A computer programmer 'outsourced' his own job to China, according to security company Verizon.

The mid-40s software developer, named only as 'Bob' in the report by Verizon's Risk Team, paid programmers in China one-fifth of his salary, and spent his work days browsing the internet.

Analysis of his machine found invoices from a company in Shenyang, who had been paid to do his job for him.

The programmer spent his days browsing videos on YouTube, using social news site Reddit and using eBay and Facebook. He no longer works for the company.

"Bob spent less that one fifth of his six-figure salary for a Chinese firm to do his job for him," says Valentine.

"Authentication was no problem, he physically FedExed his RSA token to China so that the third-party contractor could log-in under his credentials during the workday. It would appear that he was working an average 9 to 5 work day," said Valentine.

"Evidence even suggested he had the same scam going across multiple companies in the area. All told, it looked like he earned several hundred thousand dollars a year, and only had to pay the Chinese consulting firm about fifty grand annually."

The programmer had sent an RSA token - a chip which allowed employees to log in securely to his work network - to a software consultancy in Shenyang, China.

He was only caught after security staff at his American employer called in Verizon fearing they had been targeted by hackers.

"This organization had started to allow their developers to work from home on certain days," said Andrew Valentine of Verizon.

"Central to the investigation was the employee himself, the person whose credentials had been used to initiate and maintain a VPN connection from China.

The employee was described as "inoffensive and quiet" and "someone you wouldn’t look at twice in an elevator."


Programmer 'outsources' his own job to China to laze around at work - Yahoo! News UK

__________________
http://i680.photobucket.com/albums/v...7/scotflag.gif http://i680.photobucket.com/albums/v.../scot2flag.gif

"If women are so bloody perfect at multitasking how come they can't have a headache and sex at the same time?"
Billy Connolly

I bet there are others doing the same thing....some maybe members here!

__________________
[SIGPIC] Diesel loving autocrossing grandpa Architect. 08 Dodge 3/4 ton with Cummins & six speed; I have had about 35 benzes. I have a 39 Studebaker Coupe Express pickup in which I have had installed a 617 turbo and a five speed manual.[SIGPIC]

..I also have a 427 Cobra replica with an aluminum chassis.

When I see things like this, what irritates me the most is that often employers simply FIRE someone, rather than also PROSECUTE. This was FRAUD, plain and simple.

In this case, they did not specifically say that they did not prosecute, but I'll bet they didn't.

It's difficult for me to understand how he got by with it. I spent a goodly portion of my career working for software companies. I'm exagerating, but seemingly it was like the developers spent as much time in meetings discussing and analyzing their approaches and sometimes details of their code. If someone else is actually writing the code, how could you be that intimately familiar with the code?

Of course, this guy was working for a huge company, not a 200 employee group with people that knew each other very well.

__________________
2001 SLK 320 six speed manual
2014 Porsche Cayenne six speed manual

Annoy a Liberal, Read the Constitution

Time to own up Tom !! Did you have a little Chinese guy running around the Uni doing the supervission work for you ??

__________________
Grumpy Old Diesel Owners Club group

I no longer question authority, I annoy authority. More effect, less effort....

1967 230-6 auto parts car. rust bucket.
1980 300D now parts car 800k miles
1984 300D 500k miles
1987 250td 160k miles English import
2001 jeep turbo diesel 130k miles
1998 jeep tdi ~ followed me home. Needs a turbo.
1968 Ford F750 truck. 6-354 diesel conversion.
Other toys ~J.D.,Cat & GM ~ mainly earth moving

I like it. Outside the box thinking. Very entrepreneurial. Well, until he got caught.

OTOH, it's a prime example of why companies outsource. One guy can pay 1/5 of his 6 figure salary to get the job done. Multiply that by 10-20-50 programmers and that's a serious chunk of money!

__________________

1980 300TD-China Blue/Blue MBTex-2nd Owner, 107K (Alt Blau) OBK #15
'06 Chevy Tahoe Z71 (for the wife & 4 kids, current mule) '03 Honda Odyssey (son #1's ride, reluctantly) '99 GMC Suburban (255K+ miles, semi-retired mule) 21' SeaRay Seville (summer escape pod)

The product was delivered -- was it really fraud?

First off, the employer hired the employee to personally develop the product. He did not, someone else did, that is fraud.

Secondly, probably the worst part of this action is that he gave an outsider access to company systems. If I worked for you and you trusted me with a key to your vault and I handed it over to someone else without your knowledge, would YOU be good with that?

__________________
2001 SLK 320 six speed manual
2014 Porsche Cayenne six speed manual

Annoy a Liberal, Read the Constitution

It AMAZES me when I see some peoples sense of what is right and wrong.

__________________
2001 SLK 320 six speed manual
2014 Porsche Cayenne six speed manual

Annoy a Liberal, Read the Constitution

Yes. And it also is a massive security breach. If I had done that at my old job I'd be in prison right now.

__________________
TC
Current stable:
- 2004 Mazda RALLYWANKEL
- 2007 Saturn sky redline
- 2004 Explorer...under surgery.

Past: 135i, GTI, 300E, 300SD, 300SD, Stealth

I remember a story like this from about ten years ago but then it was India. There were programmers in India advertising for this kind of work.

If the project has good high level design and it is farmed out at the level were you need to bang out the code for hundreds of modules it can work really, really well.

The security breach is another issue.

Yes, LOTS of software professionals have lost their jobs to India. Although I don't like the idea, if the work is sanctioned by the company, that's one thing. Fraudulantly presenting the work as your own to your employer, is quite another.

All that said, yes the security breach is the most serious result of the whole thing.

__________________
2001 SLK 320 six speed manual
2014 Porsche Cayenne six speed manual

Annoy a Liberal, Read the Constitution

They should have promoted him; an innovative guy like that could save Verizon millions.
He has no worries; Some company will snatch him up in a heartbeat.
>>>Reminds me of Superman III;...Richard Pryor hacks into "Webscoe Industries" accounting department; and The hack channels all employee half cents into his paycheck. $$$!
http://youtu.be/iLw9OBV7HYA

__________________

"Our Lady of Blessed Acceleration...
don't Fail Us Now"

That's similar to the description given of someone after they've gone berserk and killed a whole bunch of people, too. At least his mayhem was all financial.

I have never worked in this industry, but I do recall about 20 years ago a fad started in the business world of hiring 'contractors' who were paid about twice what their normal salary would be but they were on their own as far as insurance and what not. They were considered self-employed by the IRS.

So a few of these folks saw a way to set up their own 'company' by doing the same thing this guy did. The amount of work they could turn in was enough to get them a bonus.

All in all it seems like a fine thing to me. After all, the work is getting done at a price the company is happy with. But it was not long before software companies cracked down on the practice, and it was because of the security thing.

I can see where the software companies would want to enter into an agreement such as this since one time at BIG oil we were all told that it cost $250,000 a year in infrastructure to support each of us. This seems like a lot for the offices we had, so we started yelling at each other to wipe your feet before you came into my $250,000 office. (By the way, the cost was valid but it included the cost of several multi-billion dollar refineries, a fleet of tankers, an extensive pipeline system, etc.)

But the fact is office space is costly, so the whole 'work at home' thing has an appeal to it for any company that can make a go of it.

But with one security breach you could lose everything you have saved, so this 'consulting' thing is not as popular as it once was.

I used to hate going to meeting since they all seemed rather pointless, but it was the only way to talk to everyone in a secure manner.

Security was a very big deal and we even had a 'cone of silence' around our meeting room. We could never talk on the phone about secure matters, and we even had an encrypted fax machine which was a real bother to work with.

But a bit of info in the wrong hands could cost the company big time and everyone knew it, so we all understood the why of what we had to put up with.