited to those paid to support them. Those forks are more likely to become unsupported orphan projects.

Joshua Miller Apr 27

@ddgulledge @pluralistic Correct me if I'm wrong, but it sounds like you're saying Malus.sh provides incentive for proprietary forks of OSS libs to be included in commercial products, much like today but without the licensing risks. If so, sure - but does that increase said risk?

I still think there's a bigger risk to proprietary software. One can't simply copy/paste in leaked code and expect to hide it from big corpos, but, theoretically, they can legally do it via Malus.sh now.

Domestic Supply

@unrtst @pluralistic That's the risk I'm saying is increased. Because it's now cheaper, easier and much harder to detect.

Clayfoot Apr 23

@pluralistic Malus.sh says it returns code with corporate-friendly licensing, but it can't be, right? As affirmed by recent ruling, an AI-produced work has no copyright protection in the U.S., because only humans can hold copyrights. The court cases weren't about source code specifically, but there's no reason to believe the rulings exempt source code either. Malus.sh produces public domain source code, just like any other AI code generator.

Cory Doctorow Apr 23

@clayfoot You need to keep reading this thread!

Clayfoot Apr 23

@pluralistic I sure do! Just getting to the part that explains it way better than me.

Cory Doctorow Apr 23

@clayfoot Great minds think alike!

Bandersnatch Apr 23

Great essay. Corporate America has a lot more to lose from this tool than the Free Software community.

Now every single corporate hack can result in their Golden Goose being freed, permanently.

@pluralistic Huh!

You mean... A scummy scammy business is using LLM, and selling a novel idea: steal other people's work and sell it. With little to no attention paid to actual consequences.

ORIGINAL, amirite??? LLMs were NOT created like this or their entire business model focused on that practice. Whatsoever. No...

@pluralistic TL;DR

Product:

Scott Galloway Apr 23

@faraiwe @pluralistic Ironically that painting was elevated to a work of international importance (prior it was nothing notable) and the woman who started the restoration became a celebrity. I stopped using it as an exampel of failure and instead as one of a HUGE mistake paying off.

@scottgal @pluralistic She made some money. She also destroyed a wonderful piece of art, generated heaps of work that may not even be feasible to restore the art work.

She is an obscure, one-hit meme maker, with an even more obscure online shop, to cash in on her shitjob.

Nobody knows her name. You'd have to search HARD.

And the search would need to include the original work title/artist.

It's the PERFECT analogue, what the hell are you talking about, man =D

@scottgal @pluralistic WITHOUT searching online.... WHAT IS HER NAME?

IS SHE ALIVE?

I remember the NAME of the art work.

I don't even know if she is alive.

So, yeah.

Chuckles Apr 23

@faraiwe @scottgal @pluralistic Cecilia Giménez Zueco. She died recently. She's quite well-known in Spain, and widely admired for her dedication to her community.

@celeduc Do yourself a favor: go anywhere else, walk the streets show a picture of her wonderful art.

Ask people her name.

Re-do this in 50yrs.

We still know Martinez´. Painting is from 1930s. I did NOT look this one up online.

And DON'T let me know.

be comfortable in that Venn circle. get a banana, tape to your wall, admire it.

Chuckles Apr 23

@faraiwe you seem nice

@celeduc and you haven´t seen me dance, yet, techbro.

@scottgal @pluralistic The individuals who would "elevate to art" the shitjob of the douchebag who wrecked the Ecce Homo painting, and then became a meme, share a perfect Venn diagram with folks who think a taped banana is "art" worth $1M

So, perfect LLM analogue, indeed.

Galder Gonzalez

@faraiwe @scottgal @pluralistic she didn't sell anything. She was trying to help her community and failed with the artwork, which wasn't even famous. Ironically, now the church is receiving lots of visits to see the mess. She passed away recently.

Um. She opened an online shop.

It profits from the destruction of an art work.

Please, go away. Re=evaluate your entire techbro ish existence.

Shoo.

Chuckles Apr 23

@theklan @faraiwe @scottgal @pluralistic Yes. She attempted - and failed - to restore a piece of forgettable, forgotten religious decoration without asking for anything in return. She overcame the humiliation subsequently heaped upon her, swallowed her pride, and put her town on the cultural map, all while going through dementia. Cecilia Giménez Zueco was a hero, god damn it.

Galder Gonzalez

@celeduc @faraiwe @scottgal @pluralistic the guy blocked me after insulting me without even knowing what I think about the topic.

Chuckles Apr 23

@theklan @faraiwe @scottgal @pluralistic me too, which is probably for the best.

Galder Gonzalez

@celeduc @faraiwe @scottgal @pluralistic I meah, the guy thought that art can only be something that has been done before. Whatever.

General Strike Apr 23

@scottgal @faraiwe @pluralistic I think this is an interesting but ultimately philistine take. Sure, it got more clicks when it was Monkey Jesus, but that, as well as describing it as 'nothing special' (to whom?) prior to the 'restoration', doesn't really engage with it as an artwork.