Tuesday, July 7, 2009

National Security & Intellectual Property

I am rarely willing to accept conspiracy theories, except maybe the assassination of President Kennedy only because it is highly improbable that a man like Lee Harvey Oswald with the rifle he used could hit a person in a moving car from such distance. Therefore, I do believe in Lee Harvey Oswald's claim that he was "just a patsy" and reckon that Jim Garrison was onto something real after reading his book entitled "On the Trail of the Assassins: My Investigation and Prosecution of the Murder of President Kennedy."Unfortunately, his trails ran cold. We may never find out the truth.

Two days ago another story broke with a whiff of conspiracy. Compared to President Kennedy's assassination, the event seems minor, but appears to fascinate many in the business of stock trades. The incidence was first reported by Tyler Durden in his post on Zero Hedge and Mathew Goldstein in a post on Reuters.

Sergey Aleynikov worked as a programmer in a supervisory function for Goldman Sachs Group Inc. on an application that allows the firm to execute stock trades within milliseconds. The application is known as low latency or high frequency trading (HFT) platform. About a month ago, he started a new post with a start up company for three-times his salary at Goldman Sachs. Before he left Goldman Sachs, he transferred a large volume of files with program code from his computer at the firm to a server in Germany. He encrypted the data and attempted to obscure the transfer.

Weeks later IT security at the firm found out about Sergey's actions and reported the purported "theft" to the FBI. Sergey was arrested last Friday and was freed on $750,000.- bail yesterday, according to Martha Graybow's report on Reuters today. Furthermore, Brent McCool reports on Reuters that U.S. prosecutor Joseph Facciponte told the court in Saturday's hearing of Aleynikov's case that the program in the hands of competitors could cost Goldman Sachs millions. The firm's bearing appears to lend extraordinary importance to what could be just a blatant case of a programmer sloppiness, leaving ample room for speculation about the company secrets that may be contained in the "stolen" files. Conspiracy theories begin to blossom.

Sergey claims in his defense that he intended to copy only opensource files free for anyone's use, but may have included proprietory files inadvertently. He routinely downloaded such files to work on them at home. He did not believe that his actions breached his contract. 

Goldman Sachs is a leader in the business of computed millisecond stock trades, reaping great profits from the transactions. The business is highly controversial because of its considerable impact on the market and its potential of market manipulation. When huge volumes of stock are moved in such short time, fortunes are made and lost before anyone without such fast access can respond. The market changes faster than the trader on the floor can pick up his phone. Critics loath Goldman Sachs for their advantage and surmise that the firm is manipulating the entire national economy in its favor with its fast trades. Hence, some hope that this incident may uncover information that precipitates Goldman Sach's demise. Others elevate Sergey's actions to a case of industrial espionage that may endanger national security, since he transferred sensitive information abroad. Hence, Sergey's purported crime quickly garnered intense media attention in recent days.

I see two possible explanations for Sergey's actions:
  1. either Sergey truly did not understand what he was doing when he transferred the data, 
  2. or he knew exactly what he was doing, but acted that way in order to be able to claim that he did not know what he was doing,once the data transfer was discovered.
Finding out whether he shared the data with third parties and with whom may provide an answer. The download history should be retrievable from the server in Germany he uploaded the files to. Moreover, anyone who was going to use the files needed Sergey's encryption key.

Furthermore, I reckon that even if third parties got hold of the files, the data would be of limited use to them. Direct implementation is impossible, since the program is dependent on file libraries stored in company-localized systems and needs access to company-specific data bases. In addition, you would have to be situated physically close to the New York Stock Exchange in order to achieve the necessary velocity in data transfer.

Data is transferred across the internet via nodes. The fewer nodes the data has to travel, the faster the transfer. Physical distance adds nodes. Even if a firm in Europe could fully implement Goldman Sachs' program, they would not be able to beat the firm's trades because of the difference in the number of nodes.

On the other hand, if you were installed on Wall Street, close emulation of Goldman Sachs' trading program would be discovered swiftly, and the perpetrator would have to face costly litigation over patent infringements.

Perhaps the third party could examine the strategies and methods used in the programs in an attempt to develop superior ones. I was told that this was an undertaking bound to fail because of the sheer endless lines of code that have to be studied closely and the enormous complexity of such program. Perhaps, savants could run tests on the program to discover vulnerabilities that own programs could exploit to edge out the Goldman Sachs trades. Perhaps, they could uncover the secrets of the decision making engine. I assume you need considerable expertise in the field of fast trade programs in order to accomplish these goals.

The above limitations leave one other possibility that has been suggested as the most likely scenario. Sergey copied the code files for the programs in whose development he was most intimately involved to use them as reference in future work on his new job. 

Hence, Sergey's "crime" may consist of nothing more than a misinterpretation of clauses in his job contract and does not merit the media attention it attracted. I find it astounding that a firm like Goldman Sachs was not taking more precautions against such data misuse by employees, particularly when the employees are known to move on to a potential competitor. You only have to monitor the users' shell history and the syslog files. After all, the possibility remains that company secrets vital to the firm's mode of operation are included in the files Sergey knowingly or inadvertently transferred.

We shall find out more. Stay tuned.

Related Posts

Addenda
  • On a funny note, according to Nick Carey's post on Reuter's yesterday a business school professor concluded that Sergey's brain told him to transfer the files. Surprised (07/09/09)?
  • Introducing his latest thriller novel on reckless computer-assisted global financial crime, Robert Harris gave a remarkable interview to Steve Inskeep for National Public Radio's Morning Edition today. The author concludes the interview with the title "'The Fear Index': A Hedge Fund Frankenstein" in reference to the power of networked computers executing high-speed financial transactions that “they are not alive in any recognizable sense, and yet in a strange way, (they are) determining our existence, and (they are) also slightly outside human control. I mean, one cannot see any world leader who has got a grip on the financial markets these days. They're too big, too fast. I think that's quite scary (02/06/2012).”
Acknowledgment
I am grateful for the insights of the coding experts posting comments on Zero Hedge. They helped me better understand the issues involved.

1 comment:

aldon @ orient lodge said...

As a former Wall Street IT executive that continues to consult to financial services firms, including people involved in high volume low latency trading, I believe that the second scenario is the one most likely closest to the truth.

It used to be that when you left a job, you threw all your papers in your brief case and walked out the door. Now, everything is stored on a computer and instead you transfer the files to a safe location over the Internet where you can pick them up later, or you copy them to a thumb drive.

It makes the most sense that Aleynikov was doing something like this.

If you want a much more detailed exploration of the topic, check out my blog post Is Sergey Aleynikov Really a Russian Spy who stole Trade Secrets that Could Cost Goldman Sachs Millions?

Aldon