Police question report of India code theft

John Ribeiro   Today’s Top Stories    or  Other Cybercrime and Hacking Stories  

E-Mail As a Service: Time for Another Look? The Science of Intrusion Prevention Testing Certify your Software Integrity with thawte Code Signing Certificates Securing your Online Data Transfer with SSL Intercept Spam & Viruses With MessageLabs Sign up to receive Security Resource Alerts

August 31, 2004 (IDG News Service) -- Police officials investigating the alleged theft of source code at Jolly Technologies' Mumbai development center are questioning aspects of the security incursion reported by the company (see story).
Jolly lacked a security policy at its Mumbai center, according to investigators examining the alleged theft of company code by a development center employee.
"We have done a preliminary inquiry and took the help of technical experts, but prima facie nothing during this inquiry indicated that the employee had transferred any file or document from her office computer to any other location," said Anami Roy, Mumbai's commissioner of police. Roy added that Sandeep Jolly, president of Jolly, refused to give police a formal complaint and didn't cooperate with the investigation.
"We got a letter from an employee of the company, but that was a sketchy kind of a report and cannot be treated as a complaint," Roy said.
Without a formal complaint from Sandeep Jolly or evidence of a theft, the Mumbai police can't proceed with an investigation. "Our own inquiry does not disclose the commission of a cognizable crime," Roy said.
The police aren't willing to register the case, according to Sandeep Jolly. "We have learned that the police will not file a FIR [first information report] until they are heavily bribed, as they know that there has been a huge loss to the company," Jolly said by e-mail.
Jolly Technologies is a division of San Carlos, Calif.-based Jolly Inc., which sells labeling and card software. It issued a statement earlier this month, reporting that an employee at its 3-month-old research and development center in Mumbai stole portions of source code and confidential design documents related to one of its key products.
On July 19, the employee in Mumbai uploaded and e-mailed files containing the source code and other confidential company data to her Yahoo e-mail account, according to Sandeep Jolly.
One hurdle to any investigation of the case is that Jolly Technologies' Mumbai facility fell short on security, according to investigators. "It does not have a security policy, it has no log of the computer and network activity at the center, and passwords are known to all and sundry," said Vijay Mukhi, a technical consultant to the Mumbai police on this investigation.
"We asked Jolly Technologies for the log, and they were unable to provide it to us," Mukhi added. "As the company has no log, I have no proof that there was a source code theft, and if so who did it."
However, Jolly Technologies does have the log, according to Sandeep Jolly. He also said that while passwords were shared for getting into the PC to access a common data server, the password used by the employee to access her e-mail account wasn't available to others.
Jolly Technologies filed a writ petition on Aug. 19 before the Bombay High Court asking the court to direct the Mumbai police to register the offense and start investigations. This occurred a month after the employee allegedly stole the code and left the company without notice.
"As an association, we are quite satisfied with the investigation by the police," said Sunil Mehta, vice president of the National Association of Software and Service Companies in Delhi.
In another twist to the story, approximately an hour after Sandeep Jolly went to the Mumbai police, the employee accused of the theft filed a complaint with the police alleging that she had been harassed at work and mentioned advances such as invitations to dinner and the movies, according to Roy. "There was no explicit reference to sexual harassment, but to what you would perhaps call 'soft advances' by Sandeep Jolly," he added.
The police fabricated the information, according to Sandeep Jolly. The employee filed the complaint two days after he went to the police, he claimed, and he said it lacked a reference to sexual harassment. Instead, the complaint stated that Jolly had falsely accused her of stealing, causing her mental stress.
"There is more than meets the eye, and we are investigating all angles," Roy said.

Reprinted with permission from

For more news from IDG visit IDG.net
Story copyright 2006 International Data Group. All rights reserved.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"A video is making the rounds showing how Vista SP1 has significantly improved Vista's immensely annoying User Account Control (UAC)...." Read more... "So are you getting excited about a nice, long weekend for Memorial Day? Well, before you start cooking hot dogs..." Read more... Read more Security posts or See all Blogs

Mozilla launches Firefox 3.0 RC1 early Microsoft: Don't misunderstand UAC, other Vista features HP confirms XP SP3 endless reboot snafu, promises patch More top stories...

Microsoft pulls Windows Home Server backup feature Yahoo tells Icahn that its own board knows best Tools circulate that crack Debian, Ubuntu keys

Shuttle Columbia's hard drive data recovered from crash site Specialists have retrieved about 99% of the data on a disk drive on board the crashed space shuttle Columbia. Don't miss the photographs of the recovered drive. The top 15 vaporware products of all time These big ideas were supposed to revolutionize technology, but they never actually appeared. In a few cases, you'll be glad they didn't. Opinion: Malware vs. anti-malware, 20 years into the fray Nearly 20 years after the first Internet worm, Steven J. Vaughan-Nichols takes stock of the malware/anti-malware landscape and spotlights how the two sides are approaching the battle. Leopard at six months: Does it live up to the early hype? Though some thought it was released too soon, Mac OS X 10.5 has matured into a solid operating system, says reviewer Michael DeAgonia. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland SecurityAsk a Premier 100 IT LeaderBlackBerry Legal BattleData Security BreachesElectronic VotingFirefoxH-1B VisasHP's Boardroom ScandalHandheld DevicesHurricane Katrina AftermathMicrosoft Legal IssuesMicrosoft's VistaOpen SourceRFID TechnologySCO's Linux FightSarbanes-Oxley ActSpamVoice Over IPWi-FiWindows Meta File VulnerabilityWindows XP Service Pack 2 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class2006 Computerworld Horizon Awards2006 Premier 100 IT Leaders2006 Salary Survey2007 Best Places to Work in IT2007 IT Forecast2007 Premier 100 IT Leaders40 Years of ComputerworldASPs, Take TwoBest Places to Work in IT 2003Best Places to Work in IT 2004Best Places to Work in IT 2005Best Places to Work in IT 2006Business Intelligence Home RunsBusiness Intelligence: Smarter BIBusiness Intelligence: The Future of BICRM Goes VerticalCRM: Sober CRMCareer Planning Guide 2005Careers: IT Profession 2010Computerworld Horizon Awards 2005Data Management: Mining for GemsData Management: Taming Data ChaosDevelopment: Hard-Workin' Web SitesDevelopment: New Tools New ChoicesDevelopment: The New World of Application DevelopmentDevelopment: The Web Services TsunamiDevelopment: Web Services HurdlesDisaster Recovery: Preparing for the WorstE-commerce Grows UpE-mail/Groupware: Big DecisionsFaces of Mobile ITForecast 2006Global MobileHardware: Multiple Cores, Multiple ChallengesHardware: On-Demand Un-HypedHardware: The Shape of Things to ComeHorizon Awards: 10 Cool Cutting Edge TechnologiesIT Management: Guide to Managing VendorsIT Management: Navigating Global ITIT Management: Recovery AheadIT Management: The Future of ITIT Management: The Resourceful Project ManagerInnovative Technology Awards 2004Management: Reinventing ITMicrosoft in TransitionMobile/Wireless Leaders and LaggardsMobile/Wireless: The Untethered WorkerMobile/Wireless: Tiny Gadgets, Huge CostsNetwork Management: Taking ControlNetworking: Turbulence Ahead!Networking: VoIP Goes MainstreamOperating Systems: In the Slow LaneOperating Systems: Linux Goes GlobalOperating Systems: Should You Nix Unix?Outsourcing: Offshore Buyer's GuideOutsourcing: Outsourcing DangersPremier 100 IT Leaders 2004 Best in ClassPremier 100 IT Leaders 2005 Best in ClassROI: Do the Math!Salary Survey 2003Salary Survey 2004Salary Survey 2005Security Action PlanSecurity: Compliance HeadachesSecurity: Proactive SecuritySecurity: Risk and RewardSecurity: Tips From Security ProsSouped-up SecurityStorage: Battling ComplexityStorage: Cheap & Secure Data StoresStorage: Stretching Your Storage DollarsStorage: The Lean Storage MachineStorage: The New Rules of StorageStorage: The Ultimate Backup GuideSupply Chain: Missing LinksSupply Chain: RFID Reality CheckThe Business of SecurityWeb 2.0 SecurityWireless: Wireless At Work All Zones Application Performance Zone Enterprise-Class Security Zone Enterprise Solutions Zone The File Data Management Zone Grid Computing on Windows Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Storage Virtualization Zone The Data Center Management Zone See your link here

Why SaaS is Vital to Email and Web Security Why SaaS is Vital to Email and Web Security Download this webcast, free, compilments of Webroot Software Go to the webcast  Computerworld Executive Bulletin: Building a Robust Antivirus Defense Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs. (Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more. Download this executive briefing  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Securing Financial Services Beyond the Perimeter Intercept Spam & Viruses With MessageLabs Meeting PCI Compliance with SonicWALL Global Management System View more whitepapers  2008 Internet Security Trends Report Get this report now! (Source: Ironport) For a time, security controls designed to manage spam, viruses, and malware were working. Loud, high-impact attacks abated. But, as a result of this success, the threats they protected against were forced to change. In 2007, many of these threats underwent significant adaptation. Malware went stealth, and the sophistication increased. Download this white paper

• Mozilla launches Firefox 3.0 RC1 early
• Microsoft: Don't misunderstand UAC, other Vista features
• HP confirms XP SP3 endless reboot snafu, promises patch
• More top stories 

Security Management Zone Security management is the process of developing a comprehensive data protection plan. It takes into account all potential threats, the existing network environment, the future needs of the organization, and lays out a multi-tiered blueprint to integrate the security technology needed to combat these threats. CDW can help keep your network and data secure. Visit the CDW Security Management Zone now See All Zones



In Security There's plenty of talk about how to behave during a Customs search of your computer and gear, but Jon Espenschied's got tips for securing your data (and privacy) before you reach the border. Click here to read the latest column by Jon Espenschied



Data Protection Strategies Leveraging Replication As dependence on continuous access to critical data grows, so does the importance of avoiding service interruption. Four data protection strategies for common scenarios are compared. When recoverability matters, depend on Double-Take Software to protect and recover business critical data and applications. Download this white paper now!



The Spy Files For Congress to do anything that helps protect consumers and the critical Internet infrastructure as a whole, it must pass laws that require proactive processes to protect computers, not that tell people how to deal with the resulting mess, says Ira Winkler. Click here to read the latest column by Ira Winkler