Good morning.
Boy, am I glad THAT week is over.
1. Moral luck saves the 2019 baseball post-season…for now. MLB missed a major disaster when an umpire missed a clear strike three (he ruled a foul) on Yankee slugger Gary Sanchez in a tied and crucial game between the Houston Astros and New York. It was the 11th inning, meaning a tie-breaking run would mean a likely Yankee victory. THAT would have meant that the Astros would have lost the first two games of a seven game series at home, a hole that very few teams in baseball history have been able to overcome.
Sanchez struck out on the next pitch, and a Carlos Correia home run in the bottom of the inning sent the Astros to Yankee Staudium in a series tied 1-1. The botch was moot, and will soon be forgotten. But if he Sanchez hit a home run or otherwise led the Yankees to a decisive score, the ALCS might have been completely turned by a blown call captured on video for all to see.
And there would be no excuse: the rules allow no appeal on that kind of play, but there has to be.
Yes, it was “moral luck” again. The fact that the worst didn’t happen doesn’t change the seriousness of the fact that only luck saved the day and prevented a blot on the integrity of the whole 2019 post-season. Maybe it would have been better if the bad call had altered the game, the series, and the World Series. Maybe then baseball would stop waiting for the high-profile disaster caught on video that will force it to have ball and strikes called by technology. It took an umpire’s obvious blown safe call in what should have been the last out of a perfect game to make baseball go to replays, and anyone who watches many games knows how many times a reversal changes game outcomes.
2. Yes, Adam is on Part 2 of the list of impeachment coup villains, coming right up after this post. Appearing on CBS’s”Face The Nation” yesterday, House Intelligence Committee Chairman Adam Schiff conceded that there was no quid pro quo offered by President Trump and Ukrainian President Volodymyr Zelensky in their infamous phone conversation. “There doesn’t need to be a quid pro quo,” Schiff said. Of course not! And there doesn’t have to be a election that the President is supposedly trying to influence, and the man targeted in the alleged collusion doesn’t have to be running in the election (as he almost certainly will not be), and the conversation doesn’t have to be illegal, as it was not. In Schiff’s view and that of his coup-minded party, high crimes and misdemeanors aren’t necessary either.
3. Here’s an ethics conundrum that was supposed to be a solo post, but I don’t understand the topic well enough to opine confidently. Here, I‘ll just quote the source, ZDnet:
This happened earlier today and involved the Muhstik gang. Muhstik is a recent strain of ransomware that has been active since late September, according to reports [1, 2, 3].This ransomware targets network-attached storage (NAS) devices made by Taiwanese hardware vendor QNAP. The gang behind the Muhstik ransomware is brute-forcing QNAP NAS devices that use weak passwords for the built-in phpMyAdmin service, according to a security advisory published by the company last week.
After gaining access to the phpMyAdmin installation, Muhstik operators encrypt users’ files and save a copy of the decryption keys on their command and control (C&C) server. QNAP files encrypted by Muhstik can be recognized by each file’s new “.muhstik” file extension.
One of the gang’s victims was Tobias Frömel, a German software developer. Frömel was one of the victims who paid the ransom demand so he could regain access to his files.
However, after paying the ransom, Frömel also analyzed the ransomware, gained insight into how Muhstik operated, and then retrieved the crooks’ database from their server.
“I know it was not legal from me,” the researcher wrote in a text file he published online on Pastebin earlier today, containing 2,858 decryption keys….Besides releasing the decryption keys, the German developer also published a decrypter that all Muhstik victims can use to unlock their files. The decrypter is available on MEGA [VirusTotal scan], and usage instructions are avaiable on the Bleeping Computer forum.
In the meantime, Frömel has been busy notifying Muhstik victims on Twitter about the decrypter’s availability, advising users against paying the ransom…
In other words, Frömel hacked the hackers. It was vigilante action and revenge. Was it still ethical? Is this kind of thing ethical in cyber-world, when it clearly is not everywhere else? [Pointer: Valkygrrl]
4. The theory: if enough journalists lose their jobs because of stupid stuff they tweeted in high school, maybe they will stop using ancient, juvenile incidents, rumors and social media posts to smear celebrities, sports figures and Trump nominees. Teh always provocative and astute John Tierney writes in City Journal, promoting “mutual assured cancellation,”
A modest proposal for my fellow journalists: Could we declare a bipartisan amnesty for the stupid things people did in high school and college—or at least stop pretending that these things have any relevance in judging a middle-aged adult’s professional competence?
I realize that this suggestion will trouble the many liberal journalists who have worked diligently to reveal what might or might not have happened at a party at Yale that might or might not have been attended by Brett Kavanaugh during his freshman year. (The definitive conclusion from thousands of hours of investigative reporting: people at the party were really drunk.) Nor will it appeal to the conservatives now savoring the seemingly endless series of photos of a young Justin Trudeau in blackface. (The Babylon Bee, a news-satire site, delivered the coup de grace: “Rare Photo Surfaces of Trudeau Not in Blackface.”)
I also realize that it’s futile to appeal to my colleagues’ sense of perspective or feelings of compassion. These qualities have always been in short supply in our profession, and they’re rarer than ever in the age of “cancel culture.” We can convince ourselves that anything is newsworthy if it embarrasses the other side and generates enough clicks.
….But now journalists have a selfish reason to behave decently: mutual assured cancellation, a strategic doctrine that has emerged from the recent media furor involving Carson King…It should have been a feel-good story, but then a Des Moines Register reporter unearthed a couple of racist jokes that King had tweeted seven years earlier, when he was 16. The Register’s editors decided that this information needed to be included in the article. Meantime, just before the story ran, Anheuser-Busch independently found out about the tweets and announced that it would honor its donation pledge but sever all ties with King. Just like that, King was demoted from philanthropist to pariah….The Register was besieged by readers outraged at its treatment of King, and they didn’t just write letters to the editor. They retaliated by studying the social-media history of Aaron Calvin, the reporter who had written the article—and who’d made a few offensive posts of his own, before joining the paper. …The sensible strategy for the editor would have been to deescalate: apologize to King, make a penitential donation to the hospital, and vow to stop punishing people for youthful mistakes irrelevant to what they’re doing today. Instead, Hunter wrote two columns defending the editors’ decision and primly announced that her reporter had been fired for his past sins. It doesn’t seem to have occurred to Hunter that she and the rest of the paper’s management are now prime targets for cancellation themselves. Perhaps they’ve been more careful in their tweets than King or Calvin, but did none of them ever do anything stupid? By their standards, anything from high school onward is fair game. And judging by the reactions of many mainstream journalists, an evidence-free accusation based on a distant memory from an anonymous accuser is damning, as long as it seems “credible”…
Ethics Alarms 
I don’t watch baseball unless my son is playing (he’s 8) so I’ve never realized how long it was. You have written about this subject before, and I noted that one person at bat lasted 8:30 minutes. I’m not sure commercials are the only problem to the sport.
Other than that, I thought it was interested that one bad call canceled out another bad call. It is clear he should have been out on the “foul.” But the strike he was called out on should not have been a strike.
Baseball is 10 minutes of sheer excitement and riveting action packed into a 4 hour time period.
“Baseball is dull only to dull minds.” -Red Barber
Red was mean.
I was going to follow up my comment with the caveat that baseball IS a thinking man’s game.
I noticed that at the time. That’s a long-standing integrity breach in the sport: an umpire, knowing he’s goofed, tries to make up for it with a bad call going the other way. Or maybe he won’t. Still, that he even had the chance was moral luck. Sanchez might have hit a home run on the very next pitch; instead, he let it go.
Long at-bats are suspenseful and exciting if you follow the game. Saying they aren’t “action” means one is wedded to the random action of basketball and football—if people are running around, it’s action. A player one strike from being out fouling of pitch after pitch thrown at 95 mph demonstrates skill and grit. It is when baseball becomes truly man vs man. In 2018, Mookie Betts, with teh abses loaded and the game on the line, fouled off 13 pitches…and then hit a grand slam. The stadium went nuts.
The 8.5 minute at bat almost disproves the Michael’s 10 minute smear all by itself.
I saw that, too. I figured the ump knew he blew the call so he had to make up for it, though the last called strike was a bit more defensible than the botched foul – the sound you hear in the video was probably the ball bouncing off the plate, or the sounds of 60,000 Houston fans gasping in horror that their World Series chances appeared to be going up in smoke.
jvb
#2, I’m reminded of the meme that has 6 soccer players moving the goalpost for practice session.
An appropriate image to describe the Democrats, not only on this Ukraine-gate fiasco, but literally every single other accusation thrown Trump’s way.
There has not been one attempt to undermine the election that hasn’t required the Democrats to constantly back peddle and change whatever standards they are applying to Trump’s “guilt” after initial accusation.
What these elected idiots don’t realize, is when they go whole hog on Trump for really really idiotic reasons, reasonable Americans stop paying attention to the legitimate things Trump could be criticized for.
1. Baseball moral luck
Bah. In football and basketball, both college and pro, we see this kind of call affect the outcome several times every year, especially in the NCAA Basketball Tournament for both men and women.
Welcome to our world.
2. Nobody ever accused the Democrat party of requiring evidence for a crime. It’s always the seriousness of the accusation, and “the ends justify the means.” Quid pro quo, apparently is for losers.
3. Hacking the hackers
Well, let’s see:
1. Is an ethical principle sacrificed? Yes, adherence with the law is an ethical principle.
2. Alternatives:
a) Do nothing
b) Inform the authorities and offer assistance
c) Hack the hackers
a) seems like a bad choice. b) is the best choice, but of questionable efficacy c) offers the best efficacy, but in return for a major ethical breech.
3. Decision
– Consequences of b) over c) is the possibility that nothing will be done, and millions extorted. However, c) requires violating the law, and if we let such laws be violated at random, vigilantism and anarchy are the sure result.
– Personal conscience: Be prepared to sacrifice my freedom by illegally hacking the hackers and saving the victims at the cost not just to me but to my family.
– Values: I value my family, the foiling of crooks, and the law. However, my family takes precedence over others.
– Helped/harmed: Victims, who are also strangers, will be helped the most. Me, my family, and the rule of law will be harmed the most.
– Worst case: I fail, get caught, go to prison and nobody gets helped.
– Goals/consent: Alternative b) might accomplish my goals without the bad consequences, even if the odds of a successful outcome are decreased, and it would provide consent of the law enforcement community.
– Ethics test:
i. Both/neither. Victims, yes. Society and my family, no.
ii. Yes
iii. No.
Ultimately, it’s a tough call. I say it’s unethical, because an ethical alternative exists, even if potentially inferior to the unethical alternative.
4. Mutually assured cancellation
Won’t work. The Left in America doesn’t care how many of its own it has to sacrifice to achieve their objective. They are utterly amoral by any normal standard.
Re: Hack the Hackers, Bust the Busters.
I disagree. I know two wrongs don’t make a right, but here, I am not sure law enforcement is quick enough or has the technological resources to mount a coordinated rapid response.
Hackers do a ton of damage to a lot of people. They extort people by forcing them to pay ransom to get their own data and computer networks back. They do this to big businesses (who may simply charge it off as a cost of doing business) and small businesses (who may not have that amount of time and money to pay ransom to release their computer systems). Whatever causes them damage, and hopefully, at the highest and most costly levels, is perfectly fine with me. I would say that, in this situation, hacking the hackers in a social good, akin to taking these bastards out and summarily executing them in the town square for all to see with a vicious message that says, “If you try this, this will happen to you. Understood?”
Yeah, I hate hackers. Case in point: My law office got hacked with ransomware about a year ago. A client sent some documents to us and, unknown to the client and us, the attachments included ransomware. Our server was sidelined and locked up, rendering any work product useless. The ransomware people wanted $5000 to release my own data back to me. It took my IT guy the better part of a day to reboot and restore, as well as delete that locking software, at a cost of about $1500. We didn’t lose data and our files were not corrupted so we were fortunate. So, yeah, I hate hackers with a passion.
jvb
I hate crackers also. I had to recover a friend’s files after he got hit with ransomware.
But I can’t agree with your position because of my dislike. Ethically, the right thing to do is work through law enforcement, just like in any other case where someone is tempted to be a vigilante.
I don’t disagree but I wonder if law enforcement is up to the task at this time. It is kind of like the online wild west, where thing move fast and culprits move around in pixelated space almost at the speed of light (or at least as fast as the internet connection), wreaking havoc, mayhem, and total cyberdestruction. Can the FBI act quickly enough to shut these things down? How so? I know I have advocating a vigilante justice but maybe what the German company did is a social good.
jvb.
As I said, law enforcement is probably less likely to solve the problem even with help. But in my opinion, and only my opinion, it is the ethical thing to do given the available choices.
Unfortunately, most law enforcement agencies have little to no interest in dealing with hacking – the general consensus among professionals is that it would be nice to deal with, but it requires a lot of time and manpower, which will be expended only to find out you don’t have jurisdiction or extradition over the criminals, wherever they might be. Combine this with the complexity of the evidence and procedures, which often aren’t understood by judges or explicitly covered by laws, and likely won’t be understood by a jury, and the general response to hackers is much the same as that to phone scammers – “Move along citizen, we can’t protect you from these things, it’s too difficult.”
Which is precisely the situation where vigilante behavior becomes ethical – When society needs to protect itself, but there is either no one tasked with doing so, or those so tasked have proven unwilling and/or unable to do so. Since it seems unlikely we’ll establish a global police force that can and will deal with hackers effectively any time soon, vigilante actions like this are the best we can hope for.
Though I hesitate to really call these actions vigilante – reverse engineering a virus like this and creating a tool to decrypt affected systems is not illegal (indeed, its a huge sector of the cyber security economy). About the only thing that could be considered illegal would have been taking the decryption keys – and even there, in the physical world we could hardly call it illegal if someone took a lock I had attached to their own house without their permission, or a locksmith made and sold the homeowner a key to match it.
I agree that the police are likely to have higher priorities, or at least not be as willing to go to the mat. But…
Would we be okay with a husband hunting down and murdering his wife’s killer if the cops gave up? I don’t think so.
Would we approve of a businessman using fraud to wreak vengeance on a person who defrauded him? Nope, don’t think so.
“Would we be okay with a husband hunting down and murdering his wife’s killer if the cops gave up? I don’t think so.”
I don’t think this is a good analogy, Glen. I will unpack and see where this leads me.
In society, murder is always investigated and justice sought. Even if the leads go cold and there are no active investigators, new evidence will lead to new interest, and another shot at justice.
To make this a parallel case, we would have to have a situation where the police refused to even have anyone investigate homicides, where their attitude is ‘meh, going to court is boring and hard work, and we have excess population anyway…’ This would be breaking the social contract that says we abdicate personal law enforcement to public officials, in return for generally equal treatment under the law.
Essentially, this is the situation with ransomware, as it is with phishing phone calls, and other tiresome attempts to steal from the unwary. No one is bringing these crooks to justice, and there is no interest from those who we have entrusted the societal contract to do so.
Why should I uphold an invalid contract?
Nicely said.
3. Yes. However the yeses to choose from are not quite right, so I’m expanding here. Insights on how to prevent, restore, or stifle a criminal act do NOT come solely from the big-name companies, Cifford Stahl is a known example from the early years. This is not a justifiable delay over crimes like clothing knockoffs. Odds are a good portion of the servers being put under the knife are servers where lives depend on them. (what if that legal server was for with life saving evidence or unlocked a witness list) Think the budget-strapped 911 service somewhere or security system for a large retirement community. There just are not enough legal expertise and resources and speed to go after these scams. The Wild West is a good metaphor and probably won’t settle until tech change slows enough for budget limited enforcement to catch up, or jurisdictional issues stop.
Hacking is a set of skills, there are white hat hackers and black hat- and some who have been both. But he hacked the specific ransomware, and faster than larger organizations can change direction. Revealing the remedy and prevention is public service. If he was a black hat the way I believe you think vigilante, he would have gone out into the night to follow them home and stream their gaming trash talk or threaten them with violence. He went after the ransomware/virus itself, which really should be treated like the CDC, not terrorism wide-nets. It would have been far easier to take the gang’s servers down to put them out of business but then all the ongoing victims would have no recourse as everything crashes. If the Spanish flu could be treated by reading an article in National Geographic done quickly, how can it be unethical to publicize the cure?
Hacking the hackers.
My position is that everyone has the right to self defense.
If in the course of defending myself I am learn of a mechanism to defend others I from similar crimes I believe I have an ethical duty to give other victims my defensive techniques.
Once a hacker violates my cyber world he or she has given me permission to enter there world. You take the war to them you dont fight them on your turf.
Chris makes my point more clearly. I responded having had to deal with that bullshit so I still hurts. The self-defense angle was hovering around my Dr. Pepper-deprived mind. Chris, though, hit the proverbial program on the algorithm. My argument was a “tit-for-tat” position. Chris clarifies it as a “you enter my house without consent, then prepare for bad things to happen to you.” Chris, also, is more circumspect as he does not advocate executing these bastards in the town square for all see and hanging their disemboweled computers from the light posts.
jvb
For those that want to use law enforcement the only qualified agency would be the FBI and they have no jurisdiction outside the U.S.
If ransomware hacks were treated like kidnapping and equivalent resources deployed to find the perpetrators I might agree that using law enforcement makes sense but good luck getting Interpol on the case when ransom attacks typically originate in nations rife with corruption.
“Chris, also, is more circumspect as he does not advocate executing these bastards in the town square for all see and hanging their disemboweled computers from the light posts.”
…I admit to gaming out the feasibility of using the Russian methods of preventing terrorism. Highly skilled hit squad makes perps assume room temperature using a variety of very public execution methods, as a warning to others who would emulate the late freedom fighters.
I know of a Mossad op where an RPG into a window ended a Palestinian operation that hacked phone systems and sold long distance access to third world criminals, using the funds generated to buy arms with which to kill Israelis. THAT particular scam all but stopped: the bad guys got the message that they personally might have to account for their crimes.
Just like the progressives are going to have to be made to understand that they personally might have consequences for what they do unto others.
2. I think almost everybody has been assuming since Trump first announced for President that he’s a crook and that if his business dealings over the years were examined closely we would find all sorts of illegal activity. I assumed so myself. But have you noticed that after four years of investigation by Democrats in Congress, Mueller’s team, the Manhattan DA, the US Attorney’s office and innumerable reporters, all of whom hate him, nobody has yet found anything in his own business dealings resembling an actual crime? The absurd pretense of a campaign finance violation involving Stormy Daniels, if you consider that a business dealing; the ridiculous NY Times “expose” carping about his real estate appraisals 20 years ago for gift and estate tax purposes; and what else? He’s done business with thousands of people over the years, but no “whistleblowers” have come forward. Is it conceivable that he actually hired competent teams of business lawyers and accountants over the years and followed their advice?
Any comments on this?