I recently noticed a bad trending on Github projects, it is probably simpler explain with a example:

A person wich name is "XYZ" creates a cool Github project and call it "AwesomeLibraryXYZ". That person has a Github account wich has its nickname (let be it "LazyFoo").

Now another user wich name is "Bababababa" register into github and choose as nickname "XYZ". He choose to fork AwesomeLibraryXYZ, and leave it untouched.

Then "Babababa" starts showing its portfolio where he mentions "contributed to XYZ project". While a Github user will know that project was created by person XYZ wich has "LazyFoo" as nickname (it is obvious for github users since every project will have "forked from" tag), someone extraneous to github will errouneously attribute to "Bababababa" the creation of AwesomeLibraryXYZ because the account naming is similiar to copyright notice.

However "Babababab" never explicitly told he created the project.

What should then do the original author for AwesomeLibrary XYZ?

(Also keep in mind there are mirroring services for github, like travis or biicode that just link to a repo, but not to the repo from wich it was forked and those services just allow to increase attribution confusion because they not mention original author link.).

I personally have been victim "once" of something similiar, where someone was twitting about my repo and he had a photo similiar to my avatar (I suddendly registered to twitter and started replying to all his tweets until people noticed I was the original author and the ripper stopped tweeting, note that he never told "I made that" He just linked the repo in tweets and people was thinking he was the real author, and I had hard life tweeting each of them until they understood I was the real author).

Right now I see the same trending all other github, there are "furbish" that hunt for inactive repositories, then they just fork/clone and start coding, they never mention in README "I decided to continue the work of XYZ because I liked too", they just leave copyright notice and let people attribute wrong author.

It is very possible some of them just don't want to be threated as the original authors, but I think some of them may "like" to be disguised as original authors and may just say "I did not that" only if directly asked to avoid legal issues but they are happy if people confuses them with original authors.

Is that legal? what someone can do to avoid that?

If you post something on GitHub or any other public repository, include a license agreement that clearly states terms of use. If someone violates that agreement then you have grounds to take action by contacting GitHub or the authorities. Alternatively, you can use a private repo. I think they're like $7 USD a month or cheaper by the year.

Shouldn't be letting people believe you are the wrong author illegal?

Would that suffice?

modified MIT LICENSE:

Copyright (c) <year> <copyright holders>

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice, this permission notice and all additional

clauses shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

Additional Clauses:

- This pemission is licensed by following Github user:

<LINK TO ACCOUNT>

- This permission originated from following repository:

<LINK TO REPOSITORY>

Shouldn't be letting people believe you are the wrong author illegal?

It gets tricky. Most of the difficulty comes from trying to show intent.

Yes, nearly all the world has laws about proper attribution. Most come through international IP treaties like the Berne Convention, the Universal Copyright Convention, and newer WTO treaties. (There are very few that don't, like North Korea, Iran, Etheopia, Somalia, etc.) If you intentionally mislead and falsely assert yourself as the author of something you are not, that is illegal virtually across the globe.

But it becomes difficult when someone takes actions that don't specifically assert the rights, but that other people interpret as ownership. There is a huge gray area.

As originally mentioned, the person made a fork of a project and worked on the fork. They did something. If they never misrepresented what they did but someone else comes along and is confused by something, they are probably legally clear. They never misrepresented their work, someone else saw it, didn't understand, and came to the wrong conclusion.

If someone wanted to sue and attempt to convince the court that the person forking the project was intentionally misleading others, they could have a hard battle. If the person never actually claimed it was theirs, and never took any strong actions that linked their name to the official original project but only linked their name to the forked project, it could be quite difficult to convince the court they misrepresented their ownership. Just because someone was confused or misunderstood does not mean there was strong enough intent to violate the law.

Further, just because someone is wrong or has the wrong idea generally does not mean you need to correct them. People on the Internet are wrong all the time. I work with people who are wrong quite frequently. With either one I'm under no legal obligation to correct their misconceptions.

Now if I know about their misconceptions, and I don't correct them, and I take actions that take advantage of the fact that they were misinformed, that starts to get back in the gray areas of bad intent. But if I don't correct them because I don't care, and never respond or do anything about the people who are wrong, that doesn't show bad intent, it shows apathy which is perfectly legal.

You should try telling GitHub support about both your specific case (including the misleading Tweets) and the general trend of taking old projects and see what their response is.

They probably won't care and send a generic 'we will look into it' response and never follow up on it but it can't hurt.

It seems to me like fallout from 'democratization of programming' that GitHub and others are doing, it's trendy to have a project, be a developer, talk about it on social media, be 'advocate' for Open Source or something ect. despite doing and knowing very little things of substance like actual code, documentation or design. In itself the trend is not that harmful but I've seen some extreme cases that border on being cults. One of the strangest things I've seen was dozens of people starring a GitHub repo that was... empty, but it was created and Tweeted out by one of these super star developer foss advocates. It's insane to me.

thanks @FRex, @frob, from now on I will put the hardcoded link in every license file so that someone can't just "accidentally" remove it.
No one ever thinked to improve any of the most popular licenses (MIT/BSD/ZLIB) to avoid such issue?

The licenses say you must not remove them from the source or alter them. If these people rather follow the fake creator on Twitter and never read the code license itself (that MUST stay same, or he is breaking your copyright) then it's not something a license can fix. Although of the 3 you mention, zlib has a line about "plainly marking" altered versions and not misrepresenting them as the original, so maybe that's something you could use to make GitHub kill the fork that you think went too far with the Tweets, no clear markings that it's altered version of your code, ect.

Also: I don't understand what you want to achieve or why do you care about it. It is annoying and stupid, yes, but the "audience" that falls for these Twitter programmers and their forks of old stuff are not really worth your while and it's not like Twitter fame someone gets doing that will prevent you from putting your project on your portfolio.