Thursday, July 9, 2009

National Security & Intellectual Property II

I have written about the recent purported computer software code theft at Goldman Sachs Group Inc in my post dated Jul. 6, 2009. Developments in the past 72 hours support the idea that Sergey Aleynikov intended to use the computer files he allegedly stole from his former employer in his new job.

He uploaded compressed program code files for an automated low latency stock trading software platform he helped develop at Goldman Sachs onto a server overseas. The number of files was so large that the compressed RAR file archive supposedly topped at 32 MB in size. Assuming text files and 23% compression, Sergey copied roughly a whopping 140 MB of code, that is almost three times the size needed to install a small operating system like Minix. Compiled, the code could produce binaries for a 300 MB application, approximately a third of Microsoft's Office suite.

Today, Svea Herbst-Bayliss and Christian Plumb report in their post on Reuters that the three founding members of the startup Teza Technologies LLC, that had wooed Sergey from Goldman Sachs for three times the salary, were sued by their own old employer, Citadel Investment Group, for violation of noncompete clauses. Citadel of Chicago manages hedge funds. The three worked in the quantitative trading branch of Citadel using automated high frequency methods which yielded extraordinary returns last year.



In all likelihood, the foursome planned to use the fruits of their labor at their respective former employers for the development of an own low latency quantitative trading platform. Could they have manipulated the market? Did their plan threaten national security?

Related Posts


Addenda
  • According to Laurence Fletcher's post on Reuters this afternoon,  Sergey's transferred files were accessible on the server abroad until last Monday. Sergey allegedly transferred them in the days before he left Goldman Sachs at the beginning of June. Hence, there was potential access to the data for about a month (07/10/09).
  • The owner of the service that hosted Sergey's upload recounts his experience in the past week here. Note that this company's home is in the U.K., whereas its servers are located in Bavaria (07/13/09).
  • Rob Iati summarized the fundamental implications of low latency high frequency trading (HFT) in his post on advancedtrading.com dated Jul. 10, 2009 (07/17/09).
  • Today, Jonathan Spicer reports in his post on Reuters about the role of flash programs in high frequency trading, like Direct Edge's Enhanced Liquidity Provider (ELP). Direct Edge flashes stock orders to select costumers for milliseconds, giving them a peak preview of the order flow. In combination with high frequency trading platforms that access dark pools matching orders anonymously, the ELPs may create a two-tired trading system, disadvantaging traders who cannot execute such fast trades. Direct Edge is owned by a consortium consisting of Citadel Investment Group, Goldman Sachs Group Inc, JPMorgan Chase & Co, Knight Capital Group, and International Securities Exchange LLC (07/27/09)
  • According to Grant McCool's post on Reuters today, the case USA versus Aleynikov (09-mj-01553, U.S. District Court for the Southern District of New York) may find a quiet, anticlimactic ending. In any case, Sergey's alleged theft brought the potential dangers of HFT to the attention of the media and the public (08/03/09).
  • According to Alex Berenson's post on The New York Times yesterday, the size of Goldman Sachs'  HFT program is 1,224 MB. Sergey transferred no more than a quarter of that (08/24/09).
  • Today, Sergey Aleynikov appeared in federal court for the first time and pleaded "not guilty" to all charges of code theft from Goldman Sachs.  The trial is scheduled to begin Nov. 29, 2010. The case is now assigned as "USA versus Aleynikov, U.S. District Court for the Southern District of New York, No. 10-00096" (02/17/10).
  • According to Chad Bray's report with the title "Ex-Goldman Programmer Found Guilty in Code Theft" published online in The Wall Street Journal today, a jury found Sergey Aleynikov guilty of theft of trade secrets and transportation of stolen property. Read Ted Thomas' insightful comment on high frequency trading added to this report (12/10/10).
  • According to Grant McCool's post with the title "Ex-Goldman programmer gets 8 years for code theft" published online on Reuters yesterday, Sergey was sentenced to eight years in prison. I presume he will appeal the sentence (03/19/11).

Tuesday, July 7, 2009

National Security & Intellectual Property

I am rarely willing to accept conspiracy theories, except maybe the assassination of President Kennedy only because it is highly improbable that a man like Lee Harvey Oswald with the rifle he used could hit a person in a moving car from such distance. Therefore, I do believe in Lee Harvey Oswald's claim that he was "just a patsy" and reckon that Jim Garrison was onto something real after reading his book entitled "On the Trail of the Assassins: My Investigation and Prosecution of the Murder of President Kennedy."Unfortunately, his trails ran cold. We may never find out the truth.

Two days ago another story broke with a whiff of conspiracy. Compared to President Kennedy's assassination, the event seems minor, but appears to fascinate many in the business of stock trades. The incidence was first reported by Tyler Durden in his post on Zero Hedge and Mathew Goldstein in a post on Reuters.

Sergey Aleynikov worked as a programmer in a supervisory function for Goldman Sachs Group Inc. on an application that allows the firm to execute stock trades within milliseconds. The application is known as low latency or high frequency trading (HFT) platform. About a month ago, he started a new post with a start up company for three-times his salary at Goldman Sachs. Before he left Goldman Sachs, he transferred a large volume of files with program code from his computer at the firm to a server in Germany. He encrypted the data and attempted to obscure the transfer.

Weeks later IT security at the firm found out about Sergey's actions and reported the purported "theft" to the FBI. Sergey was arrested last Friday and was freed on $750,000.- bail yesterday, according to Martha Graybow's report on Reuters today. Furthermore, Brent McCool reports on Reuters that U.S. prosecutor Joseph Facciponte told the court in Saturday's hearing of Aleynikov's case that the program in the hands of competitors could cost Goldman Sachs millions. The firm's bearing appears to lend extraordinary importance to what could be just a blatant case of a programmer sloppiness, leaving ample room for speculation about the company secrets that may be contained in the "stolen" files. Conspiracy theories begin to blossom.

Sergey claims in his defense that he intended to copy only opensource files free for anyone's use, but may have included proprietory files inadvertently. He routinely downloaded such files to work on them at home. He did not believe that his actions breached his contract. 

Goldman Sachs is a leader in the business of computed millisecond stock trades, reaping great profits from the transactions. The business is highly controversial because of its considerable impact on the market and its potential of market manipulation. When huge volumes of stock are moved in such short time, fortunes are made and lost before anyone without such fast access can respond. The market changes faster than the trader on the floor can pick up his phone. Critics loath Goldman Sachs for their advantage and surmise that the firm is manipulating the entire national economy in its favor with its fast trades. Hence, some hope that this incident may uncover information that precipitates Goldman Sach's demise. Others elevate Sergey's actions to a case of industrial espionage that may endanger national security, since he transferred sensitive information abroad. Hence, Sergey's purported crime quickly garnered intense media attention in recent days.

I see two possible explanations for Sergey's actions:
  1. either Sergey truly did not understand what he was doing when he transferred the data, 
  2. or he knew exactly what he was doing, but acted that way in order to be able to claim that he did not know what he was doing,once the data transfer was discovered.
Finding out whether he shared the data with third parties and with whom may provide an answer. The download history should be retrievable from the server in Germany he uploaded the files to. Moreover, anyone who was going to use the files needed Sergey's encryption key.

Furthermore, I reckon that even if third parties got hold of the files, the data would be of limited use to them. Direct implementation is impossible, since the program is dependent on file libraries stored in company-localized systems and needs access to company-specific data bases. In addition, you would have to be situated physically close to the New York Stock Exchange in order to achieve the necessary velocity in data transfer.

Data is transferred across the internet via nodes. The fewer nodes the data has to travel, the faster the transfer. Physical distance adds nodes. Even if a firm in Europe could fully implement Goldman Sachs' program, they would not be able to beat the firm's trades because of the difference in the number of nodes.

On the other hand, if you were installed on Wall Street, close emulation of Goldman Sachs' trading program would be discovered swiftly, and the perpetrator would have to face costly litigation over patent infringements.

Perhaps the third party could examine the strategies and methods used in the programs in an attempt to develop superior ones. I was told that this was an undertaking bound to fail because of the sheer endless lines of code that have to be studied closely and the enormous complexity of such program. Perhaps, savants could run tests on the program to discover vulnerabilities that own programs could exploit to edge out the Goldman Sachs trades. Perhaps, they could uncover the secrets of the decision making engine. I assume you need considerable expertise in the field of fast trade programs in order to accomplish these goals.

The above limitations leave one other possibility that has been suggested as the most likely scenario. Sergey copied the code files for the programs in whose development he was most intimately involved to use them as reference in future work on his new job. 

Hence, Sergey's "crime" may consist of nothing more than a misinterpretation of clauses in his job contract and does not merit the media attention it attracted. I find it astounding that a firm like Goldman Sachs was not taking more precautions against such data misuse by employees, particularly when the employees are known to move on to a potential competitor. You only have to monitor the users' shell history and the syslog files. After all, the possibility remains that company secrets vital to the firm's mode of operation are included in the files Sergey knowingly or inadvertently transferred.

We shall find out more. Stay tuned.

Related Posts

Addenda
  • On a funny note, according to Nick Carey's post on Reuter's yesterday a business school professor concluded that Sergey's brain told him to transfer the files. Surprised (07/09/09)?
  • Introducing his latest thriller novel on reckless computer-assisted global financial crime, Robert Harris gave a remarkable interview to Steve Inskeep for National Public Radio's Morning Edition today. The author concludes the interview with the title "'The Fear Index': A Hedge Fund Frankenstein" in reference to the power of networked computers executing high-speed financial transactions that “they are not alive in any recognizable sense, and yet in a strange way, (they are) determining our existence, and (they are) also slightly outside human control. I mean, one cannot see any world leader who has got a grip on the financial markets these days. They're too big, too fast. I think that's quite scary (02/06/2012).”
Acknowledgment
I am grateful for the insights of the coding experts posting comments on Zero Hedge. They helped me better understand the issues involved.