
Ex Microsoft staffer arrested for allegedly stealing Win 8 trade secrets - tweakz
http://news.cnet.com/8301-10805_3-57620609-75/ex-microsoft-staffer-arrested-for-allegedly-stealing-win-8-trade-secrets/
======
briantakita
It's disturbing that leaking trade secrets is a criminal offense. I though it
was a civil matter.

Does this mean journalists will now go to jail for exposing "trade secrets"?
What if these "trade secrets" are against the common good?

I see such a law as a conflict to a free society. Not that we really live in
one. At this point, we might as well throw the Constitution into the garbage
:-(

And since corporations are considered people, why aren't corporations arrested
and thrown in jail for stealing from the public?

~~~
deeths
It's not the leaking of trade secrets that's criminal, its the theft of the
associated intellectual property. If you assume (as US law does) that
intellectual property has a value and its theft is equivalent to theft of
physical property, then it makes sense that it's a criminal offense in the
same way as a physical theft (and probably also a civil matter).

Not all intellectual property is legally protected against theft this way
though (otherwise any disclosure of IP could be theft). The bar for
intellectual property to be legally considered a trade secret is high. If the
IP isn't sufficiently secret, it's legally less clear whether you can really
steal it. Just stamping it "secret" isn't enough. To be a trade secret the
company needs to prove that it's a secret, that the secrecy of the IP is
highly valuable (for instance loss of the IP's secrecy hurts a competitive
advantage), and that they've made significant attempts to keep it secret by
limiting access to "need-to-know" people and protecting the IP though
appropriate security and secrecy.

In this case, it sounds like the defendant may have gained physical access to
a building he didn't legally have access to (ie company made an attempt to
limit access with some security) and copied data off a server. MS is arguing
that this hurt them financially.

A defense against this might be to claim that even if the data might have been
valuable and releasing it harmed the company, they didn't treat it with enough
secrecy/security for it to be considered a trade secret. If that's what the
court decides, then there could still be a civil suit (breaking employment NDA
contract, etc), but it wouldn't be a criminal matter.

------
lauradhamilton
Well fortunately for the staffer, if you steal something worth less than $750
it's just a misdemeanor.

~~~
ntakasaki
Please go back to Reddit with your silly jokes.

~~~
Tohhou
Hacker News is seriously business only. No fun allowed, because a sense of
humor is problematic.

~~~
derefr
Actually, joking around is accepted just fine on HN--as long as you say
something thoughtful in the same post. It's fluff that gets downvoted.

~~~
jgh
Joking around is something that almost never happens on HN because this site
tends to be full of tight-wad pedants who take themselves too seriously.

~~~
hellgas00
Have you read the reddit comment sections lately? I gladly support the HN
community in ostrsizing the joke comments that don't add anything. If you want
to have a good laugh browse reddit, if you want meaningful discussion stick
with HN.

~~~
jgh
I have, and there is meaningful discussion that happens on reddit. And Fark.
And other sites that are capable of mixing humor with commentary. HN just
seems to take itself too seriously and people making jokes is generally
frowned upon, to the detriment of the community. Jokes may not add anything to
the conversation themselves, but a) they make the community more welcoming and
friendly, and b) they may open up the door for further discussion.

~~~
derefr
I think it's more that we're afraid of that specific Reddit thing happening
where a joke thread quickly rises to the top of the comments (because it's
easy to upvote without giving much thought), and "drowns out" the more
thoughtful discourse, due to people just getting tired of scrolling before
they get to the non-joke replies. (Yes, you can collapse the joke threads on
Reddit, but if they're at all funny then you don't tend to.) And then this
happens recursively in all the thoughtful top comments--they all get their own
joke sub-threads as well.

I've had a technical workaround in mind for this for a while now: if we could
annotate the "intent" of a comment--if we could say "this post is intended as
a humorous aside"\--then the sub-thread hanging off any joke-thread could be
automatically semi-collapsed, such that only the root joke-post and a bit of
the first reply would show. (Or collapsed entirely if you set "hide post
types: {humor, ...}" in prefs.)

I'm not sure what the social ramifications would be, but I think it's at least
different than the "hide different posts from different people" idea that
creates filter-bubble communities--you'd be showing/hiding comment sub-threads
based on something more akin to the "cross-cutting concerns" of Aspect-
Oriented Programming, than on their message per se.

------
gesman
The bigger question is: can you get someone arrested for copying your startup
software to some non-startup servers?

We read lots about federal agencies involvement in corporate troubles.

Where is the threshold of involvement? What makes corporation eligible for
such a care?

~~~
tptacek
What's the threshold of involvement if someone walks into my unlocked house
while I'm out and steals my TV?

~~~
WildUtah
Well, the police might send someone over to collect your statement and give
you papers for the insurance company if your teevee is stolen. Or they might
make you come in and do it. But they certainly aren't going to open an
investigation and pursue the thieves.

Likewise with your startup's trade secrets.

But Microsoft or Goldman Sachs will get the attention of the FBI right quick
when they complain. You would get some attention if you showed up dead with a
gunshot wound instead of just missing a teevee -- if you're white, anyway. But
if you show up dead in a car crash, the cops won't care once they scrape you
up so traffic can flow. Police have a complicated set of social criteria they
use to decide what to care about. Mostly they correspond to social priorities.

~~~
tptacek
You're surprised that a criminal act that can incur tens of millions of
dollars gets the attention of the authorities?

Not for nothing, but a significantly less serious crime than a B&E got an
_undercover police officer_ stationed in an apartment behind my house. I'm
sure you're right that the average TV theft isn't going to make a federal
case, but part of the reason for that is that most people don't make that much
of a fuss over having their TV stolen.

~~~
WildUtah
What does it mean to "incur" tens of millions of dollars?

Microsoft isn't putting any trade secrets into Windows that are worth millions
of dollars; they publish the object code to 500 million PCs, each one of which
can decompile it all. A few hardware manufacturers may have contracts
demanding M'soft protect their trade secrets -- the secret usually being all
the patents they infringe -- by keeping driver BLOBs obscure, but I doubt
that's at issue here.

I don't think there will be tens of millions in fines, either. Maybe thousands
and a few months in jail.

Tens of millions (billions, really) may be all the salaries of employees that
make M'soft a big name company that can call up the FBI and USA to get
attention. But that's what I said before. It's a matter of social priorities.

Also, congrats that your local police cared and had the resources to look out
for your neighbor. Most departments don't have that level of resources. We had
to work for months to get ours to pay that much attention to a convenience
store that had some armed robberies in a residential neighborhood.

Incidentally, I tried to make a fuss over a stolen teevee and nice camera
once. Didn't help.

~~~
briantakita
I once had $5000 stolen from me. The police told me to GTFO of the station and
got really pissy at me. They also told me "it's a civil matter". Good thing
corporations get special treatment. Nice country, this America.

~~~
tptacek
Well... was it a civil matter? Who stole it from you?

~~~
briantakita
A guy running a courier business stole from me. I was naive & in a desperate
position, so I'd rather not go into details.

------
cheez
> Kibkalo "uploaded proprietary software including prerelease software updates
> for Windows 8 RT and ARM devices, as well as the Microsoft Activation Server
> Software Development Kit (SDK) to a computer in Redmond, Washington, and
> subsequently to his personal Windows Live SkyDrive account."

Wow.

~~~
thejosh
I know, how did they force him to use SkyDrive?

~~~
nivla
Din't realize there was a running joke about SkyDrive but just to play along:

Umm maybe because Skydrive offers 100GB (200 bing points) compared to dropbox
at 2gb and google drive at 15gb. You know you need space for all these heavy
uploads.

~~~
bandushrew
what are 'bing points'?

~~~
hexasquid
When you hire a car, before taking it you should walk around the car and note
all the scratches and bing points left on it by previous hirers.

------
MichaelGG
"Microsoft Activation Server Software Development Kit"?

I don't get any hits on Google for this before today.

~~~
fname
"...also alleged to have stolen Microsoft’s “Activation Server Software
Development Kit,” __a propriety system used to prevent the unauthorized
copying of Microsoft programs. __" [1]

And another expansion on what the leak could allow:

"According to the reports, not only was Windows 8 leaked, but he also leaked
Windows 7 files and the Microsoft Activation Server Software Development Kit
which when reverse engineered, could allow hackers to crack the Activation
process within Windows, meaning that pirated copies of Windows 7 could
continue to function without the nagging presence of popup messages warning
users about their copy of Windows."[2]

[1]: [http://www.seattlepi.com/local/article/Ex-Microsoft-
employee...](http://www.seattlepi.com/local/article/Ex-Microsoft-employee-
charged-with-passing-5331715.php)

[2]: [http://www.ubergizmo.com/2014/03/microsoft-employee-
responsi...](http://www.ubergizmo.com/2014/03/microsoft-employee-responsible-
for-windows-8-leaks-arrested/)

~~~
anon4
> could allow hackers to crack the Activation process within Windows

They already have. Well, maybe not exactly cracked, but there are workarounds.
I'm pretty sure I don't need to list them here, because they're just a google
search away.

------
busterarm
Anyone else disturbed that this was written in a way that associates stolen
trade secrets with his current employer, even though based on the article one
has nothing to do with the other? Also, the purpose of writing that he's a
Russian national is what?

Guilty or not, it's almost as if the intent of this article is to defame.

This is a low PR point for Microsoft as far as I'm concerned. The only
companies that pull this shit are already circling the drain.

~~~
WildUtah
_The only companies that pull this shit are already circling the drain._

No.

Goldman Sachs is doing quite well, thanks. [0]

[0] [http://www.wired.com/threatlevel/2011/03/aleynikov-
sentencin...](http://www.wired.com/threatlevel/2011/03/aleynikov-sentencing/)

~~~
busterarm
Actually no they're not. Goldman Sachs has never been competitive in HFT. Him
leaving was a big loss to them and a big part of why they prosecuted him.
Goldman is successful because of corporate banking, investment banking, mutual
funds and prime brokerage.

HFT is just one strategy and one that is persistently a flusher at Goldman.

Edit: Goldman lost its culture and with it the only thing that made them
great. They still have name recognition with people outside of finance but to
most people with industry experience it's not the first-choice place to go
work anymore (like for almost 10 years now). In fact, their reputation is
growing increasingly negative with insiders. They will still be a darling for
pensions and corporate bank customers for quite a while because longevity and
name recognition are everything in that business.

(Full disclosure: used to work with HFT infrastructure for a NY hedge fund)

------
amaks
Looks like this is the guy:
[https://www.linkedin.com/profile/view?id=64303478](https://www.linkedin.com/profile/view?id=64303478).

------
blueskin_
Maybe MS should give them to Apple and Google to sabotage their products.

I'm not sure who would want to steal secrets on how to ruin an OS, but there
you go...

~~~
stefan_kendall3
The things he leaked don't really looked like "Trade Secrets", but more things
you wouldn't ever release if you worked at a company and had any semblance of
sense at all.

"Trade Secrets" is a little extreme, except for maybe the windows activation
source code. That certainly makes windows activation easier to crack.

------
gregimba
What trade secrets?

~~~
bdcravens
Pre-release screen shots.

------
yarrel
Or "MacOS X" as it's known.

