Slashdot Mirror

← Back to Stories (view on slashdot.org)

Employee Outsourced Programming Job To China, Spent Days Websurfing

Posted by Soulskill on from the working-hard-or-hardly-working dept.

New submitter kju writes "The security blog of Verizon has the story of an investigation into unauthorized VPN access from China which led to unexpected findings. Investigators found invoices from a Chinese contractor who had actually done the work of the employee, who spent the day watching cat videos and visiting eBay and Facebook. The man had Fedexed his RSA token to the contractor and paid only about 1/5th of his income for the contracting service. Because he provided clean code on time, he was noted in his performance reviews to be the best programmer in the building. According to the article, the man had similar scams running with other companies."

106 of 457 comments (clear)

  1. Part of me says, "Good!" by Maow · · Score: 5, Interesting

    I'm a bit torn on TFS.

    On one hand, companies outsource "our" jobs with absolutely no remorse at all.

    On the other hand, ... fingers?

    1. Re:Part of me says, "Good!" by indeterminator · · Score: 2

      I'm a bit torn on TFS.

      On one hand, companies outsource "our" jobs with absolutely no remorse at all.

      On the other hand, ... fingers?

      On the other hand, many companies wouldn't mind... IF you told them what was going on. I'm guessing the major issue here is the omission of details by the employee.

    2. Re:Part of me says, "Good!" by Anonymous Coward · · Score: 5, Insightful

      well.. and the fact the employee here was collecting a 400% markup..

      employee did employer a favor.. proved his own job could be outsourced better at a fraction of his salary. fire the employee, keep the contractor.

    3. Re:Part of me says, "Good!" by kiddygrinder · · Score: 4, Interesting

      yeah as if, i'm sure if i told my boss i was doing this they'd be so keen to keep paying me to do it rather than firing me and doing it themselves whilst keeping 4/5 of my salary.

      --
      This is a joke. I am joking. Joke joke joke.
    4. Re:Part of me says, "Good!" by History's+Coming+To · · Score: 5, Insightful

      The major issue is handing over access keys to a corporate VPN to a random bloke in another country. Frankly, I'm quite impressed with the general concept, but introducing a huge security breach isn't going to make you popular, he should have just had the guy email him code and the ctrl-V it himself, cutting the security breach out, he'd probably never have been caught unless there was something unexpected in the code.

      --
      Please consider this account deleted, I just can't be bothered with the spam anymore.
    5. Re:Part of me says, "Good!" by indeterminator · · Score: 4, Insightful

      my boss

      I quoted the problematic part. s/boss/client/ and all is well. Independent contractors do this all the time.

      Some other important things: (a) You want to get permission from your boss/client *before* making the arrangement. (b) You *don't* want to disclose the rate of your subcontractor to your boss/client. (c) You *definitely* don't want to send your *personal* RSA token and access credentials to your subcontractor.

    6. Re:Part of me says, "Good!" by TheLink · · Score: 4, Interesting

      Was he using the same contractor for everything? If he wasn't then maybe he's a competent project manager with a good eye for talent.

      It's not so easy to get good results from outsourcing. So some of his 400% markup might be justified ;).

      --
    7. Re:Part of me says, "Good!" by war4peace · · Score: 2

      There are other issues here.
      If the code is sensitive enough, an employer is willing to pay a lot more and keep the job in-house rather than outsource it. You want, as an employer, to have as much control as possible over someone who codes your financial software, for example.
      Also I'm sure that there are zounds of rules that were broken by this behavior.

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
    8. Re:Part of me says, "Good!" by ByOhTek · · Score: 5, Insightful

      Yes, it's bad if the employee has 400% markup, but good business if the company does it.

      --
      Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
    9. Re:Part of me says, "Good!" by adrn01 · · Score: 5, Insightful

      Employee is in wrong position, if was able to successfully find / hire / manage a highly competent programmer in China.

    10. Re:Part of me says, "Good!" by arth1 · · Score: 4, Interesting

      On one hand, companies outsource "our" jobs with absolutely no remorse at all.

      On the other hand, ... fingers?

      On the gripping hand, the problem is giving your personal RSA encryped access into a company's network to unidentified third parties.
      Perhaps this developer could provide his services for a fifth of the going rate because he also snooped around and collected and sold data.
      Clandestine data mining and illegal data bourses is no longer a SciFi concept; it happens every day.

    11. Re:Part of me says, "Good!" by Anonymous Coward · · Score: 5, Funny

      Maybe the Chinese programmer didn't do it himself either, but hired an Indian programmer for 1/5 of what he got ...

    12. Re:Part of me says, "Good!" by ByOhTek · · Score: 4, Interesting

      Note: that was sarcasm - there should have been a question mark at the end. They should be put on equal footing, or because the employees are more likely to spend the money (i.e. not invest which aggregates more money to them), and therefore keep a pool of money that will help draw and encourage investors, even in a stagnate economy... I can even seen putting some favoritism towards the employee doing it.

      --
      Self proclaimed typo king, and inventor of the bear destroying coffee table (patent not pending).
    13. Re:Part of me says, "Good!" by eulernet · · Score: 4, Insightful

      VPN is not really the problem, since VPN access tends to be quite limited in scope.

      I think that the main problem is that a random guy in China has a local copy of all the source code of the company.

      If access to the code required some NDA, the company is now in pretty deep shit.

      Anyway, kudos to the chinese guy, he seems to be a good coder and had to work at an unusual work schedule.

    14. Re:Part of me says, "Good!" by AndyMackee · · Score: 2
      Yep. But you know what's funnier? I know of folks who take on outsourced jobs and then outsource them even further. That's, like, outsourception!

      ---

      Some cool Big Data projects

    15. Re:Part of me says, "Good!" by Luckyo · · Score: 4, Interesting

      This was mt first thought as well. If employer's management has any common sense, at this point the man should be pushed into management ASAP. People who can do outsourcing that well are very rare.

    16. Re:Part of me says, "Good!" by Dcnjoe60 · · Score: 4, Insightful

      Employee is in wrong position, if was able to successfully find / hire / manage a highly competent programmer in China.

      I don't think you want this guy as your program manager. Look at the facts. He was paid $X and paid somebody to do his job for less. He isn't making any extra money and in fact is taking home less money than if he did the job himself (and since he isn't a business, he can't even deduct the outsourcing expense from taxable income). The guy still had to show up at work each day (where he would just surf the net), but his outsourcing activities didn't free him up to do other programming which would bring him additional revenue.

      No, the only reason to do something like this is because you are incompetent at the job you were hired for and need to cover that up, or you are an idiot because you are giving away a large chunk of your pay so you can surf the net. Neither of those are qualities that I would want in a manager.

    17. Re:Part of me says, "Good!" by Dcnjoe60 · · Score: 2

      On one hand, companies outsource "our" jobs with absolutely no remorse at all.

      On the other hand, ... fingers?

      On the gripping hand, the problem is giving your personal RSA encryped access into a company's network to unidentified third parties.
      Perhaps this developer could provide his services for a fifth of the going rate because he also snooped around and collected and sold data.
      Clandestine data mining and illegal data bourses is no longer a SciFi concept; it happens every day.

      All of the problems that you list, while serious, are actually symptoms of a deeper problem. In short, this is really the tale of a dishonest employee and dishonest employees can do all sorts of damage in a company. People shouldn't marvel at how crafty he was, but instead how devious he was. If he was willing to do this, then what else was he willing to do or would he have done in the future, if not caught? Most people that embezzle funds (which this guy didn't do, but the principle applies) start with the intention of paying it back. Most never pay it back until ordered by the court. They start small, find there aren't any consequences and continue to escalate their dishonesty. That is the pattern with almost all employee dishonesty issues and there is no reason to expect this guy would have been different.

    18. Re:Part of me says, "Good!" by beowulfcluster · · Score: 5, Funny

      Maybe the Indian programmer hired a laid off American programmer who figured it was better than nothing.

    19. Re:Part of me says, "Good!" by beowulfcluster · · Score: 4, Insightful

      If you're only doing it at one place then you might be an idiot, but if as reported with this guy you're doing it at several jobs...? Suddenly you're taking home a lot more than you'd do if you were doing a real job yourself, and you're watching cat videos while doing it. If you have multiple clients who are all satisfied enough with the work your team does that they want to keep hiring you, what more do you need in a manager?

    20. Re:Part of me says, "Good!" by LordLimecat · · Score: 5, Insightful

      You mean, except for the whole "some random dude in another country now has his RSA ID and noone was the wiser", ya sure.

    21. Re:Part of me says, "Good!" by BVis · · Score: 5, Insightful

      The major issue is a dishonest employee. While he may be crafty, he still took credit for others work and tried to cheat the system.

      That's the American Dream, 2013 style. Hard work only gets you more hard work, but exploiting the hard work of others makes you rich. As others have pointed out, employers do this all the time, and not only is it accepted, it's expected. But when a peon.. whoops, excuse me, the proper term is "an employee", turns the tables on them, well, we can't have that, can we. Companies don't like it when you don't eat the shit you're given.

      To me, yes, what this guy did was wrong and dishonest. But, to a lot of people, the only thing this guy did wrong was get caught. Companies that work the system (legally or not) are praised as 'innovative' and 'efficient', and the execs get huge bonuses while the people who do actual work struggle to make ends meet with their salaries that don't keep pace with inflation. And, should the companies get caught doing something that's actually illegal instead of just morally reprehensible, they pay a fine (which is generally less than the amount of savings/extra profit they realized through the illegal activity) and get a stern talking to. But, when this guy does the same thing, he loses his job, gets his reputation ruined, and may very well go to jail. God Bless America.

      --
      Never underestimate the power of stupid people in large groups.
    22. Re:Part of me says, "Good!" by Anonymous Coward · · Score: 2, Insightful

      companys have no loyalty to employees anymore, so the reverse is just common sense.

    23. Re:Part of me says, "Good!" by dubbreak · · Score: 4, Interesting

      VPN is not really the problem, since VPN access tends to be quite limited in scope.

      And my experience says the opposite. Whatever you'd have access to locally as a user you'd have over VPN. How would you do your job otherwise? The point of VPN is to make it a secure connection so you can have access to whatever you'd have access to locally.

      If the company has an NDA, is ISO registered, has to follow any government security protocol (I worked at a private Canadian company that followed US security regulations in order to sell to US gov) etc.. this could lead to trouble. Of course sweeping it under the rug would have been better than advertising it if that's the case.

      I agree on the kudos. Finding good people is tough enough locally. Outsourcing is hell. In a contracting type situation (as long as it didn't have a no substitution clause) this would have been perfectly ok (if not better than ok since it appears good code was actually written). The interesting part is whether the company would have paid the same had they known. They were quite willing to pay a wage of X when they thought it was the local guy producing the code, but my guess is they'd want to pay a small % of X for the Chinese worker even with this guy managing him. In reality, since he was producing the best code in the company, he should have been getting the biggest wage (reward your stars and all that).

      --
      "If you are going through hell, keep going." - Winston Churchill
    24. Re:Part of me says, "Good!" by cusco · · Score: 2

      Your employer needs to find a better contracting company, they're out there. Of course those charge more than $10/day, and in a corporate culture where low-bid is the only qualification considered by management you might be stuck. If this guy was paying 1/5 his salary to the contractor then he's probably found one of the best, someone that Verizon would be lucky to find in any country.

      --
      "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
    25. Re:Part of me says, "Good!" by dubbreak · · Score: 4, Interesting

      This.

      A contractor or consulting company would do this no problem. That's a b2b relationship though. Employees are supposed to be subservient, "Yes mastah, whatever you need mastah."

      If we ignore any issues with security it's really hard to fault the guy. The point as an employee is to do your job and do it well. The code he (had) produced was apparently commendable. He did his job well though not by the traditional solution (working hard and doing it yourself). Does that make it the wrong solution?

      The biggest issue is the company "got tricked" into paying more for a cheap worker. Of course had they done the outsourcing themselves they'd probably have one or more of the worst producing low quality coders that require tons of rework (the normal reality of outsourcing).

      --
      "If you are going through hell, keep going." - Winston Churchill
    26. Re:Part of me says, "Good!" by JosKarith · · Score: 3, Interesting

      Money's not the only motivator to go to work but it's the deal breaker. And if i could earn 80% of my salary by sitting on my arse working on personal projects then I'd go for it.

      --
      'Don't worry' said the trees when they saw the axe coming, 'The handle is one of us.'
    27. Re:Part of me says, "Good!" by Half-pint+HAL · · Score: 4, Insightful

      People who can do outsourcing that well are very rare.

      How "well" is that? He pushed a "critical infrastructure" job offshore without a full ISO security audit, putting his employer in the position where they risk losing their ISO certification and get sued into non-existance. The reason his offshoring was cheap and profitable was because he made a very, very bad job of it. He has lost his job, and the only reason he hasn't been sued into bankruptcy is the fact that his employer is sh*t-scared of anyone knowing it was them.

      --
      Got them moderator blues I blieve I walk out the do', With these mod-points I been gettin', I 'most never post no mo'
    28. Re:Part of me says, "Good!" by phillyclaude · · Score: 5, Funny

      it's programmers all the way down

      --
      A computer without a Microsoft operating system is like a dog without bricks tied to its head
    29. Re:Part of me says, "Good!" by TheLink · · Score: 3, Funny

      Reminds me of: http://dilbert.com/strips/comic/2003-08-03/

      --
    30. Re:Part of me says, "Good!" by cayenne8 · · Score: 4, Interesting

      It's not so easy to get good results from outsourcing. So some of his 400% markup might be justified ;).

      This man is my God!!!!

      Now....how can I implement something of this sort? Just need to learn my lessons where this guy screwed up.

      Ok, no unauthorized VPN's into the work network, do all that from home is a start.

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    31. Re:Part of me says, "Good!" by Luckyo · · Score: 5, Informative

      Well enough not to be found out for a long time and be found best coder of the workplace.

    32. Re:Part of me says, "Good!" by cayenne8 · · Score: 5, Informative

      So money is the only thing that motivates you to work?

      Of course it is....? Are you kidding?

      I'd assume that is the case for most people out there.

      If I won the lottery tomorrow, with enough money to never work again, I'd be out of here so fast it would make your head swim.

      I'd likely not even bother coming back for my stuff at my desk (not that much there, nothing really personal).

      The only reason I work...is to earn as much money as possible, which gives me the means to pay for the life and lifestyle I enjoy. If I didn't have to burn hours working for money, I can tell you, I could easily spend the rest of my life pursing happiness to the fullest!!

      I like to travel, date various women, I have hobbies, I have TONS of things that I'd be doing every day if I didn't have to bother coming to a job to work.

      Why would anyone work if they didn't have to?

      I know there are some fringe cases out there, people who apparently actually define themselves by their jobs. They're also the ones that hit deep depression or get really overly upset if they lose their job, or something goes wrong at work at times.

      I've never understood that, I guess I never will.

      I'm defined by myself, and I really, really do LIKE myself....and would love to not have to work, and spend more time having fun and doing interesting things.

      Are you just joking, or do you actually work for any other reason than making money?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    33. Re:Part of me says, "Good!" by ultranova · · Score: 4, Insightful

      In other words, he knows how to make a profit by screwing over other people and escape the consequences. Clear Wall Street material.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    34. Re:Part of me says, "Good!" by ultranova · · Score: 4, Insightful

      Why would anyone work if they didn't have to?

      Because accomplishing things you consider valuable triggers the reward circuits in your brain. That's the reason people do volunteer work, have hobbies, etc.

      Both you and the parent are confusing "work" and "job". They are not the same thing, altough if you're lucky they might overlap.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    35. Re:Part of me says, "Good!" by codewarren · · Score: 2

      Because accomplishing things you consider valuable...

      That's what the GP wants to do. What he's tired of doing is accomplishing things that SOMEONE ELSE considers valuable.

    36. Re:Part of me says, "Good!" by karnal · · Score: 3, Informative

      Apparently you're not understanding what disabling split tunneling does on a VPN.

      When you disable split tunneling while using VPN, you essentially lose the route out of your computer towards the internet. The only route that your PC knows is through your VPN adapter, which then sends any packet that way. Even local traffic - say my PC is on 192.168.1.1, my router is 192.168.1.5 and another PC is at 192.168.1.2 - when my PC is on VPN, I can't talk to the internet (without going to the company first) nor can I talk to 192.168.1.5.

      Once you fire up the VPN session, the SSH would drop towards the Chinese guy, because all packets are now going across the tunnel.

      --
      Karnal
    37. Re:Part of me says, "Good!" by dubbreak · · Score: 2

      No, but you can do it honestly where the company is aware they're hiring a contractor or dishonestly where they're not. I've been both a consultant and an employee and there are far more differences than just security. Contractors are external, employees are internal so doing it this way you end up as a mole on the inside. There's no right or wrong to it, as an employer I can chose to hire an employee or a contractor with different pros and cons, but if I hire one and get the other then you're fundamentally misrepresenting yourself.

      That's a good point but I think there's a little more grey/gray to it than just black and white. When I hire a contractor it means no benefits and generally short term (at a higher rate per hour and generally higher than total hourly cost of having an employee). With an employee it's long term relationship (I can't ditch them whenever I want like a contractor.. at least not in my jurisdiction) and I'm expected to provide benefits etc (though apparent hourly rate is lower). I pay whatever I hire (employee/contractor) to do a particular job at a particular level for their pay grade (there are expectations that go with the pay level).

      An individual, say John Smith, can be a business. In my jurisdiction you can act as a sole proprietorship under your own name. So if I hire John Smith I can actually be hiring the company called John Smith. John has full liability for his actions (as he is not a corporation of limited liability) as you would expect from an individual. So my (weak) argument is that a person can be (or rather is) a company.

      If corporations can be treated as individual entities, why not people as companies? The law where I live supports it.

      I'm quite sure you are right and he misrepresented himself, but I'm curious how clear you have to be. I'd have to ask my lawyer what she thinks would happen here if you tried to fire someone for doing this locally. Is it actually a breach of contract? Any employment agreement I've signed has not stated that I was the sole supplier of the work, just my responsibilities, benefits etc. Actually it would breach the NDAs I've signed and that's most likely an offense you can fire over (despite the employee sided labour legislation).

      On a side note: I had a great contractor under me. Couldn't be happier with his work (great code, better than mine.. easy to read and maintain, super clean). If I later found out it wasn't him actually doing the work I wouldn't have given a shit. I hired him and it was under the understanding it was him who would be doing the work, but in the end all I care about is results. If he was able to find someone that put out that level of code (especially if he was unable to do so himself) and was able to translate my requests so clearly.. fucking kudos to him. I got what I wanted at the fair going rate.

      --
      "If you are going through hell, keep going." - Winston Churchill
    38. Re:Part of me says, "Good!" by cayenne8 · · Score: 3, Insightful

      Why would doing something you like for money stop being fun.

      It ceases or becomes less fun, when you are dependant on that money for living, it introduces worry about the money, more than the enjoyment of the task.

      And again...things I like to do, make very no money or not nearly enough to support my lifestyle.

      For instance.

      I like to cook. I do it for friends and neighbors and myself. If I were a lottery winner, I might possibly buy a small restaurant, and open it to cook stuff for whenever I felt like it. Frankly, if you make something small, good and hard to get into, foodies will flock to it.

      However, in the past, I did food service for a living, and it is TOUGH...hours and work.

      I hope I NEVER have to do that again for a living, to have my livelihood depend on the stress and strain of doing that to live.

      However, if I had extreme wealth...I could open a place do it for fun.....open when I felt, whatever, but if I didn't feel like doing it that day, I wouldn't have to.

      With a 'job' or 'work'...you don't have that option because you depend on it for money, and that adds strain and decreases or destroys the fun in it.

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    39. Re:Part of me says, "Good!" by davester666 · · Score: 3, Insightful

      Yes, the contractor has to have a VPN connection to the employee's home. The employee needs to periodically upload the work from his home to the office. And maybe sometimes just forward the connection through his home as necessary for specific projects.

      --
      Sleep your way to a whiter smile...date a dentist!
    40. Re:Part of me says, "Good!" by cayenne8 · · Score: 4, Insightful

      My wife died in 2006 when I was 42; we were together for 20 years. We lived responsibly, partly because she was 19 years older than me and would retire way before me, so I'm debt-free and don't need to work (ever again), but do because I haven't yet figured out what I want to do with my self/life and I'd be bored otherwise. My house is quiet and lonely enough on the weekends as it is, I don't need that 24/7.

      Sorry to hear about your loss, but why are you alone?

      That was about 7 years ago...do you not have a bunch of other friends or people you can do things with? When you were married, did you not keep close friends then...or was it just you and her and no outside people?

      You're near 50....hell, get out there, meet another woman, they are a dime a dozen out there. Get laid. Hell, if you want..get involved.

      I know there is a period of grieving, but you're still in this world, and I doubt your wife would want you to be down forever. Get out and enjoy yourself. If you don't have to work for a living...get out and find something to do.

      Have you ever been a tourist in your own town?

      Once, when I was in between contracts for about 7mos...I got up each day....walked the dog, hit the gym for a couple hours...and in the afternoons, I'd hop on my motorcycle and do something different every day. I went to check out the various museums...stuff like that.

      And if you like computers...tinker with those.

      And start to embrace some 'alone time'. I love my alone time, make use of it to do things that having someone around all the time can distract you from, like maybe learning a new language.

      And hell...TRAVEL. If you have the means, go somewhere. How about this spring, go rent a bungalow in Key West and go party on Duval street and dine out for a week? Plenty of people to meet there or anywhere else you travel.

      There's not a lack of things to do in this world at all, just pick something and GO.

      Good luck. Again, sorry about your wife passing, but after 7 years, you really need to be moving on and enjoying the rest of your life. Your a the midpoint now, don't waste time!!

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    41. Re:Part of me says, "Good!" by fahrbot-bot · · Score: 3, Interesting

      Thanks for the encouraging words.

      I'm not a shut-in, but have always been rather solitary and okay with it. All of my long-term friends live far away, with the nearest about 120 miles away. My wife was a teacher and had lots of friends, but I was okay hanging with just her for most of the time. I can keep busy on my own, most of the time. I've got home improvements, whenever I get the enthusiasm for that, and have 4 computers at home w/Windows and Linux - one is my MythTV system. I've live in the same city since 1981 and the same house since 1993. I live in a tourist town in Virginia and have (and do) see the things worth seeing, within reason... I'm not into traveling by myself, don't really see the point w/o someone to share it with and I'm not really interested in going out to get laid - dating/sex is (was) fun, but over-rated unless with the right person. I'm not interested in being with just anyone.

      Basically, I'm slowly getting my personal shit in order, while I figure things out. I had a *really* good relationship with my wife and she was a wonderful person. She wanted me to find someone else and I promised her I would at least consider it, but she's a tough act to follow and I'm not interested in anything less. I'm not hung up on my past, but am defined by it.

      On a really personal note. She was diagnosed with a brain tumor and died literally in my arms seven weeks later. I heard her last breath and felt her last heart beat. That gave me a lot of perspective on a lot of things - not all of it/them good. The seventh anniversary of her death was Sunday, January 13, 2013 @ 3:00pm so this week isn't good for me.

      --
      It must have been something you assimilated. . . .
    42. Re:Part of me says, "Good!" by DarwinSurvivor · · Score: 2

      Or just use a fucking virtual machine. You guys and your Goldberg routing.

  2. Outsourcing by Janek+Kozicki · · Score: 4, Insightful

    Now, who is going to complain about job outsourcing? Market & economy have laws that can't be broken. No matter how hard some countries try to.

    --
    #
    #\ @ ? Colonize Mars
    #
    1. Re:Outsourcing by erroneus · · Score: 4, Informative

      Yeah something of a double-edged sword there. Of course their argument is about knowledge and all that, but in reality, many outsourced jobs go to contract companies who then sell the jobs out to other, unknown entities. All the companies out there having things made by slave children invariably claim no knowledge based on these types of practices.

      Also, outsourcing happens on our soils as well. I once spent some time with a company that sold our services to another company and the markup rate was 50% or more of what I was getting. I was rather disgusted at the notion. It was impossible for me to get that job, but by going through one of these companies, I could get it and there I was, "the same damned person."

      But we people routinely get angry at people who do the very same things we do... or we simply get angry at the wrong people. Case in point: A guy finds his woman has been with another man. The guy gets angry and goes after the other man. Say what?! This guy is doing what pretty much every other guy would do when it's being made available to them. Why get pissed off at another guy who is doing what you would be tempted to do? I wouldn't. The real problem was the woman and sometimes she is blamed and other times even forgiven. Ridiculous.

      So the business who is likely to outsource (call centers and stuff like that) finds one of its employees is paying someone else to do the work he was hired to do. On one hand, they shouldn't care. On the other, there are security concerns... sort of. If they thought he was a safe employee, they now know it was just an illusion like all of our other notions of being safe. (But we gave up our freedom, our right to self-defence and lots and lots of money to taxes and we're NOT safer? I'm shocked! Shocked I tell you!)

      Well, there is certainly much to talk about with regards to this and a lot of perspectives to weigh in. But most of us definitely feel companies like Verizon 'deserves' this though it would only make a difference if most everyone was doing this... which they aren't. Can't be. So, kudos to the scammer. May he never be given another job like this or in the industry again. You are scum just like the companies who outsource our jobs. It doesn't make it right when you do it, any more than when they do it. That they get upset when someone did it to them shows perfectly that they know what they are doing and who they are doing it to. That they feel justified in doing it while others shouldn't just shows their hypocrisy.

    2. Re:Outsourcing by mwvdlee · · Score: 4, Insightful

      Also, outsourcing happens on our soils as well. I once spent some time with a company that sold our services to another company and the markup rate was 50% or more of what I was getting. I was rather disgusted at the notion. It was impossible for me to get that job, but by going through one of these companies, I could get it and there I was, "the same damned person."

      If you would have gotten sick, died or otherwise unable to work, would you have been replaced at no additional cost?
      If your expertise wasn't up to the required standards, would you have been replaced at no additional cost?
      If you turn out to be a criminal, could they sue you for all damages or just a small fraction of it?
      It's all about insuring risks.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    3. Re:Outsourcing by Anonymous Coward · · Score: 2, Informative

      Actually it's more about the IRS and benefits. The IRS started getting mad at employees taking on independent contractors instead of full time employees. There was even a lawsuit a couple years ago where a guy won benefits from the company that he was contracting for.. Not health care benefits but he is now allowed to go to the company parties and all of that stuff. Going through the middle man consulting firm, stupid though it may be, adds a layer between the employer and you making them safer against the IRS reclassifying you as an employee. Also, wrt the lawsuit I mentioned when that all went down my employer instituted a new rule that no contractor could work for them for more than 1 year. You'd have to take off at least 90 days, and then could return.

    4. Re:Outsourcing by 14erCleaner · · Score: 2

      I once spent some time with a company that sold our services to another company and the markup rate was 50% or more of what I was getting. I was rather disgusted at the notion. It was impossible for me to get that job, but by going through one of these companies, I could get it and there I was, "the same damned person."

      By going through an agency, the employer can get rid of you more easily when the job is completed. Laying off employees is hard; not renewing a contract is easy. Also, part of the markup is for payroll overhead and benefits (if any), etc. You wouldn't get all of that even if you were a direct employee.

      --
      Have you read my blog lately?
    5. Re:Outsourcing by erroneus · · Score: 4, Insightful

      No it's holding women to a standard. It's not misogynist.

      When a couple are in a 'relationship' it is an agreement of sorts that does not extend to the world. And if that agreement is breeched, only one of the two parties can be responsible for it. A third party cannot be responsible for breeching that agreement.

      What I find to me extremely weird is the unexplained "lower standard" we expect of women. We don't expect them to keep their word or their promises or to keep secrets. We expect that it is somehow a woman's perogative to change her mind without cause, notice or explanation. I'm not sorry that I heartily disagree with this notion. Men and women are people and I hold them both to the same expectations of honor and integrity.

      So once again, if a girlfriend cheats, I am not going to blame the handsome, charming stranger. I am going to hold her accountable for her actions. How is that misogynist?

  3. Legality? by Anonymous Coward · · Score: 5, Interesting

    Aside from the security issues, is such a thing legal in the US? I mean, are you required by contract to do the work you are paid for yourself?

    1. Re:Legality? by kestasjk · · Score: 2

      Not usually, they typically pay someone to do a certain job by whatever means within the law when contracting.

      It would probably go against their IT policy though to allow someone else access to your account, and if he signed any NDAs or other IP agreements without getting the Chinese subcontractor to sign (which would still be pretty questionable) then he'll be in trouble.

      --
      // MD_Update(&m,buf,j);
    2. Re:Legality? by erroneus · · Score: 2

      The IRS will have MUCH to say over this. Of that you can be sure.

    3. Re:Legality? by egcagrac0 · · Score: 2

      The IRS will have MUCH to say over this. Of that you can be sure.

      I'm curious - why?

      The individual hired a Chinese consulting firm to produce code. The subcontracted agency seems like it would be outside the authority of the IRS.

    4. Re:Legality? by crizh · · Score: 5, Funny

      Presumably the cost of the sub-contractor is deductible?

      --
      Trust The Computer, The Computer is your friend.
    5. Re:Legality? by alphatel · · Score: 2

      Presumably the cost of the sub-contractor is deductible?

      Absolutely 100%. Not only that but you can deduct other expenses like dry cleaning clothes to make it look like you were doing the work and the VPN used to migrate your subcontractor into the job site. Get a real crafty accountant and you should be able to keep every red cent.

      --
      When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
    6. Re:Legality? by Sique · · Score: 4, Interesting

      This is the mantra of civilization in general. One of the big advantages of being in a civilisation are the famous shoulders of giants. You don't need to invent a way to store speech in a durable way, you can use paper, pen and an alphabet. You don't even need to invent speech, you can use the language of your environment. You don't need to invent iron casting and forging, you can go to Home Depot and buy nails and screws. And yes, at first you look if you can borrow something (if it was in use before, it is probably usuable), then you look if you get it for free (with no guarantee that it works), then try to buy it somewhere and only if it is really not available at a price you see fit, you do it yourself.

      --
      .sig: Sique *sigh*
    7. Re:Legality? by arth1 · · Score: 3, Insightful

      Get a real crafty accountant and you should be able to keep every red cent.

      The problem is that for most of us non-millionaires, what a real crafty accountant charges is more than what the IRS wants.

      Plus, of course, that when we pay taxes, we do get something back, like roads and police. The accountant, on the other hand, does not feed back to society; it is a parasite that is useful for the host, but bad for the species.

    8. Re:Legality? by Dcnjoe60 · · Score: 2

      Presumably the cost of the sub-contractor is deductible?

      Absolutely 100%. Not only that but you can deduct other expenses like dry cleaning clothes to make it look like you were doing the work and the VPN used to migrate your subcontractor into the job site. Get a real crafty accountant and you should be able to keep every red cent.

      That is true, only if the guy doing this is an employer, which he is not. It is possible that he set up his own separate company and filed all the paperwork with the State Department to hire foreign nationals, but it is unlikely. Since he is an employee and not an actual employer, then he has no legitimate business expenses to deduct.

      The danger for this guy, if he wants to go that route is that his real employer can then go after him for fraud, because he was running a business on their time, using their resources for his personal gain. The government can also go after him for corporate espionage if he was actually a business, but impersonating an individual and then sending sensitive corporate data to a foreign national. The list goes on.

  4. Scams? What Scams? He was the MOST effective... by Anonymous Coward · · Score: 5, Insightful

    Not only was he the most effective employee in the company but he was managing a successful software consulting service providing services to several other local companies. He delivered the goods. In fact he was more successful at managing software outsourcing than most large companies are.

    1. Re:Scams? What Scams? He was the MOST effective... by Anonymous Coward · · Score: 5, Insightful

      He probably was a decent coder because that it's ether random luck or he knew how to spot a decent/good programmer in the wild half a world away.

    2. Re:Scams? What Scams? He was the MOST effective... by Weezul · · Score: 5, Insightful

      Yes, I'd consider this a fairly good resume for managerial positions : Efficient, check. Benefitted employer, check. Dishonest, check. etc. He should simply continue with his contracting company providing developer services for clients. In fact, it's almost pathological that he chose to sit in an office all day while doing this.

      --
      The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
  5. But of course by Anonymous Coward · · Score: 5, Insightful

    When corporations do it, it's efficient. When an actual human does it, it's a scam. Can this social order please collapse now? It's bankrupt.

    1. Re:But of course by FatLittleMonkey · · Score: 5, Funny

      Nothing? Nothing?!

      Sir, he was a Manager!

      (He paid other people less than the work was worth, he routinely breached company IT security policy, and he spent all day watching cat videos. He was perfect. Give him fifteen years and he'll be CEO.)

      --
      Science is all about firing a drunk pig out of a cannon just to see what happens.
  6. Re:Hmm by unix_core · · Score: 5, Funny

    Maybe the guy in they fired in TFS is actually the guy who takes care of their database server.

  7. Cheap Chinese Crap by ebonum · · Score: 5, Funny

    You know all the stuff from China is cheap and poor quality. Bunch of lazy communists over there... "best programmer in the building" Oh wait. Never mind.

  8. Subcontracting by Gabrill · · Score: 5, Insightful

    What's the problem? Does the employee contract have a clause against subcontracting?

    --
    Always going forward, 'cause we can't find reverse.
    1. Re:Subcontracting by sesshomaru · · Score: 5, Insightful

      It sounds like it was an unauthorized access problem. Most companies you aren't allowed to let non-vetted people use their equipment or access their network.

      Of course, if he had brought his idea to the company and they had liked it, they'd have said, "Oh, ok, we'll fire you and hire him for a lower salary. Thanks for the idea."

      --
      "MIT betrayed all of its basic principles."
    2. Re:Subcontracting by limaCAT76 · · Score: 2

      What's the problem? Does the employee contract have a clause against subcontracting?

      That behavior could easily raise flags about improper handling of security procedures, confidentiality and dissemination of trade secrets.

    3. Re:Subcontracting by L4t3r4lu5 · · Score: 4, Insightful

      Not until a Chinese company starts offering this company's product at 1/5 the price.

      --
      Finally had enough. Come see us over at https://soylentnews.org/
    4. Re:Subcontracting by Anonymous Coward · · Score: 2

      What's the problem? Does the employee contract have a clause against subcontracting?

      That behavior could easily raise flags about improper handling of security procedures, confidentiality and dissemination of trade secrets.

      Sure... but if these are real issues, then write it into the sub-contract!

    5. Re:Subcontracting by Yaa+101 · · Score: 4, Insightful

      Yes, and he should have copied the environment that gave access to his subcontractors and make the copied environment update at his employers environment by scripting.

      He was only half smart, his lazyness did him under.

      I appaud his idea as he did the same that most corporations do, but he was sloppy doing it.

  9. Isn't this just how big companies work? no dif? by fantomas · · Score: 3, Insightful

    1. Large host organisation / government body requires programming done
    2. Subcontracting specialist organisation / other company/ freelancer / offers price to satisfy tasks
    3. Subcontractor chosen, price agreed, task allocated
    4. If task successfully completed than host organisation happy and continues with its bigger work, may call on smaller subcontractor for further work or even employ them on rolling contract

    Seems to me like this is just how contracting works. The guy was asked to produce code and he did.

    I can see there's a security issue here (unauthorised handing out of VPN) and *potential* legal issue (does his contract say he must do the work? if not then no legal issue perhaps), maybe a tax issue (were tax payments made to subcontractors etc. as should have been).... ...but generally it seems like he was just doing what lots of companies do, subcontracting work out to specialists and claiming a percentage for handling the work and taking the risk on its delivery.

      Not a lot different from how big companies work? and lets face it, big companies would NEVER put data security at risk or look for loopholes to avoid paying tax to the government, would they ? ;-)

  10. When asked how he manages to code so well by Anonymous Coward · · Score: 3, Funny

    When asked how he manages to code so well and seemingly spends so little effort on it, he said: time managing.

    Turns out what he actually ment was time spent managing.

  11. So, anybody got contact details... by Anonymous Coward · · Score: 5, Funny

    ...for this contractor who produces clean code, cheaply, on time?

    Just for...you know, research purposes.

  12. The order of things by Anonymous Coward · · Score: 4, Insightful

    The real (and scary) message here is that the best programmer in the building was a chinese working for 1/5th of the usual programmer's income.

    Cheap, low quality asian workforce, indeed...

    1. Re:The order of things by hey! · · Score: 3, Interesting

      Well, my experience with Chinese goods is that they give the customer what he wants. If he wants quality, he gets quality. If he wants a shiny facade over a piece of crap, that's what he gets.

      What's important to note here is that the customer is seldom the end-user. It's usually a retailer, which accounts for the present day predominance of polished-turd products detouring in our homes on their way to the landfill. Once a product is sold and out of warranty, the retailer is happy if it needs replacement, and Chinese manufacturers have got planned obsolescence down to a science.

      The interesting wrinkle here is that the customer in this case may have had a higher interest in software quality than the corporation he worked for. It was his reputation on the line in the way his employer's reputation was not.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  13. Fired or promoted? by yet+another+SanTiago · · Score: 2

    Just wondering whether the employee was fired, or promoted to the management.

  14. Google cache by radio4fan · · Score: 4, Informative

    google cache of page

  15. Re:Error establishing a database connection by vinayg18 · · Score: 5, Funny

    Or that Slashdot still has the ability to slashdot websites.

  16. Google Cache by twistedcubic · · Score: 4, Informative

    http://webcache.googleusercontent.com/search?q=cache:EGh4ld_KwXUJ:securityblog.verizonbusiness.com/2013/01/14/case-study-pro-active-log-review-might-be-a-good-idea/+&cd=1&hl=en&ct=clnk&gl=us

  17. Not news to me by Anonymous Coward · · Score: 5, Informative

    We did something like this more than 7 years ago.
    "We" being a team of developers in Eastern Europe. Our employers were two brothers who had moved to the US and had found IT jobs. We did their work for them and had time left over for side projects. Our team of 5 people got some fraction or other from their regular salaries and it was still a good wage for us. Things have changed in the last couple of years, but not by that much.

  18. Not scam by gmuslera · · Score: 4, Interesting

    Was doing his job, and better than anyone else there. And got plenty of free time doing it that way, that is efficiency. If instead of coding letter by letter he took a public domain code (to avoid messing with licenses) that do the same would be a not so different situation, mainly changed the timing related the code.

    But also gave to another party (that be the one that did his job is not relevant, that is overseas or in china in particular depend on your own prejudices) internal access to network/code/information without authorization. That is not scam, is a security breach, and shoudl be taken as seriously as all the other security breachs there (i.e. if he was so happy watching lolcats and visiting facebook and ebay probably others could have been doing it, and maybe sharing with the world even more internal/critical information, or downloading malware without being aware and so on)

  19. The Onion knew it in 2009 by mseeger · · Score: 5, Interesting

    The Onion already knew about this back in 2009: http://www.youtube.com/watch?v=rYaZ57Bn4pQ

  20. Alternative link by shortscruffydave · · Score: 3, Informative

    Seeing as the link given isn't working, there's a bit more detail at http://www.theregister.co.uk/2013/01/16/developer_oursources_job_china/

  21. Idiot by Migala77 · · Score: 4, Funny

    I've outsourced all my Facebooking, slashdotting and cat-video-watching, so I can spend more time programming!

  22. I call bullshit. by tofarr · · Score: 5, Interesting

    This story sets off my bullshit radar. Too many things about it don't make sense: 1.) Why would "Bob" give full access to company resources to subcontractors? Were I to subcontract a job, at the very least I would want to review everything before it was committed - especially if I was taking responsibility for it. 2.) What would happen if a colleague asked "Bob" about his code? Or as regularly happens on all but the smallest of tasks he had to collaborate closely with another fellow developer? There is a level of knowledge that you get from being part of a development process that you don't get otherwise. This sounds to me like an advertisement for outsourcing services.

  23. Bellman by water-vole · · Score: 5, Informative

    The 18th century Swedish poet Carl Michael Bellman did something similar. The king of the time (Gustav III) liked his songs and gave him a really cushy job as head of the state lottery. Bellman new he would not be able to hold down a job so he employed someone else to actually do the work and he lived from the difference of what he got from the king and what he paid the person doing the work. He spent most of his time in pubs and wrote an enormous number of drinking songs. He is the Swedish equivalent of Robert Burns.

  24. In the words of Steve Jobs by moniker127 · · Score: 5, Funny

    Good coders copy, great coders outsource.

  25. Brilliant! by Lumpy · · Score: 2

    He should have been less of a moron and set up linux boxes at his home for the china contractors to VPN in through.

    --
    Do not look at laser with remaining good eye.
  26. Monday is going to suck... by ayahner · · Score: 5, Funny

    When they realize they canned their "best programmer"

  27. Of course, this is not unusual by SmallFurryCreature · · Score: 5, Interesting

    Take music. The CD's are produced in China to lower costs, this is legal. You buy them from China, ILLEGAL PIRACY!

    Outsource production, perfectly legal. Buy imports, pay max taxes including taxes on shipping PLUS a customs fee PLUS a fee for the shipping agency ON TOP of the shipment fee for it all... AND STILL it is often cheaper...

    The global economy is there to benefit the rich, not the poor.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

    1. Re:Of course, this is not unusual by geekymachoman · · Score: 2

      The "poor" / ordinary people / employees are modern day slave force. With some extra perks (in many cases... they just modern slaves).

      You need to take them on a offer (a job) because you need money to live. However, especially in developed countries this is enough only to buy food and basic comfort. Like beer, cigarettes... in some countries not either that (on a daily basis I see cambodian slave workers (from 15 to 60, both male and female) making a building on +40c for 10 usd per day). In developed countries, you have a LOT more, but still IMHO you're nothing but a slave if you work more then 5 hrs.

      The philosophy that some employers are trying to jam our throat is work 8hrs, do your stuff 8 hrs, sleep 8hrs. That's not realistic. Find me a guy that do this 10 years and is a fulfilled man with a happy life, and I'll admit I'm wrong. Everybody is trying to progress in a direction they work less/make more because it's foolish to think otherwise, unless you just started working. If you have experience in life, you want to make it easier for yourself because "there are more important things in life then bloody sitting in front of a computer in a cubicle or whatever/wherever".

      Everything is propaganda for slave force to work. If there's a possibility of easy money.. it'll be sanctioned/made illegal/whatever.
      This guy beat the system. He'll get fucked for it, because the system can't allow that to happen.

      Now go to sleep.

  28. Summary fix by Legion303 · · Score: 3, Insightful

    Company gets butthurt when lowly employee dares to do the exact same thing they've been doing for decades. Film at 11.

  29. Re:Error establishing a database connection by stoolpigeon · · Score: 4, Informative

    It's front page at reddit right now as well I believe - and HN

    --
    It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
  30. So these arguments are bullshit.... by jkrise · · Score: 4, Insightful

    1. Programmers in the US are worth the money corporations spend on them.
    2. China and India are full of crappy programmers who can't understand specs, cannot correspond in English, let alone produce quality code.
    3. The value of the US currency is a true measure of its worth in global markets.
    4. US corporations are killing US jobs despite the fact outsourcing produces lesser quality goods and services.

    I know the plural of anecdote is not data, but still...

    --
    If you keep throwing chairs, one day you'll break windows....
  31. PHB saiz by brainscauseminds · · Score: 2

    I bet the name of the employee was Wally.

  32. 'Bob" is gone. by andydread · · Score: 4, Informative

    "Hello this is Joe, Bob's boss. Bob is no longer available to correspond with you on this project. I will be handling all correspondence with you from now on. I will be responsible for sending the payments of the sum that you and Bob agreed to. You can contact me at joe@dev.verizon.com ...."

  33. Therefore outsourcing doesn't change the price. by Anonymous Coward · · Score: 4, Insightful

    If mfg CDs is a fraction of the cost, then doing it locally in a more expensive job market won't increase the price of the CD much, will it.

  34. Re:Scam...? by tp_xyzzy · · Score: 2

    There is at least 2 big problems:
      1) He went outside the scope of his employment contract for outsourcing when he was hired as programmer
      2) He gave keys to company network to some other unauthorized persons

  35. speedy/full recovery! by Anonymous Coward · · Score: 3, Insightful

    "Market & economy have laws that can't be broken"

    I can only conclude that you just awoke from a 5-year coma...

    glad to hear you're doing better!

  36. UMAD? employer's just jelly. by Thud457 · · Score: 5, Funny

    This sounds like something Wally from "Dilbert" would do.

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  37. Re:Error establishing a database connection by desdinova+216 · · Score: 2

    especially since no reads the articles

  38. Re:Increasing shareholder value == more executive by BonThomme · · Score: 2

    executive compensation is tied to your relationships on the compensation committee. nothing more.

    Exhibit A: HP

  39. When An Individual Does This, It's Fraud by Jeremiah+Cornelius · · Score: 4, Insightful

    When a corporation does this?

    Good stewardship of shareholder investment.

    Make the corporation illegal!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
    1. Re:When An Individual Does This, It's Fraud by jythie · · Score: 2

      The tools allowed to the powerful are not the same for the weak. It is fraud because a low (relatively) paid individual did it.

      It is the same psychology as the anti-union stuff. If a supplier or partner negotiates a contract or demands that the other company stick to its agreement it is good business. If a union negotiates or demands that the company respect the contract they signed, it is socialists thugs ruining capitalism.

      As a society, we have some rather embedded ideas about who is allowed to do what, and who should know their place.

  40. Re:UMAD? employer's just jelly. by Jerslan · · Score: 2

    Wally would be too lazy to find a contracter overseas to do his work for him... He would also not want to get a good review since he always strives for mediocrity (it's not like they're going to fire him, so why put forward any real effort).

    Instead, I think Wally would just browse the internet for cat videos and let Dilbert and Alice pick up his slack (like they do).