Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Crime Government Security United States IT Your Rights Online

Programmer Admits Stealing US Gov't Accounting Software Source Code 125

Posted by timothy
from the public-costs-should-create-public-goods dept.
An anonymous reader writes with this excerpt from NetSecurity.org: "A Chinese computer programmer that was charged with stealing the source code of software developed by the U.S. Treasury Department pleaded guilty to the charge on Tuesday. The 33-year-old Bo Zhang, legally employed by a U.S. consulting firm contracted by the Federal Reserve Bank of New York, admitted that he took advantage of the access he had to the Government-wide Accounting and Reporting Program (GWA) in order to copy the code onto an external hard disk and take it home." Just such things make me think that the default setting for software created with public money should be released with source code anyhow, barring context-specific reasons that it shouldn't be.
This discussion has been archived. No new comments can be posted.

Programmer Admits Stealing US Gov't Accounting Software Source Code

Comments Filter:
  • The ownership of the code can often get a little muddied, as the company who is paid to develop it may use their own funds at times too--or extend an existing product the company has for the government's needs--meaning some of it is proprietary and privately funded. This is why most such software is available for use within the government, but the private company maintains rights to continue to develop and sell it commercially as well.
    • Re:mixed ownership (Score:5, Insightful)

      by Maximum Prophet (716608) on Thursday May 31, 2012 @11:08AM (#40166875)
      That's fine as long as the output of the software doesn't affect anyone, anytime. If the software has any effect on the government's decision about anything that affects me, I should have the right to view the source.

      Just like an American Citizen shouldn't have to worry about secret laws, the code that implements the law shouldn't be secret.
      • by Hatta (162192)

        Not just the right to view the source, you should have the right to use the code your tax dollars paid for for any purpose you choose. All products of government should be public domain. No exceptions.

        • by beatle42 (643102)
          My point was that the government only pays, often, for part of the software. It would often be useless without some proprietary other part, so your goal wouldn't work without either depriving rights holders by virtue of them working with the government, or without you obtaining some commercial software as well.
          • by Githaron (2462596)
            Terms of the copyrights and patents involved could be shortened proportionally to the amount the government spends on said project. If a company accepts government money, they would be required to release the source at the end of their shortened copyright.
            • by beatle42 (643102)
              Well I'd expect your tax bill to go up soon if this were enacted. I would think the government would have to pay a hefty premium for a company to agree to terms like that.
      • by beatle42 (643102)
        What about when the government buys a license for some COTS product? Should the government be barred from using proprietary software all together because the source will often be unavailable to us? It's certainly some different if the government is paying for development, though as I pointed out that's rarely clean cut either.
        • Re:mixed ownership (Score:4, Interesting)

          by icebike (68054) * on Thursday May 31, 2012 @11:52AM (#40167681)


          And it doesn't have to be COTS stuff. I know a small company that developed a weather instrument monitoring package and sold thousands of executable-only versions, but one customer wanted a source license so they could modify it or recompile it for other platforms. He sold exactly one source license.

          Six months later a Google search revealed his entire source code on three different source code repositories, two of which were overseas.


          • Hence why if you sell a source code license it should be for more then you expect to make out of the software till end of life. Once it is out of your hands, its no longer your own product.

            Giving away code is never a smart idea no matter how much you think a single license is worth.
      • since a Government employee can use Office in the course of their job affecting you would that mean that Microsoft must provide the source for viewing?

        At what level would we set a limit? As the person you replied stated, most times government contracts are for making minor changes, many soft coded at that, to adapt existing proprietary software to the customer's needs.

        I would agree with software created expressly for the government, as in it was the original customer.

  • Interesting... (Score:2, Interesting)

    by Anonymous Coward

    A Chinese national who used to work at my company lifted our proprietary code and fled back to China as well.

    • Re: (Score:1, Interesting)

      by Anonymous Coward

      There's a reason why the Chinese are desperately grabbing all of the source code they can. They're deadly serious about offensive cyberwarfare, and starting to get good at it.

  • by Anonymous Coward

    Not to sell the code afterwards but to keep at home so I can save some code patterns and ideas for future use.

  • If you're going to steal something from the United States, I'd think it would be much better to steal something that works well!

    • by Anonymous Coward on Thursday May 31, 2012 @11:26AM (#40167159)

      The 33-year-old Bo Zhang, legally employed by a U.S. consulting firm contracted by the Federal Reserve Bank of New York, admitted that he took advantage of the access he had to the Government-wide Accounting and Reporting Program (GWA) in order to copy the code onto an external hard disk and take it home.





      NOT THE ACCOUNTING AND REPORTING SOFTWARE!!! Oh God no. Oh God no. Oh God no. Now the terrorists have access to the TPS REPORTS!!! They'll know how a PT-44 revision 8b (as amended by the New Management Initiative Subcommittee 79a-b, 1967) audit works! And — may God have mercy on our souls — they might figure out how to copy the entire submanagement structure of the Greater Boise Area (Excluding Outlying Suburbs and Farms) Processing and Distribution Department!

      That's it. We're doomed. They have our bureaucracy. THEY HAVE OUR BUREAUCRACY, PEOPLE!!! THESE ARE THE END TIMES!!!

  • Public domain? (Score:5, Interesting)

    by Meneth (872868) on Thursday May 31, 2012 @11:14AM (#40166957)

    Normally, works of the US federal government are in the public domain, and not protected by copyright. How is this not the case here?

    On another note, Slashdot editors, please stop using the word "stealing" for immaterial right infringements.

    • by GoodNewsJimDotCom (2244874) on Thursday May 31, 2012 @11:21AM (#40167071)
      You stole my idea that stealing ideas is not stealing.
    • by mbenzi (410594)

      Yes, from the discussion of this I don't see how this is a copyright case.

      Works of the United States government are not entitled to domestic copyright protection under U.S. law, sometimes referred to as "noncopyright."

      relevant discussion of this http://en.wikipedia.org/wiki/Copyright_status_of_work_by_the_U.S._government [wikipedia.org]

    • On another note, Slashdot editors, please stop using the word "stealing" for immaterial right infringements.

      TFA says that he burned it to a CD, so if the CD came from stock purchased by his employer than it is technically correct to say he stole the code.

    • The Federal Reserve is actually a public-private corporation that happens to do some important Treasury-related functions. They're not an actual federal agency like the US Mint.

      • That's a good point. As a minor point of clarification, the Board of Governors in DC is part of the Federal Government (an agency within the US Treasury), whereas the reserve banks and branches are public-private corporations, as described. Since this happened at the New York reserve bank, your comment applies. I just wanted pipe up with that minor distinction.

    • by ffflala (793437)
      Wow, what a great comment. There's a technical answer to your question, but I think you might actually have hit upon a useful litigation or at least lobbying strategy. There are two aspects to the answer: (1) Only works produced by US employees or officers fall into the public domain exception; works produced by contractors are not. (2) There's statutory distinction between between "computer program" and "work of the United States government." http://www.law.cornell.edu/uscode/text/17/101 [cornell.edu]

      A "computer program" is a set of statements or instructions to be used directly or indirectly in a computer in order to bring about a certain result . . . .
      A "work of the United States Government" is a work prepared by an officer or employee of the United States Government as part of that personâ(TM)s official duties.

      Interestingly, not

    • by pingbak (33924)

      The software wasn't written by the USG, it was written under contract to be delivered to the USG. Subtle difference, but no, the software is not in the public domain because it wasn't written by the USG. See the "Software System Acquisition 101" post below...

    • by humanrev (2606607)

      On another note, Slashdot editors, please stop using the word "stealing" for immaterial right infringements.

      On another note, just let it go. The meaning of words change, it's a fact of life. Everyone knows that when someone is accused of "stealing" music acquired digitally, all they did was copy some files, but by the wider community it's still called and classified as stealing. Copyright infringement is perhaps the legal definition of what happened, but as far as definitions go with the layman, it's called

  • by richg74 (650636) on Thursday May 31, 2012 @11:16AM (#40166999) Homepage
    Given the way our government seems to run its accounts, perhaps we should hope that all potential competitors / adversaries steal it.
  • by Anonymous Coward

    So is he Chinese as in decent, or Chinese as in citizen of China? Those are two very very different things. Even though the code may not be classified I'm typically against having non US citizens working on US funded code bases. This seems like a security and political issue to me. Though the code may not be classified it is likely subject to the same rigid standards that classified code is subject to. This seems like giving out too much information about how the US government requires code to be developed

    • So is he Chinese as in decent, or Chinese as in citizen of China?

      A simple question to answer your curiosity is that if he was hired with working visa when he stole the code, what do you think he is a U.S. citizen back then?

      Also, if I understand correctly, Chinese decent means he person's parents and/or ancestors are from China regardless the person is a citizen of the country (even though it is implied). Therefore, the person should be Chinese decent anyway?

  • However ... (Score:4, Funny)

    by LMacG (118321) on Thursday May 31, 2012 @11:44AM (#40167521) Journal

    ... it was written in Ada, so nobody knows what to do with it anyway.

  • So he risked 10 years in jail just for bedtime reading? Seems improbable. And seems likely he will jump bail and pull another Charlie Trie.
  • Should the public also have keys to the government offices? The reasoning around here being if we paid with our tax dollars for the software, we should get the source code. Should we also get all the keys to all the doors? Or should we just not have locks on the doors to the gov't buildings?

  • by bunyip (17018) on Thursday May 31, 2012 @12:07PM (#40168005)

    Ummm - am I the only one that would wonder why anybody would want this?

    • by T.E.D. (34228)
      Most likely so he could work on it at home. That's why most folks take code from work home.
  • by PPH (736903) on Thursday May 31, 2012 @01:12PM (#40169073)

    "US Government Accounting".

  • He said to the FBI that he did so that the code would be available to him in the event of losing his job, and to use it for his private business, which is teaching computer programming.

    How much involvement did he have with the code? Meaning how much of it did he write?

    Even in a complex system, a hands on developer should know enough of the concepts that they could mock up something for later. Not necessarily a functioning application, but pseudo-coding at a high level to re-evaluate later.

    Seriously, if someone is teaching computer programming, how much specifics are you going into? You don't need the line by line, but the concepts.

    Well maybe if you are teaching how to debug large scale co

  • by Karmashock (2415832) on Thursday May 31, 2012 @02:09PM (#40169897)

    But for security reasons there are some good things about closed source.

    Lets be real here, we're talking about root financial systems. Neither individuals nor most corporations have any interest in this software. This is the prevue of nations and huge trade alliances.

    Keeping the code secret makes it more secure. Yes, it can't be used as the only level of security. It must be on TOP of everything else. I don't think giving the chinese access to our treasury accounting software is going to make the world a better place.

  • I can't believe the comments I'm reading here. The crime, as I understand it, is that a Chinese citizen used his trusted access to US government goods to STEAL US government goods. I don't care what it is...if he stole staples, it's still stealing.

    The comments here all seem to think that, simply because the US government paid for the code at some point *then* everyone in the world should have access to that code. Surely you're joking, right?

    He said to the FBI that he did so that the code would be available to him in the event of losing his job, and to use it for his private business, which is teaching computer programming.

    So, as I understand it, his defense is that he stole the code for h

  • Software is acquired from a contractor, so the Federal Acquisition Rules and various tailored versions, e.g., DFARS, apply. It is not developed by the USG, unless specifically talking about something that a USG civilian employee (__not__ a contractor) authored.

    The government purchases systems, writes contracts to acquire systems. Source code is considered data -- so the applicable FARS and DFARS are technical rights to data. Data rights are negotiated separately from software (system) rights and source code

    • by pingbak (33924)

      Joe Taxpayer doesn't get access to the GWA software or source code as the result of how the FAR rights and data rights work. Moreover, Bo Zhang committed theft from his employer, not Joe Taxpayer.

  • "Bo Zhang .. said .. he did so that the code would be available to him in the event of losing his job, and to use it for his private business, which is teaching computer programming".

    'The software in question keeps track of money exchanged between US government agencies and, according to the authorities, its development cost nearly $10 millionsM`.

    This is, of course, bullShit ...
  • (too late, I suspect), but the first thing that came to mind while reading TFS are all the tech companies yet again whining for even more work visas because they just can't find 'good enough' US citizens. 'Good enough' being a working definition for mole, nationalist, or just straight-up thief. But hey, they work hard and cheap (discounting the rather negative ROI of IP theft).
  • Is that "public domain" in the US doesn't mean "available to the public".

    Who knew?
  • Stop sticking your fucking opinion in the posts and shut the fuck up.

The clearest way into the Universe is through a forest wilderness. -- John Muir