snopes.com

snopes.com (http://message.snopes.com/index.php)
-   Computers (http://message.snopes.com/forumdisplay.php?f=5)
-   -   Security audit finds dev OUTSOURCED his JOB to China to goof off at work (http://message.snopes.com/showthread.php?t=83910)

BlueStar 16 January 2013 11:01 AM

Security audit finds dev OUTSOURCED his JOB to China to goof off at work
 
While The Register is usually a pretty reliable source, parts of this fall into the 'too good to be true' area for me, particularly the logs which have supposedly been released for some reason of exactly what he spent his time doing. Although to be true UL material it wouldn't end with him no longer being at the company, he'd have been promoted.

http://www.theregister.co.uk/2013/01...ces_job_china/

Quote:

A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor and was spending all his work time playing around on the internet.
Company is unnamed. The company's ISP Verizon is cited as the source, but the link to their statement in the article is dead.

Surely if he was that smart he wouldn't have entrusted his VPN key to people half way around the world and would have had them upload their work somewhere for him to pull down, rather than giving them full security access to his systems?

Mad Jay 16 January 2013 11:33 AM

Many times its not possible to do the work without accessing the company network. You have data that you need, source code and infrastructure like databases etc. if he had to send everything to the offshore developer, he would be spending all day copying stuff

I don't think this is real though. A big part of a developers job is communication, especially if s/he is a star onshore developer. The raw coding by itself is probably half the work. Also, to be able to communicate effectively, he will have to understand issues himself, so he would have to spend time talking to his developer offshore. Our leads usually have 3 offshore developers under them, and they spend 40% of their time talking to offshore developers, 30% talking to onshore and 30% coding

ganzfeld 16 January 2013 11:45 AM

Sounds totally bogus to me too.

That said, the whole Verizon site securityblog.verizonbusiness.com is down, not that one post.

dfresh 16 January 2013 12:46 PM

I am trying to remember which webcomic had this happen in it. I THINK it was Dilbert, several years ago, but I am not sure. In the end, the guy ended up taking on a couple of different jobs at different places and outsourcing all the work to a team in China, paying them 10% of his pay, and living on 90% of his multiple salaries.

Beachlife! 16 January 2013 02:23 PM

When I worked at the empire, I was told someone in our department had been fired for doing something very similar. I never spent any time verifying the story though.

stoolie 16 January 2013 06:22 PM

Quote:

Originally Posted by Mad Jay (Post 1703646)
Many times its not possible to do the work without accessing the company network. You have data that you need, source code and infrastructure like databases etc. if he had to send everything to the offshore developer, he would be spending all day copying stuff

I read it from this link, which indicated that they found the perp after noticing a Chinese address in their VPN access logs, and that this VPN token belonged to an employee who was sitting onsite at his desk at the time he was supposedly using his token.

Link is dead - more details on the BBC one though.

overyonder 16 January 2013 07:24 PM

Two-bit developer wasn't smart enough to create a connection between his home and work (via VPN) and having his Chinese partner in crime do the work from his (the two-bit developer's) home network. Duh.

OY

Beachlife! 16 January 2013 07:39 PM

Not so easy depending on the company's access policies and it still wouldn't fix the problem of the employee sitting at his desk when his token was being used for VPN access.

Rebochan 16 January 2013 10:18 PM

The Verizon blog is back online for me. Seems legit. Our IT department was laughing about this yesterday.


All times are GMT. The time now is 01:05 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.