Goldman Sachs Trading Source Code In the Wild?

Hangtime writes "The world's most valuable source code could be in the wild. According to a report by Reuters, a Russian immigrant and former Goldman Sachs developer named Sergey Aleynikov was picked up at Newark Airport on July 4th by the FBI on charges of industrial espionage. According to the complaint, Sergey, prior to his early June exit from Goldman, copied, encrypted and uploaded source code inferred to be the code used by Goldman Sachs to process in real-time (micro-seconds) trades between multiple equity and commodity platforms. While trying to cover his tracks, the system backed up a series of bash commands so he was unable to erase his history, which would later give him away to Goldman and the authorities. So the question is: where are the 32MB of encrypted files that Sergey uploaded to a German server?

Even More Interesting

[eldavojohn]

Even more interesting is in the second article that notifies us that Goldman Sachs has been removed from the NYSE 15 Most Active Members Firms Weekly Report. GS had been #1 the week before and now they're not even on it. These fifteen firms alone represent about 98% of all trades with the NYSE. So what happened?

The author mentions some things but gives no clear motivation for GS hiding their stats. I would speculate that if one of your developers copied your code and uploaded it to a server discretely, you could have that in your logs and not notice it for days or weeks. But if he then did something to your system to ensure his new employer's ownership of that code you wuold notice that pretty damn fast I imagine. Sergey Aleynikov sounds like a brilliant coder but maybe he's not so smart on legal issues, is it possible he completely hobbled GS to please his new employer? Are they keeping their transaction report hush hush so investers don't worry? Was Sergey Aleynikov thinking he could sell the code and the rights to the code? After all, if he could remove all copies of the code from GS how could they take people to court over the code without a local copy to prove ownership?

If GS remained #1, they would have left themselves on the list. I presume that something else related to this has gone wrong with their operation, the news just hasn't broke yet.

Re:Even More Interesting

unset HISTFILE and he (might) have been OK.

Not likely... since most financial institutions capture not only the commands, but the output to STDOUT/STDERR, and that is logged outside, upstream of the physical machine, using tools like PowerBroker, Sudoscript, and others.

I know, because I work for $LARGE_BANK, and we use it there. You can't just symlink ~/.bash_history to /dev/null, or unset HISTSIZE or any of that.. even the !shell trick out of vim doesn't help, because everything you type and everything it outputs, is logged where you can't wipe it out.

nationalism vs. anti-corporatism

[DoofusOfDeath]

It's funny... I normally find myself loathing companies like Goldman Sachs for hyper-selfish capitalism, finding ways to get rich at taxpayer expense, etc.

But then, when I see industrial espionage by Russians, Chinese, Israelis, etc. against those very same corporations, a sense of nationalist anger makes me forget my anti-corporatist anger. Somehow I completely fail to have a sense of schadenfreude for the corporations that I normally hate, and I don't know why.

Being human is strange.

Re:nationalism vs. anti-corporatism

[fuzzyfuzzyfungus]

That, my friend, is what having your self interest 0wn3d by your primate instincts feels like.

Don't worry, multinationals have no such weaknesses, and won't bat an eye when you are on the hook.

Colour me surprised

[Antidamage]

Pure evil partnered with Linux?

I'm pretty sure that can't happen. I'm going to pray to Linus for guidance.

Re:Colour me surprised

[neomunk]

Linux isn't GOOD by nature. It's not BAD either.

It's like The Force, you see. All around us, binding our processes behind the scenes in ways it takes an enlightened eye to perceive. There is always Linux prodding along the information swirls and eddies that make up our modern lives, unconcerned with the nature or usage of said information.

Windows is like The Force too, except I've never heard a Windows acolyte preach any path other than the quicker, easier, more seductive one...

Re:Surely not?

[Richard_at_work]

What if having the code allowed you to analyse it for ways to game the system? Knowing precisely how the system will react in certain circumstances could give you a serious leg up when attacking the system on the markets (trade limitations, trend spotting for error codes or edge cases et al).

This code could be worth significant amounts of money on the international fraud market.

Proving theft..

[MosesJones]

Its hardly surprising that this sort of code is highly valuable but the challenge is surely going to be proving that it was actually stolen. If they have a bash history that doesn't include the IP addresses but just shows that he created a tar ball then where is the proof that he actually stole anything at all?

The original is of course still there, what he took is a copy, so you can't show something is missing.

They currently don't know where it has gone, so they can't prove that a copy was moved outside the firewall successfully

If he hasn't yet sold the stuff on they can't prove there was a financial benefit linked to the theft

So how will they prove beyond a reasonable doubt that some actual theft has gone on?

Its not like he has just lobbed it on Bit-torrent or posted it to Wikileaks. What he has done is taken a copy of the code, which means its Intellectual Property and copyright issues rather than "simple" theft and therefore they really need to prove (surely) that he has done something with the code.

Should be interesting to see how the police "generate" and prove the evidence on this one.

Non-story

GS's code for program trading is all written in a proprietary programming language called slang and relies on a proprietary database (secdb).

The install for that is a hell of a lot bigger than 32 MB, so this is probably just a few trading algorithms that a pissed-off developer has copied away.

It will be largely useless without the slang and secdb components and will be totally unsafe to trade off without a sufficient source of historic data and reference data, correctly formatted and loaded into secdb.

The idea that this leak is likely to be in any way materially damaging to GS is frankly a joke to anyone with even a passing knowledge of how these systems really operate.

But don't let that get in the way of your paranoia about how the world works.

Re:Surely not?

Exactly. Analyzing the source code will tell you how Goldman Sachs trades its stuff. It's not valuable because it was so expensive to develop this stuff, it's expensive because it shows how they play the game with what kind of strategy, and the stakes of the game is extremely high. It's like knowing how your opponent plays poker when the stakes are on the magnitude of billions of dollars.

If the source code is in the wild, Goldman Sachs is forced to stop all related real-time trades, because their strategy is completely exposed, and once somebody exploits it, they will lose money really quickly. (Just imagine how many transactions they can make per second, and imagine every one of those transactions lose some money in average.) That means they get forced to leave the market until they develop a new trading system, or at least, re-develop their strategy. That costs a lot of money because they have to stop doing investments and leave the money some place safe.

From the summary:

"The world's most valuable source code could be in the wild."

Duke Nukem Forever? Oh joy.

Re:Surely not?

[192939495969798999]

Based on what the markets have been up to, I'd say this code has been out there and has been actively exploited for at least 18 months.

Re:Surely not?

[Richard_at_work]

I'm not talking about exploits or bugs, I'm talking about knowing *precisely* how the code will react in given circumstances, *precisely* which edge cases are handled in code, *precisely* what results in an error state and how that error state is handled.

Knowing such things will allow you to tailor your fraudulant trades so as to not raise suspicion, or to make more money within a set amount of time. If you know precisely how far to push your actions, and then push no further, then you could continue with the same fraud for longer than you would otherwise without being discovered. If you know how often the trend analysis reports are run, and how they do what they do, then you can tailor your trades so as to not appear on those reports - just enough, no more.

All of which means you can make more money without being detected - and you haven't attacked the software itself, you haven't changed how the code works, you have stayed within the boundaries that the software creates. All because you knew *precisely* how the code works.

What's the exit strategy?

[Sits]

If I were a rival to Goldman Sachs I would be terrified of someone offering me Goldman's source code. If I use it and Goldman find out then I'm in a world of trouble. If I use it but Goldman don't know for a bit AND the person who offered it knows I used it, then they can blackmail me. Even if I don't use it there could be expensive legal battles to prove my innocence ("Exhibit A shows the same loop variable counter is used in these two different source code bases." "?!"). How do I know it's not a trap? It would be like someone offering the secret of Coke to Pepsi - what do you expect Pepsi to do? Use the secret? What if they like their product more?

Obviously there must be another angle if this situation is true to drive someone to actually do it. I just can't figure it out at the moment.

Re:Alternative theory....(and more probable)

[Pixie_From_Hell]

It's a good alternate theory, but you're a week off:

On the week ending June 19, Goldman, for instance, was ranked first on the NYSE program trading list. But on the week of June 22, Goldman mysteriously didnâ(TM)t appear on the list of the top 15 firms at all.

So unless the Fourth of July is celebrated in June, I think that's not the issue.

Of course, I'm not checking the volume of trading either, so there could be something to your theory. (Of course, if GS bailed out for a week, wouldn't that lower the volume significantly? Weren't they the number one traders?)

Re:Surely not?

[captainpanic]

The fact that one can compare the strategy in big business with poker shows clearly why I think we're all better off when this whole banking business is downscaled a bit.

While in the good old days the banking business was simply a place to store and borrow money, it has now become a mess so complicated that nobody really understands it anymore.

It can be interesting to see what happens next... although I also realize that this accident can cause some innocent people to lose their jobs.

The bankers certainly knew there would be a crash.

[Futurepower(R)]

"The rolling stone article is conspiracy drivel..."

Thoughts:

1) The linked article is not the article published on paper in Rolling Stone, although confusingly it has the same name.

2) A Slashdot comment is not meant to be a complete discussion of anything. A Slashdot comment can alert you to the need to do further research.

3) The actual Rolling Stone article in the paper edition only says things that have been reported elsewhere.

4) The bankers certainly knew there would be a crash, and that they would profit from the crash, and that the crash would be very destructive to everyone else.

5) Matt Taibbi's article, The 52 Funniest Things About The Upcoming Death of The Pope lacks any humor. It's just stupid. In number 26, he guesses that the pope lives, and he dies. The point of the article seems to be that the pope gets less respect now; a big difference from 50 years ago. But it's a terrible article.

6) What is important is not what someone said, but the facts.