Not the first time they've taken down Github repos, some with a legal basis (partial problem text, though Fair Use might overrule that if the cases ever made it to court), others with no involvement at all (https://github.com/egfx/React-Leaderboard still hasn't been restored, for example)
Personally, I would not trust a company this unethical to certify anything. Their excuse seems to be "we're using an external service" but they chose that external service and are fully responsible for these takedowns in their name.
> A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
DMCA 512(f) provides a penalty for misrepresentation; however, it is quite difficult to actually prove such things unless the plaintiff is very, very stupid (in Latin: pro se) or obviously acting with malice.
For example, if the thing you're taking down does use your content, but it falls under fair use, you can still get away with taking it down. There is no objective test for fair use and 512(f) does not mandate one; the criteria is just that you merely considered fair use. And since fair use is a bottomless pit of grey areas, you basically can't get a 512(f) ruling out of a legitimate copyright owner. It only catches the kinds of people who, say, pretend they're Bungie so they can file DMCA takedowns Bungie can't retract in Bungie's name.
Well, quoting u/formerly_proven from a 5 month old thread that someone linked above:
>Literally claiming copyright on this description for "find substring": "Given s and x, we want to know the zero-based index of the first occurrence of x in s" //
This is a functional description which has very limited possible English language forms and so it's highly unlikely to qualify for copyright in the first place. Anyone who has enough knowledge to file a DMCA request that is looking at this would consider that it is at worst Fair Use but in all probability is not infringing.
Seems a very strong case, if this quote is a true representation, for a claim of vexatious action.
The problem is that the penalty requires prosecution by a federal district attorney. I've never managed to get a DA to prosecute perjury. I even filed a complaint against a DA once when they perjured themselves in writing. It was ruled "accidental perjury" and the case was dropped. [note: perjury has an intent element, you can't accidentally perjure yourself]
Also, the above statement is vague. The perjury clause only applies to the final clause which states that the person making the request has the authority of the rights holder. It doesn't apply to the first clause stating that the information is accurate?
I haven't read the DMCA statute in years, so I don't know if the wording in that clause parrots the wording of the statute.
Hackerrank is one of the most unscrupulous companies I have seen. I honestly dont understand how anyone is capable of doing business with them.
My own personal experience with them as been bad. I had applied a few years ago to be a part of their intern team, I have received emails scheduling my interview with them and then they eventually ignored me.
Unfortunately the way the DMCA is written means that GitHub is acting prudently here. If GitHub does not take down content they receive a valid DMCA request for, they lose their safe harbor and can be made a defendant for a future frivolous copyright suit. Nobody should be taking flak for refusing to become a party to someone else's litigation.
Hello again, Vivek, founder/CEO here. In the interest of moving swiftly, here are the actions we are going to take:
(1) We have withdrawn the DMCA notice for sympy; Sent a note to senior leadership in Github to act on this quickly.
(2) We have stopped the whole DMCA process for now and working on internal guidelines of what constitutes a real violation so that these kind of incidents don't happen. We are going to do this in-house
(3) We are going to donate $25k to the sympy project.
As a company we take a lot of pride in helping developers and it sucks to see this. I'm extremely sorry for what happened here.
I have received fake DMCA requests from WorthIT Solutions, Pakistan that you guys seems to have hired. It is sent for a simple blog entry discussing about programming algorithm!
I guess it is pretty much perjury penalty risk free to make such DMCA declaration from outside of US:
>Declaration:
I have taken fair use into consideration.
I have a good faith belief that the use of the copyrighted materials as described above is not authorized by the copyright owner, its agent, or the law. I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
It would probably be prudent to withdraw your other DMCA notices until you figure this out. You're being given the benefit of the doubt, and the other counternotice on Github doesn't exactly portray you in the best light either.
It would probably be prudent to withdraw all existing notices, never submit one again, and send donations to every single project you have ever sent a DMCA notice to, and do everything in your power to get all content re-instated, everywhere.
You aren't even really a content company, this is such a bad look. Your value is in your network of people, not in the content.
Without a discussion of how/why you thought this would be a good idea and how this has been happening on an ongoing basis, we can't really accept your apology.
Regarding (3), are you going to make similar contributions to all of the other projects that you have issued unjustifiable takedown notices? As I see it, the only reason you are making this contribution is because you got called out in public and you are getting free PR.
Proportionate contributions to other projects and individuals would go a long way to showing that you are not just playing lip service to your admission of wrongdoing. You have hurt a lot of people, and you need to make amends for your shenanigans. At the very least, you need to comp any legal fees incurred by your actions.
Personally I like Hacker Rank and consider it a good way to learn about new algorithms but at the same time I do not like the style of interviews that require it and it makes me wish I could leave the industry because it's a waste of time for people with a lot of practical experience and who have a good portfolio of apps/sites they've created.
That said, I would recommend not doing DMCA at all unless it's really serious. Sounds like your company has a lot of problems with this. Think StackOverflow, there are plenty of sites that copy it but I'm not aware of them going after anyone. If anything all the copying of a site makes it more of an authoritative source because a lot of people reference it.
it's fairly simple, at some point you have to evaluate somone technical skills to make sure they are suitble for the job, and well designed tests do that.
There is an abundance of bad tests out there, but blanket statements that you won't use a tool that is used for assessing candiates is just as rediculas as saying you won't give apply to jobs that ask for your cv to apply.
Well no, if a company is happy to pay six figures but lacks the desire to spend an hour or two pair programming or even just creating a tech test, their priorities are all wrong and I don’t want to work for them. Hiring is about people and not robots, so using automated tests like Hacker Rank that almost always have zero bearing on how a problem would be solved in a real environment is a testament to a lazy hiring process and an extremely poor reflection on the company. Don’t try to automate something that should intrinsically involve human interaction.
Comparing it to a CV is a false equivalence because it takes me O(1) effort to make and CV and O(n) to do some stupid timed algorithm test for every company that is interested in the value of my labour.
I understand why you're getting downvoted but I have to say that I agree with the gist of what you're saying. We use HackerRank mostly just to package a problem set and put a timer in place for upload, nothing more clever than that, so if someone pattern matched "HackerRank test" to "disrespectful" I would think of that as a severe red flag and move on to another candidate.
There are many "in good faith" steps that both parties must do in the interview process, wherein if either party drops the ball it really makes sense for both parties to cut their losses and move on; which I believe is what you are getting at.
> it's fairly simple, at some point you have to evaluate somone technical skills to make sure they are suitble for the job, and well designed tests do that.
There is employment contract for a trial period, because you only know how good coder is when they face real problems/code. Writing sort algorithms on white board might look cool, but in real world you will search internet for best algorithms for your case, look up generic one, so you will not make a trivial error writing it from memory, or just use equivalent of std::sort.
StackOverflow contributions are (thankfully!) licensed under the very permissive CC-BY-SA license. I suspect the sites ripping them off are not infringing copyright.
>"As a company we take a lot of pride in helping developers and it sucks to see this."
I don't understand this because as others on this thread have pointed out you have done this before.
Further isn't much of your own content just plagiarized from other people's previous FAANG interviews?
I've never used HackerRank as I view it as something of scourge on the industry but I will probably go to extra effort and recommend to other that they not use it either.
Reading elsewhere in the thread it looks like they have been relying on firms in Pakistan and elsewhere to scour the internet for strings that appear in Hacker Rank and submit DMCA takedowns when they find these strings elsewhere. This becomes awkward when it is in fact Hacker Rank that copied the strings from the source they are DMCAing.
They should probably never send a DMCA again. It's political suicide in this industry anyway.
We really need a strikes policy for DMCA submitters built into the legislation. Like submit three dubious claims, and you lose your copyright. I've been saying it for literally 15 years.
That is how business is run in the US, but not exclusively. They don't want to have dirty hands and hired some company with specific profile to do this job for them. They took a time to find company like this. This is not an unexpected accident. And when things become hot, they blow some money to shut other mouths.
Shady practice for the bad people who got caught several times. Taking responsibility for them will be ceasing whole business. Just stop doing bad things.
>Reading elsewhere in the thread it looks like they have been relying on firms in Pakistan and elsewhere to scour the internet for strings that appear in Hacker Rank and submit DMCA takedowns when they find these strings elsewhere.
Who ever thought this was a good idea? Those firms and the "monkeys" they hire have an incentive to send takedowns everywhere to make it look like they are "doing something".
But since there are no consequences for sending them to the wrong places, I guess they don't care much.
Nice I suppose these were the pointers given to you by your PR team? What prompted (2) after all this time, considering there are previous instances of HackerRank acting hostile?
Curious how things got to the point where it took public outrage on HN to move the needle on this issue. Legal department going crazy with stuff without you realizing it maybe?
Repentance was the last thing I expected to find in here, and it did go a long way towards lowering my blood pressure.
Please don’t ever use DMCA in this way again. Even if it were somehow borderline justifiable, your users will be motivated to lambaste your company into oblivion, and to wish non-existence upon your company. Probably not the best posture for anybody concerned.
> Hello again, Vivek, founder/CEO here. In the interest of moving swiftly, here are the actions we are going to take:
So you are taking action only after news spilled all over the internet? So I can assume that if no one(in internet terms) known about it (as described in links pointing to other DMCA cases), you would do nothing to remedy your illegal (from moral stand point of view, no real one) actions.
It's only illegal if you get caught and find someone willing to prosecute you. Also if penalty for breaking law is a fine, then this law only applies to poor people.
Not only that but the ENTIRE TEAM SECTION ON THEIR WEBSITE (worthitsolutions.co) IS A BLATANT LIE. Not one of those people is real. Every single biography link leads to Lorem Ipsum. It's a shady, secretive sweatshop operating out of Lahore, Pakistan.
is that a joke? I mean a bunch of stock photos of white hipster people with an address in Lahore?
No - that does seem to be their site. I mean that is disturbing on all sorts of levels. From "that's just poor web dev copy paste", to "those americans won't hire anyone who looks like us" to ... hell I don't know.
> that is not what i asked. why did YC fund hackerrank? sounds like a shitty idea and bad for our industry.
Idea of assigning number to a person and then judging that person based on that number? How it could happen in real world... Also if people are willing to pay for it (even if they don't know about it yet)in capitalism it is a good argument to pump money into it.
I didn't want to mention it in my other comment but the mere mention of "Pvt Limited" in the DMCA takedown led me to believe the company is a disgusting boiler room right next to the tech support scammers we all know (if not literally the same scammers moonlighting as DMCA enforcers). It does seem I was right and stereotypes (unfortunately for the legitimate companies from these regions) still work.
"Pvt Limited" just denotes a company registered in India, Bangladesh, or Nepal and this isn't a good heuristic considering the huge number of companies.
Yep, I am aware and that was my point. I’m sure that the vast majority of these companies serving their local area are legitimate. But when it comes to exporting abroad and IT specifically I’ve only ever had bad experiences to the point where it is an automatic red flag and so far that heuristic has served me well.
Haha wow. What hurts my soul the most is that there is no penalty, legal, financial or reputational, for this kind of bogus behaviour, like how Sony's YT bots keep claiming ownership of any performance or recording of a piece of classical music because they hold copyright over one particular recording of that piece.
The fact that there isn't any downside just shows what poor legislation the DMCA is.
If you told me that the DMCA was written entirely by the music copyright industry and handed to compliant congress members to rubber stamp, I'm likely to believe you.
One way for HackerRank to do the right thing would be to sue WorthIT for breach of contract and loss of reputation. Their contract must have included some requirements for due diligence on filing those notices, and having these bogus DMCA notices does hurt HackerRank’s reputation, especially with its target audience.
Only way to make this stop is make companies like WorthIT feel financial pain from their actions.
There's also an argument to be made that this is on HackerRank. Just because they're using a contractor to do the dirty work doesn't excuse them from responsibility for this sloppiness.
To his credit, the CEO read my comment and reached out to me (as he noted in the sibling comment). Since that email answers your question, and also adds some useful context, I'll just share that:
> So, I generally have a personal rule against disparaging things that other people made because I know how hard it is to make stuff and how criticism feels. I ignored that rule in this instance only because I've been a victim of DMCA misuse from a company and have learned the hard way that the only real repercussions anyone will face are reputational.
> For context on my experience with HackerRank, I have used both the take-home test product and the real-time test product. It has been almost a year since I have used either, since I left that job.
> I found the real-time product frustrating to use; frequently I could not rely on the candidate seeing the same state I did. I forget exactly what the problem was but candidates were often confused by the console not appearing and things like that. In some instances, either I or candidates were booted out of an interview in progress and had to refresh the page. Usually we worked it out pretty quickly, but losing precious time can make candidates nervous and it's not a great first experience with the company for them. I also found that code execution ran slowly, in both the real-time product and the take-home test -- we weren't running big programs, I'm not sure what was so slow.
> On the take-home side, for context, I was one of several people responsible for the take-home coding test for my department and was also (unofficially) the go-to person to look into assignments that were flagged for plagiarism. I found the plagiarism detection results to be pretty incomprehensible -- sometimes I'd see tests with very high plagiarism scores and no signs of obvious plagiarism, or things like a 90% score with just a few innocuous lines of overlap with the alleged source. I understand that flagging false positives for human review is generally preferred here to false negatives, but my main concern here is that if recruiters within an organization take these numbers at face value, they end up rejecting candidates pretty much randomly, or because the candidate wrote idiomatic code that looks like everyone else's because it's the idiomatic solution in that language.
i will add to this that if recruiters or code interview people expect you to be a liar or fraud, by default, then they will be looking for evidence and the slightest misstep will instantly be a “fail” with the excuse that they prefer to have missed a great candidate than risk hiring a bad one, which is the typical passive aggressive BS you deal with.
the problem is really coding interviews in general, not just HR itself. who wants to do this type of shit in a browser anyway?
This is how the US Sarbanes–Oxley Act works. During giant accounting scandals in late 1990s / early 2000s, corps were using the onion approach with external vendors to cover-up shady/illegal practices. SOA basically says "no" to this now. We need the same for DMCA.
You’re assuming that this company is actually a separate entity and not some sketchy relatives of the hackerrank management providing for international cover for their bogus DMCA attacks.
What I suspect happened is that the HackerRank test legitimately (fair use) included parts of the docs (the exercise could’ve been about the library those docs are for), DMCA enforcement has been outsourced to the lowest bidder and these idiots just did a blanket search for some phrases from the test, found the official docs and DMCA’d it.
The only real solution here seems to be to find a way to hold HackerRank to account for this (in the most costly way possible), so they face an incentive to do meaningful due diligence and evaluate before partnering with someone that acts as their agent.
Ultimately it wasn't them that did this, but unless they bear a significant cost from doing so, which causes them to pursue their DMCA agent for negligence or breach of contract (or whatever other remedy is available to them), I don't see this type of thing changing.
Once a DMCA agent becomes a liability, the market will be forced to mature, and buyers will need to do due diligence to minimise their likelihood of being opened up to a large and costly battle as a result of the negligence of their agent.
The CC licenses should probably be adjusted to make a DMCA attempt a permanent revocation of license. That way DMCAs can flow in the opposite direction and people can learn things.
Realistically speaking, you’d still need to enforce breaches of whatever license you choose but most open-source projects don’t have the resources to pursue those cases.
Maybe there’s a case for a consortium of open-source projects that can pool its resources and serve as an insurance policy to fight back against license violations or malicious/stupid DMCA takedowns.
We have so many organizations but in the last 2 decades nobody has thought of creating colloborative legal fund and insurance system to combat and in many cases enforce licensing violation.
Open source projects should have a kind of union of their own. Then again I wonder if it would ever be possible because corporate money has became a key donation source and in many cases many OS projects themselves have become corporatized.
Whenever you file a DMCA appeal with GitHub/etc you would have the option to file a takedown on the jack ass. Some projects doing it occasionally would trigger the right conservative fears at corporations to reduce the market.
We already have precedent for this kind of thing too, for patents. For example, the Mozilla Public License says this:
> If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate.
What scares me the most about this story is how easily it could've been a small software shop running their entire operations on GitHub getting DCMA'd without any merit, and just losing access to an important repo within 24 hours. And imagine they don't know about Hacker News. Or they posted something which didn't get enough upvotes for the offending company to respond and resolve it quickly.
As a software developer, I've surrendered so much autonomy for the sake of convenience. When it works 99% of the time, things are awesome. But god forbid you are the 1%, cause there is usually no talking to real people to get support. The only recourse is shouting about it on Twitter/HN and hope someone notices, thereby leaving everything to chance - that just makes me sad to my core.
Why did github disable the whole website when a single page was reported? From the other notices I see that there are specific files which get removed. Doesn't even make sense
I'm happy that this is now on the front page because that's how fraudulent DMCA requests get fixed :)
The goodwill lost will now surely exceed the money they saved by not doing proper due diligence. I'm optimistic that HackerRank won't make the same mistake again and other companies might take notice, too.
It would be nice if a lawyer got censured for this. That's how fraudulent DMCA takedowns should get fixed.
It would also be nice if Github would implement instant restoration via counternotice as allowed by the DMCA. Implementing only half of the law enables this sort of abuse.
You don't have to be a lawyer to send a DMCA takedown.
Companies have historically gotten away with these reckless takedowns because the law just requires that "the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law." (17 U.S.C. § 512(c)(3)(A)(v))[^1]
In a recent 9th Circuit case, Lenz v. Universal Music Corp[^2], the court held that Lenz could sue Universal Music for a bad faith takedown. Specifically, "failure to [consider fair use] raises a triable issue as to whether the copyright holder formed a subjective good faith belief that the use was not authorized by law."
However, proving that it was in bad faith could be tricky.
This is still an asymmetric, unfair process. Automatic takedowns from bad faith actors are catered to left and right but you have to negotiate a bureaucracy with manual review to get restoration. The DMCA doesn't require this to receive safe harbor protection.
Provide a form where an up to date contact point can be submitted that you can forward to the plaintiff and then restore the content. It's that simple. They can deal with litigating the dispute from that point on and Github is not responsible.
Hello, I'm Vivek, founder/CEO of HackerRank. Our intention with this initiative is to takedown plagiarized code snippets or solutions to company assessments. This was definitely an unintended consequence. We are looking into it ASAP and also going to do an RCA to ensure this doesn't happen again.
Thanks Vivek for responding. Speaking as one of the maintainers of SymPy (who received the DCMA takedown request by email) I would like to note some points:
1. If you do a web search for "HackerRank DMCA" you will find similar examples of this that have happened in the past (with exactly the same text).
2. The text of the request is not in any way designed to enable a reasonable response. No detail is given about what the infringing content is so there is no way to comply.
3. It is also clear from this and previous cases that whatever process is used to identify potential targets for DMCA yields false positives and no reasonable judgement seems to be applied in whether or not to issue a takedown request.
I also think that GitHub's processes are faulty here:
1. We were given one business day to reply. I replied within 2hrs to say that the request was obviously spam and then sought legal advice. The repo (and website) were shut down before we could get legal advice. One day is nowhere near enough time. The request came in on Thursday night (UK time) and in the UK both Friday and Monday are public holidays this weekend. I don't even know what one "business day" means in this situation.
2. GitHub gives some guidance for how to submit a counter claim but none of the information is applicable to a case like this where so little information is given that is simultaneously impossible to comply with the request and impossible to dispute it. If GitHub makes it this easy to spam DMCA requests then they should also provide some guidance for how to deal with spam requests.
I wonder if the FSF or someone else can come up with a good template response to DMCA requests that just don't have enough information in them. If the request doesn't even explain how you could comply then it should be possible to respond to that in a blanket fashion.
Oscar, thank you for responding and I'm terribly sorry for the disruption this has caused. I should have taken this more seriously when it sprung up on HN the first time but for whatever reason we just fixed that problem and moved on. This is a serious one and we are working on a strategy that is sustainable.
Meanwhile, if we need to make a monetary contribution for your effort or anything more we could do to promote, what would be the best way to do it? If you'd like to send me an email to discuss further, I'm available at vivek at hackerrank
If you don't want to utterly destroy your company's reputation and have every company that depends on Python or other critical open source infrastructure boycotting you, you need to stop. Just stop. Don't send out any DMCA notices at all, not unless you encounter a case of infringement so blatant that it is obvious to all. And then make the decision yourself, don't contract it out. The risk of damage to others and blowback to you is too great. You're risking the failure of your company if something like this happens another time after two high-profile cases; damage to your company could be that bad.
And here's the thing: if there's a match between the SymPy Docs and something you consider yours, the copying was quite likely in the reverse direction: the solution you claim copies something out of the SymPy documentation (which is legal, but it isn't yours).
> stop. Just stop. Don't send out any DMCA notices at all, not unless you encounter a case of infringement so blatant that it is obvious to all. And then make the decision yourself, don't contract it out.
?
Sounds great - did you make similar promises last time?
I'm looking at the page that was taken down[1] and it seems to be largely full of pretty basic code snippets demonstrating how to use the Solvers module.
Your DMCA request[2] includes the statements that say, in part, that Fair Use has been considered, that you own the copyright, and that the information in that statement is true and accurate.
Could you elaborate what on that page you consider to be your copyrighted content, and how you came to hold that copyright? Is it the code snippets, as per your comment? Did your company have an employee write that content?
When the DMCA takedown request was being drafted, did someone consider whether those snippets are even qualifies as an Original Work? I'm getting at whether they contain even a minimal level of creativity, as the US Supreme Court has said is a requirement for copyright[3].
Exactly, I have been sent on HackerRank by potential employers twice and every time I was given the usual coding challenge I had already seen on leetcode or similar.
Possible solutions to affect some justice and reclaim your image:
1. Fire WorthIT Solutions (no RCA necessary, do not automate or outsource DMCA, even if it's human based automation)
2. Apologise to SymPy
3. Discuss internally the cost-vs-benefit (more than monetary) of embarking on copyright policing as part of your company's future strategy
4. Blog results of #3
WRT #3, sustainability comes to mind - if dissemination of solutions is a serious threat to your current business model/implementation (something you might want to validate anyway) then consider adapting to mitigate it to the point of irrelevance. Perhaps you are already doing this, but DMCA policing is at best a distraction and at worst a PR nightmare and menace to FOSS like today, it also doesn't scale well.
Because it is a horrifically flawed metric by which to hire engineers, and is teaching upcoming crops of engineers valueless skills to enter the industry
As someone who (last week) ok'ed a guy with 35 years experience to skip the first round of interviews, only to then watch him struggle to write syntactically-correct code in a language he's (allegedly) been using for longer than I've been alive, I disagree. HR isn't a be-all-end-all metric, and it certainly has its faults, but it's very useful as a first-round filter.
Did you give your guy an IDE that he would normally use? That your company normally uses? A real world problem to solve? Resources he would normally use? Resources people at your company use on a day to day basis?
White boarding or using codepen isnt remotely close to evaluation for the actual job, and neither are data structure brainteasers, curious what you and your candidate did.
You got one false positive and now want to use a system known for its false negatives.
If you're just using HackerRank as a first round filter to see if they can write syntactically-correct code in a language... you don't need hackerRank. Or to restate this, if your interview process can't filter out such a candidate without using hackerRank, your interview process itself is flawed.
Their interview process surely can handle "can this person code fizzbuzz", but it makes no sense to take time from one of your engineers to test this when it can be trivially handled by something like hackerrank.
I don't understand why people find this practice questionable, it saves time for both company and candidate.
But perhaps a different way of answering your question would be a more apt response?
Take this with a grain of salt, but in my experience of building organizations, it seems to me that in social systems, as opposed to engineering systems / code, the most powerful organizational forces are the second order and tertiary effects of the policies that are institutionally put in place. Not the first order effects.
The first order effect of using HR/LC easy questions might be that it weeds out people who really can't code in a language. And in that result, using HR and LC in your interview process, isn't a bad thing.
But the 2nd order effects of using HR/LC are often disastrous. Because once you start using HR/LC as your FizzBuzz question resource, you've made it easy for interviewers in your organization to start using HR/LC questions for more than just a FizzBuzz replacement. Maybe interviewers go to HR/LC for medium, hard questions. Maybe more?
HR/LC elevate what should be a small (though important!) part of the interview process, to one of the most important, hardest, and complex parts of the interview process. In most interviews I have witnessed in the last few years, this comes at the expense of other things that _should_ be more important parts of the interview process. And that's what is disasterous.
That's the issue with HackerRank and LeetCode. It is intentional from HR and LC's point of view. And is an unignorable, indeed one of the most important aspects of adopting a policy of using HR/LC in your organization.
I disagree. Kind of. There are many questions that are bullshit puzzle types but I do think HR and LC provides value of teaching when a Data Structure or algorithm is suitable for use. At the very least, It’s far better means of understanding the flexible use that college textbooks don’t teach while having test cases to see pitfalls of implementations. Having a community that shows ingenious ways of tackling problems is valuable too.
I agree that a good interview process should check that the applicants have their bases covered with algorithms and data structures. I agree that having a compendium of good questions to ask for this purpose is useful. And I agree that HackerRank and LC have compendiums of such questions.
However, I disagree that that makes HR or LC valuable or a positive in the interview process. Basic DS and Algo questions do not require the types, number, or complicated questions one finds in HR or LC. Such questions are easy to come up with and test, and should be a notable, but minor part of the interview process.
HR and LC take what should be a minor (though important!) part of the interview process, and blow them to huge proportions, and thereby distort and harm the very process they're supposed to be helping. They do this, in an attempt to present themselves as having a larger value add than they actually do.
fizzbuzz is the least of your concern if you do these type of interviews. the problem is that you will be asked a question which required several hours to produce an optimal solution, yet you are supposed to deliver this solution in under 5-10 minutes, and the only way to do that, is to repeatedly grind the solution and memorize it and then quickly reproduce it in the interview. as such, the style of interviewing is broken, and optimizes for candidates willing to endlessly grind LC or HR, and memorize the solutions. in the end, everyone loses. coding interviews are there to exhaust the candidate so when the offer stage finally arrives, they take any offer. all it does it put everyone in a bad position.
and you are mistaken that it's up to the company to decide what happens. as an industry of professionals, it is our decision.
If you have a computer science degree, you are expected to know fundamental topics such as data structures and algorithms.
As a professional software engineer, you are expected to be proficient at those skills to an extent in which you can demonstrate them in practice.
The burden of verifying you acquired the skills associated with your education falls on the employer.
Fizzbuzz is trivial and should not be a problem for any developer at any level. Writing a binary search function should not be a problem either.
But I agree that the industry's obsession with competitive programming has gone too far in some cases, especially in cases where the skills being tested are not relevant for the job.
no, the burden falls on the college. that is the point, if the college is good, then you cannot graduate unless you mastered both theory and practice. and i am not talking about fizzbuzz, read my comment.
companies can keep a list of universities and decide to only screen those who do not have a degree from those universities. the list can be dynamically changed based on on the job feedback.
any university in western europe is pretty hard to graduate at without actually having these skills. so it is pointless to enforce coding interviews for those who graduated there. you can’t “buy” a degree there.
If you do that, you will be recruiting talent that is not necessarily good at programming and you will be excluding talent with exceptional programming skills.
If you build software that sounds like a bad idea.
The most valuable companies in the world all converged into the same recruiting processes for a reason.
Thanks for showing up here and replying. I can understand the net being cast too wide for a real problem you are trying to solve. It does have real consequences for already under-resourced communities, though.
I appreciate the "fix-it-twice" attitude implied by the RCA promise (Root Cause Analysis for those who also had to look it up). Also, consider recognition and restitution for the unnecessary work you created for the NumFOCUS director, a NumFOCUS lawyer, and the SymPy maintainers.
A $25k donation to NumFOCUS would be a good start.
If you are willing to talk about what happened publicly, I'm starting a podcast/video series to discuss business and open-source. This would make an interesting conversation. Perhaps we can turn this into a positive to raise awareness and inspire better behavior in the industry? Ping me.
Great way to get $25k (and I'm with you, I don't mean that sarcastically or that you don't deserve it), the company needs to pay up to manage somewhat their reputation.
I'm sorry about triggering you. I can see your point. I did not mean to focus attention away from what happened and how to avoid it.
I am sincerely interested in seeing if the HackerRank leadership will reach out and discuss. I was not intending to promote anything I'm doing right now. I suspect they won't but I will talk to them respectfully if they do.
Let's promote the SymPy maintainers, though. Let's also promote NumFOCUS, because they do a valuable service to community-driven projects and could help SymPy respond to this sensibly. Let's also promote NumFOCUS because they efficiently and tirelessly work to help the projects they fiscally sponsor (like SymPy) -- providing legal support: https://numfocus.org/.
Perhaps something good can come out of this, still.
What are you doing about all the other bogus DMCA claims you company has sent (itself or via its external contractors)?
What are you doing to ensure this never happens again?
Why should we believe your answers, and how can we see concrete evidence that you've stopped doing this and made up for all the times you've done it in that past?
> What are you doing about all the other bogus DMCA claims you company has sent
Multiple commenters asked him this and he never replied.
Disappointing but not surprising. It's all just superficial hand waving. They are sorry but only for bring caught.
Dear Vivek, thank you for the note. I am the original author of SymPy. Most people who work on SymPy myself included do it in our free time. So far this has cost many hours of my and many other people's free time to try to figure out what is going on and to get this resolved. I also personally reject your allegations against us.
I thought about this situation and how your company could make this right. If you would be willing to help improve the SymPy project, I think it would be very well received. If you are interested, please let us know! See Travis Oliphant's reply, you could for example donate some money to NumFOCUS. We are very good with using money that people or companies donate to fund development and we can really boost SymPy forward big time with a generous donation.
No you aren't. You are only sorry this made it to the front page of HN. Revoke the contract and stop with DMCA takedowns. Unless your company has invented brand new ways of solving common algorithms everything you are doing is most likely derivative work anyway.
This company hires fresh college graduates to regurgitate famous algo problems in different wordings and slight variations and then claim copyright. Just look at their problems.
Also they take pictures and videos of candidates while taking interviews. Without that permission they don’t allow the test.
They’re not part of the problem - they’re the problem.
Are you seriously claiming copyright over other people's solutions? You have *no* right, legally or ethically, to exercise any kind of control over "solutions to company assessments" under the DMCA.
At worst, you can try to exercise the controls in the EULA that your victims agreed to, but this sounds like abuse of the legal system.
The problem with the DMCA is that if the claimant disagrees with your counter notice, the content stays offline for at least enough time for a lawsuit be be filed over the contents of the post, if the claimant is actually willing to take the matter to court.
I don't think anyone will actually go through the expenses to go to court over a code snippet on Github, unless they're particularly principled, wealthy, and retired and I think Hackerrank will definitely try to send their in their legal team.
By just filing a counter notice, you're also doxing yourself to people who clearly have no interest in following the law.
Github seems to have processed the DMCA counter notice but the content is still offline. From that I gather that Hackerrank filed a lawsuit or the counter notice was retracted somehow, or Github is violating the DMCA by keeping the content offline.
> The problem with the DMCA is that if the claimant disagrees with your counter notice, the content stays offline until a lawsuit is fought out over the contents of the post.
Not quite. The obligation of the service provider when they receive a counter-notice is to inform the person who filed the original notice, and give them 10-14 days to file a court order to block the content. If they don't get that court order in that time, the service provider must put the content back up or risk losing their DMCA safe harbor.
100% and that is ridiculous, it's going to be a cancer on the open source community. Basically patent troll level harassment, except you didn't need to go through any of the "work" or "effort" to acquire a patent, and you don't have to actually bring a suit in court for the damage to be done.
You can't copyright algorithmic code snippets. It's like trying to copyright math. You will have an insane amount of false positive from every repository that have ever implemented a prefix sum or binary search. (Or anything autocompleted using github copilot or alphacode which I believe is trained on competitive programming styled submissions from codeforces and atcoder)
The solution would be to build some sort of cheat detector and punish only the candidate. Don't take down and lose the goodwill of the entire programming community by abusing draconian laws.
This is a misunderstanding of the case, as rayiner’s comment in that thread attests. That code was not the only code that was copied, there were also tens of thousands of lines of interface code that were the same. The case rested on whether the interface code was copyrightable. Oracle used that smaller sample as evidence that Google had copied carelessly from copyrighted material.
I'm sorry. I should have clarified and I can't edit my original comment now. I meant plagiarized problem statements. Usually these sites have the entire problem statements from our website along with the solution (aka code snippets to solve.)
Most, if not all, of the problem statements won't even qualify for copywrite, they are generic problems that people have been stating for decades or more and as such are extreamly unlikly to be unique or original to hackerrank.
I am sure however you have already assesed this and applied for the appropriate registration for these works that you are claiming to own the copywrite to? right?
A person driving 100 miles per hour down a residential street and crashing into something is an unintended consequence, but not unforeseen.
This may have been "unintended" but when you have a company file DMCA notices on your behalf without proper supervision (especially when they had filed DMCA notices like this against other open source libraries) it is not "unforeseen" for them to file a DMCA notice against a completely innocent project.
At the very minimum the open source library that was affected and their maintainers deserve monetary recompense for the time and stress that your actions have cost them.
It would actually probably count as a derivative work under US copyright law. (Don't misread me: I do not endorse, condone, or make excuses for US copyright law. I'm just describing it).
edit: Here's an example,
- "In so doing, the magistrate judge agreed with plaintiffs’ assertion that the solution manuals sold by defendant qualified as “derivative works” under the Copyright Act. As in Pavlica v. Behr and Addison-Wesley Publ’g Co. v. Brown, defendant’s manuals complemented plaintiffs’ 187 copyrighted textbooks, had no “independent economic value” and were “meaningless’ without the textbooks because they merely provided answers to questions posed in the textbooks."
IANAL but I believe the case is different for algorithmic solutions.
The solutions to a particular textbook are entirely useless outside the context of the textbook, but the solution to "efficiently find a substring within a string" is useful in day-to-day programming. The takedown isn't aimed at the result of "convert 700m to feet", but "describe the process of converting between metres and feet", which is plain ridiculous.
To ensure that they aren't liable to HackerRank for any infringing content, GitHub has to keep content down for at least 10 days after receiving a counter notification.
Do you plan to contact GitHub and give them a legally binding agreement to indemnify them for any infringement of HackerRank's copyright in the material they took down (I'm sure there is no such infringement, but by agreeing you won't sue GitHub for restoring the content, you effectively retract the notice and give them no reason to wait the 10 days)?
I think a sincere apology should include steps to urgently minimise the ongoing damage to the existing victims, not just analyse what went wrong to prevent hurting other victims.
It's not an either or. We need to do the takedown AND figure out a way where we can do things like randomizing questions but preserving the integrity of it to ensure a fair evaluation, etc.
Why do the takedown though? You’ll never get rid of solutions being online.
There are solutions to most questions on leetcode on GitHub as we speak.
I don’t get it. If your assessment is designed that knowing the solution ruins it then your assessing process is broken.
I’ve literally showed candidates the solution to leetcode questions and they still don’t get it. Trying to remove solutions seems like a poor use of effort imho.
Is your company's legal position seriously that you hold copyright on independently written solutions to your prompts? If so, I'd love to see you sued for this. This issue goes way beyond just one misfire.
Exactly. When you file a DMCA takedown notice you are asserting under penalty of perjury that you own the copyright. While few have suffered consequences for false notices, pissing enough people off might change that.
> figure out a way where we can do things like randomizing questions but preserving the integrity of it to ensure a fair evaluation, etc
How does any of these have anything to do with copyright infringement in the context of DMCA takedown? Do you even own the copyright to the alleged leaked solution?
literaly everything your assessing is programming 101. its not something that you can or should be asserting any copywrite on.
infact I would challange you to register the copywrites on your questions/answers and see exactly how far you get with that process before you even consider sending a single DMCA notice.
You’ve made a serious mistake somewhere in your reasoning. What you believe is the property of your relatively insignificant enterprise, the whole rest of the world knows damn well is not your property.
Besides, this is small potatoes. Why don’t you copyright Wikipedia, then DMCA WikiMedia, then put your copy behind a paywall.
Wait. Wait a minute. Just wait one little minute here...
Your company has issued a DMCA takedown notice for "plagiarized code snippets" against the library-in-questions own documentation? (The take down was issued against docs.sympy.org; linked directly within sympy's GIT repo README.md: https://github.com/sympy/sympy)
And this is an "initiative" your organization has undertaken? Have you thought this through?
Where should engineers who want to learn about sympy go to attain that knowledge?
Where did your team learn about and generate the assessment questions?
Where do you stop with this initiative? Would you issue takedown notices to MDN? Stack Overflow? What about VSCode Copilot?
> Our intention with this initiative is to takedown plagiarized code snippets or solutions to company assessments.
How can this be legal? Plagiarized is moreover a very conveniently vague word.
By this very vague definition the overwhelming majority of your own content has been seen on various parts of the internet way before you ever started your business.
There can't be a copyright on such a thing and I hope someone fights you in court, this is nothing short of bullying.
I hope that all of your snippets and solutions are continued to be spread as coding interviews need to disappear and are the ultimate evil our industry has been dealing with now for several years. Besides, it's not your property anyway, it's the property of those taking the coding interviews.
Allow me to strongly suggest you stop DCMAing things without a human-with-a-clue in the loop before firing.
I get it, I'm an automate-first type of person, too. But it appears your outfit has made a habit of doing this, and you're messing with innocent people for no good reason. Doing that in a `for` loop is irresponsible as hell, and frankly you deserve the bad press you're getting. I highly recommend you reconsider.
Legacy media companies do this kind of thing, too. I hope you're more interested in your reputation than they are.
> is to takedown plagiarized code snippets or solutions to company assessments
So which is it? Plagiarized or solutions? Because unless your company actually owns the copyright for the code in question, you have no right to it.
If a Google assessment asks “how many manhole covers are there in New York” and someone decides to create a repo with “Manhole covers in New York: 23,000” there is no copyright claim.
Do HackerRank users affirmatively sign a non-disclosure agreement? I checked your terms and there is not an apparent non-disclosure agreement. If not, there isn’t any legal recourse if users decide to talk about or solve your problems off the platform.
Educational and not for profit use is often protected by Fair Use. I didn’t see the repo in question so I can’t comment on if the use of the material meets the Fair Use criteria.
However if people are sharing their answers to your questions in a repo, especially for educational or non-profit value, there isn’t much you can legally do about it. For example, If I take the GMAT and I discuss a question on Twitter, that’s allowed by Fair Use. If I offer to sell a PDF of the entire test, that would not be protected.
If someone said “hey HackerRank’s Ruby test asked a question about finding the smallest value in an array” and then they posted a solution. That’s absolutely not violating a HackerRack copyright. People even have the right to describe their experience on HackerRank in great detail.
From your own policy: “Content that You own and post on or through HackerRank belongs to You..”
So if someone wants to post their solution to a question, your own terms allow that. It’s their solution, it belongs to the user.[1]
If someone else “plagiarizes” another user’s solution, HR doesn’t have standing for a DMCA takedown. The user that created the content does, but not HR.
However even if HackerRank did own the solutions, there is a high likelihood that Fair Use would be in effect.
I have a strong dislike of HackerRank type companies because it’s pretty rare that those ridiculously academic assessments predict real world performance. They are a screening tool for the lazy. A well designed, relevant code test relating to the work of the company or a solid technical interview is much more valuable in my experience. When I was interviewing with companies, I immediately passed on the job of HackerRank was part of the hiring process. I ended up at a FAANG for over 5 years, so it’s pretty clear that anti-HackerRank bias among potential employees like me have a detrimental effect on recruiting.
But it's working. Here is a DCMA the author tried to fight, saying hacker rank doesn't publish their solutions, and the solution is the sole work of the author:
Personally, I like designing and building software and have been doing so for 20+ years but after doing several HakerRank and Leetcode style interviews it makes me wish to do something else.
I’ve had FAANG recruiters tell me “study for hours per day for a few months” and then you can be ready. Even smaller companies focus on leetcode more than actual experience.
I’ve worked with plenty of optimal algorithms in my life but when I do I spend time researching and looking at many examples rather than having to memorize something that shouldn’t be memorized in the first place; but the way the interviews are done it seems like companies just want code monkeys (even the good paying companies).
No other well-paid profession tolerates this style of interview one you have experience. I would never recommend Software Engineering to anyone given the current environment.
It's the result of making IQ tests for jobs illegal. Leetcode and the trick questions asked in finance are just IQ tests in disguise. You can't regulate your way out of the market - if companies want smart people they'll find a way to hire smart people.
IQ tests for employment are not inherently illegal. It’s only illegal if whatever you’re testing has no bearing on the job so as to be used as a proxy for discrimination.
So a job that involves complex problem solving in unique situations would be perfectly reasonable to have an IQ test qualification. But not for something like sweeping the floors or working the assembly line in a meat processing plant.
Difference with trading though is someone is a great trader at one hedge fund they can jump ship pretty easy without hurdles. In fact they compete to get good traders.
For Software Engineering you have to jump through hurdles each time even if you have accomplished a lot at past jobs. I might be wrong but it feels like there are far more Software Engineers compared to jobs than 10 or 20 years ago.
Granted not all software jobs as the last one I got I just had to interview a CEO and show my portfolio. Seems like the algo challenges are really geared toward Silicon Valley but not it's ending up a lot of tech jobs.
Neither HackerRank nor Leetcode invented this style of interview. The questions you're complaining about predate both sites. The sites were created to help you study for those questions, they did not significantly popularize the questions.
Except, there's a difference when you're in a room with somebody who can tell when the shitty site or the vague nature of a question makes it difficult to complete the request. They can also better gauge someone's understanding of subject matter, merely by talking through the question, approach, etc.
The availability of these sites makes it seem like it's a standard, which adds to the problem. Some small company might not have taken that approach. Now, you don't want to fall behind by not making use of a widely-accepted "standard" practice.
I agree with many parts of your comment. I have been in interviews where the interviewers themselves clearly had no fundamental understanding of the problem or solution. To be clear, I didn't either, but asking clarifying questions got me nowhere.
> Now, you don't want to fall behind by not making use of a widely-accepted "standard" practice.
Absolutely. I can understand Google asking you to write a k-way distributed sort off the top of your head, but I've had similar questions from an "enterprise gone unicorn" that were clearly still in the "wtf even is cloud" phase.
Even so, there is either someone available for some clarification, in my experience. Obviously, this varies across companies and at various levels of helpfulness. Your point is valid, though.
The other part there is that it puts the onus on the third-party site(s), exacerbating the problem; whereas, if the interviewers do not understand the question, they are more likely to focus on one of those items to correct going forward.
automated programming tests are pretty dystopic, it's true.
especially if the web based editor doesn't support vim style key bindings.
amusing irony that likely parts of a question were lifted from the very source that was subject to the takedown.
bigger problem i have with coding tests is that they check if someone is familiar with some subset of reference material (usually algorithms). in my experience, anyone can pull those from a book in practice and real software engineering has little to do with that and more to do with having the knowledge and experience to avoid making a mess or building weird software.
That is not technically correct. There is no definition "as soon as they receive it". In fact the law calls for "expeditiously or remove" access. Courts confirmed many times that days or weeks is considered expeditious.
Github could've easily take the time and wait for SymPy to file counter notice which then allows Github to keep the content up up until courts say otherwise. Github instead elected to remove content immediately. By their choice.
If you don't take down something you get a DMCA notice for, do you lose safe harbor status for everything, or just for that one thing? If the latter, then wouldn't it be a good move for GitHub to ignore DMCA requests that their lawyers are sure wouldn't hold water?
As I understand, there are different safe harbors and each applies at the "service" level. It's "online service providers" that have safe harbor status.
If you lose safe harbor status you become liable for infringing content on that service.
Infringement still has to happen and you'd still have to be taken to court and lose, but it's now "as if" you yourself uploaded everything.
So in this instance GitHub would be fine, but if they didn't take down the content then they themselves would become liable for any fringing content on their platform.
Or rather Microsoft would become liable, I suppose.
> Before disabling any content in relation to this takedown notice, GitHub
> - contacted the owners of some or all of the affected repositories to give them an opportunity to make changes.
> - provided information on how to submit a DMCA Counter Notice.
Unless i'm mistaken about the law[0], they can only restore it after 10 business days to give the legal team of HackerRank (the claimant) time to file suit.
I will add a fuck YC for insufficiency ethics filters on who they support
I suppose it can be hard to be perfectly prescient (I'm not)
but that is what lawyers are for, include a don't be a dick later on clause,
and enforce it.
> What content of your shitty ranking company could SymPy possibly have infringed on?
from the request[0]:
> Someone has illegally copied our client's technical exams questions and answers from their official website hackerrank.com and uploaded them on their platform without permission.
Archive of the allegedly infringing page is here[1].
Phew, this sounded like a scene from a Tarantino movie. We engage a 3rd party for this service. That said, ultimately, we are accountable for this because it's our reputation is at stake. We are looking into it ASAP and this action will be reverted. We do need to get to the RCA to ensure we are giving strict guidelines on DMCA activity with the 3rd party or perhaps even consider switching to a new one.
You are using a third party to perform an action which at core is counter to how the Internet works, AND you are using the same third party who has acted in bad faith before and did exactly the same thing to another victim of yours, and now you're deflecting onto the third party? This is entirely on you at this point.
I don’t like this phrasing because it sounds like you only care because it’s on the front page of HN and it’s a bad look — “because [your] reputation is at stake”.
You should care because paying someone to disrupt totally innocent open source projects is a shitty thing to do. Filing false DMCA requests on your behalf is also illegal. I like to think that if this never got any attention and your reputation wasn’t at stake, you’d still be adamant about doing the right thing. “Perhaps even consider switching“ providers doesn’t reflect the urgency in getting this right.
> And FUCK me for not having the steel to just take my code off of GitHub. I am part of the problem.
as a user you literally are not the problem. the problem is the monopolization of technology by a small group of investors, which makes it nearly impossible for alternatives to rise.
why isn't a platform like Github part of the commons instead of a private, proprietary fiefdom? why is it instead the private property of, and part of the investment portfolio of, a person who says things like: "As the majority of hobbyists must be aware, most of you steal your software."
Although there is no commons alternative, there is Sourcehut - run by a team that is dedicated to the principles of free software. I should be giving them the money that I spend on GitHub.
At the very least, I should be giving them more money than I give GitHub... I will do that immediately.
Sourcehut is also subject to US law and would have to take down your project if this company files a false claim against you. The problem in this case isn't GitHub, it's the filing of false DMCA notices. And that's not solely a US problem, it can happen in the EU as well.
Many people doesn't seem to understand what pain individuals undergo when their content is taken offline by Google or Github due to a fake DMCA notice.
They would have built something over years and one morning entire thing is taken offline due to a fake DMCA notice. Then they have to issue a counter notice with all its legal implications and it also exposes all your private information including full address, name and phone number(in a wrong country, you become target of thieves as well). Then it takes almost a month before content is restored.
How can an individual fight this? How can you make companies misusing DMCA pay for it?
You could fight them by counter claims and following the DMCA processes which on paper have stiff penalties for abuse. Practically I have never heard of major abuses being punished, so wouldn’t count on it.
As a technologist perhaps solve it with tech, the first step would be to host your own content instead of using a third party app based in U.S. There is not a lot of deep tech to what GitHub gives as a githost, a self hosted gitlab serves just as well . Similarly for video photos etc, it is very hard and expensive to deliver video for millions/billions delivering video to few thousands is trivial. same thing for sub stack, medium etc
Generally these take down notices don’t go after your DC/ISP domain host provider that easily unless you are in the cross hairs of powerful lobbies like how Libgen or PirateBay are , so self hosting helps a lot.
If they do then there is distributed systems like IPFS etc can be resilient to notices.
In theory, self hosting works. I have my content self hosted. In this case, they sent a DMCA request to Google and they delisted my webpage from Google. 99% of my traffic simply dropped.
In addition, all Google properties picked up the DMCA action on Google index and started sending me warning and suspension of ads etc.
I have sent a detailed counter notice. But even after 12 days, I am yet to hear back from Google.
So self-hosting may work for Github, but not if you want presence in Google index.
Google could de-index you for arbitrary reasons too. The key is you didn’t loose your content itself as many YouTube channels had found the hard way, and YouTube doesn’t use actual DMCA to circumvent liability clauses .
If you are running a business using your content, then google deindexing can be bad, as can many other U.S. laws and other conventions, like how they how banks generally treat adult businesses even though they are legal or weed companies etc .
For non professionals , google or any other third party actions shouldn’t have any impact on be able to create and share their content.
That phase is now over. It's time to flood every company with malicious dmca notices that are automatically created from random snippets of publicly available content. You will see an attitude change overnight on the treatment of the dmca notices they receive. The only way to normalise a biased system is to increase the bias to the other side.
Unpopular opinion: FOSS projects shouldn't bother hosting under US jurisdiction. There's absolutely no upside for a nonprofit, and our supercharged lawfare culture causes endless headaches for everyone -- even the most innocent software in the whole world, like a symbolic algebra library.
It's so depressing to see well-meaning philanthropy apathetically trampled by thugs in suits.
The terms of DMCA are not much different from those in other countries. The WIPO copyright treaty caused many of its signees to practically copy the text from the DMCA into their own legal system.
Perhaps you can host this stuff in countries that do not care much about copyright (China, Russia, etc.) but those usually come with their own problems.
Instead of avoiding countries, you should avoid hosters that will take such extreme measures following DMCA takedown requests. There are companies out there that will have a human read your counter notice and care about the legality of this whole situation, you just have to find them. That means avoiding big players like Github and building your own bespoke host, probably behind a Cloudflare or similar tunnel to prevent your website from going down because of DDoS attacks and traffic spikes, which will add significantly to hosting costs, especially if the library becomes successful.
To be honest, this sounds like solving the wrong problem. Hackerrank and their friends are the problem, not the people using Github's free service to host their documentation.
My OVH server in France got disconnected a few years back because one site had a link to some malicious material. Had to reply via email to get them to reconnect it. That was back in March 2017.
> We are taking a stand for developers and have reinstated the youtube-dl repo. Section 1201 of the DMCA is broken and needs to be fixed. Developers should have the freedom to tinker. That's how you get great tools like youtube-dl.
Now they are deleting obviously-compliant docs from nonsensical requests. I guess the "stand" went away with Friedman...
> To help them, GitHub will establish and donate $1M to a developer defense fund to help protect open source developers on GitHub from unwarranted DMCA Section 1201 takedown claims. We will immediately begin working with other members of the community to set up this fund and take other measures to collectively protect developers and safeguard developer collaboration.
There was also the promise a $1m developer defense fund. I wonder what happened to that.
Wow. I'm actively in the market for this service for something but will never do business with HackerRank, as they continued to use the same horrible abusive DMCA agent after they did this back in January. Once is "we made a bad choice in vendor", twice is we are horrible people ourselves.
"Someone has illegally copied our client's technical exams questions and answers from their official website https://www.hackerrank.com/ and uploaded them on their platform without permission."
and still more DMCA notices going in since this post has been up, Looks like they still haven't learnt there lesson despite what they have said in this thread
I don't remember all the details, but one time at "a very large US Bank", a surveillance contractor saw "@largebank.com" email addresses in the public archives of an apache listserv and issued some type of takedown.
Apache responded by blocking all access from the bank's IPs including mirrors/other critical stuff...oops!
HackerRank/WorthIT didn't dispute the counternotice (AFAICT), but instead they re-filed the same DMCA notice again, four months later. I think the repo owner gave up at that point.
Absolutely. Since they are claiming copyright infringement on random stuff they didn't write, how many things are going to get caught and not have the reputation of SymPy?
What makes you think YC companies have any different standards than the rest of the corporate world? If anything startups are deliberately held to a lower standard on the justification of “disruption”. YC is a way to make people money first and foremost. Don’t be shocked.
I hope your faith in them will turn out to be justified, but there is clearly a pattern to their behaviour. In a previous takedown reported here just five months ago (https://news.ycombinator.com/item?id=29239594), the takedown was not reversed either; for some projects the takedown was likely legitimate, but for others this was obvious abuse.
The founder states in a comment (https://news.ycombinator.com/item?id=31091354) that "[their] intention with this initiative is to takedown plagiarized code snippets or solutions to company assessments", practically admitting that they are knowingly abusing DMCA systems to execute takedowns of other people's code. They can definitely take down plagiarized code snippets under the DMCA, but they have no right to take down "solutions to company assessments".
I hope there's some real consequence of DMCA abuse like this. I hope companies would announce HackerRank boycott in hiring process. There are better alternatives tbh
I recently received one from a Pakistani company hired by HackerRank. The material in question was a simple blog entry on a well known programming problem and its solution. The problem is DMCA doesn't provide any way to fight these fake requests and Google simply removes the content until you send a counter notification and wait for over 2 weeks.
DMCA should have a provision that if a company is misusing DMCA at large-scale, their requests should go through additional validation.
> I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
Too bad these perjery-as-a-service companies never get held to account.
The notice I've seen from them lists their address as being in New Garden Town, Lahore, Pakistan. I don't expect they're worried about the repercussions.
Perhaps, there should be a bond of some value necessary to be posted in such cases. If there is the appropriate money on the line, people suddenly think twice.
What is the penalty for a clearly wrong DMCA request? Does the company have any responsibility to correct their mistake? Or can I just go spamming requests to take down content all over the internet that I don't like?
As soon as the online coding challenge sites started being used for tech interviews, they got into the business of trying to prevent algo solutions from being shared.
The real answer: don't do it, its not possible. You may have made some kind of contractual guarantee that you would prevent sharing of solutions, but that is your problem. This is stupid and silly and I will not be using hackerrank anymore.
GitHub is partially responsible here too. It seems the action is remove first ask questions later. Why can’t there be more protection? Innocent until proven guilty, anyone?
That's not GitHub's decision. It's the way the law works. They have a thorough explanation with links to viewpoints challenging DMCA on the submitted page.
They can legally reinstate the pages with a simple counter-claim / attestation though, but they don’t seem to have implemented that feature of the DMCA yet.
Which is hardly fair if the takedown notice doesn't even have information you'd need to respond - like what exactly is meant to be the infringing content.
Also, the claimant allowing one business day (whatever that even means, given the scummy company is in Pakistan and the scummy hiring company is in the US, and the alleged infringees are all over the place!) is quite obviously ridiculous.
Is it really though? I thought the algorithms hiring process was popularized by google way before hacker rank was a company. As mentioned in a thread above, hacker rank and leetcode have made a major question bank available, but I don't think they started it. For that the blame lies elsewhere :)
Hackerrank filed a DMCA notice against my blog because of a graph search example I had a written and I had 24 hours to full delete it or my blog would be deleted.
As an individual this is so frustrating and if you mission is to support developers Vivek, I'm one developer that had quite the opposite experience.
I frankly am very frustrated by your company and you hiring folks to shakedown developers writing poen blogs or docs. If any company tries to get me to do a hackerrank interview to join I'm going to decline.
If this was the page that triggered the takedown, any copying was probably in the reverse direction (that is, the HackerRank material copied something from the documentation, which is legal, and their idiot copyright enforcer doesn't understand that).
It says a lot about the quality of Hackerrank as a company if they admit that the readme for an open source project contains the coveted solutions to their problems.
I wish I have enough time to host a dedicated hackerrank (among other such business model companies) solutions website in a jurisdiction that doesn't care for dmca at all.
This entire business model is shitty if it involves taking down the solutions for problems. None of this is novel and shouldn't be protected by anything (copyright or patents).
They are happy to accept any benefits that come from the "external service" operating on their behalf.
If the "external service" wins some money or closes down some competition, do they give it back and say "look that was an external service, nothing to do with us"?
I like open kattis and spoj. There are many open source judges that can be used for example in a course with course specific problems and templates. (a workplace could also create their own problems / challenges to test on)
Stephen Wolfram is probably happy today. It's a shame an awesome project like SymPy can be nuked by some bogus perjury-riddled spam notice just like this.
More information about previous DMCA abuse here: https://news.ycombinator.com/item?id=29239594
Personally, I would not trust a company this unethical to certify anything. Their excuse seems to be "we're using an external service" but they chose that external service and are fully responsible for these takedowns in their name.