Reuters’ Matthew Goldstein broke a fascinating story on Sunday, reporting that a Goldman Sachs computer programmer stole at least part of the code the investment bank uses for its so-called program trading.
Sergey Aleynikov, a Russian immigrant who’s a naturalized U.S. citizen, who coded for Goldman, left to go to a Chicago firm for three times his $400,000 salary. Before he left, he swiped 32 megabytes of top-secret computer code (accidentally, he says) related to Goldman’s proprietary automated trading software.
What’s that and why’s it so important?
The platform is one of the things that apparently gives Goldman a leg-up over the competition when it comes to rapid-fire trading of stocks and commodities. Federal authorities say the platform quickly processes rapid developments in the markets and uses top secret mathematical formulas to allow the firm to make highly-profitable automated trades.
Oh, yeah, that.
In his original piece, Goldstein pointed to the work of blogger “Tyler Durden” of Zero Hedge, who had been writing about Goldman (which, awkwardly, and as a matter of disclosure, is one of The Audit’s funders) suddenly falling off the New York Stock Exchange’s automated-trading charts the week before. That’s strange because Goldman is always No. 1. The NYSE has since said it was a screw-up, but it’s an awfully coincidentally timed screw-up.
Zero Hedge has been all over this story since with sometimes-hyperbolic posts like the one linked above asking whether the incident will “destroy Goldman Sachs.” Something tells me no, no it will not. But there’s a lot of interesting analysis and background in that post (applaud Goldstein for linking to it, as well).
According to a Factiva search, Reuters had the story all by its lonesome (in the mainstream press, anyway) for some seventeen hours. The New York Times, Wall Street Journal, and Financial Times all had no news of the scandal in their Monday editions.
Bloomberg picked up the ball and advanced it a bit on Monday.
I think Bloomberg’s piece handles the news angle better than any of the other big-press pieces today, too. It leads with the prosecutor saying that “may lose its investment in a proprietary trading code and millions of dollars from increased competition if software allegedly stolen by a former employee gets into the wrong hands.”
That’s a key question for Goldman shareholders, obviously. Bloomberg points out that Aleynikov uploaded the code to a German website and it’s unclear who, if anyone, got their hands on it. It’s unclear if or how much Goldman’s trading could be affected by the theft.
The Times, on B1 today, quotes a market participant saying it wouldn’t be easy to use the stolen code in the U.S., but that “in countries that are more lawless it could have value.”
Germany is the least likely lawless place, but it will be interesting to find out why Aleynikov used a German server for his upload. Goldman told the Times and the Journal, which stuffs the story on C3, that the theft wouldn’t affect it, but both papers use the past tense, which leaves the question open as to whether it could yet affect it.
But the most interesting part of Bloomberg’s story is this quote from Assistant U.S. Attorney Joseph Facciponti (which the NYT borrows):
The bank has raised the possibility that there is a danger that somebody who knew how to use this program could use it to manipulate markets in unfair ways.
Which raises the obvious question of whether Goldman Sachs itself uses the program to manipulate markets in unfair ways. What controls are there on this? Who regulates it? I’ll look forward to some explanatory pieces on this in the days ahead.
Newsweek wrote about the case today, but unfortunately fell into some incorrect bloggy speculation about which Chicago firm had hired Aleynikov, saying “speculation is that the Chicago-based employer is a small company called Getco, which uses “highly-automated algorithms” to enhance “liquidity and efficiency to electronic financial markets.”
It’s easy to get things wrong on a developing story like this, especially if you crib speculation off the Internet.
(It's spelled megabyte)
This is not "theft;" at worst, it is copyright or trade secret infringement. Theft implies that the victim is deprived of the object. Here it was merely copied, Goldman still enjoys the code, just not the exclusivity.
#1 Posted by nixar, CJR on Tue 7 Jul 2009 at 07:12 PM
Good call on "megabyte."
Not-so-good call on "theft." I'd consider copyright and trade-secret infringement stealing.
#2 Posted by Ryan Chittum, CJR on Wed 8 Jul 2009 at 12:55 AM
«Not-so-good call on "theft." I'd consider copyright and trade-secret infringement stealing.·»
And were you to consider it a bird, it still wouldn't be flying.
#3 Posted by nixar, CJR on Wed 8 Jul 2009 at 03:23 AM
"all had no news of the scandal in there Monday editions." [sic]
That would be "their".
And in a journalism review, no less ... ;-p
#4 Posted by KingSnake, CJR on Wed 8 Jul 2009 at 11:55 AM
Thanks, KingSnake.
The perils of blogging.
#5 Posted by Ryan Chittum, CJR on Wed 8 Jul 2009 at 12:32 PM
Of course, Sergey claims it was all a mistake; that he was only trying to take some open source utility code, and that the Über-program accidentally got mixed in. ("Open source" is a kind of license that essentially means "free" software in this case.) A far-fetched "alibi" for a $400K/year programmer, no? Well, there is something else that is far-fetched here, and that is the implicit allegation that Sergey thought he could even sell (or otherwise use) the program.
You see, by Goldman's own admission, the program did stuff that no other program in the world could do, and that means whenever the program was used, it would leave an enormous forensic footprint on the market, literally screaming out to be caught each time. And anyone with the sophistication, money and circumstances to want it would certainly have their own talent on hand that would tell them exactly this. And Sergey would know that also.
So who would buy and use it? Some dirtwater broker operating in the netherlands of data processing obscurity? They couldn't afford it, wouldn't have the machine/network horsehower necessary to use it, and would lack the volume necessary to make it pay for itself and turn a profit before being detected. (Remember, Goldman's own assertion is that this program needs a volume that can alter markets.)
As I see it, Goldman clearly had the security in place to detect (albeit slowly) the copy, but once noticed, they panicked because of the program's obvious value, and then too quickly declared it to be a theft without determining whether it was or not. Add to that the fact that Sergey had just tripled his pay and would have to know he was risking that, and the alleged theft would be an idiotic ldea. Sergey is certainly careless, but that's a far cry from being an idiot.
Now it could be suggested that Sergey might have wanted the code so he could parrot the algorithm, rewriting it with a lower footprint, but even that doesn't make much sense. The only way Sergey would even know to steal this program would be if he already knew that very same algoritm was in it, and were that the case, he almost certainly already knew the details of that algorithm sufficiently to recreate it without the code in hand.
Of course I could be wrong, but my vote, lacking something more substantial than has been presented, comes down in favor of Sergey and a "dumb blond" moment.
And as far as the bail being so high, that is solely a reflection of the accusation and not a matter of the probability of conviction. It was, after all, Goldman Sachs, and it's not nice to mess with Mother Nature. She can get very bitchy.
Of course if I were a Goldman shareholder, the question I'd be asking is why in hell they left a million dollar propietary program lying around with only after-the-fact theft detection? Now THAT'S a scandal.
#6 Posted by Benedict@Large, CJR on Thu 9 Jul 2009 at 05:05 AM
Just websurfing by and read Mr. @Large's contribution to the comments. Much of what he says is somewhat speculative. Quite a bit of it is interesting. Som eof it is just plain untrue:
-- There is quite a lot wrong with the concept of a computer program that "did stuff that no other program in the world *could* [emphasis supplied] do." One of the basic principles of computation, articulated by none other than Turing, is that any general purpose computer can compute any computable function. Comes then other questions, how long it takes a particular machine, and so forth. Bu the idea that there can be computer code that is fundamentally programmatically unique is at best misleading.
-- It is not necessarily true that what an executing program does "will leave an enormous forensic footprint on the market," even if the program in question is the only one that has its particular executable contents that is in operation at a given time. There are several different algorithms, for example, for computing prime numbers; thus the fact that a program produces a string of prime numbers as output does not reveal what algorithm is at work.
-- The remains the possibility that the press and others, including perhaps Benedict, are using the word "program" in a context in which more computeristic people might use the word "exploit." And that it isn't the program as computer code as such that is worth anything, but information it reveals (as could a paragrpah written in English) about a method to make use of a "vulnerability" that is a structural part of the system that we call the "market."
#7 Posted by Benjamin Reeve, CJR on Sun 12 Jul 2009 at 01:22 PM
Goldman Sachs Fraud and secret connections to Russia. www.SiriusNews.com/blog See the Facts. Hank Paulson in Moscow June 2008
#8 Posted by richard Keane, CJR on Thu 22 Apr 2010 at 09:30 PM