Tesla used loopholes in internal emails to identify employees who leaked confidential information Elon Musk says they created dual signatures

Elon Musk revealed how Tesla identified an employee who leaked the company’s confidential information to the press in 2008. The billionaire responded to a Twitter user asking: Elon How did you find this employee who leaked Tesla’s confidential information in 2008 and sold the company? press*?*

Elon Musk said he knew the person accused of sending emails where all his employees looked the same, but each email was coded with different spaces: It’s a pretty interesting story. Elon Musk explained: “We sent what appeared to be identical emails, but each one was actually encoded with one or two spaces between sentences, creating a binary signature that identified the leaker.”

After Musk revealed his method, another user asked him what happened to the employee who was caught. Musk replied: “He was invited to continue his career elsewhere.”

When asked if he was taking legal action against those involved in the data breach, Musk wrote that he was too busy staying alive over time.

Elon Musk’s announcement sparked a backlash from social media users, with some identifying the technique used to capture the employee as a canary trap. One user also offered an explanation of the technique, simplifying it for others:

Let’s say one space equals 0 and two equals 1. You have a binary conversion.

For example. Expression._Expression.__Expression._

This encodes 010. This user now has ID 010. Since you put two values ​​in each space, you can represent 2^N workers, where N is the number of expressions.

Basically, each email is uniquely identified. If the email is copied without any changes, Tesla can decode the leaked email and identify the email that matches the email ID. If I see this message in the news using the above email, I know that the 010 employee leaked the message.

Tesla has asked its employees to stop withholding confidential information

In 2019, Tesla sent an email to its employees warning them to stop disclosing classified information. The email emphasized that Tesla employees have signed non-disclosure agreements and that action will be taken against those who improperly disclose private business information or violate the disclosure obligations we all agree to. The email added that action could include firing the employee, criminal charges or claims for damages.

Here is the email in full:

Quote sent by you are here

If you read the news, you know that there is a public interest in all things Tesla. After our successes, we will continue to receive interest from people who will do anything to see us fail. This includes people actively seeking proprietary information for their own benefit by targeting Tesla employees on personal networks or social networks such as LinkedIn, Facebook or Twitter. Such requests are not only potentially harmful to our business, but may also be illegal, putting you and your colleagues/friends at risk of contract termination or even criminal prosecution.

As employees and shareholders, each of us is responsible for protecting all the information and technology we use and create every day.

When someone joins Tesla, they agree to maintain the strictest confidentiality and not to disclose, use, lecture or publish Tesla’s confidential and proprietary information. Tesla will take action against those who improperly disclose private business information or violate the disclosure obligations we all agree to. This includes termination, claims for damages and even criminal charges. If you would like another copy of your confidentiality agreement, please email your HR partner or [adresse e-mail RH supprime].

If you receive a request for information through social networks, do not respond to it and send it directly [adresse e-mail de scurit expurge].

The security team will determine if further action is required.

We understand that anyone who discloses information does not do so intentionally or with the intent to harm the company. At this point, we ask that you assume that the work you are working on is sensitive and do not share the details of your work with friends, family or anyone outside the organization.

Contact [adresse e-mail de scurit expurge] If you think you or your team could benefit from training or a better understanding of how to protect our intellectual property and confidential business information.

If you’re not sure what constitutes inappropriate behavior, illegal disclosures, or intellectual property theft, here are some recent examples to illustrate inappropriate behavior and potential consequences*:

  • This month, an employee posted login information for an internal meeting on social media. That employee was identified and fired the next day.
  • Criminal charges were filed last month against a former employee who transferred confidential business information from Tesla’s domain to his personal account and threatened to leak the company’s confidential information.
  • A former employee uploaded Tesla’s intellectual property to his personal iCloud account and left the company for a competitor. Tesla sued and is suing him for trade secret theft.
  • Tesla has sued former employees and a competitor for stealing proprietary information and trade secrets to help its rival get through the years of work needed to develop and manage its warehouse, logistics operations and inventory control.
  • In January, an employee was identified for sharing confidential business information, including production numbers, with journalists on Twitter. The employee was fired for violating the NDA and Tesla’s communications policy.

In addition to respecting company policies, it is the responsibility of each employee to respect and maintain our culture of progress and sharing. Otherwise, it could harm your colleagues, our mission, and the hard work you do every day. Thank you for doing your part to advance Tesla’s mission by raising awareness and protecting your valuable business.

Source: Elon Musk

And you?

What do you think about the strategy for locating a whistleblower? Can it still be applied today? Why?
What do you think about Elon Musk being open about it? Wouldn’t that be counterproductive? To what extent?

Leave a Reply

Your email address will not be published. Required fields are marked *