内容简介:在昨天听到B站后台源码泄露后,除了大喊666外,同时也在思考:如果自己公司的源码被恶意地泄漏到GitHub,我们应该怎么做才能及时止损?说到这里,我们脑海中冒出的第一个词就是为了保护机构、公司代码资产,如果我们公司代码出现了泄漏,我们可以提交
在昨天听到B站后台源码泄露后,除了大喊666外,同时也在思考:如果自己公司的源码被恶意地泄漏到GitHub,我们应该怎么做才能及时止损?
说到这里,我们脑海中冒出的第一个词就是 takedown
.
为了保护机构、公司代码资产,如果我们公司代码出现了泄漏,我们可以提交 takedown
来申请删除泄漏的代码。
然而,对于这种特殊事件,时间极其宝贵(毕竟对于平常的我们来说,谁没事会提takedown呢)。如何快速进入相应网页入口,提交takedown就成为了重中之重。
1.1、第一步:进入提交页面
从 帮助页面 进入 提交takedown页面 ,选择左侧的 Copyright claims(DMCA)
,然后点击 Submit a takedown notice
按钮即可跳转到提交页面。
1.2、第二步:提交相应信息
填写相应信息Name、Email、Subject,同时要回答相应问题(回答的问题中包含:泄漏代码仓库的URL、Fork分支的URL、想要的解决方法、还有个人声明、联系方式等)。
需要提交的信息包含以下内容:
//**您是版权所有者还是被授权代表版权所有者行事?** **Are you the copyright owner or authorized to act on the copyright owner’s behalf?** //**请提供据称被侵权的原始版权作品的详细说明。如果可能,请提供在线发布地址的URL。** **Please provide a detailed description of the original copyrighted work that has allegedly been infringed. If possible, include a URL to where it is posted online.** //**应删除哪些文件?请为每个文件提供URL,或者如果是整个存储库,则提供存储库的URL:** **What files should be taken down? Please provide URLs for each file, or if the entire repository, the repository’s URL:** //**您是否搜索过涉嫌侵权的文件或存储库的任何分支?每个分支都是一个独立的存储库,如果您认为它是侵权并希望将其删除,则必须单独识别。** **Have you searched for any forks of the allegedly infringing files or repositories? Each fork is a distinct repository and must be identified separately if you believe it is infringing and wish to have it taken down.** //**作品是否根据开源许可证获得许可?如果是这样,哪个开源许可证?涉嫌侵权的文件是否在开源许可下使用,或者是否违反了许可?** **Is the work licensed under an open source license? If so, which open source license? Are the allegedly infringing files being used under the open source license, or are they in violation of the license?** //**涉嫌侵权的最佳解决方案是什么?除了删除之外,其他人是否可以进行具体更改?可以将存储库设为私有吗?** **What would be the best solution for the alleged infringement? Are there specific changes the other person can make other than removal? Can the repository be made private?** //**您是否拥有涉嫌侵权人的联系信息?如果是,请提供:** **Do you have the alleged infringer’s contact information? If so, please provide it:** //**输入(或复制并粘贴)以下声明:“我确信在侵权网页上使用上述受版权保护的材料未经版权所有者或其代理人或法律授权。我考虑到合理使用。“** **Type (or copy and paste) the following statement: "I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law. I have taken fair use into consideration."** //**输入(或复制并粘贴)以下声明:“我发誓,根据伪证处罚,本通知中的信息准确无误,且我是版权所有者,或有权代表所有者行事,涉嫌侵权的专有权。“** **Type (or copy and paste) the following statement: "I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed."** //**请确认您已阅读我们的提交DMCA删除通知指南:https://help.github.com/articles/guide-to-submitting-a-dmca-takedown-notice/** **Please confirm that you have you have read our Guide to Submitting a DMCA Takedown Notice: https://help.github.com/articles/guide-to-submitting-a-dmca-takedown-notice/** //**我们可以回复您,请提供您的电话号码或实际地址:** **So that we can get back to you, please provide either your telephone number or physical address:** //**请在下面输入您的完整法定名称以签署此请求:** **Please type your full legal name below to sign this request:**
1.3 参考范文
当然我们可以参考 B站的DMCA删除通知 ,B站后期的DMCA删除通知可以在 GitHub的dmcak仓库 进行查看。
Hello Dear Github: We Are: Bilibili Security Group.It is nice to be able to yse Github such a professional and effcient platform,and mpw we have a need to be very hopefully able to get Github's support and resolution.I sent the mail yesterday and the mail attachments is the my signature!! We have read and understand GitHub's Guide to Filling a DMCA Notice Some one created a Repository called 'openbilibili/go-common' two hours ago and many people forked it or clone it and reupload the repository,which contained too much sensitive information,such as secret key,database address,very important api key and so on.If these information are found by other people in Github,our company will be left out of pocket. The following is Github's URL and Screenshots about this Repository: [private] Since the reupload repositories and the contains our company's important source code,algorithm and system configuration,,so we hope Giuhub as soon as possible to help us completely remove the reupload repositories and thank you very much The following is our contact information: Company Name : Bilibili My e-mail Address: [private] Cellphone: [private] Company Address: [private] Website: https://www.bilibili.com/ I have a good faith belief that use of the copyrighted materials described above on the infringing web pages is not authorized by the copyright owner, or its agent, or the law. I have taken fair use into consideration. I swear, under penalty of perjury, that the information in this notification is accurate and that I am the copyright owner, or am authorized to act on behalf of the owner, of an exclusive right that is allegedly infringed. Hoping for your response and thanks again. Please help us!!!
2、 码云
在码云中,目前并未找到提交takedown的入口,不过我们可以通过联系客服和加入码云技术支持QQ群里寻求帮助。
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。