Elon Musk revealed how Tesla identified an employee who leaked the company’s confidential information to the press in 2008. The billionaire responded to a Twitter user asking: Elon How did you find this employee who leaked Tesla’s confidential information in 2008 and sold the company? press*?*
Elon Musk said he knew the person accused of sending emails where all his employees looked the same, but each email was coded with different spaces: It’s a pretty interesting story. Elon Musk explained: “We sent what appeared to be identical emails, but each one was actually encoded with one or two spaces between sentences, creating a binary signature that identified the leaker.”
After Musk revealed his method, another user asked him what happened to the employee who was caught. Musk replied: “He was invited to continue his career elsewhere.”
When asked if he was taking legal action against those involved in the data breach, Musk wrote that he was too busy staying alive over time.
Elon Musk’s announcement sparked a backlash from social media users, with some identifying the technique used to capture the employee as a canary trap. One user also offered an explanation of the technique, simplifying it for others:
Let’s say one space equals 0 and two equals 1. You have a binary conversion.
For example. Expression._Expression.__Expression._
This encodes 010. This user now has ID 010. Since you put two values in each space, you can represent 2^N workers, where N is the number of expressions.
Basically, each email is uniquely identified. If the email is copied without any changes, Tesla can decode the leaked email and identify the email that matches the email ID. If I see this message in the news using the above email, I know that the 010 employee leaked the message.
Tesla has asked its employees to stop withholding confidential information
In 2019, Tesla sent an email to its employees warning them to stop disclosing classified information. The email emphasized that Tesla employees have signed non-disclosure agreements and that action will be taken against those who improperly disclose private business information or violate the disclosure obligations we all agree to. The email added that action could include firing the employee, criminal charges or claims for damages.
Here is the email in full:
Source: Elon Musk
What do you think about the strategy for locating a whistleblower? Can it still be applied today? Why?
What do you think about Elon Musk being open about it? Wouldn’t that be counterproductive? To what extent?