A simpler, one-click log-in button is now in place. Can't log in to your Job Seeker account? Email techsupport@dice.com.

turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
walterbyrd
Member
walterbyrd
Posts: 8,731
Registered: ‎03-04-2008

Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 08:45 AM

 

2013-01-16

 

> "The security blog of Verizon has the story of an investigation into unauthorized VPN access from China which led to unexpected findings. Investigators found invoices from a Chinese contractor who had actually done the work of the employee, who spent the day watching cat videos and visiting eBay and Facebook. The man had Fedexed his RSA token to the contractor and paid only about 1/5th of his income for the contracting service. Because he provided clean code on time, he was noted in his performance reviews to be the best programmer in the building. According to the article, the man had similar scams running with other companies."

 

http://it.slashdot.org/story/13/01/16/0354218/employee-outsourced-programming-job-to-china-spent-day...

Report Inappropriate Content
Message 1 of 8 (470 Views)
Reply
0 Kudos
Please use plain text.
 
pitz
Member
pitz
Posts: 4,458
Registered: ‎03-08-2008

Re: Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 10:39 AM

Is this really a 'scam'?  After all, isn't this what essentially many body shops and "consulting" firms actually do?

 

 

Report Inappropriate Content
Message 2 of 8 (453 Views)
Reply
0 Kudos
Please use plain text.
 
jblocks
Member
jblocks
Posts: 1,658
Registered: ‎05-14-2009

Re: Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 11:17 AM

Letting someone unauthorized have access to an RSA token to enable them to log on as you is certainly illegal

 

Report Inappropriate Content
Message 3 of 8 (444 Views)
Reply
0 Kudos
Please use plain text.
 
Community Manager
Community Manager
yleedice
Posts: 123
Registered: ‎12-04-2012

Re: Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 11:17 AM

The difference is that when a company hires a consulting firm, the two companies have agreements put into place about the consultants' access. If the company is unaware of this informal subcontracting, then it can't do that.

 

I'm going to move this topic to the Security Talent Community's section. You'll still be able to comment on it, just as you would in current events, but I want to make sure the talent guides and those who follow the security area are aware of it.

Report Inappropriate Content
Message 4 of 8 (443 Views)
Reply
0 Kudos
Please use plain text.
 
Community Manager
Community Manager
yleedice
Posts: 123
Registered: ‎12-04-2012

Re: Employee Outsourced Programming Job To China, Spent Days Webbing's

Options

‎01-16-2013 11:36 AM

Here's a cached copy of the item from Verizon's security blog.

 

Http://webcache.googleusercontent.com/search?q=cache:Http://securityblog.verizonbusiness.com/2013/01...

 

Please note: I've noticed that some publications have incorrectly reported that "Bob" worked for Verizon. The company that Bob worked for used Verizon's security service to uncover what was going on. At first, company officials thought that they were being hacked by a company or government body in China.

 

This story is so bizarre that when I first read it this morning, I thought it was from the Onion.

Report Inappropriate Content
Message 5 of 8 (436 Views)
Reply
0 Kudos
Please use plain text.
 
dstrom
Guide
dstrom
Posts: 19
Registered: ‎03-27-2012

Re: Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 11:41 AM

It is one thing to subcontract work out. But this goes beyond that, in terms of misrepresentation (the employee was saying this was his work when it wasn't) and sending an RSA token to someone else is clearly not good practice, and probably is something that will get your fired (I don't think it is ethical, and whether or not it is legal isn't for me to say).

 

The whole thing makes me rather sad this morning.

Report Inappropriate Content
Message 6 of 8 (430 Views)
Reply
0 Kudos
Please use plain text.
 
jblocks
Member
jblocks
Posts: 1,658
Registered: ‎05-14-2009

Re: Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 12:45 PM

yes, my edit was lost as they were moving the post but I meant to amend that - if not always illegal (and I bet it would be if you worked for the NSA or some other gov) it would be against 99% of the contracts out there.

 

But this is just the more egregious act.  I expect there are a helluva lot of people sitting at home telecommuting or in a cube someplace, sending code out there to be done offshore, while they pull a US salary and I'd expect H1Bs to be at the forefront of this.

Report Inappropriate Content
Message 7 of 8 (418 Views)
Reply
0 Kudos
Please use plain text.
 
jblocks
Member
jblocks
Posts: 1,658
Registered: ‎05-14-2009

Re: Employee Outsourced Programming Job To China, Spent Days Websurfing

Options

‎01-16-2013 03:05 PM

 

Another link

 

http://www.bbc.co.uk/news/technology-21043693

 

 

Report Inappropriate Content
Message 8 of 8 (401 Views)
Reply
0 Kudos
Please use plain text.
 

Copyright ©1990 - 2013 Dice. All rights reserved. Use of this site is subject to certain Terms and Conditions.

TRUSTe online privacy certification