back to article Hacking Team hackers questioned over Hacking Team hack

Reports have emerged that ex-staff of hacked spookware-spaffer Hacking Team have been questioned by police in Milan. According to Reuters, Italian police have questioned six ex-employees of the company, adding that the unnamed staff in question were already suspected of leaking the company's secrets. Spookeware boss David …

  1. Mark 85

    Pandora's box is looming...

    No honor among thieves to start with.. insiders... really? I guess if they're ex-employees they thought they had a right to the code or figured they could use the code and make few lira. I wonder what else is awaiting us from that quarter.

    And there's vlad busy making the code operational.. Is he a white hat or a black hat and how do we know?

    I'm expecting that in the next few days maybe a week or two, the shitstorm will really hit.

    1. Anonymous Coward
      Anonymous Coward

      Re: Pandora's box is looming...

      I would really love it if he then created a pair of VMs and uploaded them to the vmware appliance store...

  2. dan1980

    So they had an existing security situation? Did they increase their security to try and head off that risk?

    Evidently not.

  3. Anonymous Coward
    Anonymous Coward

    Been saying that for a while

    400GB being downloaded and nobody noticing seems a lot less likely than someone plugging in a usb drive under the desk and taking it out that way.

  4. Anonymous Coward
    Anonymous Coward

    I've always done that elsewhere

    It's hard letting go when you leave...

    Had someone start with us and he wanted to copy a DVD of data to his workstation, "code done while working for other companies" so he could reuse bits.

    I refused and he looked surprised.

    My question was do you have permission from the companies you wrote that code for to use in other companies? do you commit to not infringing IP from previous jobs? etc. could you just refer to a read only copy rather then dump data on us? to which his reply was "nobody has ever stopped me before"

    Am I to anal? seriously it is question because I stood there questioning so many things.

    1. This post has been deleted by its author

      1. Anonymous Coward
        Anonymous Coward

        Re: I've always done that elsewhere

        I've seen people furiously dumping whatever they can - code, applications, whatever - before leaving a company, and without anybody stopping them and checking what they were taking away. Moreover when I cancelled access to the code repositories and other data to one employee who started to refuse to work on assigned tasks (or was working at a glacial pace, instead following some "personal projects" at work), I was forced to reinstate them by managers above me to avoid "troubles with HR and unions" - they were more afraid of a "mobbing" complaint from a weasel worker than losing the company IP - although, or especially because, I was the one legally responsible for those data, not they....

        Once in an interview one manager asked me if I had my projects code available - and he wasn't testing if I were a burglar or not - he really hoped to start from it. How he couldn't understand someone doing it to his previous employer could easily do it to the next one, I can't understand.

        Sure, there are environments like financial ones where when you're fired first you lose access to everything than they say you you lost your job. But if someone plans to go away, and you have no control in place to hinder or understand what he or she has moved out, you're pretty screwed.

        1. Anonymous Coward
          Anonymous Coward

          Re: I've always done that elsewhere

          I'm the original poster and I have to emphasize I don't know he had, or was about to do anything illegal, because I would not allow the data to be accessed in the first place and didn't want to look at it myself. I expect there are ways to carry some data forward in full compliance, I just assumed from his vague answers it was not realistic to verify more than some part of it and that did not fit my understanding of diligence.

          The comment about "troubles with HR and unions" is a telling one and I bet that accounts for much of the loss these days, that is one of the things I stood there questioning "am I about to open a HR issue by refusing this guy the tools to do his job".

          We had another member of staff leave and he had bought in lots of his own hardware (don't think he checked with his manager), so obviously took lots of hardware back out of the place. In fact he had a medium sized cardboard box under his arm most evenings during his last week, it would be rude to ask what was in it obviously, might be insulted by the question.

        2. Anonymous Coward
          Anonymous Coward

          Re: I've always done that elsewhere

          especially because, I was the one legally responsible for those data, not they....

          If you are "legally responsible", then you SHOULD lock the employee out and let the higher-ups deal with the unions and other horrors from the cauldron of the entitled neckbeards. That's THEIR JOB. If they say to do otherwise, demand a written explanation, preferably one that can be put on the blackboard in the entrance hall. Reject it if it's management mumble. Remember: YOU are legally responsible!

    2. Anonymous Coward
      Anonymous Coward

      Re: I've always done that elsewhere

      Well at least you know that your company employed someone who has admitted to illegal infringement and is very likely to take all your code as well. Also the opening you up to a long list of lawsuits.

      Retaining their job for more than 1 hour after that would seem unlikely.

  5. keithpeter Silver badge

    shadow boxing

    "The hack and code leak has left companies like Oracle, Adobe and Microsoft scrambling to plug zero-day vulnerabilities that Hacking Team thought it had all to itself."

    Tricky this zero day thing.

    How many organisations are duplicating effort finding zero day defects?

    How many are keeping the results of their trawls confidential?

    How much of this activity is tax-payer funded?

    Is there an opportunity cost there - could we not make more money just producing new shiny stuff to sell?

    Is this whole thing just shadow boxing?

    Coat icon: off out for a walk.

  6. John Brown (no body) Silver badge

    zero-day vulnerabilities that Hacking Team thought it had all to itself

    Yes, well, what would make anyone think they were the only ones who found them?

    What's most worrying is that the people with the source code never seem to find them. And part of their job is supplying people who would very much rather that the code was working and secure. MS, Adobe, Oracle. It's possible that some of these zero days are deliberate back-doors put in at the behest of TLA spooks but all of them. I wonder how many holes there are in Windows for WarshipsTM?

    1. Anonymous Coward
      Anonymous Coward

      Re: zero-day vulnerabilities that Hacking Team thought it had all to itself

      Usually people are more interested in writing new code (because of commercial reasons, or even personal achievements) than reviewing old one, unless someone explicitly asks and provides resources for that. Even in open source code we saw big bugs undetected for years, most programmers prefer to write new code, and not read old one, unless theiy're forced to.

      Especially flawed logic may be difficult to spot bcause it requires a deep knowledge of what the code attempts, and then verifying it does it in the correct way.

      Writing secure code needs two efforts: learn how to write it from the start, and the have reviews to spot and fix whatever escapes, and the go back to teach how to avoid those mistakes. Unluckily, for years writing new code quickly often using languages and libraries with very little built-in security in the hands of barely skilled developers, lead to a big backlog of issues, that only now are being tackled.

      IMHO, it's more an issue of bad coding than deliberate placement of backdoors.

  7. DiViDeD

    Black hat company may have employed black hats

    Who'da thunk?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like