Punishing Security Breaches

Schneier has a story on his blog this morning about punishing security breaches. This one is in response to the tale of Gray Powell, the Apple engineer who left an important bit of technology in a bar recently. You might have heard of it. You also might have been on either the breacher or the corporate side. I'd hate to be in either position myself.

Gizmodo May Face Felony Charges

[eldavojohn]

I caught a an article on NY Times that outlines the San Mateo police's options for prosecuting Gizmodo for purchasing the leaked iPhone. From the article:

California law prohibits the sale of stolen goods and states that a person who uses someone else’s lost property without permission may be guilty of theft.

And since it's over $950, it's a felony. Even if they didn't know it was stolen, they could face a lesser charge of "misappropriation of lost property" which is a crime but not theft. Charges haven't been pressed yet but the police say they're investigating the options.

Re:Gizmodo May Face Felony Charges

[Thanshin]

And since it's over $950, it's a felony.

$950? That's nothing. Was there any song in the IPhone?

Re:Gizmodo May Face Felony Charges

[Rogerborg]

Beat me to it.

[Gizmondo] "didn't know this was stolen when we bought it."

Riiiight. The difference between "found" and "stolen" is entirely in the mind of the... "finder". Heck, you can "find" a bike in the street... if you jump on it quick enough. Hang around gas stations, and you may "find" a car with the keys still in the ignition.

Go into Gizmondo's office late at night - "find" an open window - and wow, look at all the gear just ripe for "finding". After all if it's not grasped tightly in someone's hand at that very moment, it doesn't belong to anyone, right?

They paid $5000 for something that they knew - by their own admission - did not belong to the seller. If that's not dealing in stolen goods, then I don't know what is. You don't even have to know the law to be sure - a child could tell you that it's unethical and wrong.

Re:Gizmodo May Face Felony Charges

[Pharmboy]

The question is: will they simply pay a fine, or will someone actually get to face a criminal charge? All too often (in the US) people get off free because the offense is blamed on the Corporation® and not the individual acting on behalf of the corporation. If this is knowingly purchasing stolen goods, then it should be treated like any other case of the same.

Re:Gizmodo May Face Felony Charges

[Yvan256]

Yes there was! Over 9000!

And according to the RIAA, 9000 songs at 0.99$ each equals 5 billions in damages and 3000 years of prison!

Re:Gizmodo May Face Felony Charges

[zero_out]

You don't even have to know the law to be sure - a child could tell you that it's unethical and wrong.

Call me cynical, but law doesn't often follow ethics. There are so many instances where something is "wrong," but not illegal, for me to even begin citing them. Okay, I'll give you one. Adultery. Sure, there are some places where it is outlawed, but what percentage of instances does it fall into the realm of the illegal? At any time, if I were to have improper relations with a neighbor, I would not be breaking a law. It would be about as unethical as any civilized society could imagine, but not illegal.

Back on the topic at hand, yes, it was unethical for Gizmodo to do this. Did they know it was illegal? Possibly, but not necessarily. Even if they did know, I'm sure they did a cost/benefit analysis, and determined that the benefit outweighed the punitive damages. What a wicked world we live in, where someone weighs the cost of doing something unethical, against the gains for doing it.

Re:Gizmodo May Face Felony Charges

[carvalhao]

Well, since that model of iPhone hasn't been released yet, how can you prove that it's over $950?

Re:Gizmodo May Face Felony Charges

[Sandbags]

Sorry, they TRIED, as did the guy who sold it, to contact Apple. Apple actually DENIED the device was lost... Also, in the end, through MUCH trial and effort, the device WAS returned. Gizmodo did not buy the device, the device was handed over willingly and for free, gizmodo bought the STORY. The device was returned.

Re:Gizmodo May Face Felony Charges

[Thanshin]

All too often (in the US) people get off free because the offense is blamed on the Corporation® and not the individual acting on behalf of the corporation.

Just for reference, this:

Kaffee: Did you order the Code Red?
Col. Jessep: I did the job I...
Kaffee: *Did you order the Code Red?*
Col. Jessep: *You're Goddamned right I did!*

doesn't work in real life.

Re:Gizmodo May Face Felony Charges

[jemtallon]

I'd give ya a +1 funny if I had one :D

Re:Gizmodo May Face Felony Charges

[Sandbags]

They paid $5K for the STORY, as registered journalists, and only after discussing this with lawyers, and after both Giz and the device's finder BOTH contacted apple and apple DENIED the prototype being lost. Gizmodo acquired the device under the promise to return it to it's rightful owner should one come forward, and the person who gave them the device could not be blamed for handing it over to an organization with known internal ties at the company.

Gizmodo never bought the phone, only the story. This has been upheld NUMEROUS times in local and federal courts. Thanks for playing...

Re:Gizmodo May Face Felony Charges

[Sandbags]

I'm not an expert in CA's version of this law, but here, it;s only stolen property if its REPORTED stolen, or if the owner comes to claim it and wishes to prosecute. Apple admitted they're not interested in filing criminal charges against Gizmodo (they could not buy publicity like they got, even if they didn't want it on that day). Since there's noone to make the charge, the police can not act on their own. Cops can't bust you for unreported crimes unless they're under certain statuates.

Re:Gizmodo May Face Felony Charges

[SharpFang]

The seller spent a pretty long time in the bar asking the patrons and the barman about the phone. He made it pretty certain this was a found item, not a stolen one and went to quite a bit of lengths to find the owner, and has a bunch of witnesses to confirm it.

Re:Gizmodo May Face Felony Charges

[Hatta]

The difference between "found" and "stolen" is entirely in the mind of the... "finder".

There's a clear difference between finding and stealing in the eyes of the media too.

Re:Gizmodo May Face Felony Charges

If it's a prototype, that should be trivial.

Re:Gizmodo May Face Felony Charges

[ccguy]

And since it's over $950, it's a felony.

What's the reference price, the one you buy it for to the thief, the price the original owner would need to pay to have it replaced, the price the original owner paid...?

Re:Gizmodo May Face Felony Charges

[QuantumRiff]

The device is not worth $950. The price is the value of the item stolen, not what some idiot is willing to pay for it. If someone pays $10,000 for a stolen car that has a bluebook value of $3,000, it is recorded as a $3000 theft.

However, gizmodo said at the beginning that they had no intention of keeping the phone. In fact, the person that found it, and Gizmodo both tried to return it, many times. The finder cause it was the right thing to do, and Gizmodo, because then Apple would be acknowledging that it was, in fact, and Apple device and not a cheap chineese knockoff.

If someone steals your car, and I buy it from the, but give it back to you, am I a criminal?

Re:Gizmodo May Face Felony Charges

[Hatta]

There are so many instances where something is "wrong," but not illegal, for me to even begin citing them.

There are also many instances where something is illegal, but not wrong.

Re:Gizmodo May Face Felony Charges

[StikyPad]

Meh.. in most cases I would agree with you, but Gizmodo made it known that they had the property (after the finder himself tried to contact Apple), and returned it to the rightful owner when asked. Purchasing the property may have been an offense within the letter of the law, but it's a very weak chain of events for claiming damages when the property was promptly returned.

The only real damage here was the loss of confidentiality. But if Apple didn't want the information in public, they (or Mr. Powell acting as their agent) shouldn't have brought the phone out in public. If they didn't give him permission, then he's really the one to blame. But if they did, which is probably the case, then it was a risk they deemed acceptable. Even if they didn't consider the possibility outright, that would be negligence; i.e. not an excuse.

Re:Gizmodo May Face Felony Charges

[UnknowingFool]

Back on the topic at hand, yes, it was unethical for Gizmodo to do this. Did they know it was illegal? Possibly, but not necessarily. Even if they did know, I'm sure they did a cost/benefit analysis, and determined that the benefit outweighed the punitive damages. What a wicked world we live in, where someone weighs the cost of doing something unethical, against the gains for doing it.

Except in this case, there are laws written specifically for trafficking in goods where the ownership is questionable. In this case, Gizmodo knew that the seller wasn't the owner and didn't have the authority of the owner. I think the law in California is that is the equivalent as knowing the good in question was stolen. Did Gizmodo not know this law? Possibly but a corporation with a lawyer on the payroll should have asked their legal counsel. An average person may not have access to legal representation might have more of an excuse.

Re:Gizmodo May Face Felony Charges

[UnknowingFool]

Unreleased prototype of products usually have trade secrets in them and are worth more than the nominal value of the parts in them. Trade Secrets are worth a whole lot.

Re:Gizmodo May Face Felony Charges

[stonewallred]

Which ever one that allows the DA to charge you with a felony. Unless of course you are connected, then it is which ever one that allows the DA to charge you with a misdemeanor which he'll drop under a prayer for judgment. The amount of leeway a DA has is what makes the US legal system appear to be so uncorrupted when compared to the rest of the world. But the corruption lies within the system, at the level of discretion the DA and judges have.

Re:Gizmodo May Face Felony Charges

[masmullin]

I thought their names were Tom and Jack?

Re:Gizmodo May Face Felony Charges

[xeoron]

I, Cringely, has a post saying it that this was a calculated Apple PR stunt. The only way to prove this would be if the engineer gets fired or Apple files charges against one or more parties.

Re:Gizmodo May Face Felony Charges

[UnknowingFool]

The device is not worth $950. The price is the value of the item stolen, not what some idiot is willing to pay for it. If someone pays $10,000 for a stolen car that has a bluebook value of $3,000, it is recorded as a $3000 theft.

The retail value of the device is worth less than $950 considering the parts; however, the device was a prototype, it is worth a lot more than the parts. Trade Secrets are worth a lot possibly tens of thousands of dollars.

However, gizmodo said at the beginning that they had no intention of keeping the phone. In fact, the person that found it, and Gizmodo both tried to return it, many times. The finder cause it was the right thing to do, and Gizmodo, because then Apple would be acknowledging that it was, in fact, and Apple device and not a cheap chineese knockoff.

If Gizmodo found the phone, it would be a different story. If Gizmodo was given the phone, it would be a different story. Gizmodo paid for the device knowing the seller wasn't the owner. Gizmodo says it tried to return the device to Apple. What Gizmodo didn't do is return the phone to the bar where it was found. That would seem to be perfect sense to any of us. Instead Gizmodo publishes a story about it.

If someone steals your car, and I buy it from the, but give it back to you, am I a criminal?

While that is noble of you, you unfortunately leave yourself open to criminal charges. Because you know your intentions; the law does not. What law enforcement sees is you buying something you knew didn't belong to the owner. You'll have to convince them that you really did intend to return it. However, the law will have to scrutinize your actions. If you bought it, then only searched in vain for the owner, the law might believe you. If you took it out on the town, blogged about your "new ride", etc, the law might perceive things differently.

Re:Gizmodo May Face Felony Charges

[dj245]

I refer you to the landmark case of Keepers v. Weepers.

Re:Gizmodo May Face Felony Charges

[s73v3r]

Citation Please. They bought the prototype phone. They happened to get numerous stories out of it, which happened to drive traffic to their site and increase revenues, but they still bought the phone.

Re:Gizmodo May Face Felony Charges

[s73v3r]

Yeah, but the seller's innocence in the matter ended when he was willing to sell it to Giz for $5k. The proper thing to do would be to turn it in somewhere, either to the bar's lost & found, or to the police. Hell, since they were able to find out who the guy is that lost the phone, he could have contacted that guy directly, on Facebook or something, to return it.

Re:Gizmodo May Face Felony Charges

[Yvan256]

Since it's a development unit, it would be interesting to see Gizmodo pay for the R&D costs of the next iPhone.

Re:Gizmodo May Face Felony Charges

[UnknowingFool]

Gizmodo never bought the phone, only the story. This has been upheld NUMEROUS times in local and federal courts. Thanks for playing...

Gizmodo might be trying to wrangle out of a charge here but does/did Gizmodo have POSSESSION of the phone? Possession means they bought the phone. Buying the story meant they paid $5K to interview the finder, take the phone apart, etc, then return it to the finder. That's paying for a story. Possession changes things.

Re:Gizmodo May Face Felony Charges

[Bakkster]

Meh.. in most cases I would agree with you, but Gizmodo made it known that they had the property (after the finder himself tried to contact Apple), and returned it to the rightful owner when asked.

After disassembling it, and posting the disassembly photos on their website, earning a huge wad of cash from advertisers in the process.

Purchasing the property may have been an offense within the letter of the law, but it's a very weak chain of events for claiming damages when the property was promptly returned.

Actually, the letter of the law prohibits the user from any use (I believe the statute says 'realizing benefits from') of the solen property as well. If they purchased the iPhone in order to funnel it directly to Apple to preserve their confidentiality, you would be right. However, they made money off the prototype, putting them clearly in violation of the law.

That said, I doubt Apple will press charges, but it seems they are clearly within their rights to do so.

Re:Gizmodo May Face Felony Charges

[Bing+Tsher+E]

Prototypes are built in small quantities, with special procedures, using small quantity parts orders. A whole separate group in the company assembles them than the mainline product. This prototype iPhone probably cost Apple in excess of $20,000 to produce.

Re:Gizmodo May Face Felony Charges

[Notquitecajun]

And, of course, there's quite a few things that are out there that are BOTH illegal *and* wrong.

That is, of course, if you believe that there is such a thing as "wrong."

Re:Gizmodo May Face Felony Charges

[hedwards]

And how exactly is this different from when the press uses leaked materials in general? Technically those are usually stolen as well, considering that the party that owns them would release the material if they wanted to. The press in general has relied upon that sort of thing for a really long time, strikes me as a bit odd to suggest that because the thing is a phone that belongs to Apple that suddenly things are different.

Re:Gizmodo May Face Felony Charges

[Notquitecajun]

Stupid self-reply.

Quick addendum to my parent: Some things can be wrong whether or not we believe in "wrong."

Re:Gizmodo May Face Felony Charges

$10?

Re:Gizmodo May Face Felony Charges

[vux984]

As to it being stolen, until they had it they didn't KNOW it was an apple iphone prototype. It could have been some chinese knockoff. Indeed, odds are higher than not that "some random person trying to sell an lost iphone prototype" is passing a scam.

Further they returned it.

Actually, the letter of the law prohibits the user from any use (I believe the statute says 'realizing benefits from') of the solen property as well.

All they did was purchase a phone, which might might have been lost, might have been stolen, or might have not been an iphone at all, and then reported on it, and returned the device to the owner once it had been confirmed genuine.

No the 'realizing benefits from' angle is interesting, but this case is has another wrinkle, the 'benefit' they realized is shielded by the 'freedom of the press'. Which in some respects is stronger than 'freedom of speech'. After all ALL news sites report crime, directly "realizing benefits" from everything from murder to theft to rape in terms of selling advertising around it.

Re:Gizmodo May Face Felony Charges

[Jawn98685]

The question is: will they simply pay a fine, or will someone actually get to face a criminal charge? All too often (in the US) people get off free because the offense is blamed on the Corporation® and not the individual acting on behalf of the corporation. If this is knowingly purchasing stolen goods, then it should be treated like any other case of the same.

You don't understand. The Supreme Court of the United States has determined that corporations (e.g. "big business") get to enjoy all the benefits of citizenship with none of those annoying responsibilities (paying taxes, obeying the law, etc.). If you think that''s wrong, you must be some kind of socialist.

Re:Gizmodo May Face Felony Charges

[lukas84]

And again, how is this theft?

So this guy finds a phone that looks strange, and might be an Apple prototype. So he calls up Apple, they don't want it back (mostly, of course, because Apple has a really shitty information policy, no one answering the phone knew about the missing prototype, nor how it looked).

Apple knew that the phone was missing (and possibly where it was), because they activated the remote wipe functionality.

This is a situation that Apple itself made a lot worse.

Sure, what the guy did was also hilariously wrong, since he could've just left the phone at the bar, the engineer that lost it would surely consult the bar the next day. That's the behaviour that would make the most sense, but maybe he was too much focused getting fame and money to care. So the investigation makes sense, but i think Apple has only itself to blame for all the publicity the phone has received. Had they talked to the guy when he called them, they could've probably come to an agreement.

Re:Gizmodo May Face Felony Charges

[Kitkoan]

And since it's over $950, it's a felony.

What's the reference price, the one you buy it for to the thief, the price the original owner would need to pay to have it replaced, the price the original owner paid...?

The reference price is the one the lawyers can make up at the most highest price point, regardless of reality. This has been shown with the RIAA lawsuits.

Re:Gizmodo May Face Felony Charges

[Bakkster]

As to it being stolen, until they had it they didn't KNOW it was an apple iphone prototype. It could have been some chinese knockoff. Indeed, odds are higher than not that "some random person trying to sell an lost iphone prototype" is passing a scam.

And once they knew it was an iPhone (they themselves pointed to its well-laid-out internals that it was almost certainly Apple), they lost that excuse. Note that they only broke the story after they were certain it was an iPhone. The courts would need to decide if they made a sufficient effort to return the phone at that point.

All they did was purchase a phone, which might might have been lost, might have been stolen, or might have not been an iphone at all, and then reported on it, and returned the device to the owner once it had been confirmed genuine.

If that were all they did, we also wouldn't be talking about it. They also blogged about finding it, even disassembling it and posting the internals. I think that loses them their good faith protection of claiming 'we bought your phone, but we just wanted to return it to you'.

No the 'realizing benefits from' angle is interesting, but this case is has another wrinkle, the 'benefit' they realized is shielded by the 'freedom of the press'. Which in some respects is stronger than 'freedom of speech'. After all ALL news sites report crime, directly "realizing benefits" from everything from murder to theft to rape in terms of selling advertising around it.

The difference being that in your examples, the media is a 3rd party reporting on external events. In this example, this is a media outlet as an accessory to the crime. If a newspaper reporter were to commit a murder, theft, or rape in order to create a story, do you think they would be protected?

While the 1st ammendment would protect them publishing the story, it may not protect them from fencing stolen goods in the process of pursuing the story. We would need to look at case law to determine if that's the case. I expect the distinction may occur between 'publishing information from a 3rd party, who obtained it through a crime' and 'committing a crime to obtain information to publish'. For example, the Pentagon Papers were leaked, not purchased or pursued by the press, and therefor legal.

Re:Gizmodo May Face Felony Charges

[harl]

So what? It's a corporation. They can't throw it in jail and $950 is laughable to them.

Re:Gizmodo May Face Felony Charges

[hesaigo999ca]

>because the offense is blamed on the Corporation® and not the individual acting on behalf of the corporation.
If only this were the real world, all the big CEOs of all the major car companies would all be incarcerated right now for letting their companies do so badly....except ford surprisingly enough!

Re:Gizmodo May Face Felony Charges

[Fizzl]

does not compute

Re:Gizmodo May Face Felony Charges

[Culture20]

And according to the RIAA, 9000 songs at 0.99$ each equals 5 billions in damages and 3000 years of prison!

Of course, distribution is the key there. so gizmodo is off the hook, but the Apple employee and the guy who sold are going to be hit with $5B each due to potential electronic spread.

Re:Gizmodo May Face Felony Charges

[nanoakron]

Uncorrupt?

The amount of leeway a DA has in laying charges, and the fact that they are elected to office, are precisely the reasons why the US legal system appears more corrupt than our own here in the UK. Placing all that power and discretion in the hands of one individual is like playing with fire - if you commit a crime that belongs on their 'pet hate' list, they may level tougher charges than might otherwise seem appropriate.

Moreover, plea bargaining is a despicable idea in a supposedly free society, particularly when it amounts to nothing more than bullying and intimidation to extract a 'confession' (the plea) - and we all know confessions obtained under duress are entirely untainted don't we...This is why plea bargaining is rare in almost every other civilised nation.

Re:Gizmodo May Face Felony Charges

[Rogerborg]

[citation needed] And no, Gizmondo is not a credible source, even if they were a primary one.

From my passing acquiantance with law enforcement, I'd venture to suggest that people who "find" things also tend to get their lies in early and often. Not all dishonesty implies theft, but all theft implies dishonety. An assumption of innocence is for courts; us regular folk can apply the "What's more likely" test.

Re:Gizmodo May Face Felony Charges

[Urkki]

There are also many instances where something is illegal, but not wrong.

Not according to the law...

Re:Gizmodo May Face Felony Charges

[tlhIngan]

Sorry, they TRIED, as did the guy who sold it, to contact Apple. Apple actually DENIED the device was lost... Also, in the end, through MUCH trial and effort, the device WAS returned. Gizmodo did not buy the device, the device was handed over willingly and for free, gizmodo bought the STORY. The device was returned.

Apple customer support denied the device was missing. Which just means that customer support didn't know one was missing. And Apple customer support has stated that they get so many fake iphone prototype claims that they don't act of them. Too many cheap chinese clones.

But the finder didn't contact the bar to see if anyone called it in. Apparently the guy who lost it called the bar repeatedly asking if anyone turned it in.

Re:Gizmodo May Face Felony Charges

[Sandbags]

Well, considering Giz's legal team did some research BEFORE buying the phone (regardless of who wants to throw semantics into did they buy the phone vs did they buy the story), fact is, 1) the press has certain extended rights in this situation that have previously been upheld in court, 2) Apple did not choose to file charges after they were successfully contacted (which Giz continued to do for MANY days before finally posting the story), and 3) a 3rd party, not the state itself can file charges for this crime personally.

Possession of the device? Was it bought, was it not, that all depends on the wording in a contract, which I'm sure was carefully constructed by a lawyer, who likely knows much better than you or I the status of the laws in that state.

Re:Gizmodo May Face Felony Charges

[StikyPad]

The story existed without Gizmodo paying for it. They didn't pay the guy to lose his phone -- they just paid for exclusive information *about* the phone (and how it was lost).

Re:Gizmodo May Face Felony Charges

[Dogbertius]

Yes there was! Over 9000!

And according to the RIAA, 9000 songs at 0.99$ each equals 5 billions in damages and 3000 years of prison!

What, 9000!?! There's no way that can be right! CAN IT?!

Re:Gizmodo May Face Felony Charges

[Bakkster]

But it was complicated by exchanging money for possession of the phone. As they say, possession is 9/10ths of the law. If they only took possession the phone, or only paid the guy for a story they would probably be in the clear.

I'm not saying Gizmodo intended to be malicious, or that they caused grave harm to Apple. What I am saying is that it does appear that they likely committed a felony according to CA law.

Re:Gizmodo May Face Felony Charges

[Anomalyst]

probably cost Apple in excess of $20,000 to produce.

... and it still wont run flash, LOL.
I personally run noscript and rarely run flash even so, usually I'll find one of their competitors less idiotic than one running flash on their home page.

Re:Gizmodo May Face Felony Charges

[drinkypoo]

In California the police can arrest you for a misdemeanor if they have reason to believe that it has been committed. Any citizen can arrest you for a felony that they have reason to believe you have committed. They have to witness a misdemeanor, though. Citizens can also not issue citations, obviously. Is there anything stopping the DA from filing charges?

Re:Gizmodo May Face Felony Charges

>the only way to prove this would be if the engineer gets fired or Apple files charges against one or more parties.
Umm but that would end up in news, which means more publicity, although I don't think it's much positive

Re:Gizmodo May Face Felony Charges

[Nyder]

the phone wasn't stolen. It was left behind.

Person who found it, tried to return it.

Re:Gizmodo May Face Felony Charges

[UnknowingFool]

You see two guys on a street corner. One gives the other money and a stereo is exchanged. That stereo turns out to be be stolen later. Both men claim that they were only looking for the owner of the stereo and not trafficking in stolen goods. Do you believe them? To me, if it looks like a duck, it's a duck. In this case Gizmodo admitted they paid money. They are desperately trying to work on semantics so that they get charged but they did pay for stolen property.

Re:Gizmodo May Face Felony Charges

[MoeDumb]

If the RIAA had mod points they would mod this Lenient.

Re:Gizmodo May Face Felony Charges

If you think "the law" is in and of its self a moral compass, you are a fucking fascist, and I want you out of my goddamn country.

Re:Gizmodo May Face Felony Charges

[Sandbags]

Arrest? yes. Be issued a warrant? no.

Case in point, the CA DA has STOPPED further investigation until Chan's status as a journalist (which we all easily can agree he is) is confirmed, and if so, charges will be dropped and the case can not legally continue. Additionally, they have questioned the content of the warrant per CA law, and the existance at all of a crime.

Re:Gizmodo May Face Felony Charges

[Sandbags]

When a JOURNALIST is involved, laws are slightly altered. Further,there was an explicit contract, and lawyers were involved in that sale, and the owner of the stereo was already contacted and denied having lost it, and this was not only recorded, but both the guy and Gizmodo went to GREAT lengths to contact appropriate people, including using inside personnel not just customer service.

For property to be stolen, it must actually be reported stolen. Apple admitted it was lost and thanked Gizmodo for returning it to them. At NO POINT did Gizmodo expect to keep the device they purchased, it was handed over in due course, and the guy was told that was exactly how it would play down, and he did get paid for his story (and his PHOTOS that he himself took, which guaranteed no OTHER news organization could use them, protecting Gizmodo's interests as a press agency, which is WELL worth $5K.

I know the guy who took the pic of Brittney Spears getting married in Vegas. He got $750K for that... 5K is nothing, EASILY confirmed to be payment for story and photos, and Gizmodo DID act in complete good faith, not posting the article nor dissasembling the device until AFTER Apple denied ownership.

Re:Gizmodo May Face Felony Charges

Brian Lam, is that you?

Re:Gizmodo May Face Felony Charges

[Lars+T.]

The story existed without Gizmodo paying for it. They didn't pay the guy to lose his phone -- they just paid for exclusive information *about* the phone (and how it was lost).

All stories on this are based on the original story by Gizmodo - so no, there would be no story without Gizmodo.

Re:Gizmodo May Face Felony Charges

[Lars+T.]

They paid $5K for the STORY, as registered journalists

I can see a surge of registered fence bloggers.

Re:Gizmodo May Face Felony Charges

[Lars+T.]

And again, how is this theft?

So this guy finds a phone that looks strange, and might be an Apple prototype.

If by "strange" you mean "just like an ordinary iPhone 3GS", sure.

Re:Gizmodo May Face Felony Charges

[Zymophideth]

Gizmodo paid $5000 for it, so they already set the precedence that it is worth more than $950.

Re:Gizmodo May Face Felony Charges

[niftymitch]

snip.....

They paid $5000 for something that they knew - by their own admission - did not belong to the seller. If that's not dealing in stolen goods, then I don't know what is. You don't even have to know the law to be sure - a child could tell you that it's unethical and wrong.

In the eyes of Gizmodo did they pay to participate in the return of the phone to it's owner. In the process of returning it they did stand to gain but not gain the phone which they returned when asked.

Gizmodo has advertisers and it is likely they gained a lot of hits. Many sites might pay that much to get /.ed

Gizmodo also reports that the finder called Apple and has a 'ticket' number that records that he called and the lack of response on the end of the line may well imply no one cared....

Well this will be a tangle... that is for sure.

Heard of it?

[Yvan256]

Gray Powell, the Apple engineer who left an important bit of technology in a bar recently. You might have heard of it.

No I have not! What is this "Apple" you speak of?

Re:Heard of it?

[Thanshin]

No I have not! What is this "Apple" you speak of?

It's a fruit.

You're welcome.

Re:Heard of it?

Some sort doctor repellent.

Re:Heard of it?

[Yvan256]

From what I've heard you need to eat one every day. No wonder people say apples are expensive!

Re:Heard of it?

[Kenja]

Some record company started by the Beetles. No idea why its still relevant.

Re:Heard of it?

[waitwonder]

Gray Powell, the Apple engineer who left an important bit of technology in a bar recently. You might have heard of it.

No I have not! What is this "Apple" you speak of?

Bad Apple.

Re:Heard of it?

[iMac+Were]

No I have not! What is this "Apple" you speak of?

It's a fruit.

Close - it's used by fruits

Re:Heard of it?

[tnk1]

It's the music company that manages much of the Beatles' catalog.

Re:Heard of it?

[Locke2005]

The "Beetles"? Sounds like a cheap rip-off of The Beatles. They probably got sued by John, Paul, George, and Ringo for Trademark violation. Serves 'em right, too!

Re:Heard of it?

[Bing+Tsher+E]

One Bad Apple Don't Spoil The Whole Bunch Girl.

Re:Heard of it?

[DriedClexler]

LOL at first I thought you were referring to Steve Jobs having tried alternative therapies for his liver (or whatever) problems before trying to get an implant, and only later did I realize you were referring to "An apple a day keeps the doctor away."

Too Bad We Don't Know Apple's Policies

[eldavojohn]

If someone wants to take something classified out of a top secret military compound, he might have to secrete it on his person and deliberately sneak it past a guard who searches briefcases and purses. He might be committing a crime by doing so ...

Are you joking? Try losing their security clearance, being court marshaled and a probable investigation into 1) what motive you had removing classified material 2) where it was going and 3) how many other violations you knowingly committed.

... the corporate rules might have required him to pay attention to it at all times ...

I've gotten a corporate laptop with semi-sensitive material on it about the company I work for. I was given it when I traveled to various states. The guidelines were very clear. From locking it in the safe when I left the hotel room to not leaving it in my car. While it's less likely that someone would show up at a bar with a laptop, this is outright out of the question. Regardless of how lax their security measures are you might misplace a phone while drinking so don't bring it drinking! If you want to or accidentally take it drinking, you're accepting the risks.

It'd be hard for me to imagine that Apple -- the pseudosecretive company that it is -- wouldn't have stringent policies in place. Still, firing Powell would look less than heartless. I'd be shocked if any company as big as Apple didn't have such policies explicitly spelled out.

Re:Too Bad We Don't Know Apple's Policies

[Monkeedude1212]

Yeah, I would place him as a mail-room clerk until he proves he can handle sensative information without releasing it to the public.

You know, we get the occaisonal user who manages to get a trojan or a worm on their computer at work. When we get the request ticket in, first thing we do is remotely check their Browser history and cache. Generally it boils down to a Russian or Korean website that was visitted. In some cases, it gets referred to by a rollover ad on a legitamit web page, so we don't punish them, but there are other times when you see them visitting some chinese news blogs about a hundred times a week. In this even, we walk over, unplug everything, and take the tower away, telling them we need to clean it ASAP and we don't want to risk spreading the infection. You or I would know this is highly unlikely, I've never encountered malware that has spread to a network drive, but I wouldn't put it past black hats to do such a thing if they wanted. Then we spend the next day or two cleaning the machine. Yeah, it usually only takes a few hours, slave it on our AV machine. But the idea is to teach them a lesson about visitting those websites. After they've been without their computer for a couple days, we tell them where they got the virus from, and warn them not to visit those sites.

It appears to be working.

The only other situation of security we've really come across was some guy in another department who clearly knew a bit about computers. He managed to tunnel into his own VPN to get past our firewall to run bittorrent and download movies, which he burned onto disc and was selling them apparently. When the IT manager, (My Boss) found out he went into quite a fit, launched a full IT investigation of the whole building, and in the end, so many people in that department were found to be visitting sites they shouldn't be, that half the department was canned.

I think it was a little overboard, but I guess the message was very clearly sent and recieved, that building has had no problems ever since.

Re:Too Bad We Don't Know Apple's Policies

[_Sprocket_]

It'd be hard for me to imagine that Apple -- the pseudosecretive company that it is -- wouldn't have stringent policies in place. Still, firing Powell would look less than heartless. I'd be shocked if any company as big as Apple didn't have such policies explicitly spelled out.

The big question directly applicable to the case is what exactly those policies are and how they're enforced. From the article:

On the other hand, if Apple doesn't have clear-cut rules, if Powell wasn't prohibited from taking the phone out of his office, if engineers routinely ignore or bypass security rules and -- as long as nothing bad happens -- no one complains, then Apple needs to understand that the system is more to blame than the individual. Most corporate security policies have this sort of problem. Security is important, but it's quickly jettisoned when there's an important job to be done. A common example is passwords: people aren't supposed to share them, unless it's really important and they have to. Another example is guest accounts. And doors that are supposed to remain locked but rarely are. People routinely bypass security policies if they get in the way, and if no one complains, those policies are effectively meaningless.

As you noted, one would expect that stringent policies are in place (and if Woz's comments are accurate, then that's probably true). But it's also a matter of how the corporate culture treats those policies. I've certainly been in environments where security policies were routinely ignored by anyone with any clout (especially when done as political favors) which completely undermines the overall effectiveness of those policies.

That seems to be the gist of Schneier's post. It's less about the incident in question and more about applying it to general concepts. It's always easier to explain these concepts when you've got real-world examples; even if just remotely applicable to your situation.

But with that in mind, I'm still curious as to what Apple's policies are. I would expect engineers have to do some sort of dogfood testing at some point - perhaps even sooner than later. And there's certainly value in taking a device you're developing and committing to it - making it the only device you use. In such a situation, corporate policy is going to have to accept a certain risk if they want to take advantage of that. Even with all the mitigation one can think of (there was a kill switch), there's still that risk.

Re:Too Bad We Don't Know Apple's Policies

[Idiomatick]

Maybe... But firing an employee for showing Steve Wozniak a product seems a little less defensible.

Re:Too Bad We Don't Know Apple's Policies

[c]

> Regardless of how lax their security measures are you might
> misplace a phone while drinking so don't bring it drinking!
> If you want to or accidentally take it drinking, you're
> accepting the risks.

Unless one of the reasons you have the thing is to test it under "realistic conditions".

If that's the reason Apple let him off their campus with the iPhone prototype (and, given how they camouflaged it as a 3G, I's say it was meant to be used where random non-Apple people would see it) then I'd say he did exactly what he was supposed to do... tested the remote disabling function by getting shitfaced and losing "his" phone.

Re:Too Bad We Don't Know Apple's Policies

[Bing+Tsher+E]

Yeah, I would place him as a mail-room clerk until he proves he can handle sensative (sp.) information without releasing it to the public.

That's sort of ironic, given that the job responsibility of a mail-room clerk is to handle sensitive information while releasing it to the public.

Re:Too Bad We Don't Know Apple's Policies

[Bakkster]

If someone wants to take something classified out of a top secret military compound, he might have to secrete it on his person and deliberately sneak it past a guard who searches briefcases and purses. He might be committing a crime by doing so ...

Are you joking? Try losing their security clearance, being court marshaled and a probable investigation into 1) what motive you had removing classified material 2) where it was going and 3) how many other violations you knowingly committed.

Probable? Disseminating classified information is a felony, as well as a federal crime. If you sneak it out (and it's not likely one would 'accidentally' leave a site with classified info) you can be well assured that losing your security clearance is the least of your worries...

Also, afaik, you can only be court martialed if you are an active service member. Not everyone with access to that kind of stuff is military (contractors, consultants, non-military agencies, politicians).

Re:Too Bad We Don't Know Apple's Policies

[GlassHeart]

Try losing their security clearance, being court marshaled and a probable investigation into 1) what motive you had removing classified material 2) where it was going and 3) how many other violations you knowingly committed.

In 1999, Dr. Wen Ho Lee was indicted for stealing nuclear secrets. He was kept in solitary confinement for nine months, and ultimately convicted of just one count of mishandling sensitive documents. Judge James A. Parker and President Clinton both apologized for his treatment by the prosecution, and he later received $1.6M in settlements. This is obviously an unusual case of overzealous prosecution, but should also give an idea how seriously they can take this sort of breach.

Re:Too Bad We Don't Know Apple's Policies

[LateArthurDent]

I think it was a little overboard, but I guess the message was very clearly sent and recieved

Find a job elsewhere?

I mean, I don't blame the investigation, I don't blame firing the dude who was torrenting, but canning half the department for visiting web pages? You could pay me enough to work in a place like that, but the amount we're talking about would have to allow me to retire within 1-3 paychecks.

Re:Too Bad We Don't Know Apple's Policies

[Monkeedude1212]

The rational was that if they've been able to spend more 3 hours on Facebook a day they didn't have enough work to do.

Our IT Department is small enough that we're practically immune from layoffs, there is only 4 of us so firing 1 is losing 25% of your staff. We're nearing 1000 users, so thats especially a bad idea.

I don't really get involved with managers decisions. I am eyes and ears. They tell me to investigate, I look into it, report the findings. Its someone elses job to decide what happens to them.

It's not always a nice place to work, given some of the BS that goes on around other departments, but ours is pretty lax cause its a tight knit group. The pay is alright but the real perk is working with friends.

Re:Too Bad We Don't Know Apple's Policies

[sjames]

Unless, of course, it was usability testing and he was instructed to use it as his normal phone for a while and then write up a report. Perhaps his user experience story will result in the "Dude, where's my phone" feature on the next model.

How can they?

[Alexvthooft]

A PR agent finally does what he is supposed to (for once in his life with great succes) and they punish him for it. Apple's 1997 slogan goes to waste here Think different? Yeah right!

Fired and sued

[BadAnalogyGuy]

There's only one way to take care of someone who leaks mission critical information.

First you fire them. No sense in keeping them around if they are going to fuck up like that.
Next you sue them for major damages. Make an example out of them.

Since a corporation has no way to punish someone with actual jail time, the next best thing is to make sure people think twice before making big mistakes again.

Re:Fired and sued

[IndustrialComplex]

There's only one way to take care of someone who leaks mission critical information.

First you fire them. No sense in keeping them around if they are going to fuck up like that.
Next you sue them for major damages. Make an example out of them.

Since a corporation has no way to punish someone with actual jail time, the next best thing is to make sure people think twice before making big mistakes again.

Then you wonder where all the job applicants went.

Re:Fired and sued

[BadAnalogyGuy]

Apple's got no trouble attracting applicants.

Re:Fired and sued

[timeOday]

Next you sue them for major damages. Make an example out of them.

In this case, what are the damages exactly?

Re:Fired and sued

[xednieht]

Maybe if they served German beer at the Genius Bar this wouldn't be a problem.

Re:Fired and sued

[Yvan256]

There's only one way to take care of someone who leaks mission critical information.

Nuke him from orbit?

Re:Fired and sued

[VGPowerlord]

The money Apple spent on the marketing campaign to drive up the hype of said new model, which is no longer going to be something shiny and new when it's officially announced?

Re:Fired and sued

[baKanale]

Since a corporation has no way to punish someone with actual jail time

Because a world where that happens is a world I'm sure we'd all fucking love to live in.

Re:Fired and sued

In this case, what are the damages exactly?

Divulging trade secrets.

Re:Fired and sued

[tgd]

If there are unfiled design or technology patents, they lose them.

If there is anything strategic about the information related to the iPhone that their competitors glean, they lose that advantage, too.

How many hundreds of thousands of iPhones are not going to sell between now and then because people know what is coming and decide to wait?

Damages could *easily* be in the millions, and could be vastly higher if they lose patent protection because of the gaffe.

Could this be some kind of cleaver marketing ploy?

[willabr]

I wonder if this was a way to let people know another one is on the way. The way the "Blogosphere" is intentionaly manipulated by corporation is obvious to me. This whole scenario seems unlikely to me.

Um, why is Slashdot publishing this guy's name?

[Estanislao+Mart�nez]

After very visibly refusing to name the guy who lost the prototype, why is Slashdot now doing so?

Re:Um, why is Slashdot publishing this guy's name?

[bubulubugoth]

Because giving name to things make them more believable...

This story is a well crafted stunt... there are so many impossibles that it is a good legend... some parts are true, mostly gossips. Want to turn a gossip in a true, give it a name.

 

STOP ADVERTISING FOR APPLE

Please stop these stupid articles about someone fucking up or planting a phone.

Stop it.

Stop advertising for them.

Re:STOP ADVERTISING FOR APPLE

[DIplomatic]

Please stop these stupid articles about someone fucking up or planting a phone.

Stop it.

Stop advertising for them.

Oh, Sorry. I guess I should take off my t-shirt that says "Extra! Extra! Prominent Technology Company is Preparing a Newer, More Powerful Version of a Successful Product!! Read All About It!"

Re:STOP ADVERTISING FOR APPLE

This isn't advertising. It's Comic Relief.

The difference is subtle, but only if you aren't an apple fanbois.

Re:STOP ADVERTISING FOR APPLE

Wow, do you really get so upset over seeing an Apple article? The solution is really simple: don't stop reading and don't click on the article to comment. Continue scrolling the mouse wheel to the next headline.

Re:STOP ADVERTISING FOR APPLE

[SlayerofGods]

I know right? What are the odds that someone who just happens to find an iphone at bar takes it home and opens it ups?
Total BS. In the reall world the thing would simply be on ebay within the hour an no one would know that it was special.
The odds that the phone was left in the bar and found a person who could not only identify it as a new prototype phone but also had the curitosity to open it up in the first place.... someone should be buying lottery tickets.

Better watch out for that backlash, dude.

There's only one way to take care of someone who leaks mission critical information.

First you fire them. No sense in keeping them around if they are going to fuck up like that.
Next you sue them for major damages. Make an example out of them.

Since a corporation has no way to punish someone with actual jail time, the next best thing is to make sure people think twice before making big mistakes again.

There's only one way to take care of a company that is so antithetical to mankind's interests.

First, the rest of us, who have a sense of real (human) justice, get together and burn down the headquarters of your vicious little company. No sense keeping a company around that is going to fuck real people for simply being human. Make an example out of it (and its shareholders).

Since humans have no way to prevent a company running amok in our rampent corpratist state and trampling every vestige of fairness or equity, the next best thing is to make sure companies thing twice before making big mistakes again.

Re:Better watch out for that backlash, dude.

[BadAnalogyGuy]

You get right on that, Sparky.

Re:Better watch out for that backlash, dude.

[FreeUser]

You get right on that, Sparky.

lol!

Why do people go straight for "scorched Earth" approaches, when a simple media campaign would do.

To the GP post: they fire and sue the guy. Blog, report, and blow the shit out of the company's reputation among those in the technical field if it comes to that.

But arson? c'mon.

hmm

[nomadic]

As much as everyone had been beating up on gizmodo for leaking this guy's name, I would not be surprised if the only reason he kept his job was because of the publicity.

Ummm WTF?

[hellfire]

Firing, I can understand, but suing? No one was publicly humiliated or libeled. No one was physically harmed or killed. No one else suddenly lost their job. No one was discriminated against or denied rights or equal protection under the law. No one cheated or stole anything. No one was placed in potential harms way.

IANAL so I won't comment on if someone could be legally sued for this right now in the US. But I will say that I don't think anyone should be sued for this nor do I think the law should allow it. The guy goofed by leaving a phone in a bar, this isn't like falling asleep while monitoring a nuclear power plant. Being fired is enough punishment.

Re:Ummm WTF?

[geekboy642]

This is America. You can sue anyone for anything at any time. I could sue you right now for hurting my feelings with your post...and if I had an expensive lawyer (who didn't tell me to take a hike for being frivolous) I'd probably win.

Re:Ummm WTF?

[hellfire]

No that's not true. Yes you can initiate a lawsuit and sue anyone for anything, but there is no legal basis for your feelings being hurt by this post, and with a middling lawyer you will be laughed out of court by all but the craziest of judges.

Re:Ummm WTF?

[geekboy642]

That was exactly my point. I've seen so many frivolous lawsuits allowed to go on far longer than they should have. From the oft-referenced woman who burned herself with a cup of coffee to the lawsuit that prompted safety warning stickers on chainsaws to the criminal who hurt himself while burgling a home, American society seems to have a mania for lawsuits without merit.

Obviously I don't think there's any merit to a lawsuit over a forum post unless it crosses into the kind of slander that is actionable, but it was an example of the kind of idiocy that our judges don't seem to throw out quickly enough.

Apple Security Propaganda Poster

[MichaelCrawford]

This poster was displayed here and there around Apple back when I worked there in the mid-90s: "Many of our competitors dine in the same fine restaurants we do."

This to advise one not to discuss trade secrets over lunch.

Is there anything new here?

[ProdigyPuNk]

Is there anything in this blog post that wasn't in the comments for the last 3 (or more) articles on this subject ?

Really it's up to Apple what they want to do - assuming it isn't all a ruse in the first place. Although the same thing could happen to anyone with a prototype, it's still a Bad Thing (TM) and it's still up to Apple what they want to do. There's really no news here at all...

For Now

[FreeUser]

Apple's got no trouble attracting applicants.

They might do, if they continue to grow a reputation for Stasi style tactics and policies that make Orwell look like an optimist. Which firing and suing this guy would certainly do.

How far Apple is from the tipping point of going from "a cool place to work" to "last chance saloon for those desperate enough and unable to get work elsewhere" is an open question, particularly in today's economy. But one thing is certain...they are closer to that point now than they were two years ago, and will be a whole lot closer still if they act in a vindictive manner toward a guy who simply made a mistake any of us could have made.

After all, who hasn't lost a cell phone at least once in their life? (A good reason to never volunteer to test prototypes, especially if your lifestyle includes the occasional pub visit)

Re:For Now

[BadAnalogyGuy]

This is the company that can attract top shelf employees despite having Steve Jobs as CEO.

Re:For Now

[vlm]

(A good reason to never volunteer to test prototypes, especially if your lifestyle includes the occasional pub visit)

The problem is, part of the testing job is to determine the beer / vomit / smoke resistance of the prototype, before the users test the production models in the same environment. At least they got data on its "theft resistance" characteristics...

Re:For Now

[IndustrialComplex]

This is the company that can attract top shelf employees despite having Steve Jobs as CEO.

It's momentum. Consider GWB's popularity after 9/11. Disappointment usually lags reality.

Re:For Now

[burris]

How far Apple is from the tipping point of going from "a cool place to work" to "last chance saloon for those desperate enough and unable to get work elsewhere" is an open question, particularly in today's economy. But one thing is certain...they are closer to that point now than they were two years ago, and will be a whole lot closer still if they act in a vindictive manner toward a guy who simply made a mistake any of us could have made.

Gimme a break, even at Apple's lowest point in the mid-90's it was a cool place to work with many highly qualified applicants. Considering that Apple gives its developers real offices at its campus in Cupertino California and feeds them well, it's going to remain a desirable place to work for quite a long time after Steve Jobs next departure from Apple and its subsequent decline.

The boredom of the iPhone

[tlhIngan]

Come to think of it, as the lost iPhone was really already a 4th generation device, Apple probably wasn't seeking any sort of punitive measures against the guy, and the restrictions on personal use of prototype hardware was probably heavily reduced.

After all, it's an iPhone. We've seen the 3 previous models already. And there isn't much new or innovative Apple could've put in.

Hell, Apple doesn't make big announcements when they introduce new Macs (like they did a couple of weeks ago) - just a quiet little refresh, and every other site picks up and makes it news, even though it's just spec bumps here and there and minor new features. Maybe if there was a super-big-fantastic announcement (e.g., Blu-Ray support), but for the msot part, most announcements are low-key. It's hard to generate buzz. Or hell, when the iMacs came out and the 27" came with a video input.

Ditto the iPods - sure a nice keynote on the new features, but then again, the old iPod Touch and the Classics got barely a mention despite getting upgrades.

The iPhone's getting to that point - it's a phone, there's not much one can improve on it hardware-wise. Hell, the 3GS was pretty much "meh" on the hardware, other than making the software fly. The software that drives the iPhone though is probably quite intriguing, but we already learned about 4.0.

Now, the secrecy behind the iPad was probably quite high, as were restrictions placed on it because it's a new Apple product. There were rumors, but until the big announcement, no concrete details.

Apple's learned several things over the past decade - first, takedown notices are a surefire way to confirm rumors. Second, it doesn't have to be super-secretive on everything - things that are likely to underwhelm on presentation (like mere spec upgrades), well, let it leak (there were so many SKUs posted on the new MacBooks that we knew they were coming). Thus, Apple concentrates the secrecy on its second gen iPad and whatever new device it's concocting. New screen? Front facing camera? Meh features - the only thing Apple can do is either drop one or the other (due to availability and/or software issues) and leave it for the next model. After all, they appeared to do that with the camera feature on the iPod Touch 3rd gen.

Shittiest example

[jim_v2000]

of a security breach ever. A viral marketing campaign where someone "loses" a prototype phone at a bar does not count as a "security breach".

Re:Shittiest example

But OMG it's apple's SECRET TECHNOLOGY they might lose $234381 trillion!!

THERE'S A COMPANY AT STEAK!!!!!!!!

Re:Shittiest example

[night_flyer]

mmmmmmmmm.... steak

Re:Shittiest example

[jittles]

But OMG it's apple's SECRET TECHNOLOGY they might lose $234381 trillion!!

THERE'S A COMPANY AT STEAK!!!!!!!!

Mmmmm steak! Sign me up.

Re:Shittiest example

[GillyGuthrie]

You're making me hungry.

Fanboi Article

[Lars+T.]

Schneier makes no mention of this being an Apple publicity stunt. Gee, I guess that makes him an Apple-Fanboi, that's what those are who don't believe this.

Not such a big deal

[Angst+Badger]

You also might have been on either the breacher or the corporate side. I'd hate to be in either position myself.

It's not a problem if you handle it correctly. After we disemboweled the first guy, you'd have been surprised at how strong everyone's passwords became.

Something's wierd about this

[ErichTheRed]

I know Apple is famous for "accidentally" leaking hints of upcoming technologies out to generate buzz, but this is strange. If I were in a highly-competitive market and wanted to not give the Chinese knockoff makers a head start on my design, the last thing I'd do is let it out of the building.

I could see Apple anonmyously leaving photos or spec sheets around. Maybe they might even take a -mock-up- out in the wild like car companies do when they are track-testing a new model. (iPhone in a Samsung case? :-) ) But there's no real reason for them to "field-test" a device like that. Apple has a large corporate campus, and I guarantee they have the strongest ATT signal in the entire country. Plus, if you're testing stuff like GPS, you don't have to go across town, you just have to go across the building. Nah, this guy just had to show his buddies, and he lost it. That really sucks for him, because no matter what actually happened, he's never going to be trusted to work on secret products again. Even if Steve Jobs himself said, "Go take this phone for a spin." and he can prove it, there's always going to be the doubt that he has the self-control to keep quiet about what he's doing.

I know people who work in high-security environments, where they design products in a race to be the first to the Patent Office. Most are absolutely forbidden from even talking about what they're working on. I highly doubt that Pfizer or Bristol-Myers allows their researchers to take their lab notebooks anywhere outside their labs. People desiging the next netbook or mobile phone are in a similar situation -- 10 seconds after a prototype gets out, it will be glommed up, reverse-engineered, and a cheaper faster version will be out a week before yours.

Given all the draconian stuff I've heard about Apple being a wierd place to work, I'm sure they have an incredibly strict policy about secrecy...that is, they control the message, not the employee working on it.

Re:Something's wierd about this

Yeah, cause the best way to test a device that is used all over the world in unimaginable ways is to never let it out of the facility.

Them having great ATT signal proves that it is not like the rest of the country. Want to know how it works on sketchy coverage? Take it out of the building.

So you think that all of the car manufacturers that drive their cars up into the Arctic, the Rockies or the desert just do it because they want to leak what their car looks like? No they want to know how it works outside the lab. The real world is often different to the lab. Maybe you want to visit it some time.

Re:Something's wierd about this

I guarantee they have the strongest ATT signal in the entire country.

No shit, Sherlock! Perhaps they might want to test it somewhere that doesn't have the strongest signal in the country???

Re:Something's wierd about this

[captaindomon]

Most cell phone companies distribute a number of new handsets (over 50) to employees for usability testing, a few months before general release. It's not about testing the hardware, which you are correct, can be tested in the lab. It's about testing how humans use the phone, if they like it, if they think the form factor and the UI work well in their everyday lives, etc. For Apple, the usability is more important than the technical performance, much more so than other companies, so it's not strange he had one off campus.

Retail pricing vs actual value

[Burning1]

The value of an item is what people are willing to pay for it, not the retail cost or KBB value. Retail and blue book values are starting places, designed to reflect and perhaps control the market... But they are not the last absolute say on value.

Consider the console market: In December of 2006, a Sony PS3 was worth $1200, despite the fact that the retail cost was $599 for the 60 GB version.

Too bad...

[Moheeheeko]

..the "leak" wasnt an accident. This is how apple hypes just about EXERYTHING is that they "leak" somehow.

Lessons unlearned...

[BrokenHalo]

We could pursue the DRM issue forever, but there's a completely unrelated lesson Apple could learn from this debacle if they cared to. If the offending phone was indeed left on a barstool, a question arises (in my mind at least): If Apple are so damned clever, why can't they make their phones small enough to fit in a pocket of your jeans?

Then nobody would have to leave the device out in plain view for anyone to pinch.

Re:Lessons unlearned...

[Yvan256]

But the multitouch screen understands pinching! That would be a waste!

Punishment prevents or delays fixing the problem.

[zerofoo]

Long ago we decided that if anyone in our company breaches security by losing an access card, or sharing a password, we would not punish the person responsible if they came forward immediately.

This policy encourages a quick resolution to the security breach. A lost security card or password can be disabled or reset thereby limiting the damage the mistake caused.

Persecuting people that make mistakes only delays the notification process, and then delays the fix - putting more people/things at risk.

People make mistakes, they happen, and there is nothing you can do to prevent them.

-ted

Schneier on Riding News

[hrimhari]

Indeed, it looks like Mr. Schneier was in a rush to write something and forgot to add content.

It's a yawner

[Animats]

If anything, the embarrassing thing about the leak is that the product isn't changing much. The corner bevel radius is changing. Big deal. Two cameras, one on front, one on back. That's new. Camera flash - yawn. Noise cancellation mic - finally. Those are all routine, minor product improvements, and they're all already available on competing products.

That's what may scare Jobs - he makes a big announcement, and everybody yawns. Headlines read "Apple plays catch-up with Sony Ericsson". Jobs looks like a loser.

Intended leak???

[capo_dei_capi]

As others in other articles on this topic have noted before me, it's extremely unlikely that some young R&D engineer just happens to leave the lab with a not fully functional prototype of Apple's next gen phone, and then by some weird coincidence loses it at a bar.... Actually, it's quite much more likely that this was an intended leak and Apple was hoping for the kind of coverage they got from Gizmodo, so wouldn't charges of misleading the course of justice against Apple be more appropriate, if they don't come forth with the truth soon?

Re:Could this be some kind of cleaver marketing pl

[Deadstick]

No thanks...I already have a cleaver.

rj

Sprocket = "perfect" bullshitter

#1. Don't pay sprocket any mind, he is a bullshit artist. #2. http://slashdot.org/comments.pl?sid=1293667&cid=28621185 where sprocket was totally "perfectly" (the word he refused to define along with his evading all questions put to he) blown away by his own dyslexic mind due to -> #3. Sprocket also likes to put words in others mouths they never even said and tries to state they "implied it" when his dull brain obviously cannot interpret written english properly because when asked by the person replying if sprocket could find where said person supposedly stated what sprocket said he did? Sprocket ran or evaded all questions there. I bookmarked that for everyone's reference so this no mind Sprocket could see it again and regret his stupidity in being a wanna be computer expert (not). He certainly got his ass handed to him there. Read it yourselves, and decide how "expert" sprocket really is. Sprocket, so are you an Apple corporate officer, or do you just like to act like you are? Poor performance here boy. Then again, I don't think you know what "perfect" means, per that url above, so, we don't really expect your performance while you act "smart" to be perfect. In fact, your facade is a rather thin veneer.