So the guy stole data and hardware. Instead of leaving immediately for China before it's discovered, he went back to Apple and told them that he's leaving. And not just leaving, but leaving to work for a competitor in the self-driving car industry. If he wanted to raise any more suspicion, he'd need to show up to the exit interview in a ski mask, carrying a crowbar.
And after that, he still stayed in the US for over two months (April 28 - July 7). This simply defies belief.
I don't even mention the fact that he admitted to the Apple security team that he stole stuff. Presumably without any lawyer since no lawyer would let him admit to anything. Why would he even meet with a security team, if he's not under arrest? Even if he thought he can't get caught, surely he knew something was wrong when the security team called him for an interview?
Maybe he thought it's impossible to prove what he did? But the guy is intelligent, he was hired to an important project at Apple. He must know that corporations have security cameras and also can check corporate device usage.
So I'm down to my final two guesses. Either the guy thought he didn't do anything wrong (really? taking confidential documents and hardware??). Or the article heavily distorts the facts.
Anyone has better explanations?
Edit: just saw the official FBI court filing at the end of the article. The article did not distort anything. I have no words.
The simplest answer to you question is the guy has absolutely no understand of how the US legal system works. In China, when you are in any "legal" trouble, whether you actually are at fault or not, if you want to get out of it, all you have to do is "confess". The dude probably thought he could have done the same in the US. This is naivety, but not entirely beyond belief given how backward the Chinese are when it comes to legal matters.
In China you can't run away after you got on the radar of a serious investigation. Maybe he thought the same happens here? Like he thought Apple security is equivalent to FBI or CIA or something.
And then eventually someone told him he can just leave, but by then FBI was already interested?
It could be that it simply never occured to him that he would get caught. When you work somewhere for years you don't think "This security cameras on the entrance could technically be used to track my activity". As the article says, the repositories that he accessed are restricted to THOUSANDS of people. So really the guy was probably right - if he hadn't been a dumbass and said that he was going to work for a chinese competitor then his boss likely wouldn't have thought to ask questions, no one would've noticed.
It's hard to believe an Apple employee could have no common sense. But your explanation is still the least unbelievable. So I think you're right.
Then the story is like this. The guy knew it's wrong to take stuff, but hoped nobody would notice. Told his former boss about the new job because why not.
Then Apple security team called, he got scared enough to tell them everything, but not scared enough to leave for China or at least get a lawyer. He even voluntarily gave his wife's computer to them. Maybe he thought it would ok if he was cooperating with them?
Then later, the FBI got involved at the end of June. He finally got seriously scared, bought tickets to China, but by then FBI was already monitoring his movements.
It would be interesting to see his side of the story.
Omg it's just too funny because it's so irrelevant to the main story and yet you're absolutely right.
Even after the poor sod fought so hard to win the techie version of the Darwin award, he still could have made it to safety. If only he stopped for a moment to think about what he did wrong and learned from his mistakes.
People make mistake when they are under pressure, how do you know that guy wasn't being blackmailed, and someone or something threatened to harm his family if he didn't do it?
And perhaps he also got some assurance from the Chinese intelligence services and thought he could just run to the embassy. Just speculating. But it wouldn't be the first time China (or any other country) uses their nationals to ex-filtrate IP.
While it certainly happened in the past, I don't think it's the case there - the guy tried to cooperate with Apple. I also don't think that he's so morally corrupt that he'd cooperate with Chinese intelligence services and still keep thinking he's doing nothing wrong (as was suggested as reasoning of his behavior in another thread).
any company that values its IP/client lists/etc will (should) run an "activity log" over any employee who hands in their notice, typically for the 3-6 months preceeding the date of handing in notice.
Some poor sap then gets to scroll through it and see if anything looks odd. If it does, they ask someone with more context to have a look.
There is no excuse for expecting this kind of thing would go unnoticed, beyond simply assuming your employer is an idiot.
Are you a dumbass if you are honest? No. Are you a dumbass if you steal and then honestly tell that you did it? Yes. Now don’t get me wrong, all criminals are bad. But you have to admit that there is a difference between smart criminals and dumb ones.
This person was a dumb criminal. Likely due to him not even contemplating that what he was doing was criminal, in-line with shoplifters who will tell you: “No it’s ok to eat the fruit inside the store, as long as it’s gone before you get to the counter you don’t have to pay”
Following your argument, Apple could be a very smart criminal organization that doesn't get caught.
Should we investigate further on Apple to make sure?
Edit : by the way, that guy could have been blackmailed. Someone may have said "If you don't do it, we will harm your family". We shouldn't be judging someone without investigating all the elements, especially when an individual takes the risk of facing a gigantic organization. It should rings bells to everyone.
As harsh as this sounds, it's a cultural thing. The Chinese generally don't believe in respecting IP, this is coming from someone who has lived with Chinese for many many years. To them, it's like a shopping basket, you just pick what you like. Unfortunately, for this guy, it seemed like he didn't understand how copyrights work in the US.
Also as a matter of personal experience, I've had a couple of my photographs stolen by popular Chinese newspapers who refused to attribute it to me.
P.S - I am not commenting on the morality of his action here, I'm simply suggesting the way their culture works is probably a big reason to him getting charged.
>>>But the guy is intelligent, he was hired to an important project at Apple.
No data, but I believe that you can be extremely bright in a lot of things and dumb as a rock on other very basic things. Maybe arrogance plays a part too.
It's safe to assume that x% of Russian and Chinese employees do talk to, and plan to go back to the mothership. Must be the greatest ROI for the Chinese, tens of billion dollars worth of R&D in a hard-drive. (granted it's not the same since while researching you learn a lot of other things, but presumably the Chinese want those few things that they haven't figured them out already.)
>No data, but I believe that you can be extremely bright in a lot of things and dumb as a rock on other very basic things. Maybe arrogance plays a part too.
If there's any highly political threads on the front page the comment section would be a perfectly illustrative example of this.
Important to note: there were no charge for him for all that time. That means they had very weak case. They might be specifically waiting for him to do at least that: just look how they accent that he "bought red flag last minute ticket" as if he knew he did something wrong. This also supports the idea that they had no proof of him doing what amounts to criminal industrial espionage (passing data to another company.)
Another standing out fact is that he was arrested minutes before boarding (he passed the border.) If he would be on exit control list, he would never be allowed pass the border. It means he was not nor on exit control list (people on it include convicts on probation, tax debitors, persons against whom a restraining order was issued i.e. people under investigation of a crime,) nor on the on-the-run list of criminals (he would've been detained immediately)
Third, how FBI ever knew of him buying a ticket? US is not East Germany where all ticket sales are wired to STASI in real time.
My explanation: they did not have anything qualifying for a charge on him till that "last minute ticket purchase" which added more substance to allegations of criminal conduct.
This is supported by the fact that he was detained "minutes before boarding." Probably, it was only the fact of him passing the border control that was visible to FBI, the moment they saw it, they came with a rushed arrest warrant.
The USA doesn’t really have exit control at its borders. Anything less than a felony warrant isn’t going to get the police to take the effort to intercept you at the gate.
They can confiscate your passport to prevent you from leaving the country, and they have ways of knowing when you try to leave (via the airline, not TSA), but besides the TSA check (which is usually shared with domestic flights), there isn’t any persistent choke point and definitely no border control.
> Third, how FBI ever knew of him buying a ticket? US is not East Germany where all ticket sales are wired to STASI in real time.
The TSA has exactly this system in place.
> This is supported by the fact that he was detained "minutes before boarding." Probably, it was only the fact of him passing the border control that was visible to FBI, the moment they saw it, they came with a rushed arrest warrant.
Or they were waiting for incontrovertible evidence of attempted flight from the country.
As far as I know, nobody at FBI have permission to read an arbitrary PNR, they can only obtain an order to get data from CBP for a specific person through a court order.
They don’t need to do that, all they have to do is tell CBP they want a warning if “Person X” attempts travel. The Advanced Passenger Information System requires airlines send CBP passenger info for all departing and arriving flights.
In my opinion, This is just free PR for XMotors. Either they deliberately planned it and this guy has nothing or they took the chance and hoped to get away with it. Either way it is win-win for them.
> So I'm down to my final two guesses. Either the guy thought he didn't do anything wrong (really? taking confidential documents and hardware??). Or the article heavily distorts the facts.
Probably a bit of both. And also many other facts we don't know. Anyway, Apple only should be blamed, imho. If people efforts and project momentum are the real plus value, then data alone won't be sufficient to steal a technology.
It shows that international cooperation about global-impacting technologies should be the norm, rather than a race to monopolize a market.
>Anyway, Apple only should be blamed, imho. If people efforts and project momentum are the real plus value, then data alone won't be sufficient to steal a technology.
That's a weird argument. No one said it's sufficient, but "stealing" data certainly helps.
Also, what do you mean by "people efforts"? The only way to prevent every single employee with access to trade secrets from leaving is to make workers corporate property and lock them up on a remote island. Surely, that's not what you're suggesting, is it?
> That's a weird argument. No one said it's sufficient, but "stealing" data certainly helps.
IF the employee wasn't aware that he/she was stealing, maybe he was being told internally what he/she was doing was OK. Maybe someone suggested him to do so, only then to be accused after.
Anyways, the ability for an individual to transfer so much knowledge should remind you the MP3 and p2p era. The patents and secrecy of big corporations makes NO SENSE in a world where communication is instant and easy. Not better than China censorship.
That’s a completely ridiculous line of reasoning. How can you honestly write that it’s no better than censorship. Have you been spent any significant time living behind the great firewall?
Blocking incoming information or outgoing information requires a firewall either way. Here the firewall is the patent system, or any cultural belief that trade secrets create more value than open systems.
It makes sense to replicate and sharing knowledge among as many people and organizations as possible. Replication is the best way to protect knowledge.
The old model is to see knowledge as words written down on a piece of paper, and only knew by a few people. It does not work in a modern world where knowledge can be shared easily, sent at speed of light and replicated on many support.
I don't know about you, but I don't have millions of dollars sitting in my bank account, I prolly don't care about previous investments and decisions made in a world I didn't exist, but I care about living a good life and living as long as possible. The investments should change direction.
Let me rephrase my question: How do you suggest a profit driven company can justify employing people to create new knowledge if that knowledge and all its derivatives and representations are immediately available to everyone else without any restrictions?
I am very skeptical of patents as a matter of principle, because banning people from using their own original ideas just because someone else happened to have a similar idea seems extremely unfair and prone to misuse.
I am also skeptical of putting copyright interests above all else (although I'm not against copyrights in principle), going as far as building a global surveillance state and imposing draconian penalties in order to enforce extremist copyright laws without fail.
I am also skeptical of very restrictive no-compete clauses in employment contracts or any sort of anti-poaching activity by corporations.
And it's exactly _because_ I am skeptical of all the above approaches to protecting investment into knowledge generation that I'm very hesitant to also oppose keeping trade secrets.
Creating new knowledge has to have some direct economic benefit above and beyond the general benefits of human progress (which is also important of course).
> Let me rephrase my question: How do you suggest a profit driven company can justify employing people to create new knowledge if that knowledge and all its derivatives and representations are immediately available to everyone else without any restrictions?
I have two arguments :
1) The process of creating new knowledge alone won't be valuable once we have enough processing power to evaluate scenarii faster than a coordinated human effort. With vulgar words : AI will make the creation of knowledge a commodity, and my personal opinion is that it will happen before the next human generation, unless some people actively work against that idea to make sure it doesn't happen (because they try to defend previous investments for example.)
2) Knowledge alone is not enough to accomplish or execute anything in the real world. Actually building car requires factories, materials and logistics. Of course, if we have an AI solving all sort of problems, we may ask it to find an efficient way to build car. If we continue the reasoning, we enter a world where the meaning of an human life is completely different than today, with completely different forces acting on it. We may don't even need the cars anymore.
Edit : I mean, the argument of "it gives job to people" won't stand forever. We will have to seriously re-think the system at some point.
>Knowledge alone is not enough to accomplish or execute anything in the real world.
That's true, but if companies compete only on execution and not on innovation, I fear that the result will be less innovation.
Also, some of the digital artifacts that can easily be copied are largely on the execution side. Software being a prime example of that.
>AI will make the creation of knowledge a commodity
If and when AIs are that advanced they're going to have to sort out their own problems and fight over their own ideologies. But how will we even get there if everyone is busy executing and no one has an incentive to innovate?
That said, profit is certainly not the only incentive to innovate. It's one of the incentives though, particularly where it's closely intertwined with execution and product development.
from the article, about 2700 employees have access to the specific databases from which the guy pulled sensitive data. That seems like a very large group of people to me.
“Correction: A previous version of the story mistakenly said that 5,000 Apple employees are working on autonomous driving technology. The complaint says 5,000 people are "disclosed on the project," which includes employees working on it or familiar with it.”
"[In their investigation] Apple found that just prior to Zhang's departure, his network activity had "increased exponentially" compared to the prior two years he had worked at Apple. He accessed content that included prototypes and prototype requirements. .."
Seems like an oversight to find this out post-investigation vs. flagged up front?
EG - seems like a basic usage algorithm could flag this stuff especially across a small <5000 person universe w/cost-benefit vs. theft of tens-of-billions in IP.
Any corporate IT security officers care to comment on this?
This is known as insider threat detection / User Behavior Analytics (UBA). It could also be considered part of Data Loss Prevention (DLP). Insider threats are probably the hardest things to reliably detect on a large corporate network (compared to all of the other types of information threats), especially at a company where most of the employees are very active users of technology. The field is still in its infancy, with lots of cool-looking "AI-driven / ML-powered / buzzword-optimized" products from startups which typically end up generating an absurd amount of anomaly detections per day, usually with a 99.9% false positive rate. Of course I'm generalizing and I imagine some companies have implemented a fairly effective UBA program, but I think they're rare.
It's just trying to find a needle in an extremely large haystack. When you're dealing with technology departments, normal behavior can easily be a modest amount of network traffic for a few days followed by a huge burst of downloads and uploads from/to internal services and databases and cloud storage and any number of things. Suspicious website browsing could be innocuous research and curiosity. That personal USB drive plugged in is probably some developer with a deadline who never got around to requesting a corporate drive and can't wait a few days for it to be approved and needs to physically transfer files ASAP.
It's just not an easy problem. There are probably hundreds of other instances of an Apple employee not looking at any prototype data for months and suddenly poring over tons of it. Maybe they're preparing for a presentation or a new project. Adding lots of red tape and restrictions and wasting time investigating employees who've done nothing wrong (or perhaps who violated policy but with no real bad intent or serious negligence) and telling people they can't do certain things which make their job more efficient takes a huge toll on everyone. It's a necessary evil, but trade-offs always have to be considered. Apple wants their autonomous car program developed as quickly as possible, and the more they restrict access and require lengthy approval processes, the slower things will get done.
And fundamentally, unless you're in a weird situation, probably ~0.1% of your employees are insider threats, and probably ~0.01% are significant insider threats which could actually affect your business. The odds are stacked against you.
Occasionally you'll run across a smoking gun that's easy to detect with basic logic like "email sent to webmail account with no subject and over 6 attachments", but if you're dealing with a smart insider threat - especially one working on behalf of a superpower government's intelligence apparatus - you're not going to find something so blatant. I have sometimes run across things like that, but it's usually something gray like a developer emailing themselves some code so they can continue to work on it at home. The worst thing I've ever found was a salesperson emailing themselves proprietary leads/contact lists shortly before their resignation date. A spy is never going to get caught from such low-hanging fruit detections.
You have to start with the basics: strict policy guidelines, least privilege principle, log everything, a good team of people to investigate anomalies and write up employees who are violating policy, and then finally you can shell out a lot of resources on automated detection and baseline and tune for a long time until you have a manageable number of dashboards and reports and alerts that the team can respond to. Apple will presumably restrict access more carefully after this incident, and implement some new statistical anomaly detection, but insider threats will always be hard to detect.
Dabbling in UBA also made me realize some of the issues faced by agencies like NSA. I'm sure they have strong policies against unauthorized data access (like looking up information about romantic partners), fully intend to enforce them, and have lots of manual and automated detections, but in reality the amount of data and number of daily data accesses is probably way too high to consistently catch bad actors. I think that's one of many strong practical arguments to not let them have have easy access to such a big trove of sensitive data, even if you make the assumption they're behaving completely ethically and responsibly.
Yes, from my very limited to exposure to this (not in SV, but in healthcare), these are two key points:
absurd amount of anomaly detections per day, usually with a 99.9% false positive rate
Adding lots of red tape and restrictions and wasting time investigating employees who've done nothing wrong
What I've seen/heard about is that you end up with some EVP pissed off that IT/SEC is bothering their people – rightly or wrongly, it'll inevitably get used an excuse for why something is late. So the EVP (virtually) marches into the office of the IT/SEC director and issues an edict that everyone in <this super special department> are too important to be bothered and any access restrictions or investigations affecting <the department> must get prior approval from the EVP's office. That's of course a huge pain in the ass, which results in that department effectively being exempt, i.e., a perfect place for an internal spy.
The IT/SEC director, often several rungs down from the angry EVP, usually has the authority to stand up to the EVP, technically, but that is a risky move, can easily start a turf war.
So, for these programs to be effective, they must get buy-in from the absolute highest levels with no exemptions, which is not easy in the highly political world of huge organizations.
As someone who worked in a special unit in a big healthcare company, this hits really close to home. Our BU sponsor got us an outside internet connection in our building so we would have unfettered internet access. That would've been the perfect spot to offload documents because you're using a company computer on a non-monitored internet connection and our department had no oversight.
In hindsight, this is very scary given that I had access to production systems with loads of PHI, PII, etc. with no censoring or filtering in place.
And here I always thought it's EVPs that come up with those ridiculous security measures, not IT/SEC guys, and that's the lower-level managers that have to fight to actually get something done. At one of my previous jobs, it was our direct boss that fought tooth and nail to shield our programming teams from the consequences of the whole corporation deciding to level up some more in ISO standards...
Don't get me wrong. I understand the need for security measures in a company. But there must be some middle ground - some way of securing data and networks without incurring a 1000% penalty on productivity for all your programming teams.
Yeah, I've been in environments where they completely locked down internet access, and we had to "fight tooth and nail" to get an exemption for a handful of sites like StackOverflow. I agree it can be a huge productivity problem.
Again, my experience is very limited compared to many, but the best mix I've seen is programmers had basically wide open internet access BUT everything was still logged. And they must have had some type of automated review. A coworker was planning her wedding, and while sitting on conference calls, browsed around a bunch of wedding sites. She got an email from IT asking about that. (It wasn't a big deal, just embarrassing.) Also, certain categories of data could not be copied to a local computer; they had to be manipulated on a server. Technically you could transfer data from the server (again logged), but it was a firing offense if you were found with sensitive data from on your laptop.
><paragraph starting with "It's just not an easy problem">
I guess that's the thing, a lot of us who are ignorant about such things have the benefit of hindsight now that we know he did it, and detection beforehand is just not that easy.
>Even if you're giving the secrets to another state?
Industrial espionage / theft of trade secrets is not in the realm of the Espionage Act (even if that industrial espionage is directed by a foreign state).
Apple's Neat Car That Drives Itself is not classified technology and is not national defense information.
Also consider a large number of Russian and Chinese spies have been American citizens born in America and who've lived in America their whole lives. Collaboration with a foreign government is not 1-to-1 with what country you're a citizen of.
It's certainly not 1 to 1, but it's hardly farfetched to believe that someone born in China and presumably still a citizen of it (and thus not of the US) is more likely to abscond to China with the proprietary IP of an American company than a random American citizen born in America who's lived there their entire life.
Yes, of course, but if you start looking at everyone from a foreign country with suspicion, you're not going to have a tenable situation. For certain extremely high-value things like military and defense projects, those precautions are necessary, but otherwise you're just eliminating large amounts of potential talent for probably no good reason.
The comments from Apple indicate that what they're really concerned about is disclosure to the media, not someone copying their self-driving technology, such as it is. Apple put 5000 people on this project and failed. What they don't need is an insider writing an "Apple's Biggest Failure" book. I wonder if we'll ever see a technical post-mortem on this.
Btw, one of the best sensor suites around (except for Google who seems to have reached kind of optimization stage where they started to remove the "extra" sensors). And Apple has highest number of self-driving permits in CA if i remember correctly. Though i don't see them in "disengagement reports" (https://www.dmv.ca.gov/portal/dmv/detail/vr/autonomous/disen... - interesting reading, Google's average human driver reaction time was 0.91s)
I would be really interested in an Apple designed car, not exactly an Apple created self-driving tech suite. I trust Apple's design far more than I trust Apple's hard tech chops, especially when it comes to processing massive amounts of data
the quick way to tell between self-driving and mapping car sensor suites - density of the point cloud it collects, ie. type/number of sensors with the self-driving is unnecessary dense for mapping and their directionality - the self-driving is more forward looking as well as immediate vicinity of the car while the mapping is sideways and doesn't care about the immediate vicinity. I'd speculate that Apple, historically being weaker when it comes to [higher level] software, seems to have issues with building of dynamic scene perception from the big can Velodyne stream and are trying to solve it "hardware way" by structuring the perception data in more time/space consistent way inside limited sectors/planes.
Apple decided it didn't make sense to work on building a car when the software to control such a car isn't close to being there, and moved their focus to software.
That's Chris Urmson's talk at SXSW in 2016 [1], which has been widely viewed. It's one of the best talks on the subject.
He said "How quickly can we get this into people's hands? If you read the papers, you see maybe it's three years, maybe it's thirty years. And I am here to tell you that honestly, it's a bit of both." Then he showed video of Google cars dealing with various challenging conditions. This included the famous scene where a Google self driving car encountered a woman in a powered wheelchair using a broom to chase a turkey. The software recognized this as something to avoid, even though it didn't classify it further.
The challenges Google thinks will take decades to overcome are those posed by streets that aren't new, extra wide, well marked, and with low traffic in an area that almost always has excellent weather conditions.
Basically, they have a solution that they are willing to put into limited testing in certain parts of Arizona, just as Apple has decided to do limited testing with autonomous employee shuttle vans between their campuses.
So Google has moved from "this is our moonshot program that we will solve in a couple of years" to "this will take decades of incremental progress".
Given that Google and Apple have both come to the concision that this is a long range incremental software problem, and given that you say that this represents an enormous failure on the part of Apple, how is this not also an enormous failure on the part of Google?
Failed in what sense. The project is on, they reduced headcount. Maybe they don't need the same amount of people they initially they needed or they changed the goal of the project. I would hardly call it failed. Other companies have been working longer with a bigger team without a self-driving product to show for it.
Only Apple could have a round of layoffs and nothing to show for a project and not only will people not call it a failure they'll even act surprised at the suggestion of failure.
I think the issue is on who decides it’s a failure.
If it’s a consumer goods we choose to buy or not, we have a yardstick to decide (i.e. does its utility match the price paid?).
For an internal project not even acknowledged in the broad, what’s the yardstick?
The expectations we have based on our imaginations and dreams about the potential product and its timeline ?
Perhaps Apple sees it as failing the original goal, but really who knows ? (and to be honest why do we care what Apple thinks about it)
Apple fandom is amusing. In the early iPhone days, when they had screen scratch problems, I said that they should use a sapphire coating, like the checkout scanners at Home Depot. Those survive steel tools being dragged across them all day for years. Fanboys insisted that sapphire was unnecessary. "You don't need that much scratch resistance". "Costs too much". Etc.
Then Apple announced they were going to put a sapphire coating on their screen glass. Fanboys then insisted that sapphire was the Next Big Thing, and phones without it were inferior.[1]
Then Apple's sapphire scheme fell through, after they pressured their sapphire supplier into contract terms that put the company out of business. Apple went back to Corning's hardened glass. Fanboys followed the company line and insisted sapphire was unnecessary and would crack.[2]
Kyocera and HTC make phones with sapphire screens, but Apple fans don't talk about that.
Calling people fanboys only discredits you. We don't have a single opinion, you've just heard different groups of people. Sapphire has advantages and disadvantages, it's more scratch resistant but also more brittle, for example. Would it be nice?... sure. Would it be a deal breaker? Definitely not.
Apple animosity also amusing, just because you have an idea, it might not be implementable for various reasons. Expressing those opinions are fine however.
I...don't follow. Are you claiming to be an Apple insider with knowledge of said project and can prove it actually did fail? Without that I'm not sure how you can say it was a failure or not from the outside. You literally know almost nothing about the project.
I could think of dozens of reasons one might do this. Sure they'd likely be wrong but I don't understand the view point of "it's obviously a failure but everyone is giving Apple a pass".
I'm far from an Apple fanboy, but Apple, Google & co have so much spare cash that they can go for 5-10 large moonshot projects and still not care about these "failures". Nokia betting on Symbian, Microsoft on Windows Phone, IBM on OS/2, those are failures, things which put the company in jeopardy, in my opinion. Everything else is just "research" :)
The fact he just plaining admitted to the FBI he did it seems like he was doing for selfish reasons and had no idea the kind of consequences he could run into.
>Zhang was interviewed by the FBI in late June, where he admitted to stealing the information, and he was later arrested attempting to leave to China on July 7.
I guess he assumed he was going to get away with it but why wouldn't you just skedaddle ASAP when you moved the data and / or hardware?
Granted he seems more like a flunky for someone rather than a super criminal as he talked to the FBI...and admitted it.
There's a common misconception among many engineers that they own the code that they write when employed by many traditional valley firms. A thorough reading of the employment contract would usually resolve this, but how many engineers do you know who don't port some of their code between firms?
There's also a separate cultural clash between many Eastern cultures and many Western cultures surrounding property and ownership rights around intangible assets. I'm not well versed enough to adequately enumerate them with the appropriate level of detail.
I'll bet a dollar, though, that depending on this engineer's upbringing, one of these two applies and explains the "no big deal" mentality.
there needs to be a verb for this. i suggest "levandowski"
ex: "Former Apple employee levandowskies his way into a chinese startup"
levandowski -verb, reffering to the stealing of tradesecrets from self-driving car project with the intention of bringing said secrets to a competitor, especially if one is caught.
Can China not innovate at all? Why are they so keen on stealing IP? Their other homegrown products such as WeChat and Xiaomi seem pretty competitive and very catered to the local market. This is just giving such a bad name to the country and supporting Trump's broad claims that China thrives on IP theft.
At the time, people actually did deride the culture of people gaining knowledge then quitting to form their own startups, often with the goal of getting bought by their old company.
Note: I don't think this means that chinese people have no capacity to innovate I just figured you were a bit wrong suggesting noone made that argument when they definately did
What makes you think this is anything other than an opportunistic individual trying to ensure a job/gain standing/'have all the answers' at a new company?
That is how the game is played when you have nothing. You copy others, sell your product, use the profits for research and development and then come up with your own IP.
China has a huge, captive local market. The business model of copying foreign ideas and applying low-cost local labor, and local marketing/distribution know-how has plenty of precedents in all kinds of developing markets. Hollywood itself is founded on so-called IP “theft”.
Anyway, the legal barriers of intellectual property have proven again and again to be futile and problematic as a means to drive innovation. Just look at the huge waste in IP litigation, the perverse incentives of IP trolling, and the utter impotence of DRM as a legal mechanism.
Trump’s claims about IP rights are as credible as his claims about bring manufacturing and coal mining jobs back to America. It’s just pandering to an audience that can’t or won’t keep up with the winds of change.
Didn't most of the people involved with this project, leave and went to work for Tesla, Lyft, Uber, Waymo and NIO anyway? In that case, one can imagine the bleeding of IP that went away will all this exodus of knowledge.
I want to work for a world with free flow of information, where individuals should not be responsible alone for the mistakes of a multi-billions organization. If any company can do it better than Apple somewhere in the world, then let them build on what Apple developed. The culture of open source should spread at all levels of research & engineering, in all fields.
Cost of information transmission and movements of people will continue to decrease.
We should respect individuals rights about privacy, but disregard organization level's attempt at secrecy, and aim for transparent organizations all around the world. Such big organization should not be able to attack individuals without anyone questioning the processes going on inside of it.
In that world neither Apple nor Google would have ever invested even a cent in self-driving technology and almost all major medical advancements would not have come to pass. You don’t invest billions of dollars and have thousands of people working on a project for decades if there is no way of making money on that investment or even recuperating it.
Well that’s nice to hear, so I take it that you are in on investing a million in my company who’s making useful software for scientists with no monetsation strategy? No, there is absolutely no chance of you making any money on it. No, we don’t intend on retaining any rights to the software, we are literally just wasting money. Your money.
What you say? You don’t have the cash on hand? Well just take a loan, money isn’t everything right?
If I’m being to obtouse here. The point is that money is everything when you start a company, you need to pay electricity bills and people need to eat. And the money invested in companies is only given contingent on an assumption that it can be made back.
Apple may have started in a garage, but if there wasn’t money in it, then it would have stayed in the garage.
Then work harder and faster than the people of that "totalitarian" country.
I don't want to rise a child who will waste his/her time with artificial problems created by fake country's level competition. We don't live in the 70s anymore.
Stop putting countries and governments before common-sense and people happiness. A copy-paste of 1Go file is so easy to do, it's ridiculous. IPs and patents were not created for the happiness of the majority.
Maybe that engineer is simply passionated about knowledge and building autonomous cars, and he would like to make it happen wherever he goes. Why stop him? If Apple really wanted to protect that IP, then just publish a patent about it?
Instead of using the existing organizational systems, aka Patents (patents are already bad enough), they attack an individual.
> Then work harder and faster than the people of that "totalitarian" country.
I really hope it's some very well hidden sarcasm.
> I don't want to rise a child who will waste his/her time with artificial problems created by fake country's level competition. We don't live in the 70s anymore.
Playing citizen of Earth is fun and well until you find yourself or your family in said totalitarian country.
> I really hope it's some very well hidden sarcasm
It is.
> Playing citizen of Earth is fun and well until you find yourself or your family in said totalitarian country
No one will ever become a citizen of earth if no one tries. You can learn from playing.
I prefer to work with an engineer who worked for both Apple and a Chinese company than a fanatic nationalist engineer from any of the 2 sides, regardless of government type.
Did you ever worked for a Chinese company? That engineer worked for both, he works towards a borderless world.
Edit : oh, and he is transparent about it. That engineer has more integrity than Apple.
Edit 2 : if I were able to give an anonymous dollar to that engineer in order to help him, I would do it.
Uh, he didn't release the IP publicly. He was going to take it and give it to another company that presumably is not transparent in the slightest. Doesn't sound like striving for World Peace (c) to me.
Public knowledge is of course the best, but if you can't have that, at least two actors with the same knowledge is better than only one monopolizing it.
I strongly believe the intent was not to move towards a free and open world, based on the evidence provided. It was to move wealth from one company to another, or worse, from one country to another.
Apple has 5,000 people working on a me too project that will likely never go anywhere while they are unable to ship announced products like AirPower and Mac Pro. Oh and they admitted to a known flaw in the keyboard of their current line of laptops that goes back years. This is frustrating.
>Shortly before Zhang's theft was discovered, Apple sent out a lengthy cautionary memo to employees warning them against leaking data to the media. In the letter, Apple said that in 2017, it caught 29 leakers, with 12 of those individuals being arrested and charged.
being an Apple employee seems to come with statistically high risk of being arrested and charged :) And autonomous car projects across the industry remind the Klondike.
It strikes me that people concerned with the risk of being charged for committing a crime like this are probably exactly who Apple is trying to deter with this messaging.
For all other employees, it serves as a reminder that this stuff actually happens, to be on the lookout for it, and that Apple will protect the hard work they've done with their full legal might should someone try to do something like this.
And after that, he still stayed in the US for over two months (April 28 - July 7). This simply defies belief.
I don't even mention the fact that he admitted to the Apple security team that he stole stuff. Presumably without any lawyer since no lawyer would let him admit to anything. Why would he even meet with a security team, if he's not under arrest? Even if he thought he can't get caught, surely he knew something was wrong when the security team called him for an interview?
Maybe he thought it's impossible to prove what he did? But the guy is intelligent, he was hired to an important project at Apple. He must know that corporations have security cameras and also can check corporate device usage.
So I'm down to my final two guesses. Either the guy thought he didn't do anything wrong (really? taking confidential documents and hardware??). Or the article heavily distorts the facts.
Anyone has better explanations?
Edit: just saw the official FBI court filing at the end of the article. The article did not distort anything. I have no words.