What is Github?
Source: By Shruti Dhapola: The Indian Express
Github, the open-source software repository service, is in the news again in India after it was used to create and share an app that targets Muslim women in India. The app used pictures of prominent Muslim women stolen from their social media handles to let ‘users’ bid for them. A similar-named version was first created back in June 2021.
While Github has suspended the account and the app appears to have been taken down, it has again put the focus on the platform and its policies. But what exactly is Github? We take a closer look.
What is Github?
Github is the world’s largest open-source developer community platform where users upload their projects and code for others to view, edit and tweak.
The idea of Github is simple: anyone as a developer can upload whatever software code or app code or any software idea they have on the platform and then have others collaborate with them to help improve it or even find errors and fix problems. Any public project can be viewed by others on the platform and most of the features of the platform are free for users. Organisations can use paid accounts to upload their software and projects for collaboration.
The platform uses the software Git, created by Linus Trovalds in 2005 (developer of Linux), to track changes in a set of files and for coordination in software development.
Why is it in the news in India?
On 1 January 2022, a woman journalist with an online organisation shared a post on Twitter about an app that was shared on Github designed for targeting and harassing Muslim women. The app, which used an offensive name as well, used these women’s photos and their names and created an ‘online’ auction for them. But as the journalist noted this was not the first time the incident had taken place.
In June 2021, it was first reported that someone or a group of persons had uploaded code for an app to Github, which hosted an online auction of Muslim women in India. The app’s source code was hosted on this platform, and images from it were being freely shared on other platforms as well.
This app was stealing pictures, names of these Muslim women from their public accounts and then using this information to harass, intimidate them. It was taken down after outrage in India, and while an FIR was filed, no one was arrested or has been questioned regarding the same.
What has Github said on the issue? What action has been taken against the app creator?
While the latest app was taken down, Github has not revealed who is responsible for the app. “GitHub has longstanding policies against content and conduct involving harassment, discrimination, and inciting violence. We suspended a user account following the investigation of reports of such activity, all of which violate our policies,” its statement said.
Meanwhile, as The Indian Express reported, the Indian Computer Emergency Response System (Cert-In), the nodal agency for monitoring cyber security incidents, has been asked to form “a high-level committee” to probe the incident. Ashwini Vaishnaw, Minister for Electronics and Information Technology, had also tweeted that GitHub blocked the user, and Cert-In and police were “co-coordinating further action”.
What are Github’s policies on problematic content? When does it suspend or remove an account?
According to Github’s own policies, content needs to be respectful and civil on the platform at all times. It does not allow threats of violence “towards others or using the site to organise, promote, or incite acts of real-world violence or terrorism.”
It also adds that while topics of “age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation,” are not forbidden, they do not allow speech that attacks a person or group of persons on the basis of their identity or on any of these topics.
The platform also says it does not “tolerate bullying or harassment. This means “any habitual badgering or intimidation targeted at a specific person or group of people.” But given that Muslim women were targeted a second time, and with a very similar app, it clearly shows that Github needs better content moderation.
Doxxing — revealing personal information such as private email id, phone numbers, physical addresses, credit card details, etc — and invasion of privacy are also not allowed on the platform.
Sexually obscene content which is pornographic is not allowed on the platform, though this does not mean that “all nudity or all code and content related to sexuality, is prohibited.” Further, gratuitously violent content is not allowed on the platform and the same goes for misinformation or fake news.
Developers are also forbidden from posting active malware or exploits on the platform, which can be used by others to attack computer infrastructure or organisations. But it “supports the posting of content that is used for research into vulnerabilities, malware, or exploits, as the publication and distribution of such content has educational value and provides a net benefit to the security community.”
If a user violating the rules is reported, Github can remove or block their content or suspend the account or terminate the account entirely. It is not clear how long a suspension can last. The policy page states, “We’ll review each abuse report on a case-by-case basis. In each case, we will have a diverse team investigate the content and surrounding facts and respond as appropriate, using these guidelines to guide our decision.”
So why is Github unable to block apps that are targeting women?
Ensuring that such apps are never uploaded again is easier said than done. Given the nature of Github, anyone can open an account and upload a code by just giving an email id. So even if the account is blocked or terminated, one can create another account with another email id and then re-upload offensive software code or apps by using a slightly different name as has happened now.
Plus, Github has not shared details on the user who created the offensive app in the first place, even when it was first reported back in June. Till those details are shared with authorities, it will be very hard to know who is creating such apps.
