Goldman Sachs Code-Theft Conviction Reversed

A federal appeals court on Friday reversed the conviction of a former Goldman Sachs programmer sentenced to eight years for stealing the bank’s high-speed trading software.

Sergey Aleynikov, wearing a baseball cap, leaves Manhattan federal court Friday after his conviction for stealing Goldman Sachs' high-speed trading code was reversed. Photo: AP

A federal appeals court on Friday reversed the conviction of a former Goldman Sachs programmer sentenced to eight years for stealing the bank’s high-speed trading software.

Sergey Aleynikov, 41, was convicted in 2010 of theft of trade secrets under the Economic Espionage Act.

The Russian-born Aleynikov worked for Goldman Sachs until June 2009, when authorities say he siphoned source code for the company’s valuable software on his way out the door to take a new job with another company. The software is used to make sophisticated, high-speed, high-volume stock and commodities trades. It earns the company “many millions of dollars in profits” each year, according to prosecutors.

The 2nd U.S. Circuit Court of Appeals heard his appeal on Thursday, and hours later and without explanation, reversed the 2010 conviction and ordered him acquitted, which usually forbids a retrial. On Friday, however, the court issued an amended order. It reversed the conviction, and ordered him free on $750,000 bond but removed the acquittal language. The appeals court said it would issue an opinion explaining the order in “due course.” (.pdf)

The New York Times summed up the court’s concerns during Thursday’s oral arguments. The paper noted that a critical issue was whether what he did was actually a crime under the Economic Espionage Act, which requires the theft to be from a “product designed for interstate commerce.” Aleynikov’s lawyers took the position that the software wasn’t used in interstate commerce, while the feds argued that it clearly was.

Aleynikov, a naturalized U.S. citizen who emigrated from the disintegrating Soviet Union in 1991, earned nearly $400,000 a year as a vice president with Goldman Sachs. He was arrested in July 2009 at the Newark Airport in New Jersey as he returned from a trip to Chicago.

Authorities alleged he stole “hundreds of thousands of lines” of source code from Goldman Sachs in the days before he left the company. They alleged that he downloaded various software from the Goldman Sachs network and transferred it to a storage website hosted in Germany, before trying to erase his tracks from Goldman Sachs’ network.

Aleynikov allegedly used a script to copy, compress, encrypt and rename files, and then upload them to the server in Germany. Once the data was transferred, the program that was used to encrypt the files was erased, and he allegedly attempted to delete the network’s batch history showing his activity.

Prosecutors said Aleynikov made several copies of the code and had it on his laptop when he flew to Chicago to meet his new employers at Teza Technologies in Chicago. Prosecutors said a search of Teza computers uncovered no copies of Goldman Sachs’ source code.

Anonymous Promises Regularly Scheduled Friday Attacks

Anonymous, a group not known for discipline, is giving itself a weekly deadline, a new attack every Friday. Following the Tuesday compromise of the website of tear gas maker Combined Systems, Inc., the Antisec wing of Anonymous struck a Federal Trade Commission webserver which hosts three FTC websites, business.ftc.gov, consumer.gov and ncpw.gov, the National Consumer […]

Anonymous, a group not known for discipline, is giving itself a weekly deadline, a new attack every Friday.

Following the Tuesday compromise of the website of tear gas maker Combined Systems, Inc., the Antisec wing of Anonymous struck a Federal Trade Commission webserver which hosts three FTC websites, business.ftc.gov, consumer.gov and ncpw.gov, the National Consumer Protection Week partnership website.

Claiming this hack in opposition of the controversial international copyright treaty known as ACTA, which had been widely protested around the world for its potential to curtail freedom of expression on the internet, Anonymous continued the political messaging that has marked much of its recent high-profile actions.

Anons claiming responsibility for the attack spoke to Wired.com in an online chat just as it happened, freely admitting that there was nothing technically remarkable in this hack. As one remarked, “own & rm and move on.” (rm being a unix command to delete data.)

But this week’s attacks came with a promise, first articulated in the defacement of CSI, and restated on the FTC websites: Every Friday will bring a new attack against government and corporate sites under the theme of #FFF, or Fuck the FBI Friday.

“We are already sitting on dozens of unreleased targets,” said an Antisec anon, who went on to describe an inventory of already compromised servers that could fill five months or more of #FFF releases.

“Yes, each and every Friday we will be launching attacks… with the specific purpose of wiping as many corrupt corporate and government systems off our internet,” the anon continued.

The choice of the FTC is an odd one, given the independent agency has no role in ACTA negotiations. Instead, it’s tasked with fighting unfair business practices, sanctioning companies like Google and Facebook for privacy violations, and running the Do-Not-Call list – hardly the stuff of Big Brother stomping on online rights forever.

While many attacks are likely to be simple defacements like the FTC website, Antisec claims to also be going through mail spools, SQL databases and password files on dozens of corporate and government servers which are unaware of their presence.

The anon speaking to Wired described the string of hacking as having “no foreseeable end in sight,” going on to say “the more we own, the more we steal credentials to even more targets.”

Consumer.Gov at 1:15am this morning, EST

They’ve decided try to balance between protest defacements like the two this week, and sifting through the data for material that can damage firms and agencies. “It’s more than just delivering a message or speaking truth to power… we are trying to disrupt their ability to operate and do business or exist at all on the internet,” the same anon said.

Jerry Irvine, a member of the National Cyber Security Task Force told the New York Times last week that attacks would become more frequent, describing the amorphous collective as “unstoppable,” because of the poor state of security online.

In an environment of heightened political tensions around protest movements like the Arab Spring and moves to restrict the internet like ACTA, those vulnerabilities are likely to play more of a role in Anonymous’ political dialogue.

“We’ve been saying it for the longest (time),” the Antisec anon explained, “this is war.”

Illustration: Simon Lutrin/Wired

Feds Seize $50 Million in Megaupload Assets, Lodge New Charges

The authorities said Friday they have seized $50 million in Megaupload-related assets and added additional charges in one of the United States’ largest criminal copyright infringement prosecutions. Megaupload, the popular file-sharing site, was shuttered last month and its top officials indicted by the Justice Department, just days after online protests scuttled a Congressional proposal to […]

Kim Dotcom poses beside a car in Hong Kong. Photo: Handout

The authorities said Friday they have seized $50 million in Megaupload-related assets and added additional charges in one of the United States’ largest criminal copyright infringement prosecutions.

Megaupload, the popular file-sharing site, was shuttered last month and its top officials indicted by the Justice Department, just days after online protests scuttled a Congressional proposal to make changes to the internet to reduce online copyright infringement.

Seven individuals connected to the Hong Kong-based site were indicted on a variety of charges, including criminal copyright infringement and conspiracy to commit money laundering. Five of the members of what the authorities called a 5-year-old “racketeering conspiracy” have been arrested in New Zealand, where they are being held pending extradition to the United States.

One of those arrested was Kim Schmitz, aka Kim Dotcom, Megaupload’s high-flying founder, who has been denied bail in New Zealand. Items seized from Dotcom include a large collection of cars, a mansion, bank accounts, jet skis and jewelry.

The government said the site, which generated millions in user fees and advertising, facilitated copyright infringement of movies “often before their theatrical release, music, television programs, electronic books, and business and entertainment software on a massive scale.” The government said Megaupload’s “estimated harm” to copyright holders was “well in excess of $500 million.”

Megaupload was on the recording and movie industries’ most-hated lists, often being accused of facilitating wanton infringement of their members’ copyrights. The indictment claims Megaupload induced users to upload copyrighted works for others to download, and that it often failed to comply with removal notices from rights holders under the Digital Millennium Copyright Act.

New charges (.pdf) levied Friday allege that Megaupload falsely represented to rights holders that it had removed infringing works from its servers.

The superseding indictment in the Eastern District of Virginia also claims that Megaupload paid one of its registered users $3,400 between 2008 and 2009 for uploading 16,960 files that generated 34 million views. The files included motion pictures Ocean’s Thirteen, Ratatouille and Evan Almighty, the government said.

The government, meanwhile, also said Friday that, despite claims of having 180 million registered users, the site had 66.6 million. The authorities said that 5.86 million of these registered users uploaded files, “demonstrating that more than 90 percent of their registered users only used the defendant’s system to download.”

Still, anyone who used Megaupload as a way to share and store legitimate files is now likely never going to be able to get them back.

Feds Urge Court to Reject Laptop Decryption Appeal

The government is urging a federal appeals court not to entertain an appeal from a bank-fraud defendant who has been ordered to decrypt her laptop so its contents can be used in her criminal case. Colorado federal authorities seized the encrypted Toshiba laptop from defendant Ramona Fricosu in 2010 with valid court warrants while investigating […]

Photo: MarkyBon/Flickr

The government is urging a federal appeals court not to entertain an appeal from a bank-fraud defendant who has been ordered to decrypt her laptop so its contents can be used in her criminal case.

Colorado federal authorities seized the encrypted Toshiba laptop from defendant Ramona Fricosu in 2010 with valid court warrants while investigating alleged mortgage fraud, and demanded she decrypt it.

Ruling that the woman’s Fifth Amendment rights against compelled self-incrimination would not be breached, U.S. District Judge Robert Blackburn ordered the woman in January to decrypt the laptop by the end of February. The judge refused to stay his decision to allow Fricosu time to appeal.

The Colorado woman’s attorney appealed anyway, and the government on Thursday asked the 10th U.S. Circuit Court of Appeals to reject the petition that asserts the woman’s constitutional rights would be breached by being forced to hand over evidence against herself.

The government argued the same reasons that Judge Blackburn gave when he denied staying his decision: The issue, however novel, was not ripe for appeal.

Generally, appellate courts frown on taking cases until after there’s been a verdict. So the woman, the government said, should unlock the drive and appeal if she gets convicted of the financial fraud charges, which theoretically carry decades in prison.

Fricosu, prosecutor Patricia Davies wrote, “can appeal her conviction — just as defendants do when compelled to produce documents pursuant to subpoena or when denied suppression of evidence or statements pre-trial.”

Davies also said Fricosu’s reasons for appealing are legally baseless.

“Fricosu argues that the order is appealable because of its novelty, and the fact that it is of public interest and importance,” Davies wrote (.pdf) “But courts have properly rejected the claim that otherwise non-final orders should be reviewed on such grounds.”

The decryption case is a complicated one, even if solely analyzed on the underlying Fifth Amendment issue. Such decryption orders are rare, and they have never squarely been addressed by the Supreme Court.

One case involved a child pornography prosecution that ended with a Vermont federal judge ordering the defendant to decrypt the hard drive of his laptop.

While that case never reached the Supreme Court, it differed from the Fricosu matter because U.S. border agents already knew there was child porn on the computer because they saw it while the computer was running during a 2006 routine stop along the Canadian border. The authorities’ belief that Fricosu’s hard drive might contain evidence against her was the result of a recorded jailhouse conversation between her and a co-defendant.

And now the case is even more complicated and raises the question of what might happen if the woman does not comply with the judge’s order. Her attorney, Philip Dubois, suggested in a recent interview that his client might have forgotten the password.

If she does not decrypt the drive by month’s end, as ordered, she could be held in contempt and jailed until she complies. If the case gets to that point, Judge Blackburn would have to make a judgment call and determine whether the woman had forgotten the code or was refusing to comply.