Hacker Newsnew | comments | show | ask | jobs | submit | jessaustin's comments login

That would probably be a better use of human abilities.

Right! And the rest of the work, like talking to the client, we can build robots for!

Go to https://news.ycombinator.com/user?id=rdrake98 and set "showdead" to "yes". Then you'll still see posts that have been flagged and deaded.


A property interest in the US common law system has always carried a right of exclusion and a right of control.

By that definition code is not property.

Got a link?

I think this thread, but to my eyes, the discussion remained civil: https://news.ycombinator.com/item?id=9044805

sqb's primary argument in that thread is that the FBI should have done more investigating instead of believing what GS told them. That doesn't appear related to the analysis in the submitted article.

There was also a strong current of discussion about the legality of the underlying actions. The tone did remained civil, after a few choice edits on all sides.

Tptacek can bother me because he often presents the best possible form of the counterposition, as can Rayiner. We have different minds about jurisprudence, but I respect them both tremendously.

The discussion was in large part about the legality of the actions, as you can see through Rayiner's comment: >"The Court concluded that he had in fact tried to take 500,000 lines of valuable and mostly proprietary source code, but that his conduct didn't fall within the reach of the two laws charged in the indictment. Solid legal analysis, but an ordinary person would say that he got off on a technicality."

Although my central point was indeed regarding the FBI's outsourcing of its investigation to Goldman Sachs, a private corporation and interested party, which seemed to offend fundamental notions of justice.

But the discussion most definitely significantly touched upon the legality of Aleynikov's actions.

See e.g. Rhino paraphrasing Rayiner's analysis: >"Aleynikov definitely violated New York trade secret law.

He got off the federal charge because the trading software wasn't a product for sale, it was a product for internal use. The law was poorly drafted and once that came to light it was immediately fixed.

Like Rayiner said, in layman's terms, he got off on a technicality."

Or Rayiner himself: >"That was his defense. But the jury found that he had in fact grabbed valuable proprietary software, and the Second Circuit agreed that the 500,000 lines that he uploaded were mostly proprietary, valuable code."

For example, this exchange:

"tptacek: >I have a passing understanding of the policies and procedures binding on developers at trading firms. I dispute the idea that any senior developer could work at Goldman Sachs on an HFT infrastructure and believe that they were authorized to --- or, indeed, that they would not be immeditely fired for --- uploading the code to a proprietary automated trading system to a random SVN host in a different country. This is the code we, as security testers, were never allowed to see, even after owning up the machines hosting it. These firms are not kidding around about this stuff. It is a huge smoking gun to have uploaded any of it to some off-brand foreign svn host.

These are firms where you can be fired for plugging a thumb drive into your computer, or for using the company network to access Dropbox. I have worked for more than one financial firm that spent literally millions of dollars merely on the problem of detecting their network users trying to reach Google Mail. I also dispute the idea that because developers commonly use ssh, gzip, and svn, that it is common practice to (1) gzip a tarball of source code, (2) encrypt that source code, (3) commit that compressed encrypted blob to svn, (4) remove all traces of the encryption key from their work computer. That's something happens zero times on normal dev machines. The conviction was overturned because the technical details of exactly what Aleynikov took from GS didn't fit the ambitious charge the DOJ filed against him. But the appeal doesn't refute the finding of facts from the original trial, which include: There was more than sufficient evidence presented at trial, however, for a rational juror to conclude that Aleynikov intended to steal Goldman Sachs' proprietary source code. First, it was undisputed at trial that Aleynikov actually did take proprietary source code from Goldman Sachs. As Aleynikov concedes in his motion papers, the code he took from Goldman Sachs included a “purposefully designed” portion of the Goldman Sachs “proprietary, custom-built trading system.” Indeed, the evidence showed that Aleynikov took a significant percentage of the proprietary source code for that system. While Aleynikov attempted to show that there was open source code embedded within the proprietary code and to identify the files in which that might be true, his expert witness was only able to identify one file among those taken by Aleynikov that both bore a Goldman Sachs copyright banner and appeared to contain open source code.

I'm just fine with Aleynikov's conviction being overturned. Again, the charges against him seemed ambitious. But this is a forum full of software developers.

Rayiner is a lawyer and a compiler developer. It's somewhat insulting to everyone's intelligence to pretend that people here are unfamiliar with ssh and svn. We understand how software development works. What happened here was extremely sketchy. You can't play the "well in the world of software development, this is totally normal" card on HN.""

s_q_b: > "...Agreed, but it was established that he did this fairly consistently throughout the course of his employment. It's idiosyncratic, but not unexplainable. Sure, it was poor development practice, but I'm not convinced it was malicious.

Again, if the intent was trade secret theft, why not take the valuable part, the trading strategies?"

I held that his actions violated neither state nor Federal law, so I'm razzing those that insisted his action were criminal, just a bit, all intended in fun. Perhaps the language could have used a bit of softening :)

I think part of the problem may be that you see them as "the pro-prosecution crowd". I don't think they are. tptacek explicitly said he's fine with the conviction being overturned. There's a difference between saying "I support the prosecution" and "I disagree with your argument against the prosecution".

My argument against the prosecution was the one used by the Judge. See e.g. the discussion of the FBI's arrest:

In a 71-page opinion, Justice Ronald A. Zweibel of State Supreme Court in Manhattan ruled that the F.B.I. “did not have probable cause to arrest defendant, let alone search him or his home.” The arrest was “illegal,” Justice Zweibel wrote, and Mr. Aleynikov’s “Fourth Amendment rights were violated as a result of a mistake of law.”

Did the prosecution not establish that Aleynikov did in fact take software that was instrumental to the implementation of trading strategies, useful exclusively in that context, and labor-intensive to recreate?

I am not "pro-prosecution", but I am anti-"default position that evil banksters are behind prosecutions".

Was he guilty of violating the law with intent to unfairly profit from stolen intellectual property? No.

And in this case, it was not so much the default position as the actual position.

I'm not sure I understand your first interrogative.

Did he steal code for profit? No.

It sounds like you're stipulating that he stole code. Ok. Then:

He stole that code for use in his next job, for which he was paid handsomely, and recruited based on his experience working with that code at GS.

What does "for profit" mean, if not "for use in a commercial project"?

The way you've written your post reminds me of that time that Clinton aides stole critical computer hardware from the offices of the White House and the Executive Office Building during the transition from the Clinton administration in order to sabotage the efforts of the incoming Bush administration. Or, you know, to put it another way, they took all of the W's off of the keyboards.

OMG "I'm going to save @HackingTeam the trouble of hiring Mandiant." then the pic of Bejtlich with "DEAR @HACKINGTEAM IT WAS CHINA". Ha!

The comment period opened on May 5th, but between then and June 22nd there were only seven messages. However, the week of the 22nd brought 10,015 messages. The the week of the 29th brought 995 more. So I think it's clear that, without significant outside promotion of these topics, almost nobody would have noticed this proposal.

Does ICANN not want the public to contribute to its process? ISTM they could do a bit more publicity.

>Does ICANN not want the public to contribute to its process?

No, no they do not..

They post "public comment periods" as a smoke screen so they can claim transparency, openness and give the illusion of some kind of democratic process.

I really do think that they tried to sneak this through.

Inflation is a "tax" on those who have savings. In some cases (e.g. elderly retired) those who have savings are poor, but mostly if you have enough money left over after eating and keeping the lights on to save, you're not poor.

...every time some troll threatens to gut me via PM.

Has that ever happened?

I'll bet it's happened to anyone who has even slightly stepped into the spotlight of the Internet at large. I've received all kinds of death threats via PM, some extremely 'creative', and I've died precisely zero times. It's one step higher than fiction on the 'I need to worry about this' scale, and every investigative/institutional agency in the world agrees.

You have a good attitude about insults aimed at you. However, many people have lived lives that make such a healthy attitude impossible for them. I don't think progress is served by saying, "well it sucks that little girls are taught to stay 'safe' by taking the opinions of fuckwits seriously but I didn't teach them that so tough shit!" I doubt there's a magic bullet, but it would be better if we could build communication mechanisms that didn't expose women to the vilest excretions of the world's collective mental sewer.

Hi, well firstly it saddens me somewhat that you think I was suggesting that, as you put it, "well it sucks that little girls are taught to stay 'safe' by taking the opinions of fuckwits seriously but I didn't teach them that so tough shit!"

Honestly for me it's not about sex. I believe men and women are in fact equal and anything less than that is ignorance.

As for a 'silver bullet', there won't ever be one. Best I can do is teach my son gender equality.

I'm glad that you're sad. You certainly did suggest that this person who has reacted differently to trolls than you imagine you would in her situation should "take a break from being in the public eye". If you think about it a little you'll see why my paraphrase of your sentiment is pretty fucking exact. Then you can change your mind and not be sad anymore.

Yup. It's as if coffeescript was created by one person (and a bunch of great PRs!), while ES6 came out of a committee.

That's exactly what I like about ES6 (the fact that it has come out of a committee and is now a standard).

Leaving aside the committee preference, what value do you perceive in the fact that it's a standard? It can't be that browsers support it, because they don't. Sure Mozilla will probably get there within the next several years, and Chrome won't be too far behind, but forget about Safari and IE. So you'll still have to use Babel or something like it. Please note, there's nothing wrong with requiring a tool chain, which we already need anyway for minimization, compression, cdns, etc. But once we realize that, we realize that coffeescript is just the same as ES6 in that respect.

Well said. Many who rejected coffeescript because it required a tool chain now embrace ES6 which requires a toolchain. People rave about ES6 features like classes, arrow functions, destructuring, variable interpolation - as if they are something new. Maybe the best thing about ES6 is that it helped transpiling to be accepted as a mainstream technique.

What the hell ?

Do you not like standardized technology?

I do but not at the cost of productivity.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact