Home Mail MemberMap Chat (0) Wallpapers
Go Back   ChiefsPlanet > The Ed & Dave Lounge

Reply
 
Thread Tools Display Modes
Old 01-17-2013, 11:17 PM   Topic Starter
teedubya teedubya is offline
Waiting Until Next Year!
 
teedubya's Avatar
 
Join Date: Oct 2003
Casino cash: $87926504
How a "model" employee outsourced his $250k/yr job to China for $50k/yr

GENIUS.

http://www.theglobeandmail.com/techn...rticle7409256/

Bob was his company’s best software developer, got glowing performance reviews and earned more than $250,000 a year.

Then one day last spring, Bob’s employer, an American infrastructure company, thought its computer network had been attacked by a virus.

The ensuing forensic probe revealed that Bob’s software code had in fact been the handiwork of a Chinese subcontractor.

Bob was paying a Chinese firm about $50,000 a year to do his work, then spent the day surfing the web, watching cat videos and updating his Facebook page.

“This particular case was pretty unique,” computer security investigator Andrew Valentine, who helped uncover Bob’s scheme, said in an e-mail to The Globe and Mail. “We thought it was actually pretty clever.”

Mr. Valentine made Bob’s tale public in a blog post on Monday and it has since been the talk of tech websites.

“While the large-scale data breaches make the headlines and are widely discussed among security professionals, often the small and unknown cases are the ones that are remembered as being the most interesting,” Mr. Valentine wrote in his blog.

He said the creative but deceitful programmer, whom he called by the pseudonym “Bob,” was a family man and long-time employee in his 40s, “inoffensive and quiet. Someone you wouldn’t look at twice in an elevator.”

Mr. Valentine, who works for the global communications company Verizon, wouldn’t identify Bob’s employer except to say that it was a private “critical infrastructure company” in the United States.

For the past two years, the firm had increasingly been getting employees to telecommute or work from home.

To connect remotely to the company computer system, staffers needed a personal identification number, which changed at regular intervals. Employees were issued security tokens, small devices that updated them with the latest generated PIN.

Last spring, the company grew concerned about computer security breaches and asked its IT department to inspect more closely its remote-access logs, looking for unusual patterns of activity.

To their surprise, they saw that someone connected into their network every day from Shenyang, a city in the historical Manchurian north of China, near the Korean peninsula.

More interestingly, the Chinese intruder was logged in using Bob’s PIN and credentials, “yet the employee is right there, sitting at his desk, staring into his monitor,” Mr. Valentine wrote.

“Based on what information they had obtained, the company initially suspected some kind of unknown malware that was able [to] route traffic from a trusted internal connection to China, and then back. This was the only way they could intellectually resolve the authentication issue. What other explanation could there be?”

Verizon investigators were contacted. They inspected Bob’s workstation, trying to find whether he had unintentionally downloaded a virus.

Instead, the cyber-sleuths discovered hundreds of invoices from a software developer in Shenyang.

The investigation revealed that Bob had outsourced his job. To get around the changing PINs, he couriered his security tokens to the Shenyang subcontractor.

It wasn’t clear how long Bob’s scheme had been running because log records only dated back to six months.

While Bob physically reported to the company that hired Verizon to investigate him, he also padded his income as a contract worker for other local firms, for which he also relied on his Chinese outsourcing arrangement.

Looking at his web browsing history, investigators found that Bob spent his workday checking sites such as Reddit, Ebay, Facebook and LinkedIn and watching cat videos. Then he would type an e-mail at the end of the day to update management about his “work” and left at 5 p.m.

Bob was fired for violating internal company policy, Mr. Valentine said in his e-mail to The Globe and Mail.

By all accounts, the Chinese contractor did an excellent job and until then it reflected well on Bob.

“His code was clean, well-written, and submitted in a timely fashion,” Mr. Valentine noted. “Quarter after quarter, his performance review noted him as the best developer in the building.”

Work Smarter, Not Harder?
Posts: 7,950
teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.teedubya is obviously part of the inner Circle.
  Reply With Quote
Old 01-17-2013, 11:22 PM   #2
Cephalic Trauma Cephalic Trauma is offline
Permitted
 

Join Date: Jul 2011
Casino cash: $61853
You performed the double Q. Wow, is this the first on record?
Posts: 4,095
Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.
  Reply With Quote
Old 01-17-2013, 11:35 PM   #3
Cephalic Trauma Cephalic Trauma is offline
Permitted
 

Join Date: Jul 2011
Casino cash: $61853
Quote:
Originally Posted by Cephalic Trauma View Post
You performed the double Q. Wow, is this the first on record?
Or is Bob a new case?

n00b fail. I'll kindly tell myself to now...
Posts: 4,095
Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.Cephalic Trauma is too fat/Omaha.
  Reply With Quote
Old 01-17-2013, 11:23 PM   #4
Count Zarth Count Zarth is offline
Emperor of the Universe
 
Count Zarth's Avatar
 

Join Date: Nov 2002
Casino cash: $10244494
Amazing that his web browsing history didn't alert someone earlier.
Posts: 165,940
Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.Count Zarth is obviously part of the inner Circle.
  Reply With Quote
Old 01-18-2013, 05:10 AM   #5
Saulbadguy Saulbadguy is offline
When a nightmare becomes real
 
Saulbadguy's Avatar
 

Join Date: Nov 2003
Casino cash: $10151603
Quote:
Originally Posted by GoWalrus View Post
Amazing that his web browsing history didn't alert someone earlier.
Probably because as long as he got his work done , management didnt care.
__________________
http://www.goemaw.com
Posts: 46,025
Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.
  Reply With Quote
Old 01-18-2013, 12:02 AM   #6
ChiefBoyRDEE ChiefBoyRDEE is offline
Dark Lord
 
ChiefBoyRDEE's Avatar
 

Join Date: Jan 2013
Casino cash: $1770
clearly management material
Posts: 196
ChiefBoyRDEE is a favorite in the douche of the year contest.ChiefBoyRDEE is a favorite in the douche of the year contest.ChiefBoyRDEE is a favorite in the douche of the year contest.ChiefBoyRDEE is a favorite in the douche of the year contest.ChiefBoyRDEE is a favorite in the douche of the year contest.ChiefBoyRDEE is a favorite in the douche of the year contest.ChiefBoyRDEE is a favorite in the douche of the year contest.
  Reply With Quote
Old 01-18-2013, 02:09 AM   #7
Garcia Bronco Garcia Bronco is offline
No Keys, No Problem
 

Join Date: Sep 2000
Location: Denver
Casino cash: $78458
Lol...he should resell the software service, his mistake? Doing it at work. He does that shit at home and he probably doesn't get caught.
Posts: 22,125
Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.Garcia Bronco Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 01-18-2013, 09:33 AM   #8
kepp kepp is online now
MVP
 
kepp's Avatar
 

Join Date: Aug 2005
Location: KCMO
Casino cash: $198402
Quote:
Originally Posted by Garcia Bronco View Post
Lol...he should resell the software service, his mistake? Doing it at work. He does that shit at home and he probably doesn't get caught.
I thought he was working from home. He should have set up a tunnel through his home workstation.
Posts: 9,499
kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.kepp Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 01-18-2013, 04:07 AM   #9
big nasty kcnut big nasty kcnut is offline
Hey wanna fight!
 
big nasty kcnut's Avatar
 

Join Date: Sep 2001
Location: wichita kansas u.s.a.
Casino cash: $1789
why is this bad as long as his Asian bitches did the work why are they firing him.
__________________
I'm the renegade of funk Go kansas city. Our coach hate you. adopt a chiefs Ryan Succop
Posts: 12,692
big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.big nasty kcnut has an IQ even higher than Frankie's.
  Reply With Quote
Old 01-18-2013, 07:02 AM   #10
Radar Chief Radar Chief is online now
Wearing ballistic dog goggles.
 
Radar Chief's Avatar
 

Join Date: Mar 2001
Location: In the box.
Casino cash: $108511
Quote:
Originally Posted by big nasty kcnut View Post
why is this bad as long as his Asian bitches did the work why are they firing him.
Because management just found out they can get the same work for $200K less.
__________________
Like "Cool Hand" Luke I'm busting rocks.

__/|_/[___]
|/ \\_| ---OllllO
_( ))~-( ))-0--))
Posts: 22,334
Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.Radar Chief is obviously part of the inner Circle.
  Reply With Quote
Old 01-18-2013, 09:21 AM   #11
morphius morphius is offline
World's finest morphius
 
morphius's Avatar
 

Join Date: Aug 2000
Casino cash: $212071
Quote:
Originally Posted by big nasty kcnut View Post
why is this bad as long as his Asian bitches did the work why are they firing him.
For starters, there are a lot of pieces within telephony that you are not allowed to grant access to anyone that is not a citizen.
__________________
Herm Edwards neutering offenses one QB at a time.
Posts: 24,561
morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.morphius would the whole thing.
  Reply With Quote
Old 01-18-2013, 09:40 AM   #12
splatbass splatbass is offline
MVP
 

Join Date: Apr 2001
Location: Honolulu, HI
Casino cash: $73553
Quote:
Originally Posted by big nasty kcnut View Post
why is this bad as long as his Asian bitches did the work why are they firing him.
Sending your token to an unknown person in China - the source of most hacking attacks on US businesses - is enough. He gave the Chinese an unobstructed path to their server, and a lot of damage could have been done. The fact that none was done doesn't change that.

It is no different than giving your ID and PIN to someone outside your company and allowing them to come and go in the building as much as they want.

He should have been fired.

Last edited by splatbass; 01-18-2013 at 09:45 AM..
Posts: 5,563
splatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitellisplatbass 's adopt a chief was Sabby Piscitelli
  Reply With Quote
Old 01-18-2013, 05:21 AM   #13
wazu wazu is online now
...
 
wazu's Avatar
 

Join Date: May 2002
Casino cash: $1012627
VARSITY
250K? WTF technology platform is he using?
Posts: 11,968
wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.wazu Forgot to Remove His Claytex and Got Toxic Shock Syndrome.
  Reply With Quote
Old 01-18-2013, 05:54 AM   #14
Saulbadguy Saulbadguy is offline
When a nightmare becomes real
 
Saulbadguy's Avatar
 

Join Date: Nov 2003
Casino cash: $10151603
Quote:
Originally Posted by wazu View Post
250K? WTF technology platform is he using?
I was more surprised at 50K for a Chinese programmer. That's pretty expensive.
__________________
http://www.goemaw.com
Posts: 46,025
Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.Saulbadguy threw an interception on a screen pass.
  Reply With Quote
Old 01-18-2013, 09:54 AM   #15
Reerun_KC Reerun_KC is offline
Rock Chalk Jayhawks! KU!!!
 
Reerun_KC's Avatar
 

Join Date: Aug 2005
Location: Kansas Jayhawks
Casino cash: $2449015
Quote:
Originally Posted by Saulbadguy View Post
I was more surprised at 50K for a Chinese programmer. That's pretty expensive.
This! Holy crap he is getting robbed....
Posts: 44,341
Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.Reerun_KC 's phone was tapped by Scott Pioli.
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump




All times are GMT -6. The time now is 10:48 AM.


Powered by vBulletin® Version 3.8.0
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.