Malus.sh는 AI를 활용해 기존 오픈소스 소프트웨어의 기능을 동일하게 수행하면서도 저작권 의무를 피하는 '클린룸' 복제본을 생성해 제공하는 실제 서비스입니다. 이 프로젝트는 오픈소스 경제의 현실적인 문제를 고발하기 위한 풍자적 시도이지만, 실제로 수익을 창출하며 작동하고 있어 논란이 되고 있습니다. 생성형 AI의 발전이 기존 오픈소스 라이선스를 무력화하고 생태계를 위협할 수 있다는 점을 보여준다는 점에서 IT 업계의 중요한 논의 거리로 떠오르고 있습니다.
번역된 본문
적은 금액만 내면 Malus.sh가 AI를 활용해 당신이 제공하는 모든 소프트웨어를 분석해내고, 기존의 저작권 라이선스로부터 그것을 '해방'시킨 새로운 버전을 뱉어낼 것입니다. 그 결과물은 동일한 기능을 수행하지만, 예를 들어 오픈소스 소프트웨어가 자유롭게 사용 및 수정될 수 있도록 보장하는 종류의 저작권 라이선스를 존중할 필요가 없는 새로운 소프트웨어로, 이 과정은 이미 취약한 오픈소스 생태계를 뒤흔들 수 있습니다. 이 사이트는 오픈소스의 매우 현실적인 문제에 관심을 끌기 위해 고안된 정교한 풍자이지만, 동시에 광고하는 바를 정확히 수행하며 AI를 사용해 기존 소프트웨어의 '클린룸(Clean Room)' 복제본을 만들어 돈을 버는 실제 LLC(유한책임회사)입니다. 국제연합(UN)에서 일하며 오픈소스 소프트웨어의 정치경제학을 연구하는 Malus의 두 창립자 중 한 명인 마이크 놀란(Mike Nolan)은 나에게 이렇게 말했습니다. "이건 실제로 작동해요. Stripe 결제를 하면 그 결과물을 제공할 겁니다. 우리에게 이 부분이 중요했는데, 단순한 풍자로만 남았다면 제가 예전에 진행했던 다른 오픈소스 연구들과 같은 운명을 겪었을 것이기 때문입니다. 그 연구들은 결국 해고나 경제적 상황의 피해자가 될 리 없다고 스스로를 너무 특별하고 독특하고 똑똑하다고 여기는 오픈소스 기술 노동자들에 의해 대부분 일축당했죠." Malus가 저작권을 우회하는 법적 전략은 1982년으로 거슬러 올라가는 소프트웨어 및 저작권법의 역사적인 중추적 순간에 기반을 두고 있습니다. 당시 가정용 컴퓨팅 시장을 장악했던 IBM의 경쟁사였던 컬럼비아 데이터 프로덕츠(Columbia Data Products)는 IBM 고객들이 이미 사용 중이던 소프트웨어와 호환되는 제품을 판매하기를 원했습니다. IBM의 컴퓨터를 리버스 엔지니어링하는 것은 회사의 저작권을 침해했을 것이므로, 컬럼비아 데이터 프로덕츠는 오늘날 우리가 '클린룸(Clean Room)' 설계라고 부르는 방법을 고안해 냈습니다. 이들은 한 팀에 IBM의 BIOS를 분석하여 해당 시스템 복제본에 필요한 사양을 작성하는 임무를 맡겼습니다. 그런 다음 IBM의 코드를 접해본 적이 없는 전혀 다른 '청결한(Clean)' 팀이 그 사양을 충족하는 BIOS를 처음부터 새로 만들었습니다. 그 결과물은 IBM의 기술적 프로세스를 복사하지 않았고 독창적인 저작물로 인정받아 저작권을 침해하지 않으면서도 IBM 생태계와 호환되는 시스템이었습니다. 판례를 통해 검증되었고 드라마 'Halt and Catch Fire' 시즌 1에서 극화되기도 했던 이 클린룸 방식은 컴퓨팅 환경을 그 어느 때보다 개방적이고 경쟁적으로 만들었습니다. 하지만 이는 생성형 AI 시대에 새로운 의미를 갖게 되었습니다. 이제 AI 도구를 사용해 기존 오픈소스 프로젝트와 기능이 동일한 소프트웨어를 제작해 달라고 요청하는 것이 그 어느 때보다 쉬워졌으며, 누군가는 이것이 처음부터 새로 구축된 것이므로 기존 저작권 라이선스를 우회할 수 있는 독창적인 저작물이라고 주장할 것입니다. 반면 다른 사람들은 대형 언어 모델(LLM)이 생성한 소프트웨어는 본질적으로 파생적인 저작물이라고 말할 것입니다. 왜냐하면 다른 모든 LLM 출력물처럼, 특정 오픈소스 프로젝트를 포함해 인터넷에서 긁어모은 인간의 집단적 산출물을 기반으로 학습되었기 때문입니다. Malus(발음 그대로 '악의(Malice)'를 뜻함)는 AI를 사용해 똑같은 일을 합니다. Malus의 웹사이트에는 다음과 같이 적혀 있습니다. "마침내 오픈소스 라이선스 의무로부터의 해방. 당사의 독점적인 AI 로봇이 모든 오픈소스 프로젝트를 처음부터 독립적으로 재창조합니다. 결과는 무엇일까요? 기업 친화적인 라이선스를 적용받는 법적으로 구별되는 코드입니다. 출처 표기도, 카피레프트(Copyleft)도, 문제도 없습니다." 카피레프트는 소프트웨어의 복제본이나 응용 프로그램이 자유롭게 공유 및 수정될 수 있도록 보장하는 한 유형의 저작권 라이선스입니다. 소프트웨어를 공동으로 개발하고 모두에게 무료로 제공하는 것을 믿는 오픈소스 커뮤니티에 대한 Malus의 제안은 노골적인 경멸입니다. 일반적으로 오픈소스 프로젝트의 저작권 라이선스는 작품을 사용하는 사람이 유지 관리자에게 크레딧을 표시하고, 파생 저작물이 동일한 허용 라이선스를 계속 사용하여 프로젝트에 기여하고 유지하는 사람들의 커뮤니티가 성장하기를 바라는 것만을 요구합니다. "일부 라이선스는 개선 사항을 다시 기여하도록 요구합니다. 당신의 주주들은 당신이 (오픈소스에 기여하기 위해) 그런 돈을 쓰기 위해 투자한 것이 아닙니다."
For a small price, Malus.sh will use AI to ingest any piece of software you give and spit out a new version of it that “liberates” it from any existing copyright licenses. The result is a new piece of software that serves the same function, but doesn’t have to honor, for example, the kind of copyright licenses that ensure open source software remains free to use and modify, a process which could upend the already fragile open source ecosystem. The site is an elaborate bit of satire designed to bring attention to a very real problem in open source, but it also does exactly what it advertises and is a real LLC that is making money by using AI to produce “clean room” clones of existing software. “It works,” Mike Nolan, one of the two people behind Malus, who researches the political economy of open source software and currently works for the United Nations, told me. “The Stripe charge will provide you the thing, and it was important for us to do that, because we felt that if it was just satire, it would end up like every other piece of research I've done on open source, which ends up being largely dismissed by open source tech workers who felt that they were too special and too unique and too intelligent to ever be the ones on the bad side of the layoffs or the economics of the situation.” Malus’s legal strategy for bypassing copyright is based on a historically pivotal moment for software and copyright law dating back to 1982. Back then, IBM dominated home computing, and competitors like Columbia Data Products wanted to sell products that were compatible with software that IBM customers were already using. Reverse engineering IBM’s computer would have infringed on the company’s copyright, so Columbia Data Products came up with what we now know as a “clean room” design. It tasked one team with examining IBM’s BIOS and creating specifications for what a clone of that system would require. A different “clean” team, one that was never exposed to IBM’s code, then created BIOS that met those specifications from scratch. The result was a system that was compatible with IBM’s ecosystem but didn’t violate its copyright because it did not copy IBM’s technical process and counted as original work. This clean room method, which has been validated by case law and dramatized in the first season of Halt and Catch Fire , made computing more open and competitive than it would have been otherwise. But it has taken on new meaning in the age of generative AI. It is now easier than ever to ask AI tools to produce software that is identical in function to existing open source projects, and that, some would argue, are built from scratch and are therefore original work that can bypass existing copyright licenses. Others would say that software produced by large language models is inherently derivative, because like any LLM output, it is trained on the collective output of humans scraped from the internet, including specific open source projects. Malus (pronounced malice), uses AI to do the same thing. “Finally, liberation from open source license obligations,” Malus’s site says . “Our proprietary AI robots independently recreate any open source project from scratch. The result? Legally distinct code with corporate-friendly licensing. No attribution. No copyleft. No problems.” Copyleft is a type of copyright license that ensures reproductions or applications of the software keep it free to share and modify. Malus’s pitch is naked contempt for the open source community, which believes in developing software collaboratively and providing it for free to everyone. Normally, copyright licenses for open source projects only ask that anyone who uses the work give credit to maintainers and that any derivative works will continue to use the same permissive license, which hopefully grows the community of people who contribute back into the project and keep it going. “Some licenses require you to contribute improvements back. Your shareholders didn't invest in your company so you could help strangers,” Malus’s site says. “Is your legal team frustrated with the attribution clause? Tired of putting ‘Portions of this software…’ in your documentation? Those maintainers worked for free—why should they get credit?” The site gained some incredulous attention when it was posted to Hacker News recently ,, but it didn’t take people long to realize that it was an elaborate bit of satire, even if the tool can still replicate open source projects as advertised. Malus was born out of a talk that open source developers Dylan Ayrey and Michael Nolan gave at the open source conference FOSDEM 2026 . The AI slop heavy presentation is a whirlwind history of copyright and software, how the two have always had an uneasy but necessary relationship, and how that relationship is fundamentally changed now that AI tools can produce clean room designs at a click of button. “Even if the courts ruled that maybe this is legal, and maybe there aren't legal restrictions to doing this, is it ethical?” Ayrey asked. “The question we should be asking is, can we get rich off of this?” Nolan said. And so Malus was born. Malus is satire, but it will actually take your money and do what it advertises. It is modeled after the IBM case and uses one AI agent to write the specifications and a different agent to produce the code, creating that “clean room” effect. Malus will also do performance testing and scan for common vulnerabilities to make sure the output is functional. Nolan didn’t tell me exactly how much money the company is making but said it is a real LLC with a bank account and is profitable, with “probably hundreds” of dollars at this point. The service charges $0.01 for each KB of data across the project's various dependencies. What Malus is satirizing is also really happening. For example, in March Ars Technica and The Register covered an incident around a widely used Python library called chardet. Originally it was released under the LGPL license; then a version was rereleased under the more permissive MIT license. Dan Blanchard, who used Claude to produce the MIT-licensed version of chardet, argued that it was a complete rewrite of chardet, and not derivative, because only a small percent of the code looked and functioned similarly. Mark Pilgrim, who originally released chardet, disagreed and complained about Blanchard using this method to shed the more restrictive LGPL license. “This concern is legitimate. AI has made clean-room style reimplementation dramatically cheaper,” Blanchard wrote in response to Pilgrim. “What used to require months of work by expensive engineering teams can now, as Armin Ronacher put it , be done trivially.” Blanchard also conceded that Claude, which like all LLMs, was trained on vast amounts of data scraped indiscriminately from the internet and was exposed to the original chardet in its training, but maintains his version is not derivative. “I have seen Malus.sh, and like many people, I wasn’t sure it was satire at first, because I’m sure someone will probably make that for real eventually,” Blanchard told me in an email. “I think the reality of the situation is that traditional software licenses (open source and commercial) weren’t the real barrier against these sorts of rewrites in the past (see WINE, Linux, and IBM PC BIOSes long ago), and the main obstacles were time and money. A rewrite that would’ve taken a team of people months or years can be done in days with AI. As a professional software engineer, I don’t love that much of the business model around selling software is in danger, but I don’t think there’s any putting the genie back in the bottle at this point.” After the backlash, Blanchard changed the license on his version of chardet from MIT to the 0BSD license , which he told me “was a change that satisfied many in the community's concerns about AI-generated code not even being copyrightable in the first place.” The 0BSD license is very permissive and allows anyone to “u