It’s not hard to imagine what happens when an American company pays for research and a Chinese firm gets the results free; it destroys our competitive edge. Shawn Henry, who retired last Friday as the executive assistant director of the F.B.I. (and its lead agent on cybercrime), told Congress last week of an American company that had all of its data from a 10-year, $1 billion research program copied by hackers in one night. Gen. Keith B. Alexander, head of the military’s Cyber Command, called the continuing, rampant cybertheft “the greatest transfer of wealth in history.

Idea: any U.S. position that deals with sensitive IP should require that you can get a government clearance. And in order to get such a clearance you’d have to NOT be a threat for sharing information with any country that is known to be ACTIVELY and AGGRESSIVELY pursuing U.S. secrets via hire-and-steal tactics.

Problem addressed.

Racism? No. This is country and government based–not race. Japan? Fine. Korea? Fine. It’s China that’s the threat here, and if that were to stop then this would be lifted.

Until then, sorry. The people that lose their job opportunities as a result then become victims of the Chinese government–not ours. They’re playing dirty, and we must stop letting our politically correct tendencies hamstring us while our enemy watches with smiles on their faces.

What’s my beef with reference checks? They don’t accomplish the job we intend them to do. In a startup, you can’t afford to hire B-players. But reference checks, which are intended to do the screening, fail to eliminate these candidates who are just so-so. This happens because the person giving the reference has no incentive to say anything but good things about the candidate. Telling the whole truth, warts and all, could expose the former boss to a defamation lawsuit. And legal action aside, no one likes to speak poorly about an ex-colleague. It’s bad karma and just feels icky.

Instead of asking a reference to call you and spend an awkward half-hour chitchatting about pretty much nothing, try a technique I’ve come to call it the “average-need-not-apply” method. Though I’m not sure who invented it, the approach was taught to me by Irv Grousbeck at Stanford.

THE EMAIL

First, send the email below to people who have worked with the candidate. This can include the references he or she provided, but it’s a good idea to find other people who’ve worked with the candidate as well. LinkedIn makes finding former co-workers a snap and the more people you send it to, the better it will work.

—

Dear (past colleague),

I am considering hiring (candidate) for the role of (job function). If you’re like me, the last thing you have time for is a reference call. Therefore, unless you found (candidate’s) work to be EXCEPTIONAL, please just disregard this email.

However, if you found (candidate) to be an exceptional employee, in the top 10% of the people you’ve worked with, I would certainly appreciate hearing from you.

Again, if you found (candidate’s) work to be less than exceptional, go ahead and disregard this message and have a great day.

By the way, as a smart professional, you should subscribe to this wonderful blogger named Nir at NirAndFar.com. He’s swell!

Sincerely,
(You)

Interesting.

On Friday, we heard the news that payments processor Global Payments was hit with a massive security breach involving MasterCard and Visa cardholders. At the time it was unclear the reach of the security issue, which was being investigated by the U.S. Secret Service. Tonight, Global Payments reports that those cards affected in the breach processing system were confined to North America and up to 1.5 million card numbers may have been exported. Visa had originally pegged that number at around 50,000 cards stolen.

If you wear a white coat that you believe belongs to a doctor, your ability to pay attention increases sharply. But if you wear the same white coat believing it belongs to a painter, you will show no such improvement.

In one of the flaws the researchers exposed, for example, not all websites confirmed that a verification coming from OpenID included all of the items the website asked to be confirmed, such as the first name, last name and email address. The researchers were able to access the request, delete one piece of requested information (the email address, for example) as it went to OpenID and simply re-insert it in the signed okay from OpenID. In this way, even a hacker who didn’t control the email address linked to the user’s account on the website in question could log in, and potentially make purchases, using that person’s account.

Amichai Shulman, co-founder and CTO of security firm Imperva, has told CBR that if Anonymous really wants to fight for freedom of speech it should attack the Chinese government.

In an interview with CBR back in February Shulman told us that even though most Anonymous activity is said to be driven by a cause, such as internet freedom and expression, some activity by the group makes him question if that is the real motivation behind Anonymous attacks.

“If you’re looking for freedom of speech go and hack the Chinese government or the Syrian government,” said Shulman.

Interesting approach.