[mac01021]

How much did that company recover of the files?

Is it possible that tan deliberately deleted them in such a way that they could be recovered forensically? That might save him from getting caught, and his "handler" overseas could even have recommended it.

But who knows... This article doesn't provide enough information to make a good guess at what was going on.

[baybal2]

1. He surrendered USB sticks he used inside the company upon resignation.

2. They found confidential files there, but nothing he had no right to access to

3. They found out that he deleted "weird" files the day before he quit the company.

He could not have ever exfiltrated that data to begin with as he gave the drive back to Philips.

[jamescostian]

Tangent: somehow every single one of your comments was downvoted, even this non-inflammatory, informational one where you replied to someone and they ended up agreeing with you: https://news.ycombinator.com/item?id=18740217

I upvoted a few of your comments that were clearly non-inflammatory and useful. But I'd like to tell everyone who's blindly downvoting you, please read comments before downvoting them, instead of just downvoting everything you can that's tied to the person you disagree with.

[burfog]

Well, unvote them, because this makes no sense: "He could not have ever exfiltrated that data to begin with as he gave the drive back"

Think about it. The USB device was for transferring data to something else. That might have been a personal device with a cellular data plan.

Sure, he gave back the USB drive. He didn't physically take that to China, or intend to do so. Those files were on it for a reason though, and that reason is transferring them to something that gets the data to China.

[jamescostian]

In the post you're replying to, I included a link that does not contain the sentence you quoted. In fact, that link shows the person making a valid correction. If you read it, you'll see why I upvoted it.

The entire point of the comment I made (which you replied to) is not that baybal2 is correct (in fact, I have no idea/opinion of whether they are correct about the defendent being innocent). The point is that ad hominem attacks through downvotes are a bad thing.

[scarejunba]

PG has maintained from the beginning that HN comments need not be upvoted for civility alone. “I disagree therefore I downvote” is valid etiquette on HN. I’m not going to stop doing that.

[hnmonkey]

I imagine his comments have been downvoted because he's cherrypicking information from the article to defend the man across multiple comments. See the parent comment to your comment where he ignores that he did access and download files he had no right to access and instead states exactly the opposite according to the facts (in point 2).

[reaperducer]

They found confidential files there, but nothing he had no right to access to

You may have missed this part of the criminal complaint:

“Tan's supervisor confirmed that nothing in the downloaded files was within Tan's area of responsibility. Further Company A confirmed, through Tan's supervisor, Tan did not have a work related need to access or download the restricted files.”

[mac01021]

I'm not saying he stole data or even did anything wrong.

But he could certainly have copied data off the USB before deleting it.

[baybal2]

WELL, the main question: WHY THE HECK did he report on himself??? The charge pretty much says that he voluntarily contacted his supervisor and asked what to do with that USB stick.

And there, the parallel with Micron case gets more startling: the alleged "spy" was the very man who said that his cellhpone was missing. Then the police found the cellphone in his coworkers locker. The coworker accidentally put his phone into her back along with papers on the table. Then the police searched his phone, and found out that "he happened to be a spy" on very similar circumstances.

[arcticfox]

> WHY THE HECK did he report on himself???

I mean, he deleted the files first. It's reasonable that he thought that was sufficient; given the code I've seen from some scientists, scientist != computer expert.

The innocent explanation is that he was cleaning up company property before returning it, but I expect that will play out in court.

[daviesliu]

I have done the things before. Before returning the work laptop to employer on the last day, I cleaned out all the company stuff to left my personal things (this is my only laptop with my personal stuff in it), then move them out and clean them finally.

Is this common?

[CydeWeys]

I've always done this. I never leave any important business files on my local PC, for obvious reasons. But there's all sorts of personal stuff on there (mostly from Web browsing). So nuke it all before turning it in. They're going to re-image it before giving it to the next person anyway.

[baybal2]

> It's reasonable that he thought that was sufficient;

But aren't it? He surrendered his flash drive. You can't do anything with it if it is not in your possession... What do you think he was supposed to do with it???

And he had an option to not to do so, or moreover, just fly to China without a notice (remember the case of a hedge fund boy who allegedly "stole keys to the kingdom" and then warned his employer that he is leaving the company on a short notice...)

[wildmusings]

You can obviously copy files off of a usb drive before giving it back. I don’t know anything about this case, and I’m not accusing this guy of anything, but your line of argument is wrong.

[linkregister]

Oh well, a suspect did something illogical, we can't prosecute. The case must be dismissed, because it wasn't a perfect crime.

[hnmonkey]

Yeah, that line of thinking is absurd. He probably got nervous right before he left the company and gave them the USB after hastily trying to delete the files. In which case, the parent commenter would seem to imply that he should be let go because he got nervous after stealing things he shouldn't have access to.

[perennate]

The article is from SCMP, a newspaper in Hong Kong. It's unclear what the source of the information is and it's very unlikely that the SCMP has the same information that the FBI has (as stated in the affidavit [1], the evidence in the affidavit "is intended to show merely that there is sufficient probable cause for the requested warrant").

As the Department of Justice statement [2] says:

> A criminal complaint is merely an allegation, and the defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

There will be a court case where the FBI will lay out all the evidence they have and the jury will decide whether or not the evidence is sufficient to demonstrate that he is guilty.

The court case has not happened yet so it doesn't make sense to jump to conclusions without hearing the evidence first.

[1] https://www.justice.gov/opa/press-release/file/1122851/downl... [2] https://www.justice.gov/opa/pr/chinese-national-charged-comm...

[linkregister]

Sure it makes sense to jump to conclusions, that's why we go on HN! ;)

Seriously though, it's interesting to discuss this case. Clearly we don't have all the information. Some of us may change our minds later. Right now, the evidence that is out there isn't convincing on its own. It's okay to point that out!

[perennate]

Yeah, I agree that it's good to point that out. But I felt that some people might've been losing sight that more evidence would likely be presented in court.

[sundbry]

He could easily have exfiltrated the data without ever leaving the premises. All he would have to do is is walk into a lab room with an unsecured terminal to upload the files, or used his phone to upload the drive, there aren't hundreds of ways to pass the data off once it's on a thumb drive.

[the_duke]

You do realize that there is this crazy new thing now: copying files to a different drive