back to article Security audit finds dev outsourced his job to China to goof off at work

A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor – and was spending all his work time playing around on the internet. The firm's telecommunications supplier Verizon was called in after the company set up a basic VPN system …

COMMENTS

This topic is closed for new posts.
  1. Alistair Silver badge
    Pint

    Bob is no longer employed by the firm, ....

    But has been hired by the firms management consultants.....

    1. LarsG
      Meh

      Applauded

      For initiative.

      But it just shows how cheap it is to outsource, if he can outsource his job and still pay the rent.

      1. Zaphod.Beeblebrox
        Thumb Up

        Re: Applauded

        Indeed. Hats off to Bob!

      2. Anonymous Coward
        Anonymous Coward

        Re: Applauded

        ""...it just shows how cheap it is to outsource, if he can outsource his job and still pay the rent."

        Verizon's investigations turned up "hundreds of invoices" from the Chinese subcontractors and suggested that he had been doing the same thing with some other companies in the area - so his total take was probably considerably more than a single salary. I am surprised he had any time for social media and the like if he was managing several people working on different projects for different clients and handling the management reporting, invoicing, etc.

        Maybe he should have hired a security expert to ensure that he wasn't leaking any evidence of the Chinese subcontractors. Personally, I would have used a KVM system to attach to the client-supplied notebooks (and onward via their VPNs) and my own VPN for the connections from the subcontractors to the KVM system. That would avoid the need for any unusual connections to either the client networks or their notebooks or for any unusual software to be installed on the notebooks.

      3. Michael Wojcik Silver badge

        Re: Applauded

        Initiative? Who hasn't thought of this dodge? It used to be a regular joke around the office back in the early '90s, before it grew old.

        I'd always assumed only a combination of ethics, aversion to risk, and sloth (the recipe for most law-abiding behavior, IME) kept most developers - at least those working on suitably mundane projects - from doing it.

      4. Tom 79

        Re: Applauded

        This is probably a corporate PR plant article.

    2. Turtle

      The Bob In Question is...

      The "Bob" in question is Microsoft's Bob.

    3. Lance 3

      Re: Bob is no longer employed by the firm, ....

      The two Bob's wanted to talk to Bob.

  2. KrisMac
    Devil

    The only reason anyone is angry at Bob...

    ... is that they didn't think of it first....

    1. Wize

      Re: The only reason anyone is angry at Bob...

      Depends if he is staff or contract. If the latter, a 'right of substitution' clause, sometimes used as part of the IR35 fight, could mean they would be unable to terminate his contract for this.

      If he was staff, he should now hire himself out as a contracting company and charge higher rates.

      1. boltar Silver badge
        Headmaster

        Re: The only reason anyone is angry at Bob...

        "Depends if he is staff or contract. If the latter, a 'right of substitution' clause, sometimes used as part of the IR35 fight, could mean they would be unable to terminate his contract for this"

        Technically , in the UK , when a company hires a contractor they're hiring his company , NOT him. A small legal point but an important one , because in means the contractor can legally hire someone else to do all his work. Though obviously the client would have to be informed of this. Something "Bob" conveniently forgot to do.

        1. Roland6 Silver badge

          Re: The only reason anyone is angry at Bob...

          Whilst there is definitely a dependency on type of contract as to whether there is a 'right of substitution' or a prohibition on sub-contracting, from the information given,'bob' almost certainly breeched the Confidentiality clause, Security Policy and the Computer Use Policy, through his actions of: not disclosing the use of a sub-contractor, giving access to internal company systems etc to an unauthorised third-party. Mis-use of company property by using his workstation to manage his engagements with other companies.

          I suspect that a result of the publicity associated with this case and books like "The 4-hour work week" that we'll see some significant changes in both employment and contractor contracts.

          But thanks to the publicity we can learn and improve on Bob's efforts.

          I wonder if Bob declared the sub-contractor as a business expense to the IRS ...

    2. Anonymous Coward
      Anonymous Coward

      Re: The only reason anyone is angry at Bob...

      ... is that they didn't think of it first...

      I did, on several occasions. But I've been too lazy to find appropriate subcontractors.

      oh, yeah, and the ethics, this was another strong factor to dissuade me. NOT.

      After all the jobs I do are structured like this:

      A client sends a job to their agency, who take a cut and send it to their contractors, who take a cut, who send it to their subcontractors who take a cut and who then, send it to me (and take a cut). The rest of the money is money. Minus what the cut taken by the taxman, of course.

      Why, therefore should the sub-sub-sub contracting stop with me?

      And, coming back to the morals, why am I supposed to bend over and get fucked by all those above me in the chain who are happy to do fuck others below me and applauded for being a dynamic and sharp business enterprise, etc, etc.?

      in fact, I wouldn't be fucking those I'd be subcontracting, I'd be extending a helpful hand, giving them employment they lack in this harsh economic climate, blah blah blah :(

      p.s. not, I can NOT cut the middle man / men and go to the top of the chain, because none of them deal with individuals, too much bother.

      1. Turtle

        @AC: Re: The only reason anyone is angry at Bob...

        "oh, yeah, and the ethics, this was another strong factor to dissuade me. NOT."

        You know, on this site, there are plenty of people who post as AC because they are drama queens and somehow think, for example, that if they criticize this or that politician or institution or policy then either the CIA or FBI or MI5 or MI6 or the Mossad is going to, well, you know. And so they post as AC's. And it's kind of pathetic, really, because they seriously believe they are "that important". And some people post as AC just to avoid having mean or insulting or silly posts tied to them specifically. I've done this myself, actually.

        But your post might be the first post that I have seen on this site for which posting as AC is appropriate. And it was a good post! : )

        (Obviously that's hyperbole but sometimes only hyperbole gets the point across....)

        1. Joel 1
          Meh

          Re: @AC: The only reason anyone is angry at Bob...

          I was going to reply to this comment, but unfortunately my outsourced Chinese posting avatar is currently undergoing breathing difficulties due to the smog. Normal service will be resumed when circumstances permit. Thank you for your understanding.

        2. GT66

          Re: @AC: The only reason anyone is angry at Bob...

          Oh my how you've over estimated why people post AC. They do so not because of fear of the government in the countries you mentioned but fear of their friends, neighbors and colleagues who can and DO use such matter of stated opinion against and AC is the real world. Dog eat dog relies on two dogs who at least minimally know each other and know they are after the same thing.

        3. streaky Silver badge
          Terminator

          Re: @AC: The only reason anyone is angry at Bob...

          "But your post might be the first post that I have seen on this site for which posting as AC is appropriate"

          I've used it only once to describe something that happened at a "past" (honest!) employer in a certain condition which they might not have liked publicly broadcasting, thus avoiding me getting fired. Only time I've ever used it. Suspect that's what it's mostly for unless you live in Syria.

      2. R 11

        Re: The only reason anyone is angry at Bob...

        It seems pretty unlikely management haven't at least considered outsourcing. It's hardly a new concept.

        Perhaps they didn't outsource to China because that's where there main competitor is based. Perhaps Bob has been outsourcing to staff at a competitor who are returning decent code but learning a ton of trade secrets at the same time. So while Bob rakes it in, he puts the jobs of all his co-workers in jeopardy.

        If all the employer is willing to pay six figures for a US coder, there's a good chance there are reasons they don't want someone overseas doing the work.

        1. John Smith 19 Gold badge
          Thumb Down

          Re: The only reason anyone is angry at Bob...

          "So while Bob rakes it in, he puts the jobs of all his co-workers in jeopardy."

          Bob's attitude is that of the people described in "Snakes in suits."

          He's probably a psychopath. He'll tell you whatever you want to hear in order to get what he wants.

          The real question (apart from BS) does he have any real skills at all?

          The difference is he's not in management.

          This stuff makes a great setup for a film comedy. IRL they create havoc for those around them. And note that "His bosses loved him." I'll be the people who supported work he wrote didn't.

      3. BillG Silver badge
        Happy

        Re: The only reason anyone is angry at Bob...

        Your post makes me ask the question:

        Sounds like they do good work cheap. What is the name of that software consultancy in Shenyang?

        1. Guido Brunetti
          Big Brother

          Re: The only reason anyone is angry at Bob...

          Doesn't matter. They probably put in some skilled people from their foreign intelligence department, not from the company itself. Getting an authorized VPN-channel into a critical infrastructure, getting all sorts of system specs, getting to write code incorporated into these systems and then even getting paid for it must have been a no-brainer for them.

          On the other hand, they probably would have been smart enough to use a U.S.-proxy then. But now that the contractor is out of business with this client, they probably sell all the information they gathered to the highest (chinese) bidder.

      4. Tom 7 Silver badge

        Re: The only reason anyone is angry at Bob... AC 12.45

        There was no reason to be angry at him.

        The real reason he was fired was fear!

        Can you imagine if he'd been successful and shown the difference it makes having someone who knows about IT in charge of outsourcing? The work would be crawling with unemployed 'managers'.

        He should think himself lucky he didn’t fall off his balcony.

      5. Bob Gateaux
        Thumb Up

        Re: The only reason anyone is angry at Bob...

        "A client sends a job to their agency, who take a cut and send it to their contractors, who take a cut, who send it to their subcontractors who take a cut and who then, send it to me (and take a cut). The rest of the money is money. Minus what the cut taken by the taxman, of course.

        Why, therefore should the sub-sub-sub contracting stop with me?"

        I like it. The entire IT world could collapse one day when we realise that everybody has subcontracted everyone else's subcontracts and there is nobody actually doing the work.

        Then the taxpayer would bail us out

        1. Alan Brown Silver badge

          Dilbert already covered this:

          http://www.dilbert.com/2003-08-03/

  3. John Tserkezis

    I've heard of this before

    Not only can you "play around" all day, you can do more work than you're actually capable of - now that you have several people working for you.

    To hell with security, this is all about the money.

    1. PT

      Re: I've heard of this before

      There was a Doonesbury strip about this a few years ago.Zig outsourced his job to India, and to avoid getting caught he had the offsite engineer deliberately screw up every few weeks.

      http://forums.techguy.org/attachments/43060d1099857513/db041107.gif

  4. dssf

    Hehehe, Crafty, Creative

    But, this sort of thing is EXACTLY why management there needs to be called on the carpet, too. How can a star programmer at a presumably well-off company NOT randomly quiz him or drag him in on tough calls to deal with live, on-the-spot, not "I'll get back at cha in about 2 hours with some of "my" results or ideas", to prevent bullshit artists from deceiving all number of key personnel.

    But, he should get an award of some sort for cunning. Wait, steady employment for a year was probably reward, since he had multiple employers. Now, if only other companies did that (or, do some?), it could become a weird pyriamid scheme for non-temp agencies.

    I wonder whether he will be sued for breach of trust/faith; unlawful disclosure of proprietary info; falsification of work; misrepresentation of fact; etc.

    This goes to show that NOT ALL companies monitor their staff as vigilently and regularly as they should. Legal will probably have a FIELD DAY with the execs, and maybe IT as well.

    1. Hungry Sean

      Re: Hehehe, Crafty, Creative

      randomly quizzing him might not trigger any filters-- after all, odds are good the guy probably *was* a pretty strong programmer since he'd presumably need to audit and clean up all the code he was outsourcing. Generally you get what you pay for, so if he was paying 1/6th of his salary for multiple contractors, quality was probably pretty low before receiving the Bob filter.

      Clever bastard, but his company missed a trick-- they should have put him in management.

      1. Dave Bell

        Re: Hehehe, Crafty, Creative

        Two things strike me as odd. First, the code he was producing was apparently good. Second, he was "working" for multiple companies.

        It sounds as if his management skills would be worth paying for, just not as extravagantly.

        Or maybe Verizon has a lousy idea of what good code is.

        1. Fatman Silver badge

          Re: Verizon...lousy

          This sentence needs to be corrected:

          Or maybe Verizon has a lousy idea of what good code is. to read:

          Or maybe Verizon has a lousy good idea of what good code is a lousy company is.

          Verizon, look at yourselves in the mirror!

      2. dssf

        Re: Hehehe, Crafty, Creative

        Hungry Sean, I gave you a thumbs up because you made me realize what a glaring flaw I made by not considering or positing that he had to know *something* or have decent skills to pull this off.

        Actually, IIUC, in the USA, work assignments generally tell employees they must to their own tasks and if unable, seek out their manager or team leaders, etc.

        In some countries, like South Korea, an egomaniac in a team might have the swagger and fearsome personality to induce others to produce impressive work, then he (usually a he) submits the work as his own. I have several Korean friends who said they eithr know of or were subjected to this themselves. They despise such people who take the credit and don't share it.

        But, in Bob's case, he farmed out work, making those downstream contractors happy.

        I wonder how many of his surviving bosses secretly wish they could rehire him and buy him rounds of drinks.

    2. Anonymous Coward
      Anonymous Coward

      Re: Hehehe, Crafty, Creative

      You're assuming he didn't have the skills.

      Assuming he did, and that he'd built relationships with people he trusted and could monitor their work, the only real issue is legal / security.

      If it wasn't for the breach of trust, I'd offer him a job. It's harder to find decent technical managers than it is to find decent programmers.

    3. jason 7
      Devil

      Re: Hehehe, Crafty, Creative

      The problem is that most companies have got rid of the old 'people manager' the person who kept an eye on staff, monitored the work, did all the staff management duties, appraisals, training etc. etc.

      Those people largely don't exist any more, Instead you have a manager that's only interested in how good he or she looks to the guy above them and maybe the guy above them too.

      As long as there are not sh*tstorms heading their way they don't care what the staff are doing.

      I and my other colleagues used to have to submit a lengthy and tedious weekly progress report. After a few weeks of doing this I took a gamble and started just submitting the same report every week with just the date changed at the top. Never got noticed.

      If you have to do reports like that try it. Just create a an actual report for that first week just in case it gets noticed (oops I sent the wrong one!) and then send in last weeks weeks. If it works carry on. If it happens for several months and then gets noticed you have the comeback of advising them would it be worthwhile for everyone else to be made aware that their reports were not being looked at most of the time?

      1. Anonymous C0ward

        Re: Hehehe, Crafty, Creative

        I'm gonna need you to go ahead and come in on Saturday. And have those TPS reports on my desk by 4.

        1. dssf
          Happy

          Re: Hehehe, Crafty, Creative

          LOL!!!! "Office Space"????

    4. Anonymous Coward
      Anonymous Coward

      Re: Hehehe, Crafty, Creative

      Legal don't go for execs, because execs pay their bills. Legal don't go for IT because IT knows everything and if they don't, they soon will.

    5. M Mouse

      Re: Hehehe, Crafty, Creative

      "I wonder whether he will be sued for breach of trust/faith; unlawful disclosure of proprietary info; falsification of work; misrepresentation of fact; etc."

      probably not. Taking him to court would leave the company open to shareholders (esp institutional investors) questioning the management and security of the firm, as he had been doing this for months, so the management would be under fire after that.

  5. dssf

    Temp Agency Commercial from the 80s/90s (Accountemps?)

    Employee calls boss, faking illness, sniffling, "Sorry, Mr. Smith, I cannot come in today. I've got this terrible cold..."

    "Don't worry... BOB can handle it!"

    "Who's 'Bob', sir?"

    "Don't worry! We've got it COVERED!"

    "Wh... Wh... (throat miraculously clears up) I am FEELING BETTER already. I can be in in 15 minutes."

    "THAT'S OK. YOU stay home and recover. BOB will handle EVERYthing...."

    Well, THAT IT BOB took his employers for an expensive, unaccountable and embarrassing ride.

  6. Timothy Tuck
    Pint

    brilliant

    have to love it, probably violated many of his hiring terms and NDA's but hey you do have to admit it has a ring of brilliance to it.

    1. Lars Silver badge
      Pint

      Re: brilliant

      Damn it, newer thought of that, must be stupid.

    2. Anonymous Coward
      Anonymous Coward

      Re: brilliant

      Not all that brilliant... should've had his subcontractors connect via a VPN proxy at his home. He'd have enjoyed many more happy years of being paid to commentarderize on El Reg

      Anon.. well.. just because. OK

      ;o)

    3. Peter Simpson 1
      Thumb Up

      Re: brilliant

      His scheme has a BOFH quality to it

      1. Anonymous Coward
        Anonymous Coward

        Re: brilliant

        This sounds like exactly the kind of scheme Wally in Dilbert would cook up.

        1. TeeCee Gold badge

          Re: brilliant

          The article mentions he was handling invoices from subcontractors and other such admin stuff.

          Sounds way too much like hard work for Wally. Now, if there were a way of outsourcing the work associated with outsourcing the work.......

        2. Anonymous Coward
          Anonymous Coward

          Re: brilliant

          I swear that he did (although the outsourcing was to India), I just can't find it. IIRC: Dilbert asked Wally if he was worried about getting caught, and he said no, every couple of weeks he has the contractor screw up.

  7. Timothy Tuck
    Joke

    Now on to the second best programmer in the company

    I am betting it might be time to go check Alice's machine next, since she was the number 2 programmer I am betting her and Bob have been communicating between each other and nobody knows about it yet.

    Or maybe Bob is Alice, or Alice is Bob

    Maybe neither of the really exist? lol

    Ghost in the machine?

    1. kryptonaut

      Re: Now on to the second best programmer in the company

      I think Eve might know something about it.

    2. The Indomitable Gall

      Re: Now on to the second best programmer in the company

      Almost. Bob isn't Alice -- Bob is Kate.

      1. dssf

        Re: Now on to the second best programmer in the company

        Are Bob, Alice, and Kate a sort of Hybrid?

        Sorry, but this just BEGS for a BSG segue, hehehehe:

        "Two protons expelled at each coupling site creates the mode of force, the embryo becomes a fish that we don't enter until a plate, we're here to experience evolve the little toe, atrophy, don't ask me how I'll be dead in a thousand light years, thank you, thank you. Genesis turns to its source, reduction occurs stepwise though the essence is all one. End of line. FTL system check, diagnostic functions within parameters repeats the harlequin the agony exquisite, the colors run the path of ashes, neuronal network run fifty-two percent of heat exchanger cross-collateralized with hyper-dimensional matrix, upper senses, repair ordered relay to zero zero zero zero. (Torn)"

        "Gestalt therapy and escape clauses. Throughout history the nexus between man and machine has spun some of the most dramatic, compelling and entertaining fiction. [2]

        (Grasping Baltar) Intelligence. A mind that burns like a fire. Find the hand that lies in the shadow of the light. In the eye of the husband of the eye of the cow. [3] "

        " Thus will it come to pass. A dying leader will know the truth of the Opera House. The missing Three will give you the Five who come from the home of the Thirteenth. You are the harbinger of death, Kara Thrace. You will lead them all to their end. End of line. (Faith) "

        =========

        When IT, Legal, HR, the Execs, and the Site Security caught up with him....

        "At last, they’ve come for me. I feel their lives, their destinies spilling out before me. The denial of the one true path, played out on a world not their own, will end soon enough. Soon there will be four, glorious in awakening, struggling with the knowledge of their true selves, the pain of revelation bringing new clarity, and in the midst of confusion, he will find her. Enemies brought together by impossible longing, enemies now joined as one. The way forward at once unthinkable, yet inevitable. And the fifth, still in shadow, will claw toward the light, hungering for redemption that will only come in the howl of terrible suffering. I can see them all. The seven, now six [5] , self-described machines who believe themselves without sin, but in time, it is sin that will consume them. They will know enmity, bitterness, the wrenching agony of the one splintering into the many, and then they will join the promised land, gathered on the wings of an angel. Not an end, but a beginning. Come in Major. I've been waiting for you for a long time. "

        ============

        And, just as they escorted him out the door, he had his final line:

        "There are secrets within lies, answers within riddles. Lay off the ACS, you betcha Galen. Open your mind and hear what your heart wants to deny. End of line."

    3. Anonymous Coward
      Anonymous Coward

      Alice

      Who the fuck is Alice?

  8. Yet Another Anonymous coward Silver badge

    Urban legend

    Wasn't there a story of somebody at HP/IBM/etc that interviewed with two different divisions on different floors of the same building - got offered both jobs - and took them

    By leaving his jacket on the back of the chair and always attending meetings - he got away with it for a long time!

    1. Anonymous Coward
      Anonymous Coward

      Re: Urban legend

      Are you thinking about the Michael J Fox movie "The Secret of my Success"? If you haven't seen that, it's a "must watch".

  9. Barry Rueger Silver badge

    Free Trade!

    C'mon, if it was a factory job everyone would be cheering about the increase in "productivity." I'm waiting until we can outsource the politicians.

  10. Anonymous Coward
    Anonymous Coward

    Sauce, goose, gander. Apparently then, programmers can easily out-compete the management in the deadwood companies they work for, who knew?

    Nice one Bob, the management would probably have outsourced you in the end, to the lowest-cost no-hopers they could find to boost their golf slacks budget, (and you might have had to debug their crap code or train the no-hopers for a while) so presumably you hired some rather better ones to cut down on debugging time!

    1. Jamie Jones Silver badge
      FAIL

      "Sauce, goose, gander. Apparently then, programmers can easily out-compete the management in the deadwood companies they work for, who knew?"

      Errrrm, He was outsourcing his work for others to do. He would only have been "deadwood" if he hadn't done that or any productive work himself.

  11. Shagbag

    Office Space

    Bob has 'management' written all over him.

    1. JohnG Silver badge

      Re: Office Space

      I think this is what can happen when bright people are told things like "You're too technical for management so that's why we are placing an arts graduate with no relevant experience in charge of the team".

  12. xpusostomos

    What's the problem?

    He got the job done, and he took the pay on offer to get it done. Who cares how he got it done?

  13. Michael Pearce
    Thumb Up

    Award for brilliance

    http://www.theregister.co.uk/Design/graphics/icons/comment/thumb_up_32.png

    So it's okay if the company throws people out of work by outsourcing to China but not when a worker does it? Everyone wins here - the company was satisfied with the results and what it cost them; Bob is happy because he is paid lots of money to do nothing but manage his source and verify the work before it's submitted, and China is happy because China always wins.

    What really needs outsourcing is management.

    1. Lee Dowling Silver badge

      Re: What's the problem?

      Probably anyone involved in network security or data protection or even software licensing.

      - He fedexed a two-factor authentication token to an unknown Chinese person to use.

      - He provided them with VPN access into the internal company network.

      - They were writing software (which should now, by rights, all be audited), which was deployed into the company network and nobody now really knows for sure what it did historically or what it does today.

      - At any point, those Chinese programmers might have been culling other company's proprietary code to use for that job (illegal!), or similarly taking the company's code and selling it on to Chinese companies etc.

      The man is a genius. But he's a genius that broke several contracts and (quite likely) a few laws in doing what he did. The company might choose not to do anything about it, depending on the work they did and the data they processed, but it's not as clear cut as "good luck to him". A lot of people will now have to do a lot of work auditing code and explaining themselves to data protection agencies. Basically all the work he did will now have to be undone at great expense, unless the company is really willing to turn a blind eye to it (which may be illegal too!).

      It's like finding out that there's been a guy coming into your office, because he always came in with a certain employee, and logging onto the corporate network for years and now people find out that NOBODY has any idea who he is or what he was doing and that he was nothing to do with the company. It's serious stuff.

      1. This post has been deleted by its author

      2. Crisp Silver badge

        Re: Breaking Laws And Contracts

        You can't make an omelette without breaking eggs.

        1. dssf
          Joke

          Re: Breaking Laws And Contracts

          Until this very moment, I never had a response to that cliche. But now...

          Oh yes you can: Tap the shell with a syringe, suck out the contents, make omelette, patch shell after filling with density-equivalent.

          Now, as for over easy, sunny side up, and similar, where the yolk cannot be malformed....

          JKJKJKJK

      3. keithpeter
        Boffin

        Re: What's the problem?

        "The man is a genius. But he's a genius that broke several contracts and (quite likely) a few laws in doing what he did."

        I take your point.

        Suppose 'Bob' had set up some kind of system at home that the contractors he hired could check code into and then make it appear that all VPN traffic was coming in from his home address. Would he have been caught?

        Is there a 'style' or 'code signature' that you can use to identify a programmer?

      4. Lukester

        Re: What's the problem?

        "It's like finding out that there's been a guy coming into your office, because he always came in with a certain employee, and logging onto the corporate network for years and now people find out that NOBODY has any idea who he is or what he was doing and that he was nothing to do with the company. It's serious stuff."

        I worked for that company, and those people were 2 a penny! In fact I think I was one of them for a while!

      5. Roland6 Silver badge

        Re: What's the problem? It's serious stuff.

        Agreed, however, it does show just how much companies depend upon trust. I suspect that many companies 'authorised' use of sub-contractors (offshore or onshore) are not fully policed with respect to security and confidentiality implications...

    2. Rushyo
      Pint

      Re: What's the problem?

      I'm inclined to agree. Managers are always talking about focus on 'results' and 'efficiencies'. On paper, this is exactly the kind of initative they demand from employees.

      I suspect they're just pissed because they couldn't manage external contractors that well if they tried.

      1. Anonymous Coward
        Anonymous Coward

        Re: What's the problem?

        Certainly, in finding the easiest way of getting his work done he completely and utterly ignored everyone else's interests (and the law). But then, everyone has been saying he's management material. This confirms it.

    3. Anonymous Coward
      Anonymous Coward

      Re: Award for brilliance

      You are right in principle, Michael, but the devil is in the details. China trains one hell of a lot more engineers than the USA, but when it comes to lawyers the USA is top dog by a long, long, long way. What lawyers mostly do is arbitrate the division of the spoils, and since rich employers can afford more and better lawyers, the arbitration usually routes 99% of the money to said rich employers. (All perfectly legal, of course - it's bound to be when you can afford to HIRE the law. Also the people who make the law, of course - but that's another story).

    4. The Indomitable Gall

      Re: Award for brilliance

      The clue's right their at the top of the article: "critical infrastructure". Bob's job was in the US, and not already outsourced, because of security implications. Bob "outsourced" himself by granting access to a secure network to people not adequately vetted to connect to it. He has not only breached his contract of employment, but he has brought his employer into breach with their clients, a breach which will no doubt lead to a very, very expensive audit of every single line of the codebase.

  14. Anonymous Coward
    Anonymous Coward

    Why not?

    The management would do it to the programmers without missing a heartbeat anyway - he's just getting his outsourcing in first. The only bonus is that he's managed to find outsourcing resources who are actually good at their work.

    Ex-BT employee here - who's had his job outsourced to numpties (since the management never bothered to manage the outsourcing like Bob did).

  15. This post has been deleted by its author

  16. taxman
    Big Brother

    Fallen star

    Really , really suprised that if this guy was *a star programmer* that he didn't realise that security audits of logins would take place after making VPN/work at home available! Standard security practice - check up where your workers are logging in from - home network or offsite. Tsh!

    1. Dan 10

      Re: Fallen star

      Doesn't surprise me, I worked with some genius devs who, once outside of the pure programming world, didn't seem to know one end of a computer from the other.

      1. Anonymous Coward
        Anonymous Coward

        Re: Fallen star

        Seconded: in my experience (as a sysadmin) I find all too often developers are clueless about the wider systems they code for, even down to how basic networking works sometimes!

    2. Anonymous Coward
      Anonymous Coward

      Re: Fallen star

      Yes, if he'd been a tad smarter he would have invested some of his copious spare time in cultivating the security people. Take them for drinks, make friends with them. That way he might have got a heads up, or even been able to avert discovery.

      1. hplasm Silver badge
        Happy

        Re: Fallen star

        Security people don't have friends, just risk lists....

  17. Doozerboy
    Trollface

    If he'd remembered to put cover sheets on his TPS reports he'd have gotten away with it for years!

    1. TheRealRoland
      Happy

      I believe...

      You have my stapler?

  18. Goa T. Herds
    Happy

    New Book Coming Soon - How to Fool HR For Dummies.

    Nothing more to say.

  19. Guerito
    Thumb Up

    Brilliant

    Firing him out of shame is stupid. I'd promote him into management and let him outsource a lot more.

  20. Displacement Activity
    Meh

    Is this a Verizon press release?

    I smell a fish - this is straight out of a Dilbert strip. Someone that smart wouldn't have let his subcontractor connect directly. And when did the Chinese subcontractor actually connect? In the middle of the night? And why did this "star programmer" actually bother going in to work to surf the web all day, presumably at the same time that "he" was connected externally? And is Verizon a bit like the US version of Vodafone? If so, what sort of moron would ask them to do a security audit?

    Someone's taking you for a ride, Mr. Reg.

    1. Anonymous Coward
      Anonymous Coward

      Re: Is this a Verizon press release?

      "That smart".

      You can be perfectly good at programming.

      You can get the bright idea of outsourcing.

      You can stuff up by forgetting which audit log to delete/thinking you don't need to do an external contractor and let them in internally.

      The "smart" persons downfall is how smart they think they are versus how smart they really are. (Which goes for this commentard too!)

    2. Anonymous Coward
      Anonymous Coward

      Re: Is this a Verizon press release?

      >> Someone that smart wouldn't have let his subcontractor connect directly.

      My thoughts exactly when I read it. It would be trivial to setup a VPN through his own machine and get the Chinese guy to connect with that before connecting to the corporate VPN so his home IP shows up as the one connecting.

    3. JimmyPage Silver badge

      Offshore working hours

      Every offshore outfit I've dealt with makes a point that they will work whenever suits you - if you want them 9-5 GMT, they'll be there.

      Personally I prefer to leave them do their own 9-5. Usually they are 4 hours behind, so you get the morning to inspect what they've done and have some peace & quiet, then after lunch you can liaise with them, and set them the next set of tasks to continue with after you go.

      1. Anonymous Coward
        Anonymous Coward

        "4 hours behind GMT"

        AFAICT the only people who are 4 hours behind GMT are central South America and Nova Scotia. Surely you don't really mean that your offshore outfits are all based there?

        1. Anonymous Coward
          Anonymous Coward

          Re: "4 hours behind GMT"

          "...central South America and Nova Scotia. Surely you don't really mean that your offshore outfits are all based there?"

          He took "offshoring" literally. They work from a repurposed garbage scow adrift somewhere in the north Atlantic Ocean.

    4. Dave 62

      Re: Is this a Verizon press release?

      "And is Verizon a bit like the US version of Vodafone? If so, what sort of moron would ask them to do a security audit?"

      Probably because of their experience in cheating the system :)

    5. jonathanb Silver badge

      Re: Is this a Verizon press release?

      Vodafone owns 49% of Verizon, so yes, they are the US version of Vodafone.

      My PHB hires companies like that to do security audits because they are big companies, so they must be good.

      1. Anonymous Coward
        Anonymous Coward

        Re: Is this a Verizon press release?

        Former PHB hired big-company accountants because they were no good and he was up to it!

      2. Andy ORourke
        FAIL

        Re: Is this a Verizon press release?

        Vodafone owns 49% of Verizon "Wireless", Verizon is MUCH bigger than that.

        Also, for once, this is NOT Verizons fault:

        "The firm's telecommunications supplier Verizon was called in after the company set up a basic VPN system with two-factor authentication so staff could work at home. "

        So Verizon were the SUPPLIER of the network and they found the info on "Bob", they were not employing him.

    6. Sid_the_Kid

      Re: Is this a Verizon press release?

      Just an aside: Verizon is in fact 49% owned by Vodafone, and they'd like to own more.

  21. Jerome 0

    Agreed. Bob's "typical work day" reads like a joke list of how a lazy employee would spend their time. The whole thing sounds like something you hear about from a mate of a mate. Plus the only source for this story appears to be a link to the Verizon blog, which is currently returning a database error.

  22. Piro
    Thumb Up

    I don't see the problem

    No, seriously. He's just being an extremely efficient manager - delegating work out, freeing up his time, providing excellent results.

    In that respect, he's better than a good number of managers.

    I applaud this effort.

    1. fajensen Silver badge

      Re: I don't see the problem

      delegating work out, freeing up his time,

      And yet failing - By wasting the free time and getting busted. If he had set up the VPN connection to forward form his work computer at home, then he could engineer some chronic and progressive medical reason to work more and more from home and then go travelling or *something* interesting instead of being at the office.

      At least he got to keep the money and the Chinese contacts might be useful in the future.

      1. Roland6 Silver badge

        Re: I don't see the problem

        >And yet failing

        Agreed, he obviously didn't fully get one of the key points in "the 4-hour work week" - disappear from the office...

    2. Captain Underpants

      Re: I don't see the problem

      @Piro:

      No, seriously. He's just being an extremely efficient manager - delegating work out, freeing up his time, providing excellent results.

      In that respect, he's better than a good number of managers.

      I applaud this effort.

      You're assuming that:

      1) he adequately security-vetted the outfit to whom he outsourced the work to ensure that they weren't a risk, and had suitable measures in place should a security issue arise.

      2) he ensured that the code produced by the outsourced team was entirely their work and that they had the legal right to sell it to him under work-for-hire no-rights-reserved terms.

      3) he ensured that the outsourced team did not make use of any data or infrastructure access provided by him to get up to Naughty Business

      4) he performed quality-assurance on the code provided to ensure it was up to scratch and would not cause any problems within the explected deployment environment.

      In the absence of proof that he did all this, and especially in the context of "freeing up his time to dick around on the internet", I thoroughly reject your assertion that this is laudable. I mean, yeah, in a pragmatic sense he allegedly got away with it for a while (assuming this isn't a bollocks PR narrative selling us the idea of Verizon's contribution to improved network security), but...well, screw this notion. If he'd done this to get otherwise-unmanageable amounts of work done in the face of a management structure that refused to properly locally resource their teams it'd be one thing. The character depicted in this story exhibits lazy parasitic bellendery and the fact that it's being applauded by a bunch of short-sighted twits is, sadly, about what I'd expect from at least some commentards.

      1. Anonymous C0ward
        Devil

        Re: I don't see the problem

        It may not be laudable in light of the rules, it is however lulzy as fuck.

  23. Wombling_Free
    Thumb Up

    "Bob"? Bit of an odd name...

    It wasn't Robert Oliver Francis Howard by any chance was it?

    1. Anonymous Coward
      Devil

      Re: "Bob"? Bit of an odd name...

      If it was he'd never have been caught - the security staff trying to investigate would have been smelling brimstone faster than you can say 'compulsion geas'

      1. Dave Lawton
        Pint

        Re: "Bob"? Bit of an odd name...

        No, I don't think there has been any mention of the Laundry.

        Thanks, guys, I thought TFM was a one-off, now I know better.

        Pint for the nudge.

  24. Drewc Gold badge

    jacket on chair

    25 years ago, I worked at an oil company in central London. One accountant with his own office, would come in, put his jacket on his chair and then, most days, toddled off to manage a shop he owned. It took one year for management to find out.

    1. Uffish
      FAIL

      Re: jacket on chair

      Even longer ago I worked for a large broadcasting organization in London. A few people there openly spent most of their time at work running their own businesses. In other words, management and HR was crap.

      It seems that in some modern businesses management and HR is still crap.

  25. Captain Underpants
    Thumb Down

    It's a funny story with more than a whiff of bovine residue to it.

    There's no way Bob would simply be let go after an incident like that; unless the company were utterly worthless (in which case why the audit?) they would now have to review all access to their network and audit all code. They would likely also have to at least consider dropping anything particularly clever done by Bob's subcontractors, since Bob's contract won't have allowed him to commission the work on a work for hire basis and he is unable to determine whether company code has been sold to other chinese firms as a result of his actions. He's also exposed their network to substantial risk which would also need to be audited.

    (i know, I know, overthinking it etc. But if all the shortsighted capitalism-at-all-costs "good on him" remarks are valid then so is mine...)

    1. Anonymous Coward
      Anonymous Coward

      Yes way. The company will seek to limit the damage as much as possible by covering up the incident internally and getting the "communications department" to run interference externally! Truth is that Nobody will care about safety of the code or the network any further than what is minimally required to be perceived as "having taken all the necessary precautions, procedures have been strengthened e.t.c.".

      Part of the deal is that "bob" keeps his gob shut and don't go writing a book about "dumbass corprat america"

      1. Captain Underpants

        No way, unless all their policies are crap written by incompetent morons and enforced/applied by incompetent morons.

        What you say is well and good until you've got a job or client with any kind of risk of industrial espionage (or, worse, a government contract with security implications). I've no doubt that such morons might simply blunder onwards through the contracts, answering erroneously or outright lying if necessary; the point being that they would then not only be running a vulnerable network that's open to exploitation or attack by malicious individuals and/or business rivals, but they would also be open to litigation of the "level all buildings to rubble and salt the earth beneath for good measure" variety.

        Remember, we're talking about a story existing solely on the internet: which means it's complete and utter danglies until conclusively proven otherwise - which means the company needs to be named (the individual too, optionally) and the story needs to be covered in major news services over the course of several days. Unless that happens I'm assuming it's a promo for how Verizon can help your business be more efficient (And even help find hitherto-unnoticed security issues).

        1. Fatman Silver badge
          Stop

          RE: ..unless all their policies are crap written by incompetent morons...

          I bet that there are a lot of people who read your comment, and said to themselves:

          Stop talking about my bosses that way!!!!!!

  26. Trollslayer Silver badge

    This kind of thing does happen

    I was in the STB industry and there was one guy at another firm who apparently broke his leg skiing.

    In fact he started working for another firm and somehow balalnced things so he was working for both for a long time.

  27. Anonymous Coward
    Anonymous Coward

    Not that smart, think man-in-middle VPN

    Well he should set it up with the VPN as it man-in-middle.

    The Chinese connects to programers computer and his computer connects corp computer.

  28. Dan 55 Silver badge
    Pint

    Sounds like my kind of day

    9:00 a.m. – Arrive and surf Reddit for a couple of hours. Watch cat videos

    11:30 a.m. – Take lunch

    1:00 p.m. – Ebay time

    2:00-ish p.m – Facebook updates, LinkedIn

    4:30 p.m. – End-of-day update e-mail to management

    5:00 p.m. – Go home

    Oh, here comes someone from IT towards my desk...

    1. Anonymous Coward
      Anonymous Coward

      Re: Sounds like my kind of day

      shouldda posted AC

  29. Lallabalalla
    Thumb Up

    Nothing new here

    Back in the day I ran a very small courier firm - just me and a few others on bikes - till we got bored of riding and got a cheaper firm to do our work for us while we sat in the cafe fielding calls and providing "quality assurance". Occasionally we'd knock out a few jobs ourselves, especially for a few key clients. Then we'd spend a merry hour each day in our rented office raising invoices, and go home.

  30. GregL
    WTF?

    I think it was ballsy of him, but it shines a bright light on how much money American companies could save by outsourcing. I'd wager this experience has educated the firm of the benefits of sourcing US jobs to foreign nations. Not what we need right now.

    1. Sooty

      As has been highlighted, this was likely not being outsourced for a good reason! Maybe nothing to do with cost. It was found during a security audit.

      I am based in the uk and I've had to be vetted before to download software from America that was subject to export restrictions. There could have been very good reasons why the code wasn't being done outside of the country.

  31. Some Beggar

    I'm not altogether buying this story ... but assuming that it is basically true ...

    All the failures here are with the management.

    Even putting aside the fact that the relationship between the firm and the employee seems to have been horribly dysfunctional, outsourcing technical work typically costs well above 20% of US costs. So either he's a demon negotiator or the company were employing somebody at far too high a skill level and salary for what the job actually involved. That's business-threatening incompetence.

    The only real failure on the part of the employee is that he appears to have been pissing his own life away on the interweb. He could have outsourced the dull but well-paid work and then spent his office hours doing something interesting and constructive. Or at least built a lego death star.

    I still don't quite buy this version of events though. Somebody has sprinkled some apocrypha in there to make it more interesting.

  32. skellious
    Devil

    "bob" sure it wasn't "BOFH"? Oh wait, he wouldn't have been caught...

    I applaud the man for his ingenuity but I also understand why the company didn't like the idea.

    1. Peter Simpson 1
      Thumb Up

      Re: "bob" sure it wasn't "BOFH"? Oh wait, he wouldn't have been caught...

      ...because the investigators would be buried in the local tip, rolled up in old carpeting.

      1. Fatman Silver badge

        Re: "bob" sure it wasn't "BOFH"? Oh wait, he wouldn't have been caught...

        ..because the investigators would be killed in a freak lift accident.

        or

        ..because the investigators would be killed in a freak generator mishap.

        or

        ..because the investigators would be afraid of being repeatedly subjected to a cattle prod.

  33. deadlockvictim Silver badge

    Outsourcing

    Outscourcing, in my experience, is troublesome, slow and unreliable.

    I considered this about 8 years ago as well when I was working with a firm in Chennai in India. The problem was that the programmers required exceptional well-written documents (you get what you specify) and the mistakes that they made were often culturally-based rather than coding-based. To add to that, the programmers rarely stayed long at the company. It was not unusual to " see a new face" every 6-9 months.

    I reckoned that I would be spending as much time, if more, in order to get them prepared and then further to correct mistakes. They also had a strict one-week check-out policy and that made the meeting of deadlines difficult. I would have become a project manager and that wasn't for me.

    Maybe if I had met a brilliant young programmer whom I could trust, I would have jumped at them like a shot. Otherwise one is trusting so much on teh grounds of greed.

  34. lightknight

    Hmm

    On one hand, he's living the dream of the BOFH. Many wouldn't think twice about doing the same.

    On the other hand, he's committing fraud, and opening up his company / the US to potential security issues. Verizon is, in theory, a regional Tier 1 provider, and as such, functions as a backbone for a large section of the internet. Now, I do not think, contrary to current paranoia, that anything harmful has been placed into this code, nor do I think the people on the other end would act in such a fashion. However, the various parties in a contract do have the right to know who they are working with, and this is a violation of that principle. What more, the implications of an entire company, in a foreign nation, having direct access to such confidential information at such a high level at such a large company is mind-boggling.

    On a secondary note, the problem with this fraud is that is has the unintentional side effect of possibly deprecating his fellow programmer's wages. By misrepresenting himself, he gave management at Verizon reason to believe that his fellow programmers were slacking, or somehow not worth their pay; this may have negatively affected their promotions and / or their salary / wage increases / bonuses. By using fraudulent means, he gave the appearance of doing the work of twenty or possibly hundreds of programmers, all by a single man; in all likelihood, excellent programmers were made to be in competition against that, potentially destroying themselves in an effort to compete; what more, good programmers were, no doubt, turned away, or unjustly downgraded / viewed as poor programmers for their inability to perform. The ramifications for this are huge.

    The question now being pondered is thus: how many others are doing this? An isolated incident, or merely the first to get caught? Were the industry to find out that even a few star programmers were actually pulling the same trick, there'd be bloodshed.

    1. Fatman Silver badge

      Re: Hmm

      I believe you may have misread the article.

      Verizon is the company's communications supplier, and IIRC, it is in that capacity, did they discover what "Bob" was doing. The article did not imply (again IIRC) that "Bob" worked for Verizon.

  35. James 47

    Would he have got away with it if they were Agile?

  36. Gith
    Meh

    Not so uncommon

    This is quite common in larger businesses, but is wrapped up under the description of "Consultancy".

    Check your accounts to see how much your senior management is spending on consultancy on every single decision they make ;-)

  37. Marco Fontani
    Coat

    Dilbert predicted this'd happen in 2003

    http://dilbert.com/strips/comic/2003-08-03/

    1. C Yates
      Thumb Up

      Re: Dilbert predicted this'd happen in 2003

      lol! Good find :)

  38. Anonymous Coward
    Anonymous Coward

    Ridiculus

    I wouldn't be mad at this particular character.

    What annoys me is that there many cases like this already occurring which gives IT / Dev a bad rap --- hence the ones actually having a passion to do this work and all just get left out to cater to the ones doing bullshit work.

  39. This post has been deleted by its author

  40. aircox23
    Thumb Up

    Love it

    I think its fantastic! I understand the security risks but look at the results...win win for everyone. Top work output from BOB (the company was happy), BOB was happy, the Chinaman was happy! Stuff like this goes on all the time. Most of all my clients either think I do the work or do not care as long as it gets done and done right. The rest is just details. I have a buddy who outsources almost all of his programming work for dirt cheap. No one knows and no one cares.

    Obviously bob was sloppy and could of covered his tracks but his company should of made him head of HR using his creativity.

    Love it!

  41. Destroy All Monsters Silver badge
    Devil

    "Killer BOB (or simply BOB) is a fictional character in the ABC television series Twin Peaks. He is a demonic entity who feeds on fear and pleasure. He possesses human beings and then commits acts of rape and murder in order to feast upon his victims."

    Turns out he also outsources.

  42. Magnus_Pym

    US firms know outsourcing.

    Virtually the whole country is outsourced to China. If this company can get work based on US employee rates then there is a very good reason for it. If there is a good reason for it then outsourcing it without the company knowing is probably a bad thing. Just how bad we will probably find out in a few years when the doeing breamliner is launched by the China Airliner Corp or something similar.

  43. John 62
    Go

    They should hire the chinese guy!

    1. Anonymous Coward
      Anonymous Coward

      Who's to say the chinese guy wasn't hiring someone else?

  44. Nifty
    Holmes

    Double bluff...

    Actually he was nearly caught accepting cash to aid Chinese intelligence into his employer's network.

    Good cover story though.

  45. Klek
    Pirate

    Guerilla capitalism?

    When companies do it, the market lauds them.

    When individuals do it, they get the book thrown at them.

    It would be nice if capitalism's little rules were evenly applied.

    (cf. Aaron Swartz)

  46. Oninoshiko
    Stop

    Why he was fired

    His boss got nervous Bob would take his job.

    Seriously, promote the guy! He's got "management" written all over him!

  47. johnwerneken
    Thumb Up

    Make him the Secretary of Labor

    THIS is how to solve the problems of employment, production, the environment, etc. all at once! Give this guy a Nobel! Or at least promote him to Vice President!

  48. RedHat72

    Go, go, all the Bobs in US of A!!!

    so not surprised the thought about it, not surprised Verizon management is this stupid (yes, they are!), not surprised that Chinese contractor(s?) made him look like a star programmer, etc... not surprised at all of any of this... as much as you would like to disagree the fact of the matter is that most of the jobs in IT in the US are either outsourced or performed locally by white collar slaves from India, China or Eastern Europe; yes, most of these jobs are maintenance, production support and such, but "smart" jobs in cool companies like Google and friends are still done by some of these same people, just have a look around at your coworkers;

    not that I mind this, used to be one of these guys myself till very recently, but it is just a fact... the era of US leadership in IT probably is well sunset and the perspective of it returning looks quite gloom; so, bottom line, Bob should be congratulated, management fired and US should its technical education back on track!

    1. Anonymous Coward
      Anonymous Coward

      Re: Go, go, all the Bobs in US of A!!!

      not surprised Verizon management is this stupid (yes, they are!),

      You know he didnt work for Verizon, dont you?

      (although I agree Verizon is terrible with seriously deficient management....)

  49. Anonymous Coward
    Anonymous Coward

    Ah, the things we do for love...

    A friend of mine, also working in IT, had this really hot looking gf, also working in IT.

    She was really fit and was seriously thinking of going pro as a cyclist. But, she wasn't quite as good in her IT job, a database dev.

    So... my buddy was the Chinese subbie to her Bob. Basically, he would help her out by writing her code, on top of his own day job. I'll let you guess what his reward was.

    Didn't end well. She eventually got canned and blamed & left him.

  50. Anonymous Coward
    Anonymous Coward

    It would have been cheaper...

    .... to outsource to the UK. After all $50k/yr is about average for developers if you look over at the JOBS section -----> , plus no language problems. You could hire an whole development team for $250k/yr

  51. Anonymous Coward
    Anonymous Coward

    further analysis

    analysis of the work habits of all their other employees found no difference...they all spent time just surfing the web ;-)

    really....his manager is the one that needs to go. why was his working behaviour not spotted - or reported by coworkers long before the real story emerged?

  52. Whiznot

    Why are top managersalways idiots? They should have fired Bob's boss and promote Bob to that position.

  53. Anonymous Coward
    Anonymous Coward

    It's Wallys World

    I am in awe.

  54. steogede

    No harm no foul?

    He was getting the work done, to a high standard by all accounts and they have sacked him? His greatest sin was giving a third party his access details - he should have setup a VPN on his home system, and had the Chinese connect to via his home VPN into his work VPN.

  55. Richie 1
    Thumb Up

    Isn't this what Tim Ferriss makes a living telling people to do?

    The main message behind "The 4 hour work week" (fourhourworkweek.com) is basically, "outsource everything in your life that you can't be bothered to do yourself".

  56. Mark Leaver
    Pint

    Having a terminal server machine at home...

    for the guys over in China to connect to so that they could then VPN into Verizon.

    Would have been a much more secure option all round. Firewalled on both sides so that you can monitor whats happening in both directions. And with his multiple jobs, he could have set up a terminal server farm of virtual machines with the firewall routing all VPN traffic to the required TS.

    If he had done that, then he would still be quite happily sitting at home coding away making a mint.

    However, now that he has been caught, I suspect that he might be in line for a lawsuit for gaining money by deception.

  57. Khun Roger

    A bit of a convoluted theory

    "Yes, it is a bit of a convoluted theory, and like most convoluted theories, an incorrect one."

    Occam's Razor.

  58. Deopla

    Why go in the back door ?

    Most of the companies (at least in my technological environment in Israel) go through the front door and turn to companies which manage projects locally through off-shore developers.

    Yes , they pay local management fees , but it is 1 manager on whole teams of developers/technological workers...

  59. Anonymous Coward
    Anonymous Coward

    Old Doonesbury cartoon ...

    this is an old Doonesbury cartoon from way back, the describes this exactly (except for in the cartoon the protagonist hired a more expensive engineer in Bonbay that cost 1/3 of the base salary)

    hmmmm .... validation of the story would be good, but it has always seemed plausible ...

    copy of cartoon strip reprinted here:

    http://rdrutherford.blogspot.be/2005/10/doonesbury.html

  60. ratfox Silver badge
  61. Anonymous Coward
    Anonymous Coward

    Youtube

    I love all the Youtube comments on the Mittens clip..

  62. Brainman

    Read "The Four Hour Work Week" by Tim Ferris

    Full of this kind of suggestion, trouble is you need to wade through a lot of grandstanding of the world of Tim

  63. Sol Rosinberg
    FAIL

    Almost smart enough

    Where it fell down was him giving them his 2-factor ID token and letting them turn the work in for him. He should have simply had them send him the code/finished product via some other means, then at least give it to the company himself. He'd likely either not have been caught or would have taken longer to get caught.

  64. Anonymous Coward
    Anonymous Coward

    Bob broke the Golden Rule

    "Employees have not the right to be the same bastards as their employers".

  65. Nigel 11

    Lesson to be learned?

    Perhaps the lesson to be learned is that outsourcing can work well, IF AND ONLY IF the project manager is a darned good programmer in his own right.

    If he is, then it's quicker to do the desining and quality control oneself, and hive off the actual coding to sub-contractors on Chinese wages. They can't get bad code past him, and will soon know not to try. If they aren't up to scratch, they don't get any future work.

    The usual outsourcing disaster starts with managers who make up for in arrogance what they lack in ability. The subcontractors soon work out that they can leave the coding to their weaker colleagues, improve their margins by skimping on the debugging, and so on. (Much the same thing if the coders are still in-house, of course). Also, since the manager can't code, the designing and specifying is also likely to be insane.

  66. Stevelane
    Thumb Up

    I think he should incorporate a new company and sell its services to his former employers. They already know of the quality of his output. He earned high praise after all!

  67. Anonymous Coward
    Anonymous Coward

    I am having a hard time agreeing that the events as stated occurred. Firstly, as others have stated, the outsourcing cost seems too low, especially considering this outsourcing company were making him look like the best programmer in the company, meaning they must be full of highly skilled Chinese programmers.

    Having some experience with outsourced code (from China and India among others), I can say anecdotally that the code is sometimes good, often so-so but usually bad. By which I mean poor commenting (including poor English in some cases), very poor use of encapsulation, weird understandings of Objects, overly verbose 200~300 line functions/methods etc). That's just my experience. And usually we had to spend a few days picking apart the code and fixing it up.

    Maybe Bob found an extraordinarily good value for money operation, but it just sounds fishy to me.

    And I've never seen outsourced code that has perfect English in the comments. I know many programmers use bad English in their comments, but it's a different type of bad English to outsourced code. When I used to deal with outsourced source code I could spot it a mile away by the odd use of English in the comments (with also some remnants of Chinese comments occassionally lurking). So it seems odd to me that nobody spotted this. Unless, Bob was going through the code and editing comments.

    1. Anonymous Coward
      Anonymous Coward

      code with comments?

      "And I've never seen outsourced code that has perfect English in the comments"

      ha ha! I barely see code done in-house that has anything but the bare minimum of comments in the code. All outsourced code I have ever seen only had the predefined template comment at the top & nothing else.

      A US software company I used to work for stopped their outsourcing regime in 2001 because of poor code quality & increased maintenance costs. They changed strategy from outsourcing to bringing in the immigrants (I was one) and then relying on the opportunity of working in the US to make up for the lower than average salary. It didn't wash with me.

      BTW a 6 figure salary is easily achievable in the N.E (Boston, NY) if you have an accredited engineering degree.

  68. Anonymous Coward
    Anonymous Coward

    Four Hour Work Week

    Isnt this exactly what Tim Ferris became "famous" for when he wrote the bestselling Four Hour Work Week?

  69. Inachu
    Megaphone

    I have a very rich chinese friend from Beijing who still thinks like a person from Mainland China but has been a US citizen for over 30 years and she posted a similar reply to an instance such as this.

    BAck when clinton was in charge many said Clinton ran the country very well durring the zippoer issue.

    Her main comment about the issue was. Since he ran the country so well durring the zipper issue shouldn't we then give him more girls for an even better economy?

    So I chuckle when I read this article and thought of the above when I read this.

    The point that needs to be asked. Was anyone harmed? Was profit being made?

    If no harm and profit was being made then so what!!!!

    But I myself would love to fire him for doing no work at all.

  70. dhcp pump
    FAIL

    Repetition

    Not new ,enterprising ,but not real smart ,doesnt make a profit ,exposes his companies IP to the opposition ,stupid ,will get caught and be taken through the ringer and either serve time or pay back lots of $ ,or both .

    Most people have heard of the enterprising manager who hires subcontractors ( firm) to provide

    a service to the firm he is employed in ,but he actually owns ,or his wife or cat and then gets caught ,

    goto : above & line 2.

    DOH !

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019