One other Twitter comments reveals that they probably just asked an AI to copy Papermark. Evidenced by AI comments saying the page was aligned to the "reference"
Unreal. I had to go back to the original Tweet to confirm that screenshot wasn’t faked.
The comment clearly says “Mirror’s the reference design’s”
I don’t know how they could try to spin that as anything other than having an LLM launder someone’s code as a “reference design”
Even if they try to argue that the “reference design” was Figma, the identical copy means they had to have copied Papermark into the reference design.
The fact that they’re refusing to back down and admit they made a mistake is not a good sign for the company. I would not want to be one of their clients when it came to trying to dispute something.
rgbrenner 10 minutes ago [-]
Have to be careful with that. It's not illegal to create a design similar to another product, but if you point the AI at a webpage, it could copy the text and JS/HTML/CSS/etc.. and that is all copyrighted
davidpapermill 1 hours ago [-]
Is that real? Imagine they've taken the code out if so, difficult to verify.
lorey 1 days ago [-]
Their response:
> The team that made dataroom has stated that they did not use any of papermark’s code and that dataroom was made from scratch with inspiration from existing document sharing softwares, and that this post’s allegations of us stealing code are false. [...]
The screenshots clearly show they copied whole pages verbatim, both design and texts. The founder, Nico Laqua, basically responding with "we didn't copy _code_" and not taking any responsibility says a lot about his and his company's moral code. It might not be enough to get sued. That doesn't make it right.
I did an interview a couple years ago when Corgi was first hiring engineers. Nico and I ... did not click and it was probably the least smooth interview I've ever had despite it just being a phone screen.
I wouldn't be that surprised if Nico genuinely thinks "we didn't copy the code" is a reasonable defense. It would be a clear cut rule, and extreme "shape rotator" types often have trouble with the fuzziness of things like law. In reality, copyright infringement is often more like the porn test, you know it when you see it.
palmotea 2 hours ago [-]
> It would be a clear cut rule, and extreme "shape rotator" types...
> ...often have trouble with the fuzziness of things like law. In reality, copyright infringement is often more like the porn test, you know it when you see it.
I'd say it's more like the fuzziness defeats most of the software-style "exploits" those types gravitate towards. The edges of the laws aren't impossibly sharp and executed by dumb machines, so you can't sneak though "gaps" that would be there if those things were true.
For instance: you can crash a machine by DoSing it, but you can't crash a court case the same way: the judge will look at you and your truckload of motions and hold you in contempt.
gilleain 53 minutes ago [-]
A very clear example of this is the 'Sovereign Citizen', who have bizarre beliefs around how to interact with courts. As far as I understand it, there are some 'cheat codes' people believe (incorrectly) are effective in literally getting you out of jail free.
> Another common belief among sovereign citizens is that they can opt out of the purported contract, making themselves immune from the laws they do not wish to follow, by declining to "consent": when confronted by police officers or other officials, sovereign citizens typically attempt to negate their authority by saying, "I do not consent"
Like, why would this be true, and if it was, why would law enforcement and courts go along with it? I find it very odd.
I never made it to the interview phase because on the phone screen they mentioned they all work 7 days a week in office. nope nope nope nope.
rafram 1 hours ago [-]
They're willing to admit "5 to 6 days a week" in writing [1]! Crazy stuff. Also a notably huge number of job openings, including for a head of HR [2]. Worrying signs, I would say.
We should thank companies for warning us during the interview process that they are so separated from reality (especially in the AI era)
If AI can’t make them recognize a work life balance has value then it’s easy to see they don’t believe the “force multiplier” BS they are peddling
nfw2 9 hours ago [-]
They are worth 3 billion after two years so it seems like they are doing all right with their strategy although I'm old now and don't want to do that
manwithopinions 9 hours ago [-]
They’re not really, it’s just the YC hype cycle. The business is selling insurance to other YC startups with some AI flair. They’re not even the first YC startup to do this, a previous YC insurance startup was acquired a few years ago for ~$1bn. So, they’re worth 3x the exit of the exact same company… because of what, AI? The fact that they’re cloning other software to release SaaS products is extremely bearish. Why are they wasting their time on this? A wildly successful $3bn startup would not spend their precious resources by launching a $10/m document sending SaaS. They’ll be doing down rounds soon enough. Could you imagine Paul Graham encouraging this?
7 minutes ago [-]
mlnj 6 hours ago [-]
Listened to the founder on 20VC episode talk endlessly about sleeping and showering in the office and comparing their insurance company to Alexander the Great and Napoleon.
Silicon Valley is just so disconnected from reality.
FridgeSeal 2 hours ago [-]
Would pay good money to see Silicon Valley complete their disconnection from reality and drift off into the void. The rest of us would get some semblance of normality back if they did.
manwithopinions 7 hours ago [-]
Also, I should add, they’re growing fast because they will underwrite anyone for anything. They’re one “oops our AI underwriting has been taking on far too much risk” away from disaster. That they’re demanding 7 days a week from their employees while spending their time building a dataroom product instead of, I don’t know, improving their underwriting, is a bad sign.
Normally getting insurance from a startup like Corgi would be a very bad idea because what’s to say they’ll be able to pay out claims? I assume other YC startups are happy because a) they can’t get insurance anywhere with good underwriting b) they figure YC will bail Corgi out when it goes wrong because seemingly every YC startup depends on them.
“Policyholders should be aware that certain Specialty Insurance Carriers may not be admitted insurers in the state in which the insured risk is located. Policies issued by non-admitted insurers, risk retention groups, captive insurers, and certain other Specialty Insurance Carriers may not be subject to all of the insurance laws and regulations of your state. State insurance insolvency guaranty funds may not be available for policies issued by non-admitted insurers, risk retention groups, captive insurance companies, offshore insurers, or other non-admitted Specialty Insurance Carriers. In the event of the insolvency of such a carrier, policyholders may not have access to state guaranty fund protection and may bear the risk of the carrier's inability to pay claims.”
> Normally getting insurance from a startup like Corgi would be a very bad idea because what’s to say they’ll be able to pay out claims?
Actually normally it’s fine because it’s rarely the startup selling insurance who’s doing the underwriting.
Corgi is more worrying because they’re (apparently) underwriting too.
manwithopinions 4 hours ago [-]
My understanding is a normal insurance tech startup would be acting as a broker.
A rare but sensible insurance tech startup would use external underwriters and reinsurance and provide insolvency protection.
Corgi doesn’t have any external underwriters, doesn’t have any insolvency protection, doesn’t have any reinsurance.
I think they’re bad on all 3 points, not just the underwriting?
skeeter2020 2 hours ago [-]
If this is the scenario, it's no wonder they're underwriting everyone & everything, and can do this competitively, because a broker would need to find either enough new clients and/or efficiencies to justify being the middleman between the customer and the actual insurer. That's typically been the strategy of every financial tech company; I don't see any secret sauce with Corgi beyond "'cause AI!". Move fast and break things is not what I'd want in my insurance company.
zaptheimpaler 4 hours ago [-]
He was bragging about working on weekends and comparing his shitty little insurance company to the Manhattan Project a while back. Somewhere he claimed this company/industry is the most important application of AI in the world. I have no doubt they ripped it off, this guy is not trustworthy to say the least..
Any long-distance bike ride/race fans here? the Tour Divide just completed and the record was shattered, not by riding for as long as possible, but with detailed planning, a dialed setup and getting a (relatively) lot of sleep & rest. Seems like this approach is applicable to many domains, but it's a lot more work than the obvious approach of "work more".
bckr 1 hours ago [-]
VC startup world is not about intelligence. It’s about impressing investors.
jszymborski 3 hours ago [-]
That thread was painful to read.
wongarsu 6 hours ago [-]
> It might not be enough to get sued
Mostly because open source projects rarely sue. If you did this to a more litigious company there's a decent chance they would sue, and I'd give them about a 50/50 chance of winning.
Hard to say whether this would be ruled as copying the creative and artistic elements, or just the methods of operation. Copying features is fine, wholesale copying UX quickly becomes copyright infringement
zamalek 22 minutes ago [-]
You can't make a clean-room implementation of an open source project using a frontier LLM because it has the original code in its weights.
chabons 17 minutes ago [-]
They didn't even attempt to make a clean-room implementation, they just had the LLM clone it for them with access to the source.
reactordev 5 hours ago [-]
Doubling down on the lie is all you need to know about Nico.
conartist6 1 hours ago [-]
This absolutely needs to go to court. We badly need to know what the law even is, and this is the most perfectly blatant example we're going to get of bad behavior that might or might not be legal
elphinstone 28 minutes ago [-]
The OSS team affected could contact major insurers and insurance industry trade orgs for legal and financial assistance. It's quite likeky this Laqua guy has made enemies and his "startup ethics" potentially has Corgi violating numerous laws and regulations in what is a fairly well regulated industry.
thih9 9 hours ago [-]
> It might not be enough to get sued. That doesn't make it right.
Perhaps that’s enough for them. Legal gray area worked for Uber, AirBnB and many more.
As a consumer in not happy though, I don’t like incentivizing companies with such creative approach to law.
smallnix 6 hours ago [-]
IANAL but UI is not protectable in the EU. I remember this was relevant when people copied MS offices ribbon ui for Delphi components.
echoangle 5 hours ago [-]
I think what you mean is that functional designs aren’t protected by copyright. Of course you could patent it.
But in this case they almost exactly copied the graphic design and copied the text verbatim which would maybe infringe copyright.
dzhiurgis 9 hours ago [-]
> Please contact model provider {name} for further inquiries
That would be my cynical response.
GTP 4 hours ago [-]
Which would bring you nowhere. If they didn't change this at some point, I remember at the time everyone was staring to use ChatGPT that OpenAI wrote in their terms that the user is responsible for the model's output. If they can do this, I expect other model providers doing this as well.
charcircuit 10 hours ago [-]
>they copied whole pages verbatim
Parts of pages. Look at the screenshots. The wording is different between the pages.
ncruces 7 hours ago [-]
You might be surprised to learn that the work of a copywriter is also copyrighted.
zdragnar 3 hours ago [-]
I thought it was a pedantic remark on the use of the word "verbatim"
handoflixue 4 hours ago [-]
That's a weird thing to say in response to someone saying "the text was rewritten, so it's not actually a copy"
saghm 3 hours ago [-]
The law cares about the process you took to get something, not just the final output. Stealing something and then changing some stuff to try to make it not look identical doesn't invalidate the fact that you stole it. I can't download someone's song, strip out the bass line and record my own, and then pass off the new song combining the old music with my bass recording as an original song.
I don't know whether that's what happened here or claim to know exactly what the constraints of IP law for this specific instance are, but "some stuff was changed" does not necessarily seem sufficient as a defense in general. Depending on the exact type of IP law that covers this there are questions like whether the changes were substantial enough to make it an original work or whether the way that the old stuff was used constitutes fair use.
Kwpolska 4 hours ago [-]
On the first screen, the only "rewriting" done was s/dataroom/Room/g.
ncruces 1 hours ago [-]
And the fixed version of that screen (a few tweets later), simply removes the copied text.
Which goes to show there was never any original work to fallback to.
"See, if I remove the detailed descriptions - and the LLM regurgitated the rest - nothing will have been copied."
Some people really want to defend "build me a copy of thing because I don't like the license" to be acceptable behavior.
saidnooneever 9 hours ago [-]
yes and besides the whole thing that is happening lets not suddenly pretend css and html are code either. There might be bad things going on but we need to maintain our standards!
bushido 3 hours ago [-]
> The screenshots clearly show they copied whole pages verbatim, both design and texts
The design is shadcn – which is an MIT license - very very popular design system. The text is pretty standard to what I'd expect with any DD solution.
layer8 3 hours ago [-]
Using the same design system doesn’t make you accidentally create the exact same UI screens.
liendolucas 9 hours ago [-]
Can someone give a bit more of context on this thread? I have no idea who Nico is nor what Papermark is or does.
As an aside thought not related to the thread: Is it my perception or people are getting more used to not only vibe code things from existing solutions/projects but also "steal" open source code and do whatever the heck they want without complying morally/ethically/legally to the whole premise of open source?
I have the feeling that more than ever open source violations are flourishing everywhere without any major legal consequences.
dijksterhuis 6 hours ago [-]
> Is it my perception or people are getting more used to not only vibe code things from existing solutions/projects but also "steal" open source code and do whatever the heck they want without complying morally/ethically/legally to the whole premise of open source?
yes. it's way easier to do now. edit -- plus a lot of new ai-only entrant devs don't understand/care that foss is about freedoms rather than free as in beer.
i work on a GPL3 library that parses a hardware audio sampler's binary data files. someone built an app so people can do "stuff" on top of my library, following GPL3 license.
someone recently posted an entirely vibe-coded clone of that app, full website with purchase links for $60 odd. completely obvious clone too; the UI was exactly the same minus the different colour scheme. no GPL3 conditions adhered to at all. mods delisted the thread. banned the clone's dev. forum community expressed their support for the original app dev. dmca takedowns were sent out. clone's website went down a few days later.
the original app dev was lucky there's only one main forum where people post things for this manufacturer, and the mods hate ai stuff too, which is kind of ironic cos the original app dev vibe codes all his stuff lol. without that forum and those mods, the original app dev would have been fucked tbh (and so would i as the GPL3 library maintainer).
centralization has benefits... without that, the only alternative i see is a mass movement where everyone goes closed source to force a conversation about respecting the work of others. we've been running on an honour/community backlash system until now.
gherkinnn 41 minutes ago [-]
No morals, no ethics. The other day I skimmed some of the countless vibe coding videos on YT and the vast, vast majority surfacing through a naive search are basically get rich quick crap.
Identify a one-feature app that (supposedly) makes money and vibe it up. Done is your "I vibe coded a 10M MAU app in 40 minutes" vid.
From crypto to NFT to vibez. Rotten to the core, the difference is that this time around LLM are actually useful in some areas.
Frieren 8 hours ago [-]
Judges and governments are pro-business and anti-consumers, anti-citizens. Corporations are getting use to get away with anything and everything.
Move fast and break things have changed to be about technology and it is now about the law. Uber popularized the trend, now everybody does the same. AI breaking copyright law is just part of that trend.
With the new "laws are for losers" mentality we are in for a hard time.
oefrha 6 hours ago [-]
When the biggest thieves are on track to trillion dollar valuations, what do you expect. Everything on the Internet is free for all now, don’t kid yourself.
PeterStuer 8 hours ago [-]
If you are convinced this is a winner takes all race to ASI, and ASI results in absolute world dominance, then of course you are never going to feel restricted by current laws, especially not simple IP rules. Because the only way to make 100% sure you lose is not to play.
manwithopinions 8 hours ago [-]
If you’re a business that deals in documents from external customers / partners, you use a data room like DocSend (by Dropbox) to share and receive documents with access management, analytics, auditing etc.
Papermark is an open source alternative to DocSend. Papermark is very popular, as it is a much more cost effective alternative to DocSend — self-host or hosted.
Corgi is a YC backed insurance startup that sells insurance to other YC startups. Nico is a founder. Recently they raised $100m at a ~$3bn valuation. They’re one of the darlings of YC right now, endless fawning over them.
Since insurance underwriting involves lots of documents, Corgi were paying Dropbox thousands of dollars per month for DocSend. For some reason, Corgi ostensibly formed a team of 12 to build their own DocSend alternative, called Dataroom. And Corgi decided to make it into a SaaS product, pitched as a cheaper DocSend from just $10/month, in an already crowded space.
Papermark noticed immediately that Corgi’s Dataroom used a lot of identical language and structure that Papermark’s open source product does. Papermark assumed that Corgi had taken Papermark’s work without attribution. Corgi have denied it, claiming it is just a coincidence that there are word for word matches between the products.
Another YC startup, Delve, got caught doing what Corgi are accused of (and much more) which led to their removal from YC.
fg137 5 hours ago [-]
> Corgi were paying Dropbox thousands of dollars per month for DocSend.
That's like, nothing, for a company in the insurance business valued at 3b
manwithopinions 4 hours ago [-]
turns out it was less than $1,000 per month.
A startup raises ~$100m at a ~$3bn valuation and forms a team of 12 employees including their Head of Operations to build a clone of a product they pay less than $1,000/month for while they have more than 50 open roles they are hiring for.
Hmmm, yes, a very good use of available resources.
Sounds like someone had an internal “team bonding” hackathon
liendolucas 7 hours ago [-]
Thanks for the insight. So regarding what you explained above, is Corgi's fate supposed to be similar to Delve's? Or are those numbers so big/important for YC that they won't be banned?
deaux 4 hours ago [-]
Flock (YC S17) tells us that no, YC won't mind if you're building the Torment Nexus, as long as it whitelists other YC affiliates.
nerdsniper 4 hours ago [-]
Delve screwed over other YC startups, Corgi is stealing from a non-YC startup. Therefore, there will be no official censure from YC. This is a pretty well-established fact pattern historically. Just don't mess with the YC community if you want to stay in YC.
liendolucas 3 hours ago [-]
That's pretty lame. Startups that show this behavior to the OSS community should be equally punished, be under the YC umbrella or not.
skeeter2020 2 hours ago [-]
I don't think there's some sort of "line" that Delve crossed and Corgi has not, more likely the financial upside for YC wrt Corgi is much, much bigger. They're not going to mess with that even if the screw over a few of their other startups. YC absolutely loves to tout this family dynamic across all their companies and alumni, but there is no way the relationship between a few dozen startups looks anything like that between literally thousands of companies. It's a scaled up tech-hype startup machine now, and has attracted the same MBA-types they supposedly defeated 20+ years ago.
manwithopinions 7 hours ago [-]
Not necessarily. Delve did a lot of bad things, the primary reason for their removal was misrepresentations they made to other YC startups, i.e: YC startups paid them for security audits that turned out to be bunk which caused a big headache for their customers. Basically, the rest of YC wanted them gone for causing widespread chaos.
Delve’s first drama was around copying from other startups, it was later that their betrayal came out. Corgi is currently at the copying from other startups stage… one might choose to believe there is a path they’re following rather than this being a one off.
For example, I outlined in another comment how their product is not what it seems, it is not traditional insurance, it takes advantage of an esoteric piece of insurance regulation. They’re doing very aggressive underwriting without any of the traditional insurance regulatory protections applying to them.
Someone might believe that their conduct + very high risk product + exposure to a large number of YC companies means they’re very similar to Delve.
Plus the founders are at the top of another funnel… Forbes 30 under 30. 30u30 is practically a kiss of death.
DaedalusII 4 hours ago [-]
it takes advantage of an esoteric piece of insurance regulation. They’re doing very aggressive underwriting without any of the traditional insurance regulatory protections applying to them.
elsewhere;
"Laqua, whose father is a lawyer for an insurance company"
lol
NikxDa 9 hours ago [-]
From what I can tell, his argument seems to be that
1. no code was manually copied by a developer, and
2. all software in the same space copies off of each other
But the big giveaway here is the exact same layout/copywriting on both products. Telling an LLM "write this product and build a 1:1 clone" is still copying by all sensible definitions. The fact that he argues nothing was copied is ridiculous.
ShadCN is the most popular design system that AI automatically reaches for 90%+ times on its own. It's also the default most platforms like lovable, etc.
fouc 1 hours ago [-]
I looked at that link and was unable to find any blocks that matched the 4 images? "Replicate Room Folders" and all
i000 5 hours ago [-]
I guess that is at the core of Google vs Oracle, they copied the API kept the implementation clean-room. It was definitvely ruled that this was fair use. If fair use applies to something as strict as re-implementing an API, I would argue it applies to something much more elusive, like cloning UI/layout.
nerdsniper 4 hours ago [-]
> I would argue [fair use] applies to something much more elusive, like cloning UI/layout.
You would be very wrong in this argument. It's extremely well-established that corporate verbiage and UI are subject to copyright.
You have to share the source code even when the user interacts over the network with the software.
The project which uses that code, must also be AGPL,
There are ways to separate it and go around it, for example, using an AGPL auth server shouldn't affect the code where your business logic lives
I am sure they could have found a way to design their product to be compliant, especially following past drama.
This is assuming the code is indeed copied, since we don't know that for sure, it does look very similar but I am not sure how that is enforced
rwarren63 1 days ago [-]
they probably need to sue to enforce this, I think this is actually going to be a larger issue than just corgi. copyright with these models really is just a mess
m4rtink 9 hours ago [-]
Just consider all model output AGPL. ;-)
blourvim 23 hours ago [-]
What I don't understand is that if a lawsuit happens, then must the plaintiff produce their source code for verification ? Even so a git tree is trivial to change into some other arbitrary code even if a license violation has occurred. I also heard if proven the consequences are that they would lose all revenue starting from when the violation has occured
bilekas 9 hours ago [-]
If we take what they're saying as fact and that they didn't copy and paste the code, but for all intents and purposes the LlM basically did reproduce the same code based on its crawling of the repo and not respecting the license. It would make a great civil case for the courts to decide.
Their defence seems to be "well we asked an LLM to reproduce your work, so 'WE' never copied your code". Smells bad to me.
nerdix 2 hours ago [-]
If you drop a screenshot of a web page into something like Figma Make, you can get it to produce a strikingly close replica. I get that vibe from the screenshots. They are very similar but not exactly the same. That's probably also why a lot of the copy is the same.
Not getting your magic text generator to reword the copy for you is just sloppy.
fantasizr 18 hours ago [-]
tech will do anything to normalize theft and call it innovation
LunicLynx 9 hours ago [-]
Isn't this always the case? Most of the time you just don't know where AI stole it from?
CodesInChaos 9 hours ago [-]
I like the contradiction on the copycat page:
> This action cannot be undone
> Freezing is reversible from this page
I assume being irreversible is an essential part of the freezing feature.
PunchyHamster 8 hours ago [-]
clearly the indication they didn't just copy but improve upon /s
Aurornis 1 days ago [-]
Since the Tweet is small enough and a lot of people aren’t reading it (Twitter links don’t work well for those without an account some times) I’ll quote it here
> Hey Nico,
> It looks like you didn't vibe code your data room but stole it from Papermark's open source and enterprise-licensed code.
> We demand you take this copyright and license infringing product down immediately.
> It's not moving fast and breaking things, it's fraud.
> It makes the rest of your business questionable and the YC community look terrible.
secretsatan 11 hours ago [-]
[flagged]
summarybot 2 hours ago [-]
What's the cost/benefit analysis on Papermark being open-source?
an0malous 4 hours ago [-]
Classic YC startup move
itomato 2 hours ago [-]
Why are people using what used to be Twitter in seriousness?
claydugo 2 hours ago [-]
Its where the community is despite the loud minority online pretending thats not the case
lynndotpy 1 hours ago [-]
X is not even in the top 10 active user count. It ranked just above Quora and below Reddit. It's just not a super popular platform. X fans constantly have to denigrate everyone else as a "loud minority".
Clearly, "the community" is not all on X. If it were, why would we be having conversations here on Hacker News?
Anyways, the real answer you'll still see some X links here is that
1. A not insignificant amount of people in our industry are aligned with the X CEO and the positions he expresses through his accounts, Grok, etc., and
2. Pornography
kg 45 minutes ago [-]
In general the art community - not just limited to pornographers - seems to have stuck by X despite all the AI stuff. When I see people posting art it's almost always an X link, even for artists who have accounts on bsky or instagram or whatever.
steveBK123 5 hours ago [-]
I wonder if this is a bigger risk/more widespread in the AI era? Could a bad actor with a copy of someone else's proprietary source code train an LLM on it and come out with code that does not show enough evidence of theft?
bushido 3 hours ago [-]
Both designs are nearly boilerplate ShadCN blocks/components, it looks nearly identical to this stuff: https://ui.shadcn.com/blocks
1 days ago [-]
4 hours ago [-]
mmonaghan 2 hours ago [-]
ehhhh I'm not a corgi stan but I'd bet they just took the design & copy, which is totally fine imo. Often better to just take another's design instead of spend a bunch of cycles figuring out flow. This is doubly true for secondary pages/layouts/features.
If I were them, I'd have changed copy and probably done some internal testing to smooth rough edges/improve where needed but sounds like they're moving as quickly as possible.
If they did just copy paste code, straight to jail...
nlitened 22 minutes ago [-]
Design (output of designers) and copy (output of copywriters) are subject to the same copyright law as code (output of programmers). Programmers are not the only people whose intellectual property is protected.
probabletrain 7 minutes ago [-]
I'd be very surprised if the very-similar-looking design of corgi's product breaches any copyright law, copyright of design or layout is much more finicky than copyright of code. This seems like more of a moral issue than a legal one.
Glyptodon 9 hours ago [-]
Is this related to the post where someone copied a UI and said as long as they changed 3% it's fine or totally unrelated?
boesboes 3 hours ago [-]
I hope YC does the right thing here and pull funding of these ass wipes.
1 days ago [-]
kleiba2 1 days ago [-]
Missing context.
dwaltrip 1 days ago [-]
What a scumbag. The replies from Nico are insane:
“Team effort”
“:praying-hands (x2)”
And so on… The audacity and complete shamelessness…
I wonder what narrative they tell themselves.
Sanzig 1 days ago [-]
I wonder if Nico will be feeling so cocky when Papermark gets their general counsel involved. The public Twitter shaming was clearly an attempt to resolve this without litigation, but hey, if that's how Nico truly feels, guess he gets to see what's behind door #2 (a massive bill for a legal retainer).
civet_java 23 hours ago [-]
I am curious how this will play out legally.
Surely UI enough isn't enough to prove that source code was plagiarised?
In the event Papermark chooses to sue how will the defendant defend themselves short of presenting their own (possibly) closed source?
overfeed 11 hours ago [-]
> I am curious how this will play out legally
I am curious if/how YC will handle this to get ahead of earning a reputation of being a den of scammers - a few months after the Delve scandal
john_strinlai 4 hours ago [-]
>I am curious if/how YC will handle this to get ahead of earning a reputation of being a den of scammers
flock is a YC company, so it's pretty clear that YC does not care about a negative reputation. as long as it makes money, nothing else matters.
overfeed 1 hours ago [-]
> it's pretty clear that YC does not care about a negative reputation.
Perhaps not what the general public thinks, but I assume YC cares a lot about its reputation among VC firms that fund its companies, because VCs don't like being scammed (directly, or indirectly through unknowingly funding scams)
chihuahua 53 minutes ago [-]
Let's recall that YC used to be run by Sam Altman of all people, which confirms what you are saying.
stevekemp 7 hours ago [-]
Many YC companies do bad things, and I guess they do so independently. There may well be repercussions for the most egregious cases, but I suspect a lot of ill-behaviour simply flies under the radar.
For example only yesterday I got spam from an YC company, Polymath, and I replied back asking where they got my details from - no response yet. Once I get something I'll make a GDPR subject access request, then a deletion request. I hope the overhead of that causes them to rethink their spamming campaign.
But I'm not going to complain to YC about it.
overfeed 2 hours ago [-]
> Many YC companies do bad things,
My comment was not about doing a generic bad thing - it was about scammy behavior in particular (which ties to the Delve incident). YC depends on the VC ecosystem to fund its companies, and no VC wants to be scammed. If a reputation of cultivating/condoning/obliviousness scammers takes root, that would be bad for business.
> But I'm not going to complain to YC about it.
I am not complaining, or even expecting a moral decision. I'm legitimately curious how this will shake out, for purely capitalistic, reputation-management reasons.
eloisius 6 hours ago [-]
I have also gotten spammed by a YC startup, but they spammed an email that I use in git commits, and lead with "I saw your fork of $POPULAR_PROJECT, pretty cool!" or something like that and then continued to pester me with their drip program even as I replied asking them to never email me again.
Sanzig 22 hours ago [-]
Most likely, Papermark would compel Corgi to disclose the source code during discovery.
civet_java 22 hours ago [-]
I didn't realise that one could forcibly require a competitor to disclose trade secrets.
Now, INAL of course, but I would think this sort of mechanism would be quite gameable from both sides ( i) a wealthy competitor legally forcing a promising upstart to reveal source ii) a copycat working out some kind of arrangement where the code itself is licensed to them via shell company based overseas.)
Sanzig 19 hours ago [-]
As with most legal hacks, the courts figured this one out long ago :).
If someone is trying to dig into their competitor's trade secrets via discovery, the court offers multiple ways to safeguard against that. The defendant can identify information as a trade secret and ask that it be protected in some way - for example, the documents may be restricted to "Attorneys' Eyes Only", so while the plaintiff's attorneys can review the material, the plaintiffs themselves are barred from reviewing it. Or the judge themselves may get involved in an in-camera session.
Twirrim 11 hours ago [-]
There are software engineers that specialise in source code analysis that lawyers will often use in these cases. The engineers will be given access to source code in secure environments where they're not allowed to bring any device in or out. They review, analyse, and write up a report using pen and paper, that can then be reviewed by the lawyers.
FireBeyond 10 hours ago [-]
Absolutely. It was very similar to one of my first jobs: "Legal Technical Analyst". Not as much time doing deep source analysis, but basically translating things for lawyers: "So as far as this claim of copyright/plagiarism... this block here, that's CS 101 stuff, that block there, that's novel, and does x, y and z".
franktankbank 16 hours ago [-]
Sounds expensive. *(sleaze ball hands)*
11 hours ago [-]
dzonga 3 hours ago [-]
fraudulent people are gonna do more fraudulent shit. more news at 11.
once the money dries up, these people will be on the next 'wave' without retrospective of what led to failures before. the past gets buried like it never existed.
bix6 1 days ago [-]
Ah another YC popcorn fest
contentkraft 10 hours ago [-]
Hey Claude, copy XYZ, make no mistakes.
The meme keeps on memeing.
b3lvedere 10 hours ago [-]
What a wonderful world we live in where we can blame machines and extremely dilluted processes for all things we might do wrong.
Chris2048 1 days ago [-]
What's with this response in the Twitter thread??:
"This ain't what a C&D looks like. Implies you don't actually have a leg to stand on. Upload a copy of your official legal demand (from a lawyer) or I'll forever see your company as one who attempts to bully the competition in public"
What a bizarre complaint! It's not bullying to first try to resolve the matter informally rather than jumping straight into legal action.
Besides - who is this guy, and why does he think he's owed sight of any legal paperwork?
WA 11 hours ago [-]
He seems to be a bullshitter and partially fake. Just take a look at his LinkedIn profile.
andor 1 days ago [-]
Look at his other tweets, he seems to be a sociopathic extremist
greyb 10 hours ago [-]
Or a troll? I'm so confused.
l23k4 7 hours ago [-]
[dead]
Vaslo 24 hours ago [-]
The X link has screenshots where the two products have lots of identical pages. Is that IPable? Honestly don't know since I seem to use a lot of products that look like other products (LibreOffice, etc). But the pages for obscure things looking identical is kind of sus.
nerdsniper 4 hours ago [-]
Yes, written verbiage is subject to copyright. UI is also subject to copyright. The degree of similarity is astounding - this is not an edge case at all.
The lack of understanding of copyright on HN does astound me, however.
This isn't a case of convergent design (OpenOffice vs. Microsoft Word), this is identical word-for-word with a simple s/room/dataroom:
> When enabled, folders uploaded to Rooms will be mirrored into 'All Documents' with the same structure.
When disabled, all documents will be placed in a single folder named after the Room in 'All Documents!
> This action cannot be undone.
- All documents and folders will be permanently removed
- All links and viewer access will be revoked
- All analytics, audit logs, and Q&A data will be lost
- Group permissions and branding will be deleted
Those are clear copyright violations.
moralestapia 5 hours ago [-]
Not IPable.
1 days ago [-]
1 days ago [-]
wolttam 1 days ago [-]
Folks... read the actual tweet. They literally didn't vibe code it - they copy-pasted another project.
Sanzig 1 days ago [-]
Yeah, the title that the OP chose is so sufficiently misleading that I think this one will need to be get changed by the mods. Seitz isn't opining on the ethics of vibe coding in his tweet, he's pointing out that Corgi literally just stole Papermark's AGPL codebase and passed it off as vibe coding.
IshKebab 9 hours ago [-]
They may have been vibe coding and not realised it was an exact copy. AI sometimes makes verbatim copies of things in its training set.
scosman 5 hours ago [-]
Short segments of popular works sure. Many UI pages with identical layouts and copy, essentially zero chance. The agent had access to the original code at inference time.
jknoepfler 1 days ago [-]
It's nearly word-for-word the content of the tweet. Right at the top. It isn't misleading unless you literally don't even bother to open the linked content.
Just ban users who comment without reading, I think that would go further to keep the quality of discussion high.
The number of bots/trolls responding to the title without reading the content and missing the point entirely is astounding, honestly, and I don't think any of those posts are contributing to high quality discussion. We could do without those users.
"but but but I can't/won't open twitter links" - then don't flap your yak-hole. Ignoring for a moment that the content has been reproduced in full in this thread, and another user has provided an alternative xcancel link.
brookst 1 days ago [-]
It’s an intentionally misleading title, using “you” to imply that the reader is guilty of theft.
An honest title would be “Corgi didn’t vibe code it, they stole Papermark’s AGPL code”.
Sure, people should read links, but when a writer posts ragebait for engagement, there’s plenty of blame to go around.
mmunj 1 days ago [-]
You’re giving me too much credit if you think i was being sensationalist and trying to make it more clickworthy, i couldnt succeed in that if i tried
I was mostly fighting the title character limit
Sanzig 1 days ago [-]
Ideally yes, but we know people don't RTFA - there's a reason that initialism dates back to early Slashdot.
The paraphrase is doing a lot of heavy lifting to convert it to ragebait. Had the OP gone with something like "you didn't vibe code it, you plagiarized Papermark's open source project" (may need some editing to fit under the character limit) it would have at least been more true to the original tweet.
jknoepfler 1 days ago [-]
I know I RTFA, and I know I'm not interested in discussing things with people who don't. Maybe others feel differently, because more people is better or something. Information pollution is a serious, persistent, growing problem and I'm just not inclined to be tolerant about it anymore. Mistakes are one thing, deliberate stupidity is another.
If you come to book club without reading the book, and you derail the conversation into something completely irrelevant, you're not getting invited back.
hluska 3 hours ago [-]
That’s a lot of rage for something that does not impact you at all. Who cares? You don’t get to control everything around you online.
john_strinlai 1 days ago [-]
wait just a second, that's not how to use HN. youre supposed to read the title -> get upset and write a comment -> argue.
mdjxnxnxnd 8 hours ago [-]
Rabble rabble rabble
pydry 1 days ago [-]
I remember a few cases when asking an LLM to do something in the early days yielded not only the code but an author and a COPYRIGHT license.
Naturally LLM technology has moved on since then. I don't remember any recent word for word reproductions of a copyright license.
There are a lot of people lauding the technology though because it occasionally one-shots a wildly impressive example of something which...already exists.
dools 1 days ago [-]
Vibe stole it?
josephg 1 days ago [-]
Probably just stole it by the looks of those screenshots.
dools 1 days ago [-]
Yeah I mean like git clone the repo then "hey LLM rip off this code, make no mistakes"
And maybe reword the submission title while they're there, though the current one is well chosen for maximizing engagement I'm sure.
1 days ago [-]
jadar 4 hours ago [-]
Plot twist, they both vibe coded it and now are pointing the finger at each other. /s
carlosjobim 1 days ago [-]
[flagged]
elric 1 days ago [-]
What a load of crock.
FOSS licenses were obviously written in the spirit of sharing with humans. Some later licenses made the license less amenable for sharing with corporations because some authors didn't feel like they were being treated fairly. Some authors today have similar feelings about their code being used by Gen AI. It is perfectly fine for authors to want to place restrictions on how they want others to use their work.
> Step out of the FOSS swamp, step in to human dignity.
What is that even supposed to mean?
skeledrew 1 days ago [-]
"Spirit" means nothing when it comes to legal - or even community - compliance. Either something is allowed, or it isn't, and if a license doesn't do everything that a user of said license desires then they should change that license. Just as licenses were made that explicitly made sharing with corporations less amenable, so should licenses re Gen AI usage. Only then is it worth making a case.
brookst 1 days ago [-]
I’m old and I don’t recall FOSS being about truly free, truly open, just not for some categories of use.
In fact I seem to recall FOSS advocates denouncing licenses that put limits on who could use the software or for what purpose. This “it was always only for humans” take is new to me.
elric 7 hours ago [-]
Surely "only for humans" is the obvious default given that there were no AI megacorps when these licenses were written?
Surely it's always been obvious that the person doing the sharing is the one to decide on the terms of the sharing? Maybe I want to share my cake with you but not with someone I don't like? How is that not my decision to make?
I'm absolutely fine with people having different sharing philosophies. Different licenses with different nuances are a thing. But I don't like this take that everything that was shared is automatically retconned to be included in AI training data. That's not the spirit in which I shared my stuff. Maybe that's the spirit in which you shared yours, and I respect that.
JackFr 1 days ago [-]
> FOSS licenses were obviously written in the spirit of sharing with humans.
That may be true, but I don't think it's obvious. What don't I know about the history of OSS?
6 hours ago [-]
1 days ago [-]
MPSimmons 1 days ago [-]
>written in the spirit of sharing with humans.
Not humans who are using AI tools?
carlosjobim 1 days ago [-]
Human dignity when it comes to work and contribution is very simple:
Software developers should charge a fair price for their products from their users. That's dignified and beneficial for everybody involved. And it doesn't invite "code stealers" or anybody who wants to reap what they didn't sow.
Just like any type of work. Fair compensation is the key. Not working for free for people who don't care about you and then complain that they didn't give you anything.
jazz9k 1 days ago [-]
Developers gave their code out for free, but want to discriminate against people they don't like from using it in ways they dislike.
The 'spirit of free software' is bullshit. It's software authoritarianism disguised as a noble cause.
ludamad 1 days ago [-]
Even so, what's wrong with this? They told you up front that they're going to discriminate. Students can use the code freely, businesses may struggle. People don't need to be fair.
xbar 1 days ago [-]
Don't use it.
unsungNovelty 1 days ago [-]
Yo! Open Source Software works within copyright law. Your software should comply with the OSS licence you are forking/redistributing from. If you don't comply, OSS freedoms are void and it defaults back to being copyrighted material for you. Comply with licences. And enjoy the freedoms. Otherwise, you are copying from a copyrighted material. Which is illegal. Comply or write it from scratch.
Or... Be nice and ask. People tell u what to do. Don't be rude here.
I remember this Video editor software which didn't comply properly with OSS licence of FFMPEG(?). And people told author what to do. It's always cheap to be kind. Or win dumb prizes.
josephg 1 days ago [-]
FOSS doesn't mean you give up all rights to your work. In this case, the software is AGPL licensed, which imposes huge list of requirements on copies - including attribution and sharing back changes.
FOSS != public domain.
tvbusy 1 days ago [-]
This person is so dangerous that if I offer them to stay in my shaded yard in the middle of the excruciating sun, they will demand that I let them take my house as well.
carlosjobim 1 days ago [-]
[flagged]
allarm 19 hours ago [-]
> rob your house while leaving it untended
Yeah, that's nonsense - licenses exist precisely to solve this problem. Read up on it - do everyone a favor.
negergreger 1 days ago [-]
[flagged]
irdc 1 days ago [-]
AI is busy destroying my art and my livelihood. Fighting back is about as psychotic as drapetomania[0] was.
Has any group of workers ever "won" a long-term victory against a new technology? There are plenty of short-term concessions made in the face of powerful trade union opposition, but I can't think of any technology that was just stopped dead to appease workers with obsolete skills.
irdc 1 days ago [-]
That assumes we're talking about technologies that are legal and in some way beneficial. AI is basically large-scale copyright infringement. If allowed to continue, human authors (I'm including programmers here) will eventually just stop publishing, because why feed the machine that's busy replacing you? You're not even getting paid for it, because the magic box can do the same thing you can for cheaper.
Thing is, everything AI produces is derivative; it cannot make anything truly original. Therefore widespread AI adoption will inevitably lead to scientific and cultural stagnation.
So we'll have our magic box that can perform our every wish. And we'll all be worse off for it.
1 days ago [-]
fsloth 1 days ago [-]
No, read the post. This is directly copying another product. "Vibe coding" which may or may not have happened is not the point here.
vaylian 1 days ago [-]
No. The Unity script reference and documentation probably did not have a license that required you to attribute the original source.
1over137 1 days ago [-]
Did you do that for personal use or for billions upon billions of dolars?
wolttam 1 days ago [-]
This doesn't appear to be AI posturing, did you read the tweet? It is about one product blatantly, directly ripping off another.
phkahler 1 days ago [-]
>> This doesn't appear to be AI posturing, did you read the tweet? It is about one product blatantly, directly ripping off another.
Then it shouldn't reference AI or Vibe coding.
Sanzig 1 days ago [-]
The tweet was fine - it was directly addressing Corgi's claim that they had "vibe coded" DataRoom when they had copied and pasted it from Papermark. The problem is the OP chose to perform a contextectomy on the tweet and make it look like it's making a completely different argument.
NickNaraghi 1 days ago [-]
Gonna have to see the agent trace on that one.
jobs_throwaway 1 days ago [-]
You didn't code it, you stole it from open source OS and compiler maintainers
rzmmm 1 days ago [-]
"before Bison version 1.24, Bison-generated parsers could be used only in programs that were free software."
Unless you don't copy the license terms, it's impossible to "steal" open-source code. That's... sort of the point.
gryfft 1 days ago [-]
Many open source licenses levy restrictions upon the acceptable use of the software. Those restrictions may include attribution requirements, up to and including a requirement to include the license when redistributing the code; they may forbid using derivative works for commercial purposes; they may require the downstream project to utilize the same license. Open source is not the same thing as "anybody can do anything they want forever."
tzs 1 days ago [-]
> they may forbid using derivative works for commercial purposes
The most widely used definitions of “open source” do not allow such a prohibition.
stanac 1 days ago [-]
Yup, if we take OSI as defacto authority on open source definition
> 6. No Discrimination Against Fields of Endeavor
> The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
You edited your comment while I was replying, and merely copying the license does not cover many other possible restrictions.
lenerdenator 1 days ago [-]
I didn't edit anything.
I did choose the wrong word, though. Comply, not copy.
gryfft 1 days ago [-]
Well, if it's my memory at fault then I apologize. My memory of the comment I replied to didn't include the initial qualifying phrase with either word choice.
1 days ago [-]
DiabloD3 1 days ago [-]
So, by definition, you did edit it to change the typo.
john_strinlai 1 days ago [-]
>So, by definition, you did edit it to change the typo.
their comment still says "copy". the comment you are replying to clarifies that they meant to type "comply", not copy.
since the wrong word is still there, 'by definition' they have not edited it.
DiabloD3 23 hours ago [-]
Ahh, I misread it.
irdc 1 days ago [-]
Papermark is AGPL; Corgi must release all its changes.
lenerdenator 1 days ago [-]
That means they're not complying with the license terms. Which would be stealing. Like I said it would be.
galangalalgol 1 days ago [-]
Copyright violation is not theft. Your effort to create something that can be effortlessly copied conveys to you no property. Society deems it beneficial to grant a time limited monopoly on copying it to spur innovation.
brookst 1 days ago [-]
You wouldn’t steal a car!
skeledrew 1 days ago [-]
Stealing a car - or anything tangible - means... the owner is very literally deprived of the benefits of owning said car/thing. Can't really say the same for a copied pattern of bits.
fc417fc802 20 hours ago [-]
But I would download one.
josephg 1 days ago [-]
Thats not what you said. You said "copy the license terms". Copying a license isn't the same as complying with one.
Though it looks like in this case they didn't do either.
irdc 1 days ago [-]
So we're in violent agreement then?
lenerdenator 1 days ago [-]
Brutally violent agreement. kicks shin, shakes hand
exo762 1 days ago [-]
Copyleft is still a thing. Right to attribution is still a thing. Please, read about it and you will discover that there is a lot of nuance to the open-source code.
samtheprogram 1 days ago [-]
It's really hard to not assume this is intentional ragebait.
A cursory look reveals they aren't complying. So, as you say, they are stealing. What's the point of this comment?
qwertytyyuu 1 days ago [-]
Stealing it for your use case would take more effort vibe coding. The term is fine as is
feverzsj 1 days ago [-]
LLM generated code could have very similar pattern to existing code with stricter license it trained on. So, it's better to keep them to yourself instead of bothering the public.
aboardRat4 1 days ago [-]
It is not possible to steal something which doesn't obey conservation laws. Don't try to scam physics, is always wins.
xyzsparetimexyz 1 days ago [-]
Don't care. Competition is good for consumers.
bogwog 1 days ago [-]
It is, but this isn't competition. This just copyright infringement.
Competition would be if these people created their own software, possibly innovating and improving it in the process. That would encourage Papermark to improve their own offering, and would create an environment where these businesses are economically incentivized to improve the product or service.
Nobody is incentivized to improve the software in question here. If copyright law doesn't protect anything, then improving your product is helping the competition and potentially hurting your business. Same is true if you're the people who did the infringement.
irdc 1 days ago [-]
When it plays fair, sure. Not when it steals.
onel 7 hours ago [-]
I think it's important to care about these things though. You want competition but you also want fair competition
Eufrat 11 hours ago [-]
Let’s not even talk about the feature. Copying the entire visual design itself with superficial tweaks is pretty brazen and, frankly, incredibly lazy.
augment_me 10 hours ago [-]
Who cares if the consumer buys it and uses it? Information is worth nothing anymore, attention is, so if they manage to capture a larger audience somehow, they win.
otterley 10 hours ago [-]
> Information is worth nothing anymore
What do you do for a living? For most of us in the tech industry, information being worth something (because it takes creative and intellectual labor to produce) puts food on our tables.
augment_me 10 hours ago [-]
LLMs produce about 95% of the code at my company and review about 70% of it for 3 years now. Our team has downsized from 40 to 8 people in this time. My creative labor is spent writing harnesses and wrappers. When there is enough of a data distribution on this, the LLMs will be able to do that as well.
I have saved up a buffer in funds and bonds because it's going to be over at some point when the company moves from explore to exploit.
Eufrat 9 hours ago [-]
This laissez-faire logic is insane, but I think it is telling that a lot of folks here seem to have this mindset and makes me empathize with increasingly nihilistic people.
weregiraffe 9 hours ago [-]
Stealing is the opposite of competition. It's in the same category as straight killing your competitors.
dgb23 1 days ago [-]
When competition has no rules it resorts to people banging each other over their heads with clubs.
Eufrat 11 hours ago [-]
People argue for less regulations until they are the ones eating crow.
olluk 1 days ago [-]
Close your source if you don't want it to be read by LLM
goldenarm 1 days ago [-]
That's not how licenses work, Papermark is AGPL
olluk 1 days ago [-]
I agree. It's a sarcasm of the new reality. What is copying vs writing from scratch? The line is blurred now, non-existent. You can ask an LLM to re-write any open source to a degree where there is no definite way to say that it's a derivative.
ActionHank 1 days ago [-]
"If Disney wants to retain their rights to Mickey they really shouldn't be showing any images of him to the world."
dcow 10 hours ago [-]
When everyone is using LLMs to suggest IA, build basic UIs, dump out your startup in a day, etc. everything will look the same, even the source code. There will be no way to litigate this. Does it benefit society to force two companies to make their products look different? Where’s the outrage over all basic pencils looking the same? Let the market decide which pencils it prefers.
nerdsniper 4 hours ago [-]
> Where’s the outrage over all basic pencils looking the same?
This would fall under patents (design patent at the very least), not copyright.
Furthermore, the English verbiage between the two are literally exactly the same. That's a clear copyright violation.
fsddfsdfssdf 4 hours ago [-]
Changing a few words is thus enough to clear this case. What's the point of this exercise exactly?
Both products are so incredibly derivative and boring that I find it very, very hard to care about this "case".
dcow 1 hours ago [-]
If the UI was novel enough then there would be a software patent for it in this case. Anyway I’m not sure what your point is? Copyright is a dated concept and AI only reinforces that. Do you really believe the first one to prompt an AI in a specific way should be allowed to enforce exclusive ownership of the output? That’s insane.
lelanthran 10 hours ago [-]
Its sounds like you are taking a side.
sublimefire 7 hours ago [-]
Being a bot of a devils advocate here. What I do not understand if it just looks similar, or implements the same features, or the code is actually copied and modified, i.e. the source is obviously from papermark. I think interfaces can be copied, thinking along the lines of implementing a protocol or a feature, so that would be legit. The UI looks very similar but if this is a totally different code then what? is it copyright infringement on the look and feel of the papermark brand?
Clearly it should be an issue for the investors anyway as it “looks” like a copy in the tweet alone, it might mean this code will eventually become available from download to comply with agpl, which in turn wipes out any moat.
nerdsniper 4 hours ago [-]
The English verbiage is identical. That's a clear copyright violation even if the codebase is otherwise unique.
sublimefire 1 hours ago [-]
I do not see how it is clear and which license is affected. People mix up agpl license terms which is not clear if being violated here and copyright based on branding. agpl does not cover the looks, it is all about the copy-left nature and code availability. I use the same licensing but struggle to so how could you enforce it if the code is different (not sure if it is different here).
Rendered at 16:16:04 GMT+0000 (Coordinated Universal Time) with Vercel.
https://xcancel.com/ffumarola/status/2070479755892371713#m
The comment clearly says “Mirror’s the reference design’s”
I don’t know how they could try to spin that as anything other than having an LLM launder someone’s code as a “reference design”
Even if they try to argue that the “reference design” was Figma, the identical copy means they had to have copied Papermark into the reference design.
The fact that they’re refusing to back down and admit they made a mistake is not a good sign for the company. I would not want to be one of their clients when it came to trying to dispute something.
> The team that made dataroom has stated that they did not use any of papermark’s code and that dataroom was made from scratch with inspiration from existing document sharing softwares, and that this post’s allegations of us stealing code are false. [...]
The screenshots clearly show they copied whole pages verbatim, both design and texts. The founder, Nico Laqua, basically responding with "we didn't copy _code_" and not taking any responsibility says a lot about his and his company's moral code. It might not be enough to get sued. That doesn't make it right.
https://x.com/nico_laqua/status/2070158170937581951
I wouldn't be that surprised if Nico genuinely thinks "we didn't copy the code" is a reasonable defense. It would be a clear cut rule, and extreme "shape rotator" types often have trouble with the fuzziness of things like law. In reality, copyright infringement is often more like the porn test, you know it when you see it.
It had to look that slang up: https://roonscape.ai/p/a-song-of-shapes-and-words.
> ...often have trouble with the fuzziness of things like law. In reality, copyright infringement is often more like the porn test, you know it when you see it.
I'd say it's more like the fuzziness defeats most of the software-style "exploits" those types gravitate towards. The edges of the laws aren't impossibly sharp and executed by dumb machines, so you can't sneak though "gaps" that would be there if those things were true.
For instance: you can crash a machine by DoSing it, but you can't crash a court case the same way: the judge will look at you and your truckload of motions and hold you in contempt.
https://en.wikipedia.org/wiki/Sovereign_citizen_movement
> Another common belief among sovereign citizens is that they can opt out of the purported contract, making themselves immune from the laws they do not wish to follow, by declining to "consent": when confronted by police officers or other officials, sovereign citizens typically attempt to negate their authority by saying, "I do not consent"
Like, why would this be true, and if it was, why would law enforcement and courts go along with it? I find it very odd.
https://xkcd.com/1494/
[1]: https://www.ycombinator.com/companies/corgi-insurance/jobs/X...
[2]: https://www.ycombinator.com/companies/corgi-insurance/jobs/Y...
If AI can’t make them recognize a work life balance has value then it’s easy to see they don’t believe the “force multiplier” BS they are peddling
Silicon Valley is just so disconnected from reality.
Normally getting insurance from a startup like Corgi would be a very bad idea because what’s to say they’ll be able to pay out claims? I assume other YC startups are happy because a) they can’t get insurance anywhere with good underwriting b) they figure YC will bail Corgi out when it goes wrong because seemingly every YC startup depends on them.
https://en.wikipedia.org/wiki/Risk_retention_group
“Policyholders should be aware that certain Specialty Insurance Carriers may not be admitted insurers in the state in which the insured risk is located. Policies issued by non-admitted insurers, risk retention groups, captive insurers, and certain other Specialty Insurance Carriers may not be subject to all of the insurance laws and regulations of your state. State insurance insolvency guaranty funds may not be available for policies issued by non-admitted insurers, risk retention groups, captive insurance companies, offshore insurers, or other non-admitted Specialty Insurance Carriers. In the event of the insolvency of such a carrier, policyholders may not have access to state guaranty fund protection and may bear the risk of the carrier's inability to pay claims.”
https://www.corgi.insure/disclaimers
Actually normally it’s fine because it’s rarely the startup selling insurance who’s doing the underwriting.
Corgi is more worrying because they’re (apparently) underwriting too.
A rare but sensible insurance tech startup would use external underwriters and reinsurance and provide insolvency protection.
Corgi doesn’t have any external underwriters, doesn’t have any insolvency protection, doesn’t have any reinsurance.
I think they’re bad on all 3 points, not just the underwriting?
https://x.com/nico_laqua/status/2061130574358773852?s=20
Mostly because open source projects rarely sue. If you did this to a more litigious company there's a decent chance they would sue, and I'd give them about a 50/50 chance of winning.
Hard to say whether this would be ruled as copying the creative and artistic elements, or just the methods of operation. Copying features is fine, wholesale copying UX quickly becomes copyright infringement
Perhaps that’s enough for them. Legal gray area worked for Uber, AirBnB and many more.
As a consumer in not happy though, I don’t like incentivizing companies with such creative approach to law.
That would be my cynical response.
Parts of pages. Look at the screenshots. The wording is different between the pages.
I don't know whether that's what happened here or claim to know exactly what the constraints of IP law for this specific instance are, but "some stuff was changed" does not necessarily seem sufficient as a defense in general. Depending on the exact type of IP law that covers this there are questions like whether the changes were substantial enough to make it an original work or whether the way that the old stuff was used constitutes fair use.
Which goes to show there was never any original work to fallback to.
"See, if I remove the detailed descriptions - and the LLM regurgitated the rest - nothing will have been copied."
Some people really want to defend "build me a copy of thing because I don't like the license" to be acceptable behavior.
The design is shadcn – which is an MIT license - very very popular design system. The text is pretty standard to what I'd expect with any DD solution.
As an aside thought not related to the thread: Is it my perception or people are getting more used to not only vibe code things from existing solutions/projects but also "steal" open source code and do whatever the heck they want without complying morally/ethically/legally to the whole premise of open source?
I have the feeling that more than ever open source violations are flourishing everywhere without any major legal consequences.
yes. it's way easier to do now. edit -- plus a lot of new ai-only entrant devs don't understand/care that foss is about freedoms rather than free as in beer.
i work on a GPL3 library that parses a hardware audio sampler's binary data files. someone built an app so people can do "stuff" on top of my library, following GPL3 license.
someone recently posted an entirely vibe-coded clone of that app, full website with purchase links for $60 odd. completely obvious clone too; the UI was exactly the same minus the different colour scheme. no GPL3 conditions adhered to at all. mods delisted the thread. banned the clone's dev. forum community expressed their support for the original app dev. dmca takedowns were sent out. clone's website went down a few days later.
the original app dev was lucky there's only one main forum where people post things for this manufacturer, and the mods hate ai stuff too, which is kind of ironic cos the original app dev vibe codes all his stuff lol. without that forum and those mods, the original app dev would have been fucked tbh (and so would i as the GPL3 library maintainer).
centralization has benefits... without that, the only alternative i see is a mass movement where everyone goes closed source to force a conversation about respecting the work of others. we've been running on an honour/community backlash system until now.
Identify a one-feature app that (supposedly) makes money and vibe it up. Done is your "I vibe coded a 10M MAU app in 40 minutes" vid.
From crypto to NFT to vibez. Rotten to the core, the difference is that this time around LLM are actually useful in some areas.
Move fast and break things have changed to be about technology and it is now about the law. Uber popularized the trend, now everybody does the same. AI breaking copyright law is just part of that trend.
With the new "laws are for losers" mentality we are in for a hard time.
Papermark is an open source alternative to DocSend. Papermark is very popular, as it is a much more cost effective alternative to DocSend — self-host or hosted.
Corgi is a YC backed insurance startup that sells insurance to other YC startups. Nico is a founder. Recently they raised $100m at a ~$3bn valuation. They’re one of the darlings of YC right now, endless fawning over them.
Since insurance underwriting involves lots of documents, Corgi were paying Dropbox thousands of dollars per month for DocSend. For some reason, Corgi ostensibly formed a team of 12 to build their own DocSend alternative, called Dataroom. And Corgi decided to make it into a SaaS product, pitched as a cheaper DocSend from just $10/month, in an already crowded space.
Papermark noticed immediately that Corgi’s Dataroom used a lot of identical language and structure that Papermark’s open source product does. Papermark assumed that Corgi had taken Papermark’s work without attribution. Corgi have denied it, claiming it is just a coincidence that there are word for word matches between the products.
Another YC startup, Delve, got caught doing what Corgi are accused of (and much more) which led to their removal from YC.
That's like, nothing, for a company in the insurance business valued at 3b
A startup raises ~$100m at a ~$3bn valuation and forms a team of 12 employees including their Head of Operations to build a clone of a product they pay less than $1,000/month for while they have more than 50 open roles they are hiring for.
Hmmm, yes, a very good use of available resources.
https://xcancel.com/SergioGarc20223/status/20702512486962956...
Delve’s first drama was around copying from other startups, it was later that their betrayal came out. Corgi is currently at the copying from other startups stage… one might choose to believe there is a path they’re following rather than this being a one off.
For example, I outlined in another comment how their product is not what it seems, it is not traditional insurance, it takes advantage of an esoteric piece of insurance regulation. They’re doing very aggressive underwriting without any of the traditional insurance regulatory protections applying to them.
https://news.ycombinator.com/item?id=48672328
Someone might believe that their conduct + very high risk product + exposure to a large number of YC companies means they’re very similar to Delve.
Plus the founders are at the top of another funnel… Forbes 30 under 30. 30u30 is practically a kiss of death.
elsewhere; "Laqua, whose father is a lawyer for an insurance company"
lol
1. no code was manually copied by a developer, and
2. all software in the same space copies off of each other
But the big giveaway here is the exact same layout/copywriting on both products. Telling an LLM "write this product and build a 1:1 clone" is still copying by all sensible definitions. The fact that he argues nothing was copied is ridiculous.
ShadCN is the most popular design system that AI automatically reaches for 90%+ times on its own. It's also the default most platforms like lovable, etc.
You would be very wrong in this argument. It's extremely well-established that corporate verbiage and UI are subject to copyright.
You have to share the source code even when the user interacts over the network with the software.
The project which uses that code, must also be AGPL,
There are ways to separate it and go around it, for example, using an AGPL auth server shouldn't affect the code where your business logic lives
I am sure they could have found a way to design their product to be compliant, especially following past drama.
This is assuming the code is indeed copied, since we don't know that for sure, it does look very similar but I am not sure how that is enforced
Their defence seems to be "well we asked an LLM to reproduce your work, so 'WE' never copied your code". Smells bad to me.
Not getting your magic text generator to reword the copy for you is just sloppy.
> This action cannot be undone
> Freezing is reversible from this page
I assume being irreversible is an essential part of the freezing feature.
> Hey Nico,
> It looks like you didn't vibe code your data room but stole it from Papermark's open source and enterprise-licensed code.
> We demand you take this copyright and license infringing product down immediately.
> It's not moving fast and breaking things, it's fraud.
> It makes the rest of your business questionable and the YC community look terrible.
Clearly, "the community" is not all on X. If it were, why would we be having conversations here on Hacker News?
Anyways, the real answer you'll still see some X links here is that
1. A not insignificant amount of people in our industry are aligned with the X CEO and the positions he expresses through his accounts, Grok, etc., and
2. Pornography
If I were them, I'd have changed copy and probably done some internal testing to smooth rough edges/improve where needed but sounds like they're moving as quickly as possible.
If they did just copy paste code, straight to jail...
“Team effort”
“:praying-hands (x2)”
And so on… The audacity and complete shamelessness…
I wonder what narrative they tell themselves.
Surely UI enough isn't enough to prove that source code was plagiarised?
In the event Papermark chooses to sue how will the defendant defend themselves short of presenting their own (possibly) closed source?
I am curious if/how YC will handle this to get ahead of earning a reputation of being a den of scammers - a few months after the Delve scandal
flock is a YC company, so it's pretty clear that YC does not care about a negative reputation. as long as it makes money, nothing else matters.
Perhaps not what the general public thinks, but I assume YC cares a lot about its reputation among VC firms that fund its companies, because VCs don't like being scammed (directly, or indirectly through unknowingly funding scams)
For example only yesterday I got spam from an YC company, Polymath, and I replied back asking where they got my details from - no response yet. Once I get something I'll make a GDPR subject access request, then a deletion request. I hope the overhead of that causes them to rethink their spamming campaign.
But I'm not going to complain to YC about it.
My comment was not about doing a generic bad thing - it was about scammy behavior in particular (which ties to the Delve incident). YC depends on the VC ecosystem to fund its companies, and no VC wants to be scammed. If a reputation of cultivating/condoning/obliviousness scammers takes root, that would be bad for business.
> But I'm not going to complain to YC about it.
I am not complaining, or even expecting a moral decision. I'm legitimately curious how this will shake out, for purely capitalistic, reputation-management reasons.
Now, INAL of course, but I would think this sort of mechanism would be quite gameable from both sides ( i) a wealthy competitor legally forcing a promising upstart to reveal source ii) a copycat working out some kind of arrangement where the code itself is licensed to them via shell company based overseas.)
If someone is trying to dig into their competitor's trade secrets via discovery, the court offers multiple ways to safeguard against that. The defendant can identify information as a trade secret and ask that it be protected in some way - for example, the documents may be restricted to "Attorneys' Eyes Only", so while the plaintiff's attorneys can review the material, the plaintiffs themselves are barred from reviewing it. Or the judge themselves may get involved in an in-camera session.
once the money dries up, these people will be on the next 'wave' without retrospective of what led to failures before. the past gets buried like it never existed.
The meme keeps on memeing.
"This ain't what a C&D looks like. Implies you don't actually have a leg to stand on. Upload a copy of your official legal demand (from a lawyer) or I'll forever see your company as one who attempts to bully the competition in public"
-- https://xcancel.com/jacobhartmannx/status/207012600834729596...
Is this just trolling?!
Besides - who is this guy, and why does he think he's owed sight of any legal paperwork?
The lack of understanding of copyright on HN does astound me, however.
This isn't a case of convergent design (OpenOffice vs. Microsoft Word), this is identical word-for-word with a simple s/room/dataroom:
> When enabled, folders uploaded to Rooms will be mirrored into 'All Documents' with the same structure. When disabled, all documents will be placed in a single folder named after the Room in 'All Documents!
> This action cannot be undone. - All documents and folders will be permanently removed - All links and viewer access will be revoked - All analytics, audit logs, and Q&A data will be lost - Group permissions and branding will be deleted
Those are clear copyright violations.
Just ban users who comment without reading, I think that would go further to keep the quality of discussion high.
The number of bots/trolls responding to the title without reading the content and missing the point entirely is astounding, honestly, and I don't think any of those posts are contributing to high quality discussion. We could do without those users.
"but but but I can't/won't open twitter links" - then don't flap your yak-hole. Ignoring for a moment that the content has been reproduced in full in this thread, and another user has provided an alternative xcancel link.
An honest title would be “Corgi didn’t vibe code it, they stole Papermark’s AGPL code”.
Sure, people should read links, but when a writer posts ragebait for engagement, there’s plenty of blame to go around.
I was mostly fighting the title character limit
The paraphrase is doing a lot of heavy lifting to convert it to ragebait. Had the OP gone with something like "you didn't vibe code it, you plagiarized Papermark's open source project" (may need some editing to fit under the character limit) it would have at least been more true to the original tweet.
If you come to book club without reading the book, and you derail the conversation into something completely irrelevant, you're not getting invited back.
Naturally LLM technology has moved on since then. I don't remember any recent word for word reproductions of a copyright license.
There are a lot of people lauding the technology though because it occasionally one-shots a wildly impressive example of something which...already exists.
FOSS licenses were obviously written in the spirit of sharing with humans. Some later licenses made the license less amenable for sharing with corporations because some authors didn't feel like they were being treated fairly. Some authors today have similar feelings about their code being used by Gen AI. It is perfectly fine for authors to want to place restrictions on how they want others to use their work.
> Step out of the FOSS swamp, step in to human dignity.
What is that even supposed to mean?
In fact I seem to recall FOSS advocates denouncing licenses that put limits on who could use the software or for what purpose. This “it was always only for humans” take is new to me.
Surely it's always been obvious that the person doing the sharing is the one to decide on the terms of the sharing? Maybe I want to share my cake with you but not with someone I don't like? How is that not my decision to make?
I'm absolutely fine with people having different sharing philosophies. Different licenses with different nuances are a thing. But I don't like this take that everything that was shared is automatically retconned to be included in AI training data. That's not the spirit in which I shared my stuff. Maybe that's the spirit in which you shared yours, and I respect that.
That may be true, but I don't think it's obvious. What don't I know about the history of OSS?
Not humans who are using AI tools?
Software developers should charge a fair price for their products from their users. That's dignified and beneficial for everybody involved. And it doesn't invite "code stealers" or anybody who wants to reap what they didn't sow.
Just like any type of work. Fair compensation is the key. Not working for free for people who don't care about you and then complain that they didn't give you anything.
The 'spirit of free software' is bullshit. It's software authoritarianism disguised as a noble cause.
Or... Be nice and ask. People tell u what to do. Don't be rude here.
I remember this Video editor software which didn't comply properly with OSS licence of FFMPEG(?). And people told author what to do. It's always cheap to be kind. Or win dumb prizes.
FOSS != public domain.
Yeah, that's nonsense - licenses exist precisely to solve this problem. Read up on it - do everyone a favor.
0. https://en.wikipedia.org/wiki/Drapetomania
Thing is, everything AI produces is derivative; it cannot make anything truly original. Therefore widespread AI adoption will inevitably lead to scientific and cultural stagnation.
So we'll have our magic box that can perform our every wish. And we'll all be worse off for it.
Then it shouldn't reference AI or Vibe coding.
https://www.gnu.org/software/bison/manual/html_node/Conditio...
The most widely used definitions of “open source” do not allow such a prohibition.
> 6. No Discrimination Against Fields of Endeavor
> The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
https://opensource.org/osd
I did choose the wrong word, though. Comply, not copy.
their comment still says "copy". the comment you are replying to clarifies that they meant to type "comply", not copy.
since the wrong word is still there, 'by definition' they have not edited it.
Though it looks like in this case they didn't do either.
A cursory look reveals they aren't complying. So, as you say, they are stealing. What's the point of this comment?
Competition would be if these people created their own software, possibly innovating and improving it in the process. That would encourage Papermark to improve their own offering, and would create an environment where these businesses are economically incentivized to improve the product or service.
Nobody is incentivized to improve the software in question here. If copyright law doesn't protect anything, then improving your product is helping the competition and potentially hurting your business. Same is true if you're the people who did the infringement.
What do you do for a living? For most of us in the tech industry, information being worth something (because it takes creative and intellectual labor to produce) puts food on our tables.
I have saved up a buffer in funds and bonds because it's going to be over at some point when the company moves from explore to exploit.
This would fall under patents (design patent at the very least), not copyright.
Furthermore, the English verbiage between the two are literally exactly the same. That's a clear copyright violation.
Both products are so incredibly derivative and boring that I find it very, very hard to care about this "case".
Clearly it should be an issue for the investors anyway as it “looks” like a copy in the tweet alone, it might mean this code will eventually become available from download to comply with agpl, which in turn wipes out any moat.