Feeds

HP's 'ethics' chief emerges as spy scandal star

We did it my way

Intelligent flash storage arrays

Close watchers of this scandal know that HP has emphasized how boardroom leaks can undermine the company. To take HP seriously, you have to ignore the fact that the CNET story which started the Kona II mess did little more than disclose that the directors work hard, that HP hoped to sell more Opteron servers and that HP was eyeing software acquisitions. The first "leak" paints HP's directors in a positive light, while the latter two were pretty obvious since HP had a vast Opteron server line by January of 2006 and has been stating for years that it hoped to acquire software companies and has, in fact, bought lots of software companies.

HP executives also allege that more serious leaks about a potential deal with CSC affected the company's share price. Dunn emphasized this point during her Congressional testimony last week, saying the leak may have put HP in violation of US securities laws.

This context makes Hunsaker's decision to press the CSC angle in a ruse e-mail to a reporter all the more curious. Here's a draft of an e-mail that Hunsaker - calling himself Jacob - penned on January 28 and planned to send to CNET reporter Dawn Kawamoto.

Hunsaker's CSC e-mail

HP's investigators worked hard, trying to refine the language of the email and to set an elaborate trap. Hunsaker - the ethics chief - commented, "Heck, we could leave Kawamoto a voicemail after hours from an HP conference room in Palo Alto Wednesday or Thursday, then she'd know it was coming from an HP person. Of course, I'm not sure we want this directly traceable back to HP . . .

"In any event, I think it will make for a healthy discussion on Monday."

Healthy indeed.

The next day - January 29 - Hunsaker takes a second crack at the email. This time he "inserted a little blurb" about a Wall Street Journal reporter to "feed any competitive fire in Kawamoto".

"I also inserted the original name of the project. And, I've created the document we can use - it's an actual slide from the Acquisitions Committee presentation, but it only contains publicly available information about CSC (except that I include the name of the project)."

There's no shortage of irony in this whole HP mess. In an effort to stop a couple leaks, the company ended up having its dirty, dirty laundry hung up in front of the whole world. But to have the company's ethics officer dishing out the kind of information HP was most concerned about while trying to trick a reporter is really tops.

Eventually, HP dribbled Kawamoto some less innocuous information about a handheld program, hoping to convince her that Jacob was real. It then decided to send the second more suspect spyware laced email that babbled on about HP's data center plans.

While caught up in all this emailing, Hunsaker did take time out to ask Gentilucci how the investigators "get cell pone and home phone records."

"Is it all above board?" Hunsaker wondered.

Gentilucci told Hunsaker that some social engineering was involved where a "ruse" was used to trick the phone company. "In essence the Operator shouldn't give it out, and that person is liable in some sense . . . I think its on the edge, but above board."

"I shouldn't have asked ... ," replied the ethics chief Hunsaker, meaning, of course, that he shouldn't have asked in an email.

Any reservations passed as Hunsaker started "to get excited" about nailing the leaker and sending the spyware email.

By February 9, in fact, it seems like everyone at HP had given up their reservations. The good-natured Nye shot off an email saying, "STRAP ON YOUR HELMETS FELLAS, WE'RE GOIN IN!!!" as HP prepared to send the tracer e-mail.

That afternoon, Hunsaker received an email from SOS's Ron DeLia, saying: "The package has been launched."

Gentilucci responded, "This is like waiting for the Apollo 13 spacecraft to emerge from the dark side of the moon . . . "

It's obvious at this point that all of the investigators had become too enamored with their own work. Rather than heeding the calls to slow down, HP pressed forward with not even at glance at ethics concerns and only a wink and a nod at the legal concerns.

HP's now promoted CEO Mark Hurd approved this whole operation.

E-mail from Dunn confirming Hurd's okay

That would be the definition of bad decision making. But, hey, Hurd is more of an operations guy, anyway.

So as not to leave you completely horrified, we'll end on one of the more comical Hunsaker-inspired moments.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
4chan outraged by Emma Watson nudie photo leak SCAM
In the immortal words of Shaggy, it wasn't me us ... amirite?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.