Stealing Silicon Valley

← Back to Stories (view on slashdot.org)

Posted by Soulskill on Friday October 11, 2013 @04:23AM from the getaway-car-and-a-pocket-full-of-flash-drives dept.

pacopico writes "A series of robberies in Silicon Valley have start-ups feeling nervous. According to this report in Businessweek, a couple of networking companies were burgled recently with attempts made to steal their source code. The fear is that virtual attacks have now turned physical and that espionage in the area is on the rise. As a result, companies are now doing more physical penetration testing, including one case in which a guy was mailed in a FedEx box in a bid to try and break into a start-up."

139 comments

Min score:

Reason:

Sort:

the box was labelled "Supplies" by themushroom · 2013-10-11 04:27 · Score: 5, Funny

And when the staff opened the top, a 4'5" Asian man jumped out and said "Supplies!!"

--
Laughter is the Spackle of the Soul.
1. Re:the box was labelled "Supplies" by watcher-rv4 · 2013-10-11 04:33 · Score: 1
  
  Supplies, If electronics, will work for 3 days and then die.
2. Re:the box was labelled "Supplies" by K.+S.+Kyosuke · 2013-10-11 04:37 · Score: 2
  
  And when the staff opened the top, a 4'5" Asian man jumped out and said "Supplies!!"
  "Good, I need a replacement keyboard and a coffee."
  
  --
  Ezekiel 23:20
3. Re:the box was labelled "Supplies" by Anonymous Coward · 2013-10-11 04:39 · Score: 0
  
  Best 1st post EVER!!!! So jealous.
4. Re:the box was labelled "Supplies" by RalphMichaelDeLeon · 2013-10-11 04:45 · Score: 1
  
  This Just in: start up at Silicon Valley "Mail-Man" huge success.
5. Re:the box was labelled "Supplies" by Anonymous Coward · 2013-10-11 05:17 · Score: 0
  
  Who knows what else could have happened...
6. Re:the box was labelled "Supplies" by davester666 · 2013-10-11 06:25 · Score: 1
  
  Actual "work" on day 3 must be taken with a grain of salt...
  
  --
  Sleep your way to a whiter smile...date a dentist!
7. Re:the box was labelled "Supplies" by BobNET · 2013-10-11 06:26 · Score: 1
  
  Let's see what's in the box!
8. Re:the box was labelled "Supplies" by bbsalem · 2013-10-12 09:39 · Score: 1
  
  You need a replacement keyboard and to spill coffee on it.
  At the risk of overgeneralizng :-) I'd say that the Chinese are so uncreative that stealing and copying is their main business. To whit, The keyboard I am using right now was made in China and it is a disaster of design. I'd love to find the designer and stir fry him, BTW, I bought it at Fry's, which is my first mistake, since that chain is a master of selling ciunterfit and broken stuff.
  This keyboard is very hard to use to type accurately. It is one of those mini keyboards with the number pad folded into the QWERTY keyboard, but that isn't all. The keytops labeling is very hard to see. It is light grey on black keys. Who decided to do it that way? Someone who dons't think. And what is worse, try and find a keyboard for Windows and Linux that has black characters on white keytops, very hard to. The Mac keyboards are usually that, but for some reason, due to people not thinking, maybe being Chinese, all the IBM keyboards have white characters on black keytops.
LOL ... by gstoddart · 2013-10-11 04:32 · Score: 1

including one case in which a guy was mailed in a FedEx box in a bid to try and break into a start-up.
Unless you had a prior arrangement with FedEx ... worst job ever.

--
Lost at C:>. Found at C.
1. Re:LOL ... by Anonymous Coward · 2013-10-11 04:55 · Score: 0
  
  including one case in which a guy was mailed in a FedEx box in a bid to try and break into a start-up.
  Was his name Flat Stanley?
2. Re:LOL ... by toddestan · 2013-10-12 04:54 · Score: 1
  
  Hey now... they could have sent him UPS.
resume by BlackSnake112 · 2013-10-11 04:35 · Score: 1

He just wanted to make sure they received his resume.
strange article by schneidafunk · 2013-10-11 04:36 · Score: 4, Insightful

It goes from corporate espionage to some guy stealing credit card numbers as a 'hobby'.
I work at a major corporation that has security cards to get into the building and my computer is password protected with an encrypted hard drive & a physical lock on the computer. Are security guards with guns really necessary?

--
Some people die at 25 and aren't buried until 75. -Benjamin Franklin
1. Re:strange article by CanHasDIY · 2013-10-11 04:41 · Score: 4, Insightful
  
  It goes from corporate espionage to some guy stealing credit card numbers as a 'hobby'.
  I work at a major corporation that has security cards to get into the building and my computer is password protected with an encrypted hard drive & a physical lock on the computer. Are security guards with guns really necessary?
  A security-minded person would say 'yes, because security guards with guns deter threats that locks and passwords do not.' If your valuables are really that valuable, then there is no such thing as too much security.
  Of course, the article is mainly focused on start-ups who rarely focus on security, not large corporations who have years experience at deterring the bad guys.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
2. Re:strange article by swb · 2013-10-11 04:42 · Score: 1
  
  Are security guards with guns really necessary?
  This is the problem with security -- people tout how necessary these things are based on negative results. In other words, armed guards must be necessary because nobody has tried to rob the place at gunpoint.
  It's just like all the paranoia around airport security -- because nobody has hijacked a plane, the TSA must be doing a good job, right?
3. Re:strange article by gstoddart · 2013-10-11 04:46 · Score: 3, Interesting
  
  Are security guards with guns really necessary?
  With a little social engineering and determination, it's surprisingly easy (I hear) to bypass the entry controls in a lot of places.
  Hell, put on a green uniform and carry a clip-board and they might hold the door open for you.
  I've been at places which have a policy that if you don't recognize someone, challenge them as to why they're there. I once stopped a VP and said "ummm, who the heck are you and how did you get in?" because he had never seen before but was standing outside the lab. He was surprisingly nice about it too.
  So it all depends on how valuable what you have is, and how likely someone is to take pains to get it. From the sounds of it, this is due to actual incidents which have happened.
  
  --
  Lost at C:>. Found at C.
4. Re:strange article by Anonymous Coward · 2013-10-11 04:47 · Score: 0
  
  >Are security guards with guns really necessary?
  Do they keep the $5 wrench away from your knees when someone breaks in and wants the data badly enough?
  Then yes. :)
5. Re:strange article by Anonymous Coward · 2013-10-11 04:54 · Score: 0
  
  They are there to keep you in line.
6. Re:strange article by Anonymous Coward · 2013-10-11 04:56 · Score: 1
  
  This is the problem with security -- people tout how necessary these things are based on negative results.
  No they don't. Well, at least not anyone who is not an idiot or a strawman.
  Informed people claim these things are necessary based on risk assessment and vulnerability analysis. If the information you are protecting is valuable enough for someone to risk an armed assault on your premises, then you may need armed guards to mitigate that risk.
  In fact, the exact opposite of what you claim tends to occur quite frequently: No one has attempted to rob us so we don't need these armed guards!
  Neither analysis is correct. Appropriate security is based on risk factors and vulnerabilities.
7. Re:strange article by Em+Adespoton · 2013-10-11 04:57 · Score: 1
  
  Are security guards with guns really necessary?
  This is the problem with security -- people tout how necessary these things are based on negative results. In other words, armed guards must be necessary because nobody has tried to rob the place at gunpoint.
  It's just like all the paranoia around airport security -- because nobody has hijacked a plane, the TSA must be doing a good job, right?
  To be fair, the same tautology is used in reverse -- physical security obviously isn't needed because nobody is ever caught by them.
  What you really need is some logical tests and bet hedging. This is what went into seatbelt laws, whose results have been measurable, and have saved insurance companies a ton of money.
  So... do startups with decent physical security on average make more of a profit than those without? This is the true measure of whether it's needed.
  Of course, it's also like the bear metaphor -- if all the other startups have no physical security, getting some for yourself will mean that it'll be the OTHER guys who will get broken into.
8. Re:strange article by sosume · 2013-10-11 05:07 · Score: 3, Funny
  
  I always tell people I'm the newly appointed VP when they catch me around offices I shouldn't be.
9. Re:strange article by AJH16 · 2013-10-11 05:20 · Score: 1
  
  Well, there is if you burden it with so much security that people start taking shortcuts to use it that leave you more vulnerable, but I get what you mean. It's important to remember that even in high security situations, it's still a balancing act though.
  
  --
  AJ Henderson
10. Re:strange article by Anonymous Coward · 2013-10-11 05:23 · Score: 0
  
  Not unless you dont consider someone walking into the office and physically forcing you to unlock said passwords and physical devices with the proverbial $5 wrench a danger. Which is exactly the problem that seems to be evolving here...
  (I would give up the password in a heartbeat, nothing on my works servers is worth my life. so perhaps it is not a bad idea to have physical security in place to avoid that issue ever coming up - if the employer values the data that is)
11. Re:strange article by swb · 2013-10-11 05:24 · Score: 4, Interesting
  
  Right after 9/11 I asked our electrician if he had been experiencing more difficulty getting into buildings to do work. I figured with security on everyone's mind it would be more challenging to show up and gain access to sensitive areas of downtown office buildings.
  He just laughed and said no. He said if I took one of his work uniform shirts (company logo polo) and carried a bunch of tools with me I could walk into any building security office downtown and check out master keys merely by handing them my driver's license. No questions asked.
  My guess is with the right employee uniform you can get away with going a lot of places you don't belong. You could probably do some serious mayhem in the local telco uniform as this would probably get you into any wiring closet in the building, and often they have patch panels and switches for local networks.
12. Re:strange article by cascadingstylesheet · 2013-10-11 05:28 · Score: 2
  
  A security-minded person would say 'yes, because security guards with guns deter threats that locks and passwords do not.' If your valuables are really that valuable, then there is no such thing as too much security.
  Of course, the article is mainly focused on start-ups who rarely focus on security, not large corporations who have years experience at deterring the bad guys.
  Just as real computer security is hard, so is real physical security.
  I think I've worked maybe one place that had what I would consider real physical security that was worth much of anything. (And it wasn't the military, but rather a military contractor.)
13. Re:strange article by gstoddart · 2013-10-11 05:35 · Score: 2
  
  I always tell people I'm the newly appointed VP when they catch me around offices I shouldn't be.
  I still made him show me his badge and checked with reception.
  I'm not the trusting sort.
  
  --
  Lost at C:>. Found at C.
14. Re:strange article by cusco · 2013-10-11 05:48 · Score: 1
  
  You plug into a network, right? Where's the switch? Where's your server? Where are the project files? Are they encrypted? Where are all of the domain controllers? Who has access to the printer hard drives? Are all of your co-irkers as conscientious as you are? Who controls access to the network closets? What's the procedure to access them? Can people get away with tailgating into the building?
  Depending on your location the gun probably isn't necessary (unless your high executives are in the same building as you are), but the guard staff sure as hell is.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
15. Re:strange article by Anonymous Coward · 2013-10-11 06:00 · Score: 1
  
  I'd say yes. Around '06, there was a data center in Chicago hit multiple times with racks of equipment "liberated" by armed robbers. It took a law passed in the city to allow companies to hire armed guards before this data center stopped getting hit.
  I am amazed that this hasn't happened more, mainly because security usually are 1-2 HID card reader locks in most places. However, when thieves start to realize that a data center hit can not just net them a tidy sum of equipment, but the ability to blackmail ("Give us a ransom or these files will be published/sold overseas") or extort ("Give us a ransom or else we destroy all the backups and data") is something that will be a windfall for thieves.
  Armed security guards don't solve everything. However, they force intruders to either have a firefight (which means the police will be there in a heartbeat), be sneaky, or find softer targets.
  As of now, data centers are still white collar territory. However, it will only be a matter of time before the same gangs who make money with home invasions start realizing that a robbed data center can be extremely profitable.
  So, physical attacks are not surprising, and in a lot of cases, it is far easier to get physical access to a building's machines than it is to hack in via the Internet.
16. Re:strange article by Score+Whore · 2013-10-11 06:09 · Score: 1
  
  The people taking short cuts need to be fired immediately. Protecting the company assets as at least as much of the job as creating the assets.
17. Re:strange article by ArcadeMan · 2013-10-11 06:27 · Score: 1
  
  If your competitor can slow you down by destroying your work, passwords and encryption will not protect you. Of course if your competitor does that, he must be really stupid because you have off-site backups of everything right?
  
  --
  Get free satoshi (Bitcoin) and Dogecoins
18. Re:strange article by nospam007 · 2013-10-11 06:35 · Score: 2
  
  "You plug into a network, right? Where's the switch? Where's your server? Where are the project files? Are they encrypted? Where are all of the domain controllers? Who has access to the printer hard drives? Are all of your co-irkers as conscientious as you are? Who controls access to the network closets? What's the procedure to access them? Can people get away with tailgating into the building? "
  We asked Borland or Inprise or whatever it was called at that moment for the source code for dBase III+ in the late nineties, they would have given us the code perhaps, but nobody was able to find out where it was.
  The developers were retired, dead or moved one a decade ago when they took over Ashton-Tate.
19. Re:strange article by Anonymous Coward · 2013-10-11 06:37 · Score: 0
  
  I had a job where someone was claiming to be a VP or high muckey-muck who claimed to have left his badge in his car, and then yelling, "you don't know who I am"? when I challenged him and wouldn't let him into a server room when he demanded access.
  I ended up yelling for security, then telling him that I did knew who he was... someone about to be asked some pointed questions about why they were in the building with no proof of who they were.
  Too bad it was a VP that worked at another state and was in town on some muckety-muck business. I got fired about an hour later.
  Not to say I will let a tailgater in even after losing my job due to one. Better a lost job, than a lost job + being the fall guy if the person who got let in was truly there for criminal activity.
20. Re:strange article by lgw · 2013-10-11 06:38 · Score: 2
  
  Bullshit. People will always take short cuts, even in the military. But if your company exists to create software, the guys who create software are ultimately the real assets.
  Good security revolves around understanding that people take shortcuts. Make the right thing to do easier than the wrong thing. For example, any security door between where people sit and the smoking area will be propped open - guaranteed. You can try to resolve that with shouting, or you can simply build a smoking area inside the secure perimeter. With the latter approach it's now easier to smoke in the smoking area than not, and no one will be working around your security for their convenience (and to avoid tracking).
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
21. Re:strange article by Anonymous Coward · 2013-10-11 06:43 · Score: 0
  
  I had almost the exact same scenario happen, except I didnt get fired - I got called on the carpet and given a chance to apologize. I flatly refused to apologize for doing my job and if they wanted anything more from me they could talk to my lawyer. Never heard a peep about it again.
22. Re:strange article by cusco · 2013-10-11 06:52 · Score: 3, Informative
  
  Or you can install an obnoxious sounder that goes off every time the door is held open more than X-many seconds. That works really well, we do it all the time.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
23. Re:strange article by cusco · 2013-10-11 06:55 · Score: 4, Interesting
  
  This exact scenario happened recently where I currently work. An executive from headquarters showed up with his party to inspect a new data center, his staff had accidentally left his name off the list of people to be granted temporary access. He made all kinds of noise about it, but ended up sitting in the lobby while the rest of the party took in the dog and pony show. Once he got home and cooled down he sent a letter of commendation to the guard staff at the data center. Don't know what happened to the staffer that left his name off the list.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
24. Re:strange article by AJH16 · 2013-10-11 07:05 · Score: 3, Insightful
  
  Actually, the people taking shortcuts should be educated on why not to take shortcuts and the procedures reviewed to see if they can be improved. Overly burdensome security will harm moral and could possibly increase the chance of an internal breach, which is always the biggest risk since the people inside are supposed to have at least some access.
  
  --
  AJ Henderson
25. Re:strange article by lgw · 2013-10-11 07:09 · Score: 1
  
  Works great when it doesn't annoy any hardware geeks. :)
  When I worked in a hardware lab, I remember the time facilities put lock-boxes around the thermostats. Hilarity ensued. Eventually, there would be no physical evidence of how the thermostats would mysteriously change settings inside their lockboxes.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
26. Re:strange article by mjwalshe · 2013-10-11 07:35 · Score: 1
  
  It depends if your working at Thames House, Babylon on Thames or Fort Mede probably yes some little consumer company like amazon or apple not so much :-)
27. Re:strange article by Score+Whore · 2013-10-11 08:23 · Score: 1
  
  You didn't make an argument, you just said people will ignore the rules. And those people should be fired. The reducto ab absurdum of your argument is that we shouldn't have any laws against murder as there will be murderers. And that we don't need knowledgeable and skilled surgeons as it's easier to be ignorant and unskilled.
  The reality is that in certain environments, good security craft is as much of the job as good software development skills -- and I'm not saying writing secure software, to help clarify for some readers. The developers need to be experienced and aware of the appropriate security measures and be willing to implement them in their day to day actions. If they aren't, either experienced or willing, then they are unqualified regardless of how good they might be at developing software or hardware. It's a like washing your hands after going to the bathroom (not doing which is also a perfectly good reason to be fired.)
  Propping a door open can lead to tens of thousands of dollars in losses at the low end, say from a simple equipment burglary to total failure of the company from trade secret loss. If someone feels that their need for convenience the greater issue, then that person has a fucked up sense of priorities that makes them unqualified to work in that environment. That's just a basic fact. E.g. if you can't be bothered to wash your hands before cutting someone's head open, you're not qualified regardless of how steady your hands are.
28. Re:strange article by Score+Whore · 2013-10-11 08:25 · Score: 1
  
  That education should happen on the first day they are working for you and if they aren't willing to follow procedures then they aren't aligned with your business interests and have no reason to be working for you.
29. Re:strange article by Anonymous Coward · 2013-10-11 08:47 · Score: 0
  
  I agree. I work at a dealership and I remember seeing an article posted on the bulletin telling us that another dealership in the area had lost some vehicles due to this type of social engineering. Some people would dress in technician clothing, taking keys and driving off with some vehicles without setting off any flags of anybody actually working at the dealership.
30. Re:strange article by Anonymous Coward · 2013-10-11 09:16 · Score: 0
  
  A security-minded person would say 'yes, because security guards with guns deter threats that locks and passwords do not.' If your valuables are really that valuable, then there is no such thing as too much security.
  There is always such thing as too much security: if your security costs more than your risk-assessed value, you have too much security.
  I'll give you an example: if you have $1M in diamonds, and a probability estimate for theft of 10%/year, if you are spending over $100k/year to keep them secure, you have too much security (to say nothing about whether your particular security is effective). Even if your probability estimate is way off, if you are spending more than $1M total on security, you have too much security.
  A simpler and more realistic way to look at it is this: if your security is costing more than it would to insure against your loss, you have too much. Since your insurance premium is likely affected by how much security you have, it turns out that it is a convex optimisation problem to minimise the combined cost of security and insurance.
31. Re:strange article by Anonymous Coward · 2013-10-11 09:33 · Score: 0
  
  Where I live, a call to "110" will make two angry mean in ugly blue suits show up in a matter of minutes. *they* do also carry guns and have an proper education+training how to use them. Unfortunately for the baddies, the ugly bluemen often come in much bigger numbers.
  So, do we need private security with guns and a shitty training/education ? Probably not.
32. Re:strange article by Aighearach · 2013-10-11 09:36 · Score: 1
  
  So... do startups with decent physical security on average make more of a profit than those without? This is the true measure of whether it's needed.
  While I mostly agree with you, I'd want to just measure what security problems they had and at what cost, rather than their profitability. Startups are too few, too different, and too rarely profitable to measure based on profit. And in many cases the most profitable of current startups in 10 years will grow huge and have a lot of success, before ever becoming profitable. With a big enough data set, then yeah, you'd have enough companies that did or didn't go out of business based on their security choices to make that meaningful. But that data set isn't that big, and the failure rate is too high.
33. Re:strange article by Anonymous Coward · 2013-10-11 09:40 · Score: 0
  
  You nailed it. Getting into a building in almost any corporation is easy: Use a whore to get a shy developer laid, drug the guy and take his access card. Then use said card with a similar-looking guy to enter building. Bingo.
  That technique was used by communist "RAF" terrorists to get into a US Army barrack and to deposit a bomb there. Except that the bastards killed the solider so he could not talk.
  Using a gun is idiotic to subvert a protected building. If corporations were serious about security, they would have guards visually checking employees against a "facebook" (a physical one !) every morning upon entrance. And probably also upon leaving.
34. Re:strange article by lgw · 2013-10-11 09:41 · Score: 1
  
  Yes that was my argument: your approach is simply not realistic. Security people always say "just fire everyone who doesn't comply", but in the real world they rarely have that sort of power, nor should they.
  If the purpose of your company is to guard something, then fine. That's unlikely to be a Silly Valley startup. If the purpose of your company is to invent something cool, something worth guarding, then the inventers are more important than the security guards. Thus you want to work with human nature, not against it.
  Heck, even in the military where you can go beyond firing people who don't follow the rules, it's still common practice to accommodate human nature to improve security. The more realistically you model the human parts of your solution, the better you'll do.
  (You might notice that for example, the door to the smoking area already have the best security in the world: a tight group of people who all know each other, will recongnize anyone who doesn't belong, and who pay attention to who comes and goes. But your goal seems to be "control" not "security" - the fewer people like that with jobs, the better.)
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
35. Re:strange article by Anonymous Coward · 2013-10-11 09:42 · Score: 0
  
  If the access card needs a code or fingerprint in addition, make the whore request "sex in that cool office building".
36. Re:strange article by Anonymous Coward · 2013-10-11 09:47 · Score: 0
  
  Just put a "smoke and mirror entrance" system in front of the data center. When they come, lock them in there and call police. Meanwhile you sit in the command bunker and watch the idiots freak out from your CCTV.
  Real security comes from concealed operations, locations and people. NOT from Maginot Lines or "Show Of Force". "Be unprectable" must be your motto.
37. Re:strange article by Anonymous Coward · 2013-10-11 09:52 · Score: 0
  
  Google has at least three copies of all their users/products data and they can give away that storage to their products for "free". Why can't YOU have three copies ?
38. Re:strange article by Anonymous Coward · 2013-10-11 10:12 · Score: 1
  
  A month or two ago in manhattan someone waltzed into a nice car storage wearing a local high end mechanics uniform and said he was there to pick up a luxury car for work. The attendant gave him the keys and poof, have a good day, dude disappeared. Turns out he had been recently fired from said mechanic. Can't remember what the guy made off with but it was a $3-400K car. I also can't imagine wtf the dude was planning on doing with it.
39. Re:strange article by Em+Adespoton · 2013-10-11 10:27 · Score: 1
  
  With a big enough data set, then yeah, you'd have enough companies that did or didn't go out of business based on their security choices to make that meaningful. But that data set isn't that big, and the failure rate is too high.
  True, and you'd also have to take into account the number of startups that didn't "start up" due to investing in physical security instead of putting that money into R&D.
40. Re:strange article by AJH16 · 2013-10-11 10:52 · Score: 1
  
  At this point I'm going to assume you are either trolling or like to work with robots (who by the way tend to not be very good innovators). Yes, the education should happen on day one, but not everyone is (or should be) a security professional, so sometimes they will need reminding. Firing them immediately isn't the answer, reminding them sternly and letting them know that if problems continue, then they will be fired is. Certainly, if they regularly, recklessly disregard policy, then they need to go, but people are people and we have security professionals for a reason.
  A good security professional understands that people want to get their work done first and that, while they are well meaning, won't be thinking about every detail of security 24/7 (as that isn't their job or training). You have to have users as allies to foster a spirit of cooperation in making sure things stay secure and that doesn't happen if you act like an unforgiving despot, it only leads to problems and distrust between users and security and leads to lower security.
  Just look at any area where the police have a bad reputation because they crack down too hard rather than cooperating and educating people. The result is that people don't trust the police and won't even report outright issues, let alone activities that look suspicious. The result is the neighborhood goes to hell in a hand basket. The same thing applies in any organization.
  
  --
  AJ Henderson
41. Re: strange article by Badblackdog · 2013-10-11 11:02 · Score: 0
  
  From swb: "My guess is with the right employee uniform you can get away with going a lot of places you don't belong. You could probably do some serious mayhem in the local telco uniform as this would probably get you into any wiring closet in the building, and often they have patch panels and switches for local networks." Absolutely true. I have worked as a computer tech for years and moved to doing cabling and fiber so I frequently need access to areas that should be secure. I don't even wear a company shirt and I can talk my way into almost any non government building with a tool bag and a smile. Paperwork usually helps too. "Hey do you know where the data closet is? They sent me to check out the blah blah blah...". "Sure it is right this way." If you ask for a key they might toss you the whole key chain and tell you to drop them off on your way out. I live in New Orleans so people are pretty friendly.
42. Re:strange article by ultrasawblade · 2013-10-11 11:40 · Score: 1
  
  >Just put a "smoke and mirror entrance" system in front of the data center. When they come, lock them in there and call police.
  This is illegal (illegal confinement or arrest) and will make you criminally liable. #IANAL.
43. Re:strange article by jcrb · 2013-10-11 12:12 · Score: 1
  
  Yes you need physical security, to prevent the guy in the FedEx box replacing your keyboard with one with a hardware key logger. And planting a transmitter inside your machine to send out the data wirelessly once it has your encryption passwords.
  
  --
  -jon
44. Re:strange article by TheCarp · 2013-10-11 13:10 · Score: 1
  
  Yup. In my first job we were doing overnight upgrades in a store, and as a precaution, we had to get the address from every cash register before we started...just in case. This meant going into a busy department store that we had never set foot in before (1 night per store), walk in, and fiddle with cash registers. Security, of course, knew we were coming but, you think anyone else knew?
  My first few nights, I walked in, even with my red shirt and company logo, it was a pain. I would walk up to the lines and try to tell the cashier what I was doing and inevitably, they would insist that I talk to the manager.
  By the fourth night or so, I just started walking up to registers, clipboard in hand, would jump up and sit on an unused counter and lean over and get the address; and walking through back doors like I belonged. Nobody ever questioned me again. (except that one annoying manager who didn't think it was a good idea for me to head over to the futon display in the empty store and read a book during the 4 hour file copy)
  
  --
  "I opened my eyes, and everything went dark again"
45. Re:strange article by russotto · 2013-10-11 14:56 · Score: 1
  
  You didn't make an argument, you just said people will ignore the rules. And those people should be fired.
  This is the problem with authoritarian security assholes in a nutshell. They figure out the most expedient way they can get their job -- security -- done. And they don't care how much harder it makes everyone else's job, because they figure if those people resist, they can just be fired.
46. Re:strange article by onyxruby · 2013-10-12 01:46 · Score: 1
  
  Remember that all the the security in the world is considered worthless if the other person has physical access to your disk. Encryption can be broken in a number of different ways, it often simply isn't implemented correctly. However you have to recall that your encryption is really quite worthless when I can install a cheap camera above your desk or a keylogger on your keyboard and simply capture your password.
47. Re:strange article by toddestan · 2013-10-12 05:00 · Score: 1
  
  Car probably ended up in a shipping container with some overseas destination where not a lot of questions would be asked.
48. Re:strange article by lsatenstein · 2013-10-12 23:57 · Score: 1
  
  It goes from corporate espionage to some guy stealing credit card numbers as a 'hobby'.
  I work at a major corporation that has security cards to get into the building and my computer is password protected with an encrypted hard drive & a physical lock on the computer. Are security guards with guns really necessary?
  A security-minded person would say 'yes, because security guards with guns deter threats that locks and passwords do not.' If your valuables are really that valuable, then there is no such thing as too much security.
  Of course, the article is mainly focused on start-ups who rarely focus on security, not large corporations who have years experience at deterring the bad guys.
  The guards are there to prevent thieves from walking out with desktops, laptops, monitors, and whatever else could be put in the back of a truck that is allowed up to the loading dock.
  
  --
  Leslie Satenstein Montreal Quebec Canada
49. Re:strange article by Xest · 2013-10-13 23:53 · Score: 1
  
  I think it's always been this way though, when I was 17 and I wanted to get served at pubs that were strict on ID'ing people I'd just flash up my drivers license and they'd serve me. None of them stopped to think that anyone would have the cheek to hand over their license and actually be underage so rather than check the DOB on it they just assumed "Oh he has ID" and served you.
  Similarly on the trains once, I used to buy a monthly pass, but it was a day out one day and I didn't realise. The conductor came round asking to see passes and I flashed it up to him and he just said thank you and moved on. It wasn't until the next week on the Monday morning that I noticed I needed a new pass. I have an annual pass now and go through a ticket barrier each morning and they don't even look at it. You could probably flash up something completely random and they'd let you through.
  I like the security guard where I currently work though. Even if he knows you really well he'll still demand to see your pass every time you want to enter the building. He's a real pro and does it exactly right.
  I think you're right, you can get away with a hell of a lot of things if you do nothing more than what people would expect you to do if you were who you said you were, or were doing what you implied you were doing. It's really only the fear of getting caught that puts people off, even if that chance of getting caught is probably lower than 1% in many cases.
  It makes me wonder how many people actually do do this sort of thing. I've always wondered how many people with the old style rail passes still used round here have just printed them out because there's no security features on them like metallic strips or holographic seals for example. Like you say, I wonder how many people do just go into places they're not supposed to by pretending they're someone they're not. Given how easy it is I'd wager it's more common than most people realise.
KEY WORD: a ... COUPLE ... of by Anonymous Coward · 2013-10-11 04:37 · Score: 0

Two does not make a party !! I propose that if there are not two a day then the police may as well stay home !!
Seal of approval by gmuslera · 2013-10-11 04:40 · Score: 1

If the government does it, then it should not be so wrong.
1. Re:Seal of approval by Em+Adespoton · 2013-10-11 04:58 · Score: 1
  
  If the government does it, then it should not be so wrong.
  The reason we have a government is so that we can have strict controls on a small group of people who do what would otherwise be illegal. Somewhere along the line, we forgot about the strict controls, but that doesn't mean what they do should be suddenly legal.
Credit please... by SuperKendall · 2013-10-11 04:44 · Score: 4, Informative

To the master, Weird Al.

--
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Those who forget the past... by Virtucon · 2013-10-11 04:48 · Score: 4, Interesting

Are doomed to repeat it. Espionage is nothing new and it's been around for centuries. The plans for the Atomic Bomb were stolen by people who were sympathetic to the Soviets.
Sometimes technology can be given away, stupidly, when somebody is trying to build better relations or is reverse engineered like the TU-4 bomber.
While we've been concerned with Cyber Espionage it's still nice to see that old fashioned bribery and cunning are still in use and that countries and competitors will still go to whatever lengths are necessary to steal technology. We've allowed billions in technological innovations to be stolen and given away and it will come back to haunt us.

--
Harrison's Postulate - "For every action there is an equal and opposite criticism"
1. Re:Those who forget the past... by Anonymous Coward · 2013-10-11 05:01 · Score: 0
  
  Is it really possible to stop? Espionage has been around for centuries for a reason. It will be around for as long as there are humans. Quite frankly, I am not sure I want to live on a planet where espionage/hacking do not occur. As distasteful as these things are, there are a side effect of freedom.
2. Re:Those who forget the past... by Anonymous Coward · 2013-10-11 05:26 · Score: 1
  
  This. It's not virtual attacks that have "turned into physical". Physical attacks have never stopped. Heck, 15 years ago my grandmother got burglered, but the only think they took was the PC. Industrial espionage isn't a new phenomenon.
3. Re: Those who forget the past... by Anonymous Coward · 2013-10-11 05:44 · Score: 0
  
  It's a lot of fun for the person infiltrating. Better than shoplifting!
4. Re:Those who forget the past... by timeOday · 2013-10-11 05:46 · Score: 1
  
  But you are wrong in placing blame by implying that remembering the past prevents you from having to repeat it. The fact is that secrets have a shelf life. You can lengthen it, but not too much.
5. Re:Those who forget the past... by Virtucon · 2013-10-11 06:19 · Score: 1
  
  Or you can patent the secret then everybody knows how you did it.
  
  --
  Harrison's Postulate - "For every action there is an equal and opposite criticism"
6. Re:Those who forget the past... by Anonymous Coward · 2013-10-11 10:08 · Score: 0
  
  Yeah, it would be so much better if we continued to be Drug Pushers to poison the Barbarians there. And kill their police when they oppose Us Drug Pushers.
7. Re:Those who forget the past... by Anonymous Coward · 2013-10-11 10:20 · Score: 0
  
  And, your articles are not entirely truthful. The Russkies used lots of German engineers and scientists, too. To build the most powerful turboprop engine TO THE PRESENT FUCKING DAY and to electrically separate isotopes, for example. They got those people either by capture or voluntarily (e.g. Manfred von Ardenne, who was mightily pissed about the nazies and laid the blame for the rise of nazism at the door of capitalism. Which is kind of reasonable, given NY's habit to shit on the world economy).
  Finally, the Russkies themselves aren't the barbarians they are often painted, by Nazi intelligence now in the pay of, well, LANGLEY.
  Their T34 tank was the Bestest Of Bestest in the beginning of WW2, for example. Only the Tiger tank (which came late, unreliable, expensive and in small numbers) and the 88mm cannon could oppose the T34s. If Stalin had not been so paranoid (for which he had *some* reason, though), his Generals would have stopped Germany in Poland in 1941. Unfortunately most of said Generals were killed by Stalin himself.
Just insure it by Anonymous Coward · 2013-10-11 04:50 · Score: 1

Just insure your code. Most of what's being written in the Valley is better off being metaphorically "burned down" for the insurance money anyway. Followed by... they stole the code for FaceBook or Twitter? Most of the value is in the branding and the infrastructure that allows them to scale. The code that's running in a particular VM, by itself, is probably not worth much.
The headline... by Anonymous Coward · 2013-10-11 04:51 · Score: 0

The headline conjures up images of someone physically picking up silicon valley and running off with it.
Cartoon style.
Thanks for that image slashdot :P
- Gallefray
1. Re:The headline... by Anonymous Coward · 2013-10-11 05:11 · Score: 1
  
  That would be "Gallifrey", guy. And if you're going to sign a post, why not just log in?
  - Anonymous Coward, esq.
Credit please... only where credit due by frovingslosh · 2013-10-11 04:54 · Score: 1

I heard forms of this joke back in the 1950's. I do like weird Al, but he deserves no credit here.

--
I'm an American. I love this country and the freedoms that we used to have.
1. Re:Credit please... only where credit due by Anonymous Coward · 2013-10-11 05:09 · Score: 0
  
  I heard forms of this joke back in the 1950's. I do like weird Al, but he deserves no credit here.
  Perhaps, but he certainly put more class into the delivery in that scene than most would have done.
2. Re:Credit please... only where credit due by Beorytis · 2013-10-11 05:23 · Score: 2
  
  Perhaps, but he certainly put more class into the delivery
  Do you mean "class" or "crass"?
Security starts with inventory by onyxruby · 2013-10-11 04:56 · Score: 3, Interesting

This shouldn't really surprise someone. When you think about a data center or server rack is arguably about the most valuable square footage that you can have. Think of a comparison to a typical jewelry shop, it might have $250,000 to a $1,000,000 in a vault and it's not easy to liquidate for anything resembling it's retail value. Now think of a typical bank vault, it probably has a typical amount of money, and again liquidation is an issue (look up money laundering for the challenges drug dealers face plus serial numbers).
Now think of a single rack in a data-center where a low end server can easily cost $5000 and nobody blinks an eye at something costing $25,000. A single rack can easily be worth a million dollars or more depending on how it is loaded. You can also easily resell IT equipment or part it out and there is a much smaller chance of getting caught. Serial numbers are an issue of course, but if something gets sent overseas the cost of getting caught drops significanly while the value is pretty much retained.
If you were to look at the sheer value of the contents of a building the only buildings that could possibly compete with a data center would be the exceptional bank vault and factories such as where they build new jetliners.
1. Re:Security starts with inventory by mlts · 2013-10-11 06:57 · Score: 2
  
  What I've found is sometimes the best protection for data center rack protection is sometimes things that are fairly simple.
  Something as simple as pin-Torx or pin-Robertson (square head) screws can keep equipment from vanishing, assuming the bits are stored somewhere fairly secure. It isn't near 100%, but it will slow someone down who managed to get in, and who is looking to unbolt something out of a rack and then make a break for it out the fire door.
  If I need more secure tamper-resistant screws, Bryce Fastener can make custom-headed screws that only each customer would have bits to. This is low-tech and won't stop someone who has the ability to haul 500+ pounds out on a rack, but it is a good line of defense.
  Computer-wise, for very sensitive servers, I always have some sort of DAR (disk at rest) encryption (with the recovery keys stored in multiple secure, but recoverable locations.) That way, if someone grabs all the disks from an array, the data is useless without the LUKS or BitLocker keys. Similar on the SAN side. With encryption enabled on the drive controllers and the drives being hardware self-encrypting, a theft becomes "just" a hardware loss, not both hardware loss and a major security breach.
  None of these measures are 100%. A computer that uses BitLocker Network Unlock can be decrypted via a RAM dump. Security screws can be drilled or slotted with a Dremel tool. However, it is better to have some measures in place than none.
2. Re:Security starts with inventory by mrchaotica · 2013-10-11 08:11 · Score: 1
  
  You can also easily resell IT equipment or part it out and there is a much smaller chance of getting caught. Serial numbers are an issue of course, but if something gets sent overseas the cost of getting caught drops significanly while the value is pretty much retained.
  Wouldn't the shipping overseas idea apply equally to cash and jewelry?
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
3. Re:Security starts with inventory by Beardo+the+Bearded · 2013-10-11 09:53 · Score: 1
  
  You can get five-headed bolts made, too. They look normal enough until you can't get a grip on them.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
Lower cost of espionage by Anonymous Coward · 2013-10-11 04:56 · Score: 1

Why bother with expensive, well paid hackers or going through the complexity of setting up a bot-net to break in to a competitor when you can sneak in the back door in the middle of the night, root through drawers until you find a sticky note with a password and get things the old fashioned way.
nothing new here by frovingslosh · 2013-10-11 04:58 · Score: 2

Just more proof that information wants to be free.

--
I'm an American. I love this country and the freedoms that we used to have.
1. Re:nothing new here by Anonymous Coward · 2013-10-11 05:11 · Score: 0
  
  Information has no such desires.
  People with projection issues claim information wants to be free, as a justification for their own personal appetite for information, regardless of who owns it, or their expense to aquire it, or silly things like laws and property rights.
2. Re:nothing new here by Anonymous Coward · 2013-10-11 09:05 · Score: 0
  
  And proof that free information is not free but merely exploited. Information wants to be exploited.
Movie time by SJHillman · 2013-10-11 04:59 · Score: 3, Funny

I bet it's those Pirates of Silicon Valley. Damn pirates, always stealing everything.
1. Re:Movie time by Anonymous Coward · 2013-10-11 08:10 · Score: 0
  
  yes -- I have seen a lot more parrots around town now that you mention that.... hmm.
  arrrggh
2. Re:Movie time by e_armadillo · 2013-10-11 09:24 · Score: 1
  
  "Good artists copy, Great artists steal." Arrrr me harty!
Encryption? by hawguy · 2013-10-11 05:01 · Score: 1

Aren't these companies encrypting their extremely valuable data? All of my computers use full-disk encryption and I don't have anything more valuable than old tax returns and my carefully curated p0rn collection. I've got a lot of my company's source code, but most of it will end up open sourced anyway, so it's not that valuable to a thief.
1. Re:Encryption? by Anonymous Coward · 2013-10-11 10:48 · Score: 0
  
  The passphrases will be standardized on "PoliceAcademy".
Did They Do Attack Trees? by bill_mcgonigle · 2013-10-11 05:04 · Score: 5, Interesting

C'mon, guys, if you'd have done your attack trees, you'd know that the guy who empties the waste basket can install a keylogger for a day for much less cost than it would take to break your 4096 bit PGP key.
I suppose this story does highlight some changing costs on the nodes, though - if physical penetration is becoming more prevalent, then either the cost of hiring somebody to do it is falling (due to massive unemployment, perhaps?) or the costs of other attacks are rising.

--
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
1. Re:Did They Do Attack Trees? by cusco · 2013-10-11 06:06 · Score: 5, Interesting
  
  The cost of doing it is dropping because the tools are getting cheaper, easier to use, and easier to deploy. A local software company got hacked by someone just plugging a wireless router into an unoccupied network port in a conference room and taping it under the table (they think it was a job applicant being interviewed), and then just browsing their network from the parking lot that night. I've heard (second hand) of an office where the janitorial staff plugged a netbook into a port under a desk, let it sniff all network traffic for a couple of days, and then handed it off to whoever hired them. I've seen USB keyloggers advertised for under $100, and some of the newer remote control/viewing software can be autoinstalled and is unnoticeable to the casual user. It just isn't rocket surgery any more.
  
  --
  "Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
2. Re:Did They Do Attack Trees? by Anonymous Coward · 2013-10-11 06:19 · Score: 0
  
  " if physical penetration is becoming more prevalent, then either the cost of hiring somebody to do it is falling (due to massive unemployment, perhaps?) or the costs of other attacks are rising"
  Or the value of that which can be stolen is increasing. Which is probably the most likely answer. There isnt "massive unemployment" in Silicon Valley.
LOL Racism by Anonymous Coward · 2013-10-11 05:05 · Score: 0, Troll

So I take it now racist jokes are ok and rewarded here? Shame on you and the moderators.
1. Re:LOL Racism by Anonymous Coward · 2013-10-11 05:18 · Score: 1
  
  It's not exactly racist. It's a reference to a scene in Weird Al's movie UHF. I suppose you could argue that making a joke about accents is racist, but seeing as it isn't really derogatory in any way, I'm not sure how it would be. (The height is a reference to the height of the actor in the movie.)
2. Re:LOL Racism by SternisheFan · 2013-10-11 05:24 · Score: 1
  
  All accents are funny (unless it's your accent, then it's racist).
3. Re:LOL Racism by xevioso · 2013-10-11 05:35 · Score: 1
  
  Making fun of a person's accent isn't racist, Mr. Crabby McCrabberton.
4. Re:LOL Racism by gstoddart · 2013-10-11 05:41 · Score: 1
  
  The corollary to that is nobody thinks they have an accent, just that everyone else does.
  
  --
  Lost at C:>. Found at C.
5. Re:LOL Racism by Anonymous Coward · 2013-10-11 06:10 · Score: 0
  
  Stupid! You so stupid!
6. Re:LOL Racism by ArcadeMan · 2013-10-11 06:25 · Score: 1
  
  Canadians don't have an accent, eh?
  
  --
  Get free satoshi (Bitcoin) and Dogecoins
7. Re:LOL Racism by s.petry · 2013-10-11 06:33 · Score: 1
  
  I always enjoy that Canadian "aboot" instead of "about". Eh?
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
8. Re:LOL Racism by mcgrew · 2013-10-11 09:16 · Score: 1
  
  All accents are funny (unless it's your accent, then it's racist).
  How can a blonde haired blue eyed Bostonian be racist against a blonde haired blue eyed Texan? Making fun of accents has nothing to do with race. In fact, accents themselves have nothing to do with race and everything to do with growing up in a certain location. I know a man whose parents are both Japanese, he was adopted by a Chicago couple in infancy. Guess what? He speaks with a Chicago accent.
  
  --
  Free Martian Whores!
9. Re:LOL Racism by Beardo+the+Bearded · 2013-10-11 09:48 · Score: 2
  
  Actually, that's mostly true. Some regions of Canada use the most lightly-accented form of English.
  I've been interviewed just for my voice to test my accent.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
10. Re:LOL Racism by Anonymous Coward · 2013-10-13 14:52 · Score: 0
  
  protip: if you don't want to be racist you need to offend all races equally.quite hard to do in a single joke - someone will always be upset about being left out.
War By Other Means. by tekrat · 2013-10-11 05:09 · Score: 4, Informative

I remember reading "War By Other Means" (http://www.amazon.com/War-Other-Means-Economic-Espionage/dp/0393318214/ref=sr_1_3?ie=UTF8&qid=1381510831&sr=8-3&keywords=war+by+other+means) more than 10 years ago.
The book starts off with how the USA, during it's early years, sent "spies" to European nations to gather their technology regarding weaving and agriculture, as well as the start of the industrial revolution, and how that enabled the USA to become a superpower, and now it's being turned around on us that other countries such as China are doing the same thing, except that they are doing it on a much larger scale.
That this is happening on a small scale in the valley is no surprise, since the lead-time on new tech is now incredibly small. Look how Samsung introduced a "smartwatch" based on a RUMOR that Apple was doing that.

--
If telephones are outlawed, then only outlaws will have telephones.
1. Re:War By Other Means. by Anonymous Coward · 2013-10-11 05:52 · Score: 0
  
  > Look how Samsung introduced a "smartwatch" based on a RUMOR that Apple was doing that.
  Riiight...
  because releasing a small touch screen based computer system on a watch based on commodity software and SOC's is WAY TOTALLY DIFFERENT
  than releasing a small touch screen based computer system in a phone based on commodity software and SOC's
  don't disagree with your premise - but, this is not a very compelling example case..
2. Re:War By Other Means. by artor3 · 2013-10-11 06:51 · Score: 2
  
  The US didn't become a superpower by stealing loom technology. It became a superpower because every other major power was a bombed out husk following World War II.
3. Re:War By Other Means. by bored · 2013-10-11 08:42 · Score: 1
  
  And the fact that the US was basically the manufacturing powerhouse of the early 20th century. The US didn't win the war because it had better technology, or a larger war machine at the beginning of the war. It won because it produced 10-100x as many tanks/planes/jeeps/ships/oil/etc as the Germans and Japanese.
4. Re:War By Other Means. by Anonymous Coward · 2013-10-11 10:26 · Score: 0
  
  The U.S. won W.W. II? I thought they joined in late and got to be on the winning side.
5. Re:War By Other Means. by bored · 2013-10-11 11:04 · Score: 1
  
  Yah, but they were supplying the "winning side" with equipment long before they started shooting.
  AKA they were the modern Chinese, lots of low tech manufacturing (when compared with the relative supremacy of things like the German tanks and Japanese planes).
  But, yes contributions from other countries (Russia anyone?) might be ignored in the modern telling of the war from the US perspective.
Governmor Brown is being questioned? by s.petry · 2013-10-11 05:15 · Score: 4, Funny

Oh wait, this is not about the business taxes in CA.

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
predator - prey relationship by Anonymous Coward · 2013-10-11 05:19 · Score: 0

the world can always use more escaped lions
Deja vu all over again by TheloniousToady · 2013-10-11 05:32 · Score: 3, Interesting

Sounds like the kindda stuff Kevin Mitnick was doing to The Phone Company decades ago. He once broke into a local Ma Bell office to steal manuals, as reported in his book "Ghost in the Wires: My Adventures as the World's Most Wanted Hacker".
The book is a pretty good read. In it, Mitnick repeatedly claims he never profited from any of his adventures - except by selling books and becoming a security consultant, of course. Heck, some of the reported robbers in Silicon Valley might be even more ethical.
Yes, here is why by luis_a_espinal · 2013-10-11 05:39 · Score: 1

It goes from corporate espionage to some guy stealing credit card numbers as a 'hobby'.
I work at a major corporation that has security cards to get into the building and my computer is password protected with an encrypted hard drive & a physical lock on the computer. Are security guards with guns really necessary?
Depends on the situation. If your property is that valuable, perhaps. Now, consider this: If people are willing to physically break into your facilities, that's passing the threshold that divides a cyber-violation to a physical violation. Statistically, breaking into someone's property usually correlates with a willingness to commit physical aggression. With that in mind, guns for security guards and LEO's are not simply to "shoot" the bad guys, but for them to protect themselves.
If I owned a property that has been broken into, or that is at risk of suffering a break-in, and if I had a need to protect valuables inside, I could not in good conscience put a security guard there with no legal means to defend himself if/when SHTF.
1. Re:Yes, here is why by Anonymous Coward · 2013-10-11 07:19 · Score: 0
  
  Just like a lock on a door, if I had a data center, it would two armed guards at the minimum, one at the desk watching monitors, one doing patrols.
  This doesn't mean that there ever will be a shootout, but it usually removes that thought from robber's heads, because they may lose the gun battle... and if caught (and police tend to actually take the time to hunt down people shooting at those in uniform, especially if it was an off-duty peace officer), robbery might hard time, but any crime using a firearm in the US will almost invariably give 20-life. To boot, firearms crimes usually mean an automax sentence in the state prison system.
  So, even though it is highly unlikely there would ever be an issue, with any data center, one never knows, especially in these times in the US where sanity seems to have taken the year off.
We're living the a cyberpunk future. by runeghost · 2013-10-11 06:32 · Score: 1

So, apparently shadowruns are a real thing now? I already knew William Gibson was just writing plain old fiction, but it still causes cognitive dissonance to realize I'm actually living in the dystopian future I read about back in the '80s.
1. Re:We're living the a cyberpunk future. by mjwalshe · 2013-10-11 07:39 · Score: 1
  
  Kids today :-) hardcore run is what your referring to - ie one requiring physical recce or direct action.
2. Re:We're living the a cyberpunk future. by Beardo+the+Bearded · 2013-10-11 09:59 · Score: 1
  
  It's super easy. Just grab some blue overalls, a toolbox, and a plunger.
  "I'm here to fix the toilet."
  The toolbox is full of sludge. Drop it on the floor and let it ooze out. People won't stick around when there's poop on the floor.
  Then plug in one of these wherever you've got a recently-emptied desk.
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
3. Re:We're living the a cyberpunk future. by Anonymous Coward · 2013-10-11 12:32 · Score: 0
  
  Whoosh...!
LoTek by Anonymous Coward · 2013-10-11 07:20 · Score: 0

Lotech win.
WiFi by Anonymous Coward · 2013-10-11 07:39 · Score: 0

Should have just mailed in a phone that is wifi internet enabled and running NMAP online and possibly AirCrackNG, get the internal addressing and hack in from there to the source code sitting on the server.
even lower by frovingslosh · 2013-10-11 08:20 · Score: 1

Hell, I get all of the secret information that I can ever use or sell just by filing freedom of information act req8uests with our friendly neighborhood NSA. It's a little redacted, but you still get plenty of information that the owners would like to keep private.

--
I'm an American. I love this country and the freedoms that we used to have.
no news here by Anonymous Coward · 2013-10-11 09:08 · Score: 0

I mean startups usually steal IP... hence why they're a startup in the valley nowadays. Stealing from some college paper, student project, hobbyist prototype, crowd sourced, movie writer, book writer.... the valley is run by MBAs not dreamers. MBAs reuse/regurg IP, not create it.
So folks stealing from them as in TFA is somewhat quid pro quo.
Our startup broken in to in SOMA by Anonymous Coward · 2013-10-11 11:40 · Score: 0

They stole a bunch of flat screens and other things. We had video of the entire thing as we were able to get the guys facebook page and email. The police asked us: "What do you want us to do?" The swear the cops are all high here.
Robbery vs Burlgary by Anonymous Coward · 2013-10-11 12:07 · Score: 0

For the love of god, learn the difference between robbery and burglary.
PeoplePak2000 by Anonymous Coward · 2013-10-11 12:33 · Score: 0

This also sounds like an implementation of the PeoplePak 2000 - ship a person via FedEx, UPS, or USPS... :-)
http://www.kubik.org/lighter/fedex.htm
NSA did it by Anonymous Coward · 2013-10-11 15:06 · Score: 0

Looks like the CIA and NSA are pissed that tech companies are getting tired of their coerced 'special relationship', so they're resorting to old school techniques (break and enter. . . only legal if you're the government)
So I had breakfast with Steve Stasiukonis once.... by jcrb · 2013-10-11 17:39 · Score: 1

Just happened to be staying in the same hotel and I don't recall what started us off but some how we struck up a conversation and he wound up telling me some great stories.
The story about the guy in the FexEx box is even better than the article makes out. Since they couldn't actually ship a person via FedEx for many reasons, the box had to seem to come from the right location which would have meant putting it on a plane, and what not. So to make it all look right Steve got himself a real FedEx uniform and put FexEx stickers on the side of a van and even had one of those scanner guns the delivery people used and pretended to be a FedEx delivery person in order to drop off their "package". As I recall he even picked up all their out going FexEx packages and dropped them off at the local FedEx center to fully make the deception work.
It was one of my more interesting random conversations, at some point they should write a book about this stuff, he had lots more stories than just this one. But yeah basically if someone really wants to get inside your building and steal your stuff badly enough they will.

--
-jon
Chinese, Russians; no surprise. by Anonymous Coward · 2013-10-11 20:11 · Score: 0

Chinese, Russians; no surprise.
Doing it wrong by GameboyRMH · 2013-10-12 01:46 · Score: 1

Silicon Valley startups' ideas are mostly worthless by themselves. It's the real estate, hipster glasses, and quirky offices that have value. Being inside the Silicon Valley circle jerk, where VCs freely blow loads of money on startups is what has value.

--
"When information is power, privacy is freedom" - Jah-Wren Ryel