Slashdot Mirror
Insider-Trading Suspects Smash Hard Drive Evidence
An anonymous reader writes "We all know Slashdotters love debating the best way to wipe a hard drive clean. Looks like tech-savvy Wall Street Hedge Fund managers also know the best way to do it. From the WSJ article: 'Mr. Longueuil's version of that night's events was recorded later, during a December meeting with former colleague Mr. Freeman, who by then was cooperating with the government and recording conversations, according to the U.S. complaint. "F—in' pulled the external drives apart," Mr. Longueuil told Mr. Freeman during their meeting, according to the criminal complaint. "Put 'em into four separate little baggies, and then at 2 a.m. 2 a.m. on a Friday night, I put this stuff inside my black North Face jacket, and leave the apartment and I go on like a twenty block walk around the city and try to find a, a garbage truck and threw the s—t in the back of like random garbage trucks, different garbage trucks four different garbage trucks."'"
Perhaps we shouldn't be whining about tech-clueless management after all... This seems like a much worse alternative. On the plus side, he probably didn't even think about the mailserver backups...
I have heard of people getting hit with destruction of evidence charges for engaging in this sort of behavior...
Palm trees and 8
Encryption seems a bit more foolproof. It's also a bit more believable that one might "forget" a lengthy passphrase, while physical destruction looks a bit suspicious.
That said, encryption and physical destruction is also useful, as it means that even if someone gets some of the physical components of the disk, it will be even more difficult to get any data off of them.
So they should continue to receive the lighter sentences. Right? It shouldn't matter that the impact of their crime was the ruination of thousands of lives. Putting these guys in with common thugs is just cruel.
Red sleeves.
The dangers of knowledge trigger emotional distress in human beings.
So what do we learn kids? Don't talk about the skeezy shit you do to anyone: friend, family, coworker, or other. If you do bad shit, keep it to yourself.
At the small town bars I used to hang out in we had a saying, "Loose lips get hit."
It would appear that the hammer of justice follows a similar rule of thumb.
Motorcycles, Robots, Space Gossip and More!
And these guys are supposed to be incredibly brilliant? Good thing he used baggies. Wouldn't want them to get dirty in the trash.
"Bob, I'm glad SCC investigators didn't find anything nasty or incriminating on your computer. However, it turns out you haven't even turned the damn thing on for two years, so it looks like you've been jacking off in your office for quite some time, so we're letting you go."
The world's burning. Moped Jesus spotted on I50. Details at 11.
Great so he destroyed everything he had, if he's the trader, then someone at the companies he traded in will know the information given to him.
Not only did he not get his own mailservers, he didn't get their mailservers, his accomplices hard drives, the coorperation of his colleague Mr. Freeman or anyone else that is going to turn evidence on him to get their own sentences commuted.
The Prisoners Dilemma in the 21st century: Everyone Encrypts (phones, emails, hard drives) and Nobody Talks. Otherwise somebody is going to have evidence pinned on them, then its just a race to be the first in line to rat the others out.
Why are there 2 seemingly identical versions of this story on the main page? This isn't the time-honored Slashdot tradtion of dupes from different editors who didn't check with each other, this is more clone than dupe, and it's been happening a lot every since this horrible new design was rolled out.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
IANAL; but my understanding is that it doesn't constitute an admission of guilt per se(particularly in these days of high-capacity hard drives, there would be no reasonable way to bound the number of things you could have been guilty of with just one HDD...); but, destruction of evidence and/or "obstruction of justice" are typically crimes in themselves.
If they have a recording of you describing how you ripped apart and surreptitiously disposed of your HDD after you heard that the feds were on your trail, those charges are going to be very hard to dodge...
Merely destroying your hard drive, out of caution or paranoia, and then learning later that the feds would really have liked to have a look through it, is one thing; but if you are caught on tape describing why you destroyed it, game over, man.
After thoroughly eradicating all trace of evidence, he then told someone else what he had done. Brilliant.
Ceci n'est pas une signature.
Does anyone else think that the quote sounds like one of those fake quotes you see in mail hoaxes? For instance, why would he say "I put this stuff inside my black North Face jacket", which adds nothing to the story but is something a hoaxer would put in if he saw photos of Longueuil wearing North Face products. Besides, maybe the guy wasn't a Rhodes Scholar, but I have a hard time believing the managing director of a capital management firm speaks like a valley girl.
I'm not saying he's innocent, just that this news item doesn't look right.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
You might want to come up with an evidence-destruction plan that doesn't result in your filesystem timestamps showing that your work machine(which anybody from the janitor on up will be able to testify that you use daily) wasn't touched for six months after IT issued it, and then started seeing a burst of use the day after news of fed interest in you came out...
On a modern OS/system software setup of any complexity, generating convincing fake timestamps and system activity is a bit on the nontrivial side. If the investigator has little or no evidence about your computer habits, or circumstantial evidence of what you've done, it isn't too hard; but if they have enough circumstantial evidence to work from, you might face issues.
This would be especially the case in a somewhat paranoid corporate environment(which I would imagine a hedge fund is). Even in my(far less tight-wound) shop, you would probably get a visit from IT to figure out WTF is going on were your machine to suddenly leap back 6 months in patch/AV update status, or (while retaining the same MAC) turn into a linux box or a non-domain windows machine from time to time... In an environment where IT is running scared about corporate espionage, Sarbanes-Oxley, or even just the rigors of dealing with backups of high value files on a mobile workforce of laptops, they would almost certainly be considerably more attentive.
Especially if the company has a strong reason to want to throw you under the bus(large, secretive hedge fund? You. Fucking. Bet. that they want the SEC/Fed investigation to end as soon as possible, ideally with just a couple of disposable peons "acting without authorization", as they say...) they would likely prove quite cooperative in helping to prove that you were hiding something. Particularly if that reduced their odds of having to hand over much larger swaths of their data/backups to investigators.
It's a Sicilian Message: your hard drive sleeps with the fishes. Toss the hard drives into the Atlantic from your yacht. Let the salt water take care of the rest. Or encase them into cement at a construction site. The old, time-tested methods are the best.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
if they prove deliberate destruction of evidence, doesn't that constitute admission of guilt? or some other loss-by-default?
No, but it does allow the prosecutor to give the jury instructions that they may make a adverse inference[1] as to the contents of the destroyed relevant evidence from the fact that the defendant knowingly (sometimes even negligently) destroyed it. Essentially, they are telling the jury that they can infer that the evidence would weaken the defendant's case from the fact that he willfully destroyed it.[2] The jury is not required to make such an inference but it may -- as contrasted from the fact that prosecutors are forbidden from trying to make adverse inferences from a refusal to testify based on 5A grounds, such jury instructions would be illegal and the whole conviction overturned.
This is a very onerous instruction and so is reserved for cases in which it was shown that the destruction was knowing or negligent but it's necessary in order for the discovery system to work. In the absence of a adverse inference rule, litigants would have a very strong incentive to preemptively destroy any incriminating evidence as soon as they became aware of an investigation or a lawsuit. In cases against corporations in which internal emails/documents play a pivotal role in proving that the behavior was part of a pattern/policy of the company (and not merely a rogue employee) this would be fatal to the plaintiff/State. The same logic applies in cases against the State[3] where they refuse to disclose evidence that might be favorable to the defendant.
[1] http://en.wikipedia.org/wiki/Adverse_inference
[2] http://vegaslitigator.com/blog/?cat=50 (discussing the Nevada statute, not the Federal one, but many parallels and the same basic concepts exist).
[3] http://legalholds.typepad.com/legalholds/2009/04/negligent-destruction-of-evidence-is-sufficient-to-support-an-adverse-inference-instruction-although.html An interesting case in which police destruction of evidence helps to get defendants off the hook because they allege that the destroyed evidence would undermine the State's case. IOW, the adverse-inference doctrine cuts both for and against the State. The defendants did eventually convince the court that the radio communications were relevant.
"We all know Slashdotters love debating the best way to wipe a hard drive clean. Looks like tech-savvy Wall Street Hedge Fund managers also know the best way to do it. From the WSJ article: 'Mr. Longueuil's version of that night's events was recorded later, during a December meeting with former colleague Mr. Freeman, who by then was cooperating with the government and recording conversations, according to the U.S. complaint. "F—in' pulled the external drives apart," Mr. Longueuil told Mr. Freeman during their meeting, according to the criminal complaint. "Put 'em into four separate little baggies, and then at 2 a.m. 2 a.m. on a Friday night, I put this stuff inside my black North Face jacket, and leave the apartment and I go on like a twenty block walk around the city and try to find a, a garbage truck and threw the s—t in the back of like random garbage trucks, different garbage trucks four different garbage trucks."'"
We usually mean banks or the exchange when we speak about Wall Street. If you need a location-based idiom for Hedge Funds, Greenwich CT works. Or Mayfair if you're in London. And yes, banks are different from Hedge Funds. Don't mix up your villains please.
They might end up in the same landfill, but there's no guarantee they'd get there even on the same barge. New York City has 8 million residents and generates over 36,000 tons of garbage a day. That's a lot of garbage to go through even if they thought Osama was hiding in it.
It didn't have to be incrimninating. It was still evidence.
In fact, did they receive a discovery notice, or have reason to believe they would?
deleting the extra space after periods so i can stay relevant, yeah.
I was there in the mid-90s when this behavior was beginning to wind down, but still going on. We saw coke-sniffing in the bathrooms (I don't recall seeing the drug dealers anywhere). Our company favored wrestlers (if I recall correctly one fellow had an Olympic bronze in Greco-Roman), and nobody sought the cerebral types. I would say the drinking culture was still very heavy.
The whole thing has calmed down a lot since electronic trading took over almost everything -- no longer do you need to physically push the other fellow aside to get the trade. Nowadays even golf isn't really that common a pursuit. London was always more extreme and stayed wild a bit longer I hear.
Of course, some might argue that the world economy was better off when traders were dumb jocks rather than clever eggheads who know what a hard drive platter is.
Overkill. Back in the olden days when ones and zeros were literally written as up and down flips of magnetic domains, you could look at the "edges" of each track and make an educated guess at what had been written last. Since hard drives use a far more complicated encoding scheme similar to QAM as used for digital TV, you've got no idea what the bit was. If you imagine that a bit was an analogue value from 0 to 7, you can't tell if it was a 4 last time or a slightly faint 6, or a strong 2. It's gone, properly gone.