Thank you! I wish more articles would at least link to the complaint. Here are the important bits:
> On 12/12/2018 at approximately 10:30 a.m., Tan contacted his supervisor, advised he
was resigning from Company A, and gave his two weeks' notice. Tan told his
supervisor that he was returning to China to be with his family as he is the only child to
aging parents. Tan told his supervisor that he did not currently have a job offer, but was
negotiating with a few battery companies in China.
> Tan's resignation prompted Company A to revoke his access to company systems, and
conduct a Systems Access review of Tan's computer activity.
> That review confirmed that Tan had accessed hundreds of files, including research
reports. The reports included not only how to make Product A, which, according to
Company A, is a complicated and technically difficult process, but also Company A's
plans for marketing Product A in China and in cell phone and lithium-based battery
systems. These files included information that Company A considers to be trade
secrets and outside the scope of Tan's employment with Company A. The review
revealed Tan downloaded restricted files to a personal thumb drive. In the course of his
regular duties and responsibilities, Tan should have used his company issued laptop.
Tan did not have authorization to use a thumb drive to download Company A files.
Tan's supervisor confirmed that nothing in the downloaded files was within Tan's area
of responsibility. Further Company A confirmed, through Tan's supervisor, Tan did
not have a work related need to access or download the restricted files.
> The agent said Tan handed the flash drive over to the US company, and the firm found that the deleted files would have allowed his new employers to recreate the product in question. The files had been deleted from the flash drive the day before Tan resigned, the affidavit said.
Call me confused, but I don't really see a crime here? The defendant turned over the data before his resignation and is not accused of actually making an attempt to transfer or sell the data to another party, or conspiring to do so. The only accusation is that he had some files that weren't part of his job to have, apparently. But presumably the internal corporate system allowed him access to it and thus he obtained it without breaching any computer system. Perhaps his workplace policy barred him from downloading files onto a USB drive. But is that considered theft?
As dguido posted below, the details are a bit different than the tiny pair of sentences you're basing your analysis on.
> On 12/12/2018 at approximately 10:30 a.m., Tan contacted his supervisor, advised he was resigning from Company A, and gave his two weeks' notice. Tan told his supervisor that he was returning to China to be with his family as he is the only child to aging parents. Tan told his supervisor that he did not currently have a job offer, but was negotiating with a few battery companies in China.
> Tan's resignation prompted Company A to revoke his access to company systems, and conduct a Systems Access review of Tan's computer activity.
> That review confirmed that Tan had accessed hundreds of files, including research reports. The reports included not only how to make Product A, which, according to Company A, is a complicated and technically difficult process, but also Company A's plans for marketing Product A in China and in cell phone and lithium-based battery systems. These files included information that Company A considers to be trade secrets and outside the scope of Tan's employment with Company A. The review revealed Tan downloaded restricted files to a personal thumb drive. In the course of his regular duties and responsibilities, Tan should have used his company issued laptop. Tan did not have authorization to use a thumb drive to download Company A files. Tan's supervisor confirmed that nothing in the downloaded files was within Tan's area of responsibility. Further Company A confirmed, through Tan's supervisor, Tan did not have a work related need to access or download the restricted files.
How does this actually work? Does Windows keep a log of files accessed or copied? Or does the company install additional security software that audits this?
Windows has some of this. But if you want crazy levels of granularity there are plenty of software vendors to choose from.
My company knows every file every person accesses, where it came from, and where it went. They lock down computers down to the individual USB port. If you put a thumb drive in the wrong port Windows machine, a guy from IT Security shows up within 30 minutes.
That was the day I found out that if I try to charge my hotspot at work, it shows up as a USB drive.
> 15. Later that day, on 12/12/2018 at approximately 4:00 p.m., Tan sent the following text message to his supervisor:
... [Another Company A supervisor] was asking if there is anything I have with me associated with company IP. I have a memory disk that contains lab data that I plan to write report on, and papers/reports I plan to read at home. Now that I have been exited from (COMP ANY A), can you check what is the best way of handling the information and how sensitive they are? Can I still read the papers/reports from the memory disk?
> 16. After receiving the above text from Tan, Tan's supervisor asked him to return the flash drive (which Tan's text message referred to as a "memory disk") to Company A.
> 17. At approximately 5:15 pm on 12/12/18, Tan returned to the Research Technology Center at Company A where he provided a USB flash drive to his supervisor. The USB flash drive was Tan's personal property, which he was not authorized to utilize within Company A's space. There is no record of Company A having issued a USB flash drive to Tan.
You just turn on auditing features in Windows on your file servers. There are many third party tools that can help you sift through and retain logs, but the basics can all be done with vanilla windows os.
- Sharepoint access logs (the server side)
- Corp IT has access to your machine, and can activate keyloggers to see what you are doing with the downloaded files. (the client side)
Thanks for the additional details. It was not present in the article, which is why I am glad I asked the question. It seems that the extent of the copying is greater than I had assumed from the original article's text.
I sometimes feel that people who comment here of the Chinese spying stories are the Chinese agents. First comment is always dismissing the story. Is anyone at HN looking where the comments originate?
You're not imagining it. China is executing a full-on "covert" culture/soft-power war. From the Confucius Institutes in US universities to propaganda "news" papers in New Zealand. They have teams of people trying to control the narrative on the internet anywhere China is mentioned. Quora is the worst in my personal experience.
A lot of this is widely reported on by credible news sources. Many current and ex intelligence and defense officials have called out China as the biggest threat to the US over the past year. I can't believe our government is shutdown right now over a "wall" separating us from countries who, in comparison, are our BFFs.
Particularly at the university, I was setting up a GitLab box that wasn’t supposed to be externalized (didn’t realize at the time that LAN utilizes the public addresses instead of NAT). 90K ssh attacks in 3 days, vast majority from the east Asia area. Luckily none made it through. Learned my lesson (and firewalld) from that experience. Nearly had a panic attack from that (first time setting something up like that).
The above was from my naive days before I started getting more deeply involved in sysadmin and networking work. It’s still incredibly annoying to log in to systems with “There have been 173 failed login attempts since the last successful login.”
When I set up my first gateway/router server for the first time, I was truly shocked to see how much traffic comes in searching for vulnerabilities. I knew it happened, but the frequency was wholly unexpected. SSH requests for root, SMB traffic, etc. every second or so.
If you want to see something, install MySql on a AWS EC2 (or any host for that matter), turn on verbose logging and open it to the public internet. I saw thousands of Chinese bots trying every way to get root access
No, I am not a Chinese agent. I don't know how to prove this to you definitively. However, I'd like to ask you if you consider my query legitimate, given that I did not have access to the full affidavit when I asked it, only the original article which was skimpy on the details around the extent of the copying. Mostly, I was more worried that my company could have me arrested either for accessing or copying a file arbitrarily deemed outside of my duties, or for violating their IT policy.
Is it possible that tan deliberately deleted them in such a way that they could be recovered forensically? That might save him from getting caught, and his "handler" overseas could even have recommended it.
But who knows... This article doesn't provide enough information to make a good guess at what was going on.
Tangent: somehow every single one of your comments was downvoted, even this non-inflammatory, informational one where you replied to someone and they ended up agreeing with you: https://news.ycombinator.com/item?id=18740217
I upvoted a few of your comments that were clearly non-inflammatory and useful. But I'd like to tell everyone who's blindly downvoting you, please read comments before downvoting them, instead of just downvoting everything you can that's tied to the person you disagree with.
Well, unvote them, because this makes no sense: "He could not have ever exfiltrated that data to begin with as he gave the drive back"
Think about it. The USB device was for transferring data to something else. That might have been a personal device with a cellular data plan.
Sure, he gave back the USB drive. He didn't physically take that to China, or intend to do so. Those files were on it for a reason though, and that reason is transferring them to something that gets the data to China.
In the post you're replying to, I included a link that does not contain the sentence you quoted. In fact, that link shows the person making a valid correction. If you read it, you'll see why I upvoted it.
The entire point of the comment I made (which you replied to) is not that baybal2 is correct (in fact, I have no idea/opinion of whether they are correct about the defendent being innocent). The point is that ad hominem attacks through downvotes are a bad thing.
PG has maintained from the beginning that HN comments need not be upvoted for civility alone. “I disagree therefore I downvote” is valid etiquette on HN. I’m not going to stop doing that.
I imagine his comments have been downvoted because he's cherrypicking information from the article to defend the man across multiple comments. See the parent comment to your comment where he ignores that he did access and download files he had no right to access and instead states exactly the opposite according to the facts (in point 2).
They found confidential files there, but nothing he had no right to access to
You may have missed this part of the criminal complaint:
“Tan's supervisor confirmed that nothing in the downloaded files was within Tan's area of responsibility. Further Company A confirmed, through Tan's supervisor, Tan did not have a work related need to access or download the restricted files.”
WELL, the main question: WHY THE HECK did he report on himself??? The charge pretty much says that he voluntarily contacted his supervisor and asked what to do with that USB stick.
And there, the parallel with Micron case gets more startling: the alleged "spy" was the very man who said that his cellhpone was missing. Then the police found the cellphone in his coworkers locker. The coworker accidentally put his phone into her back along with papers on the table. Then the police searched his phone, and found out that "he happened to be a spy" on very similar circumstances.
I mean, he deleted the files first. It's reasonable that he thought that was sufficient; given the code I've seen from some scientists, scientist != computer expert.
The innocent explanation is that he was cleaning up company property before returning it, but I expect that will play out in court.
I have done the things before. Before returning the work laptop to employer on the last day, I cleaned out all the company stuff to left my personal things (this is my only laptop with my personal stuff in it), then move them out and clean them finally.
I've always done this. I never leave any important business files on my local PC, for obvious reasons. But there's all sorts of personal stuff on there (mostly from Web browsing). So nuke it all before turning it in. They're going to re-image it before giving it to the next person anyway.
> It's reasonable that he thought that was sufficient;
But aren't it? He surrendered his flash drive. You can't do anything with it if it is not in your possession... What do you think he was supposed to do with it???
And he had an option to not to do so, or moreover, just fly to China without a notice (remember the case of a hedge fund boy who allegedly "stole keys to the kingdom" and then warned his employer that he is leaving the company on a short notice...)
You can obviously copy files off of a usb drive before giving it back. I don’t know anything about this case, and I’m not accusing this guy of anything, but your line of argument is wrong.
The point I want to convey is that if he could've done anything with it (like copying files somewhere else,) he had no point of ever attempting to do any trickery (giving a USB stick with erased files) invariably of circumstances and technicalities.
And there is no proof so far of him doing that (otherwise it will be put in bold letter on his charge sheet.)
That's nothing less than an estoppel condition in hands of a skilled lawyer.
But you can expect that prosecutors will now be trying their best to made up, and attempting to keep him behind bars for the duration of the court proceedings.
>The point I want to convey is that if he could've done anything with it (like copying files somewhere else,) he had no point of ever attempting to do any trickery (giving a USB stick with erased files) invariably of circumstances and technicalities.
“The perfect crook would have covered his tracks better” is not persuasive. The perfect crook wouldn’t get caught. People who do bad things are just as fallible as people who don’t.
If he did not commit a crime, would he not do so, and this be the most normal thing he can do?
The answer is yes
Now there is no distinction in between a normal employee leaving the company and a criminal following your logic.
Every time I see people going for such argument, I almost feel my sight getting dark, but people who can shove such line of thought into a legal argument in a criminal case are found left and right in the West.
If all of the evidence the FBI has is what was in the SCMP article, then there is no way the jury is going to come to a guilty verdict.
But it is doubtful that the SCMP has squeezed information out of the FBI before the court case. Once the court case happens we will see all the evidence that the FBI has gathered, which probably demonstrates much more clearly that he is guilty. It doesn't make sense to discuss hypotheticals until we at least have the evidence.
It also doesn't make sense to fear getting convicted based on deleting some files unless he is actually convicted on this flimsy evidence. But again, this is unlikely -- if you would not convict someone based solely on this evidence, then why do you think anyone else would decide on a guilty verdict?
(Keep in mind that the information in the affidavit [1] "is
intended to show merely that there is sufficient probable cause for the requested warrant" and doesn't include all of the evidence that they have.)
Yeah, that line of thinking is absurd. He probably got nervous right before he left the company and gave them the USB after hastily trying to delete the files. In which case, the parent commenter would seem to imply that he should be let go because he got nervous after stealing things he shouldn't have access to.
The article is from SCMP, a newspaper in Hong Kong. It's unclear what the source of the information is and it's very unlikely that the SCMP has the same information that the FBI has (as stated in the affidavit [1], the evidence in the affidavit "is intended to show merely that there is sufficient probable cause for the requested warrant").
As the Department of Justice statement [2] says:
> A criminal complaint is merely an allegation, and the defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.
There will be a court case where the FBI will lay out all the evidence they have and the jury will decide whether or not the evidence is sufficient to demonstrate that he is guilty.
The court case has not happened yet so it doesn't make sense to jump to conclusions without hearing the evidence first.
Sure it makes sense to jump to conclusions, that's why we go on HN! ;)
Seriously though, it's interesting to discuss this case. Clearly we don't have all the information. Some of us may change our minds later. Right now, the evidence that is out there isn't convincing on its own. It's okay to point that out!
Yeah, I agree that it's good to point that out. But I felt that some people might've been losing sight that more evidence would likely be presented in court.
He could easily have exfiltrated the data without ever leaving the premises. All he would have to do is is walk into a lab room with an unsecured terminal to upload the files, or used his phone to upload the drive, there aren't hundreds of ways to pass the data off once it's on a thumb drive.
There's an FBI affidavit linked in another comment that mentions a search warrant found additional copies of the data at his home, and that he'd been in regular contact with a Chinese competitor, who offered him a job and ~$60k US signing bonus based on vaguely phrased information already provided.
Well, if the documents contain trade secrets...
You may see them on your boss’s desk and read them and memorize them. That does not make your making a copy of them (even from memory) right or lawful.
An exec reports "phone stolen," phone found in his "collaborator's" locker who accidentally shoved it into her bag along with other papers on the table. Both the exec who reported theft and his "accomplice" are send to jail, and a "national security" case just sprung up from two completely unrelated cases thanks to prosecutor's creativity.
Same thing here:
1. Apparently they found that he simply had "weird files" on his flash drive.
2. He had full right to access them.
3. He deleted "weird" files he had rightful access to, and voluntary surrendered the physical medium upon his resignation.
On the sole premise of him deleting "weird" files, he was accused of espionage, with the charge constructed from nothing but tangents, but no "corpus" to "habeus."
When you work somewhere, you end up having access to all sorts of stuff. E.g. through the issue tracker, you might be able to see things about projects that are supposed to be secret (as in company-secret, not government-secret). If you resign and your usb drive has a bunch of deleted files about that stuff, that has nothing to do with your job, that’s a reasonable basis for serious suspicion.
You don’t need a smoking gun of a crime to be suspicious that a crime may have been committed. Suspicious facts are plenty to start investigating, and a mountain of “circumstantial” evidence can even be enough for a conviction.
I don’t know anything about this case, and I’m not accusing this guy of anything, but your line of argument is wrong.
That's not how criminal investigation works, that's how a witch hunt works. In order to be a legitimate criminal investigation, the first part needs to be that an actual crime was committed, then suspicious activities are used to justify an investigation and possible conviction based on evidence. Otherwise, police could just run around arresting people because "that guy looks suspicious", search all their stuff and activities for something possibly illegal, and then say "look, we were right all along".
I agree, but keep in mind that Hongjin has merely been charged and not convicted yet. The evidence has not been presented in court yet, and it's quite likely that the evidence is going to be much much more comprehensive than the small set of facts that appeared in the SCMP article. If this is really all the evidence the FBI has, though, Hongjin will almost certainly not be convicted.
It is your line of argument is wrong, patently wrong.
That's all about accusing a man of murder without proving that the person being murdered is dead. That's unjust, and is a joke of justice, and most fundamental legal standards of criminal law jurisprudence.
In the U.S., the defendant can only be convicted if the evidence proves guilt beyond a reasonable doubt.
Hongjin has not been convicted yet, so I don't follow the logic in your comment. The criminal case process has only just started and we have not seen the full evidence yet, and there has been no determination by the court system on whether or not he is guilty.
I think there is some confusion because of the differences in the judicial process between the U.S. and other countries like China.
I'm not saying the U.S. judicial process is perfect, but I think it's unreasonable to attack it before a verdict has even been issued.
> ... The defendant turned over the data before his resignation ...
The FBI affidavit contends Tan deleted the confidential data before leaving the U.S. company, not that he turned the thumb drive over to them. The charges suggest Tan kept the drive after leaving the company, though the article doesn't say so explicitly.
Correction: The affidavit does say Tan turned the drive over to them, and of his own initiative, after he was escorted from the company's premises. See paragraph 17 of the affidavit that user baybal2 links to below.
No, he gave up the drive and everything he had from company's IT for review. They are very purposefully avoiding mentioning that, but logically you can't conceive of how they can review the thumb drive without him willingly giving it to them first, nor that he had authorised access to such data in the first place. The charge says nothing about his accessing the data unlawfully, other than saying that he had "no reason" to access it, and it being outside of his immediate responsibility.
I think you're misunderstanding the process in a criminal case.
The affidavit that you linked to explicitly states:
> This affidavit is intended to show merely that there is sufficient probable cause for the requested warrant and does not set forth all of my knowledge about this matter.
The full evidence will come out in a court case, and a decision on whether or not he is guilty will be made based on that full evidence. He has only just been charged and the court case has not started yet.
US travelers to China should beware. Three caucasian Canadians are languishing in Chinese jails due to the Huawei executive. Chinese practice allows six months confinement while the prosecutor conducts an investigation. Meng has relatives and friends in high places while this guy may or may not.
I have a question about trading secrets and working in machine learning. How should a ML company go about hiring people and protecting its tech? I once interviewed for a company that claimed above state of the art results on some datasets (they actually weren't), and they wanted me to sign a contract where I was forbidden to ever work for their current and future clients (that's not enforceable). In ML you usually don't need a flash drive, you learn enough about what makes your team achieve great results that you can go to another company and use what you learned and it seems impossible to prove that you "stole trade secrets" from the previous company.
Project the data, not the model. You need to do it anyway and has the side benefit of making overfitting more difficult. Protecting the model is impossible anyway since most advancements terms to be trying lots of publicly known techniques and discovering that a particular combination works best for your data. Once one knows which techniques those are these nothing stopping a competent engineer from reimplementing them at another company.
Indeed. For commercially useful applications, collecting the data, labeling it, etc, costs orders of magnitude more than a team of PhDs building the models.
> For commercially useful applications, collecting the data, labeling it, etc, costs orders of magnitude more than a team of PhDs building the models.
I don't think it's typical. For example, JFT has 350e6 images, and it probably cost ~$35M to hand-label, but Google has paid people far in excess of that to work on image classification.
>Of course, the elephant in the room is where can we obtain a dataset that is 300x larger than ImageNet? At Google, we have been continuously working on building such datasets automatically to improve computer vision algorithms. Specifically, we have built an internal dataset of 300M images that are labeled with 18291 categories, which we call JFT-300M. The images are labeled using an algorithm that uses complex mixture of raw web signals, connections between web-pages and user feedback. This results in over one billion labels for the 300M images (a single image can have multiple labels). Of the billion image labels, approximately 375M are selected via an algorithm that aims to maximize label precision of selected images. However, there is still considerable noise in the labels: approximately 20% of the labels for selected images are noisy. Since there is no exhaustive annotation, we have no way to estimate the recall of the labels.
That doesn't sound like recaptcha: it's more likely that they label the pictures N (or n%) people click after searching for "Golden Retriever" in image search (as the "raw web signal")
Pay your employees enough that they never want to leave. If you can't afford that then you just have to accept that you don't own the people who work for you.
If you are even bothering with this question, I believe you have nothing genuinely worth protecting.
Companies nowadays have really nothing to protect to, the higher up the tech chain they are.
TSMC can easily dump all and every of their "family jewels" onto the Internet, and I guarantee that no mainland fab will ever manage to extract any value from that.
P.S. Stay away from the whole M.L. space, it is filled with plain frauds, pump and dumpers, and people seeking to sell their companies upon first opportunity. If you are an established professional, you do yourself a disservice working in that.
Normally I'm all for hiring the best and brightest from all over the world. But with the mission that China seems to be on, I think US startups should be wary of hiring Chinese nationals. Of course they are not all spies. But, it only takes one to fuck your company.
I don't know what the solution is. I don't think companies should flat out stop hiring Chinese nationals, because that's punishes the ones with good intent. But it's clear there is enough danger that you need some plan to take on the risk.
Good point. I should have left the nationality out and just said that companies good security policies to protect their IP. The threats come from many places.
It is interesting to see so many tech firms going well out of their way to hire competent engineers/scientists from China, even the ones who graduate from US universities.
Of course it's difficult to talk about the real issues associated with this, such as how China leverages family relations in China against expats abroad, or how they've made it a national priority to entice this sort of behavior.
The reason it's difficult is because it's on the borderline of dog-whistle racism and what not. But these are serious issues that should be examined.
In the past year, there were several charges from DOJ against Chinese companies, employees and scientists related to IP theft. Those charges made a lot of noises, but what are the case outcomes?
> In the past year, there were several charges from DOJ against Chinese companies, employees and scientists related to IP theft. Those charges made a lot of noises, but what are the case outcomes?
The wheels of justice move slowly. In the US, felony cases can take more than a year to resolve:
> The amount of time that passes between an arrest and the filing of charges on the one hand, and trial or entry of a guilty or “no contest” plea on the other, varies widely from case to case.... Felony trials can linger without resolution for over a year—and that’s without accounting for any delay between arrest and the filing of charges.
The guy who stole the wind turbine software and gave it to a Chinese competitor was promised a 5-year $200k/year employment deal. Although, it sounds like he may not have gotten it in the end. (Maybe there was a clause about getting caught.)
You’re thinking about this the wrong way. These people are on a mission for Mother China. It’s patriotism and loyalty. It’s why militaries everywhere get people signing up for a “glorious death” protecting the assets of billionaires.
Chinese people in general aren’t really like that. They aren’t especially patriotic or loyal when compared to Americans (most will eye roll at the above accusation). A lot of it just about money and opportunity that isn’t otherwise present in the states (corporate espionage is less common in the USA because it is prosecuted aggressively).
Likewise, most soldiers don’t do soldiering for the glory or death, they do it for the money/opportunity.
Now that we have multiple hypotheses (patriotic motivation and materialistic motivation) we should think about how we could tell which one it was. I can't think of any way that we could ever know the difference.
So they will only protect billionaires? No, that doesn't drive people to make sacrifices. In my opinion it's just about protecting what you love. There are some things worth fighting for even if it means a “glorious death”. Soldiers aren't stupid, I know some. They just can't not take the responsibility. In my eyes they are heroes.
If you are asked to swipe some IP of your employer, with a subtle reminder you still have family in your home country and they know where to find them, what would you do?
That guy who edited babies no long ago is one of it, apparently he raked in hundreds of millions of both government and private investment, claiming he invented an industry-leading gene sequencing machine that in fact is a failed US product he bought from his professor.
Also, Huawei in their early ages stole one of Cisco router's source code and priced out Cisco with an exact same product compatible with Cisco systems, one Chinese academic invovled in modifying admitted it in an article. One of the role model stories.
> Also, Huawei in their early ages stole one of Cisco router's source code and priced out Cisco with an exact same product compatible with Cisco systems, one Chinese academic invovled in modifying admitted it in an article. One of the role model stories.
There's probably more than just a financial upside, but I imagine someone like this would pretty much be considered a hero at home (even if not publicly admitted as such). It seems like this issue is pretty systemic/coordinated by a centralized party.
Yes, as long as every corporation continued to invest at the same rate despite the fact that their trade secrets would be worthless and they'd be undercut by cheaper competition.
This fantasy of "if only all commercially valued knowledge were free" ignores the realities of economics, which pays for the development of technology. Even open source software development exists largely on the corporate dollar with a few companies funding most development.
If more secrets were shared, stolen, distributed, whatever, that will change the equation for companies deciding to invest. You're better off optimizing for time to market and making a half ass product than trying to achieve technical differentiation/superiority only to have the results of your research and development stolen outright.
Fair points, but a quicker to market half assed product also means it'll likely be cheaper and more widely available which translates to more product iteration cycles because more data, more users, more tests and more competition.
That's not the alternative at all. If companies have insufficient incentive to do certain kinds of R&D, they just won't do it. Entire categories of products wouldn't exist. Do you think any part of the computer you typed that on would be as nice - or exist at all - if the people who invented better screens and batteries and storage media hadn't expected to gain first/most from the basic physics and chemistry and process engineering involved? No, there would have been zero product iteration cycles without the basic innovations on which those depend.
Incentives can take many forms. You could have prizes, funded e.g. by governments, consumer organizations, charities and the like, for opening up the sort of research that is often "protected" by trade secrets. Open source software has worked very well for a number of corporations, bringing all sorts of benefits in marketing, recruiting, cost-sharing etc. There's no reason why the same couldn't apply to many formerly "secret" techniques.
Open source is great. I'm a maintainer for a pretty large open-source project, so I'm clearly not opposed to the idea, but it not a solution for something like basic electrical engineering or materials science research. Prizes just don't seem to work that well either. As you say, incentives take many forms. Every form that they take adds to the amount of R&D that gets done, and "we're gonna make a ton of money off this" is responsible for the largest single slice of that pie. When you take away protection for inventors, you practically guarantee that the fruits of their labor will go to the people who already own the big production lines and supply chains. That's a really terrible way to run an innovation economy.
All I'm saying is if a company DOESNT have the balls to open source / share their knowledge and trade secrets then they probably arent all that great to begin with - they're probably scared shitless about losing their first mover advantage and probably also incompetent in maintaining their lead.
Why shouldn't they enjoy a first mover advantage, if they invested their money in doing the research to create an entire market? That's how capitalism and free markets are supposed to work: those who take the risk get to reap the rewards. Not some big company that waits to see whether the startup's idea pans out, then jumps in with a hundred engineers and millions of dollars and a huge marketing/sales apparatus to take over the market. It's easy to say "share everything" when you've never created anything others would value. Even though I'm way over on the left side of the spectrum myself, I reject that moocher ethos.
I don’t agree that much with the Trump administration, but their overall policy and effort on China is commendable. It might be that the news is just focused on China lately making it seem like we’re doing more to combat the IP theft and other abuses, but I don’t think so. I’m glad we are finally getting tough. I know one case isn’t indicative of this but the overall trend is clearly in the right direction. Appeasement over a decade has yielded literally nothing.
They kind of did when the best universities in the West have depended at some stage of their life on the host countries doing some bad things to countries like China (think the opium war in the mid-1800s). The reason that countries like China or India don't have their Harvards and Oxbridges is not because the people in there were more stupid and didn't know how to run a higher place of learning, it's because the adversarial socio-economic conditions of that time (many of them imposed by the host countries of the Harvards and the Oxbridges) forbade them to.
What I was talking about is, if the guy just left the country with all the ideas in his head and went back to China there would be no case. But because there is evidence showing he had access to some ideas that he was not supposed to have access to they have a case against him.
