It's also funny to me that they just use Github and Google docs.
It seems like if you were committing massive fraud, you'd want to avoid leaving permanent records of it on someone else's systems.
But I think this is generational thing. If you grew up when web browsers were already prevalent, a "text file on your hard drive" probably means almost nothing. It's just not the way you use computers.
I also like this bit from the article:
Note to self: if you’re going to write code to do fraud, make it messy and unreadable to reduce the chances it’s later put in front of a jury as evidence.
I mean, the reason the fraud looks so brazen now is because they were obviously true believers - they never expected to get caught. If crypto had gone up and up and up forever as intended, the fraud would never have been discovered.
Of course, the other possibility is that at least having this amount of visible paper trail was intentional - the CTO probably had a little voice in the back of his head going "Umm, maybe committing multi-billion dollar fraud is a bad idea...", but the GitHub history probably helps him more than it hurts now, at the expense of SBF.
> If crypto had gone up and up and up forever as intended, the fraud would never have been discovered.
I'm not sure of that. When you need an account's credit limit set to $65 billion because the account (Alameda Research) kept hitting the credit limit, something is seriously, seriously wrong irrespective of the state of crypto. It seems like they were inevitably going to fail hard. FTX was literally allowing Alameda Research to trade with make believe money.
Some of the major traditional brokers will just up and close your account permanently if you abuse, even within their already strict rulesets, their margin accounts.
I made an earlier comment explaining it as SBF coming to believe that his tricks kept working so consistently that he regarded them as some kind of fundamental aspect of reality, that he could always find another investor to give him a reprieve, he could always find another sucker to buy FTT at an inflated value (sorry, “exit liquidity”).
> It seems like if you were committing massive fraud, you'd want to avoid leaving permanent records of it on someone else's systems.
Yes, I had to give my professional opinion on why some healthcare software here was breached so I asked the company to deliver the source: this software is written from begin 2022. They don’t use any normal (git, cvs, sourcesafe etc) versioning system; just zip files with dates in them. So they sent the ‘latest version’ and we found it’s not the same version as the breached version on the server. So they are saying they don’t know who or what ‘changed the deployed version’.
Actually yeah, this would allow the Dan Ariely defense.
He said he got a spreadsheet from a company, and also insisted he didn't doctor the spreadsheet. But he also admits he was the only person who handled the spreadsheet (presumably to not through his collaborators under the bus).
He simply says he doesn't know how to reconcile those facts -- that's "your problem" if you want to prove him guilty.
But since there's no version control, there's no smoking gun. His defense is basically "I don't know what happened but I'm innocent"
And plausibly some of the FTX defendants could have tried this, had they not left permanent records all over the place.
They could have worked with zip files with no provenance :-P
After all, the burden of proof is on the prosecution.
(though of course I'm glad they did leave records, and wish Ariely would have)
So - what I'm hearing is there is a potentially small but perhaps lucrative market for an onsite git system (because that's what programmers know how to use) that outputs zip files that can then be used as the code archive if Johnny Law comes calling?
It's scary how common it is even though you never hear about it on HN. We get so incredibly many 'versioned zips' via wetransfer, no password/encryption of vital company/gov/healthcare/etc systems...
It seems like if you were committing massive fraud, you'd want to avoid leaving permanent records of it on someone else's systems.
But I think this is generational thing. If you grew up when web browsers were already prevalent, a "text file on your hard drive" probably means almost nothing. It's just not the way you use computers.
I also like this bit from the article:
Note to self: if you’re going to write code to do fraud, make it messy and unreadable to reduce the chances it’s later put in front of a jury as evidence.