Feeds

HP's 'ethics' chief emerges as spy scandal star

We did it my way

Bridging the IT gap between rising business demands and ageing tools

On September 6 - Carly Fiorina's birthday - investigators involved in the HP spy scandal could hear the butcher's footsteps. Quite a few people would be sacrificed because of the public relations mess, and those closest to the probe would likely be cut across the neck first.

"We are being hung out to dry, the politics, smokes, mirror are high," wrote Tony Gentilucci, HP's manager of global investigations, in an email. "I have lost a lot of respect for a lot of people, amazing really. If I am still here next week, we can discuss over a beer in a week or two."

Gentilucci returned to the beverage theme in an email the next day to Kevin Huska, a member of HP Global Security.

"This thing is taking on a life of its own, articles are in the tabloid stage, not sure I will survive after the steam roller runs me over, but totally out of my control now, can't say much more, but if I am around, maybe we can discuss over a cup of coffee or something stronger!!"

These disclosures, however, prove rather innocuous when compared to the emails penned mid-scandal by then HP counsel and ethics director, Kevin Hunsaker.

In fairness, an old friend of Hunsaker's tells us he's a nice guy who would never do anything suspect. Unfortunately, Hunsaker seemed to let the cloak and dagger excitement of HP's spy probe embiggen his spirit to the point of inanity. It's Hunsaker's emails that stand out above all else in the hundreds of pages of HP documents that were released to reporters this week.

Hunsaker, who took the fifth last week before Congress, was charged yesterday by the California Attorney General's office on numerous felony counts tied to HP's spy effort. As you'll see below in our collection of Kevin Hunsaker's Greatest Hits, the HP executive did indeed play a central role in the second part of HP's dubious spy probe.

Our journey begins on February 2, 2006. Hunsaker fired off an email titled "Great Job!" to internal and external HP investigators, thanking them for a job well done in investigating a CNET story. He notes that both Chairman Patricia Dunn and top lawyer Ann Baskins - both of whom have since resigned - were briefed on the work and thought HP's spooks were doing an "excellent job."

Then we get:

E-mail from Hunsaker thanking team for good work

The operative sentence there is "It is truly all of your hard work that has made us look so good," but we're sure you got that already.

Some more emails followed the next day, including one from HP internal investigator Fred Adler with him warning that "Any action we take should be viewed from a risk vs. reward perspective, as there is inherent risk in action." At this point, HP had started to debate sending a fake email with spyware to a reporter in the hopes that the reporter would send the email to her source for confirmation. Adler cautioned that someone might be able to trace this action back to HP, if the company wasn't careful.

Hunsaker, however, had more personal concerns.

Hunsaker worries about tracer email

To Hunsaker's credit, he had identified the leaker by February 5, 2006. In the email below, he notes that either Keyworth or HP outside counsel Larry Sonsini was the likely mole. Despite such confidence, Hunsaker and HP would continue to dig a deeper hole for themselves.

Hunsaker knows the leaker is Keyworth

But before they moved on with the laughable spyware operation, HP's investigators were handed another warning. Adler's partner in ethics Vince Nye, also an internal HP investigator, urged HP to think about what it was doing in a February 7 email.

"I have serious reservations about what we are doing," Nye wrote. "As I understand Ron's methodology in obtaining this phone record information it leaves me with the opinion that it is very unethical at the least and probably illegal. If (it) is not totally illegal, then it is leaving HP in a position of (sic) that could damage our reputation or worse. I am requesting that we cease this phone number gathering method immediately and discount any of its information.

"I think we need to re-focus our strategy and proceed on the high ground course."

As you all know, HP completely ignored this advice. There are no public records of anyone at HP addressing Nye's email in a substantive manner. In fact, the only e-mail that really deals with possible illegality surrounding HP's investigation methods appears on March 24. Gentilucci received an email from an unnamed source stating that a "clerk" found one legal case defending the practice.

It took us 5 seconds on Google to find this.

But we've teased you long enough. Now it's time to "Strap on your helmets, fellas. We're goin' in!!!" as HP's investigative team would say.

Application security programs and practises

More from The Register

next story
Stick a 4K in them: Super high-res TVs are DONE
4,000 pixels is niche now... Don't say we didn't warn you
BBC goes offline in MASSIVE COCKUP: Stephen Fry partly muzzled
Auntie tight-lipped as major outage rolls on
iPad? More like iFAD: We reveal why Apple fell into IBM's arms
But never fear fanbois, you're still lapping up iPhones, Macs
Philip K Dick 'Nazi alternate reality' story to be made into TV series
Amazon Studios, Ridley Scott firm to produce The Man in the High Castle
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
Bose says today is F*** With Dre Day: Beats sued in patent battle
Music gear giant seeks some of that sweet, sweet Apple pie
There's NOTHING on TV in Europe – American video DOMINATES
Even France's mega subsidies don't stop US content onslaught
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
Too many IT conferences to cover? MICROSOFT to the RESCUE!
Yet more word of cuts emerges from Redmond
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.