844
China is attempting to mirror the entire GitHub over to their own servers, users report
(infosec.exchange)
This is a most excellent place for technology news and articles.
When they mirror it, does they uses a different username? If so I'm totally fine as that's just a fork, otherwise it should count as stolen. Not the project but the name and reputation of the owner.
They can use the same name but if the owner signs their commits we can at least spot the fake commits.
And even if they clone all repos they don't clone the build systems, so their builds of apps and windows installers will be signed with different keys.
For people who follow guides to clone something from a repo, compile it and install it, they need to be on their guard if the repo URL is not the official one.
How many know what even signed commit and build is? For people following a guide they don't even know what Github is for but a nice place to have free programs.