The Catfish Coder Strikes Again

It was only about a month ago that I posted a cautionary tale about a former student who stole code from their instructors and classmates. Now, only thirty-something days later, the Catfish Coder struck again. I’m tempted to act on my frustration and publicly out this person but I’m going to stay above that. Instead I’m going to focus on why anyone thinking of using someone else’s code as a portfolio piece either as filler material or to impress employers has a 100% chance of being caught. I’ll show you how you’ll get caught, how you’ll destroy your credibility, explain why it’ll destroy any chance of getting your foot in the door, and why you’re a total asshole for stealing code. Oh, and I’ll sprinkle in a little about intellectual property while I explain how open source licensing does not give you any right to claim ownership of any piece of software even if you’re a hardcore copy-leftist and use the GPL exclusively.

My code was stolen a second time

I wrote about how this same person stole my and others’ code last month so here’s the short version of this second attempt.

At the end of the first ordeal the code thief ended up taking down the two GitHub profiles that contained almost no original work at all and sent me a pathetic excuse of an explanation – something about how rewriting other people’s code line for line helps this Catfish learn (not sure why this “learning” had to take place publicly on GitHub without using the Fork feature but whatever, just go away is what I thought). I thought it was over at that point. I was wrong.

Last week I was contacted by someone at a company in St. Louis. They told me they had a job candidate whose GitHub profile existed for a short period of time but had many repositories with very few commits and that it just looked suspicious. They flat out asked me if this was the the same person I wrote about before. Turns out it was. The same Catfish Coder who stole their fellow classmate’s, instructors’, and school’s code just over a month prior was at it again under a new GitHub profile and someone caught him red handed. What’s worse is that they have a Wordpress website for their “web development company” that uses the stock photos that come with the theme and, though I can’t confirm this, it looks like they’re pictures of fake people who the Catfish Coder claims are their real “team”. I find that hard to believe because I don’t know of any developer who would work for someone who had less skill than them and no respect for their work unless there were a lot of money on the table.

But wait a second – how would this employer know to contact me to ask about this person’s code? The short answer is that fraudulent programmers are bad at covering their tracks. The long answer is that you need to understand Git to use Git and Node to use Node. The idea is that you gain knowledge through study and experience by applying what you’ve learned. There’s no shortcut.

How Catfish Gets Caught

  • The commit history in at least one of the projects had my name and email address in it. If the Catfish Coder were as good as they claim they’d know that by Git’s nature (it’s Distributed version control) every copy of a repository has the entire repo’s history bundled into it so you could see commits with my name and email address if you went back in the git history far enough. In this case far enough was probably the commit that happened just before the repository was published. Then again, if Catfish were as good as they claim, they wouldn’t need to steal code to begin with.
  • Some of the Node.js projects had a package.json with my name, email address, original GitHub remote URL, and personal website link in it. So… apparently the Catfish Coder wants you to believe they know Node.js but they just have trouble with that pesky npm init command so they just copy package.json files from other people? Or something? Come on man, this is ridiculous.

But mostly the Catfish Coder got caught because they’re a fraud. I remember telling people I could do things I had never done or learned before when I first started Clever Web Design but I never ever stole code or even lied about my experience. Every developer exaggerates their skill in certain areas at certain times but there’s a huge difference between exaggerating your skill and claiming to be able to do something you have no experience with whatsoever.

Intellectual property is a real thing

You might not believe in evolution or gravity or that the Earth is over 6,000 years old and round but that doesn’t stop those things from being real.

Maybe your opinion is that if people publish code online they should expect someone else to use it. That’s true! I do expect others to use the code I publish online. But intellectual property law still applies and your use of my code doesn’t mean you own my code. There’s a reason software licenses exist. Developers need a way to share code while retaining ownership of it and avoiding liability from it. Software licenses solve part of these problems. Some of them are liberal, some conservative, but all of them protect the original author from the kind of fraud perpetrated by people like our Catfish Coder. That and they limit our liability in case using our code melts your keyboard or something. The only problem is that they only work when they’re enforced so I’m glad there are people like that nice guy in St. Lois who noticed something odd and said something.

Open source is about sharing and using

When you take someone else’s code and pass it off as your own you’re officially the worst kind of software pirate. It’s one thing to torrent a copy of ”The Martian” to watch with your wife on a Sunday night and it’s a whole different thing to pirate a copy of ”The Martian”, hold a neighborhood screening then tell everyone you wrote and directed the movie too.

Open source software is free. Let’s define “free” though: some authors open source their software and give it away free of charge. That’s one definition of free. But just because the code is free to browse and change to your liking that doesn’t mean an author can’t charge money for it. And that’s the other type of freedom that open source allows for. The freedom to read the source code you’re running and modify it if you need or choose to. In either case, the one common denominator between just about all open source licenses is that they limit the original author’s liability and allow you to use the software within your own project. There are a lot of licenses to choose from but the license I choose to use for most of my projects is the MIT License.

Before we go on, let’s make one thing clear: open source allows you to change the code but it doesn’t transfer the ownership of the the code to you. You cannot just remove the original author’s name from the license and related files, call it by a different name, and say you made it. That’s not open source, that’s pirating.

The MIT License

The MIT License is pretty simple. It allows you to use the software either by itself or as part of a larger software project. You can use it for commercial or non-commercial use. So if I built, let’s say, an API client library that you use in a web application you have every right to let people use it free or charge access to it. The choice is yours. What you can’t do, however, is re-release my client library under a new name and say you created it. If you decide to contribute to the original project you get credit in the Git history. If you fork the project and decide you’re going to use the original source to make it even better, you don’t erase the original author’s name from the project, you just add your name next to the original author’s name in the license file.

Bottom line: ownership is never transferred to you without the original author’s express permission.

You’re going to get caught

If you’re stealing code you’re either a dick, can’t write your own code, or both. I remember being offered a job once where there were three candidates who were all given the same code challenge to complete before they were offered the job. One of them hired someone overseas to complete the challenge for them. They were immediately caught because programmers always put some kind of signature in their code whether it’s a license within a doc block or a license file or something and that’s exactly what they did. And what does someone who doesn’t know how to code do? They sure as hell don’t catch that stuff but the employer did and so the culprit either had to admit to what they had done or we all were reassigned a new code challenge.

Seriously. You’re not going to fool anyone.

Laziness is not an excuse. We all start somewhere. Some people resent being called Junior Developers so they do everything they can to get a mid to senior level gig. But the difference between a junior developer and a non-junior dev is experience. There’s no shortcut that’ll get you experience. You just have to do the work, do the simple jobs, work your way up, and earn the experience you need to shed the junior label. A junior developer isn’t a job to be ashamed of. It’s a great way to get mentorship from more experienced developers so you can one day become the programmer you want to be.

Now you can’t get a job anywhere

So once you get caught word gets around fast. People who would have vouched for you initially or people you could have used as a reference will not recommend you for a job that’s obviously above your skill level.

Now word gets around that you have a history of unethical behavior. The developer community is large but also tight knit. We look out for one another and since we’re constantly publishing out work and learning from each other we end up building relationships with each other. You might be able to get away with some unethical behavior a couple of times but you better make sure it works the first time otherwise you’re branded as a code thief.

You’re officially an asshole

Taking someone else’s code and passing it off as your own is just an asshole move. For me personally, it took me years to get to where I am today. Hundreds of side projects, thousands of hours, and countless late nights up learning full stack development was taken from me in just a few keystrokes. My code, out in the open being misrepresented could have made me look bad along with the Catfish Coder. This was just unethical and a straight up asshole thing to do. The fact that this person did it twice and lied about having done it while simultaneously lying about why they did it officially makes you an asshole.

The only path to redemption

Everyone does stupid shit and I believe in second chances. Our Catfish may be an asshole for now but there’s hope for forgiveness and redemption. Here’s how.

Understand why what you did was wrong, confess, apologize to the community, and then contribute your own useful piece of software to the open source community- even if it’s simple or you think no one will care because that’s where it all starts. Once you’ve given birth to a project you’ll see your actions in a whole new light. And if you don’t, then you’re probably just an asshole sociopath in which case we’ll all expect to see you cutting corners and slapping your name on more software you didn’t write. But if you take the first path there’s a chance to learn a lesson, gain that experience you’re trying to portray the right way, and eventually you’ll become that developer you’re taking shortcuts to become now.

The Bottom Line

I’ll say it again. There are no shortcuts to experience. You just need to put in the time, do the work, and make a positive contribution to someone’s life through code either via freelance work or legit open source contributions. Let all this blow over. The current path isn’t working so maybe it’s time to try going about getting work a different way. Just like the end of every MTV Catfish TV show we see the Catfish take responsibility and redeem themselves or decide to continue with their wicked Catfishing ways. This is where we are now and I’m hoping for the former being the case for this Catfish Coder.

Open source, Web development

« Another way to install PositiveSSL certs on Nginx Why define a Mongoose Schema? »