Blog Ipsa Loquitur

The New Yorker’s Daniel Penny recently reviewed Mark Bray’s Antifa: The Anti-Fascist Handbook. If you’re like me, and you’ve only heard bits here and there about Antifa, this is a great primer on the international history and philosophy of these violent protestors.

I found this bit most interesting:

[Antifa] believe that Fascists forfeit their rights to speak and assemble when they deny those same rights to others through violence and intimidation. For instance, last week, the North Dakota newspaper The Forum published a letter from Pearce Tefft in which he recalled a chilling exchange about free speech with his son, Peter, shortly before Peter headed to the rally in Charlottesville. “The thing about us fascists is, it’s not that we don’t believe in freedom of speech,” the younger Tefft reportedly said to his father. “You can say whatever you want. We’ll just throw you in an oven.”

For Bray and his subjects, the horror of this history and the threat of its return demands that citizens, in the absence of state suppression of Fascism, take action themselves. Bray notes that state-based protections failed in Italy and Germany, where Fascists were able to take over governments through legal rather than revolutionary means—much as the alt-right frames its activities as a defense of free speech, Fascists were able to spread their ideology under the aegis of liberal tolerance. Antifa does not abide by John Milton’s dictum that, “in a free and open encounter,” truthful ideas will prevail. “After Auschwitz and Treblinka,” Bray writes, “anti-fascists committed themselves to fighting to the death the ability of organized Nazis to say anything.”

​On the one hand, that’s not a bad point. As Bray says, fascism came to power in Germany via the ballot, not the bayonet. I began reading William Shirer’s The Rise and Fall of the Third Reichin December, and while I’m only up to about 1938 (nobody tell me how it ends!), in 1923 Hitler led a coup to overthrow the democratic government and install his Alt Reich. The coup failed, and Hitler was imprisoned for high treason. After being released from prison in 1924, Hitler was briefly banned from politics; by 1933, the coalition government appointed Hitler as Chancellor.

If you’re a democracy, why should you passively allow anti-democratic groups to use your institutions and mechanisms to end you?

On the other hand, if you’re a democracy, the alternative to the previous paragraph is to prop up democracy by undermining the values of your democracy. Banning some speech in defense of a government that will defend free speech seems hypocritical at best and self-defeating at worst. If you profess to be committed to the rule of law, you probably ought to follow the law. And look, assault is assault no matter how many Pepe the Frog signs the other guy has. Punching a Nazi is best left to Captain America in the movies.

Here’s software engineer Yonatan Zunger on being intolerant of intolerance:

Tolerance is not a moral absolute; it is a peace treaty. Tolerance is a social norm because it allows different people to live side-by-side without being at each other’s throats. It means that we accept that people may be different from us, in their customs, in their behavior, in their dress, in their sex lives, and that if this doesn’t directly affect our lives, it is none of our business. But the model of a peace treaty differs from the model of a moral precept in one simple way: the protection of a peace treaty only extends to those willing to abide by its terms. It is an agreement to live in peace, not an agreement to be peaceful no matter the conduct of others. A peace treaty is not a suicide pact.

Zunger wrote this essay on January 2, 2017. While the bulk of his essay deals with intolerance of other religions, there’s a reason this essay went viral after Charlottesville:

The antisocial member of the group, who harms other people in the group on a regular basis, need not be accepted; the purpose of your group’s acceptance is to let people feel that they have a home, and someone who actively tries to thwart this is incompatible with the broader purpose of that acceptance. Prejudice against Nazis is not the same as prejudice against Blacks, because one is based on people’s stated opposition to their neighbors’ lives and safety, the other on a characteristic that has nothing to do with whether they’ll live in peace with you or not.

I’m still not convinced the best way to combat fascists is to literally combat them, but after reading both of these, I think I understand the philosophy of Antifa a little better.

Filed on under Nietzsche and Nazis

Here’s something new I learned about Uber: they have a self-induced subprime auto loan crisis. Via WolfStreet:

Two years ago when these folks launched the subprime auto leasing program to put their badly paid drivers into new vehicles they couldn’t otherwise afford, they apparently didn’t do the math.

This type of lease was offered to drivers with subprime credit ratings or no credit ratings who barely earned enough money to get by and make the payments, if they stuck around long enough. It allowed drivers to drive new cars. When it didn’t work out for them, they could return the cars after 30 days with two weeks’ notice. The only penalty for the early return is that Uber keeps the $250 deposit. And these leases came with “unlimited miles.”

No one in the car business would ever conceive of such a thing.

​Well, sure. Those old world, analog-only auto leases were rotting from the inside out. The auto loan industry was easily disrupted because the incumbent lenders insisted on making “good deals” in which they “didn’t lose thousands of dollars.”

But this is where Uber steps in to show everyone how it’s really done.

[Uber] had been estimating modest losses of around $500 per auto on average, these people said. But managers recently informed Uber executives that the losses were actually about $9,000 per car — about half the sticker price of a typical leased vehicle.

The losses are so steep because the leases have no mileage caps, and drivers are putting absurd miles on the cars. This craters the resale value of each car, of which Uber apparently has about 40,000.

Well, okay. But the real value here is putting drivers in the seats of cars, so you can expect the $360 million in losses is really more of a loss leader for getting new drivers on the road, right?

Despite the crazy terms, these leases aren’t cheap for drivers. Uber figured they’d drive a lot, and they’d have to pay more than they would have for a standard lease. Via The Wall Street Journal: “A 2014 Toyota Corolla was recently being offered for a term of 130 weeks at $122 a week, totaling roughly $500 a month, according to marketing materials distributed by Uber.”

By contrast, leases for Corollas are advertised all over the internet for as low as $159 a month, for 24 months and 24,000 miles. But read the small print, including the $1,499 down at inception and other upfront charges. And subprime buyers might not qualify.

Long story short: these are some bad, bad loans.

It’s so weird that companies like this can spend billions of dollars of other peoples’ money to disrupt industries by undercutting the incumbents who actually try to make money. Presumably, investors realize the prices for all these disruptive services will go up. But won’t that mean the disruptor becomes the disrupted (because profit margins are a vestigial novelty left over from the 19th century, natch)?

Filed on under No, Money Down!

Jonathan Chait on how Trump Is Proving That Obama’s Legacy Will Survive:

It is not surprising that only this year did the Affordable Care Act become popular. The law’s unpopularity depended entirely on the existence of an imaginary alternative that was free of trade-offs. The populist fallacy that everybody can get better insurance for less money if only the government wasn’t run by morons is seductive. Obama’s wonkish explanations could not expose the fallacy’s hollowness. But the Republicans in power have proven excellent (if inadvertent) tutors.

Indeed, some of the most important subjects of the lesson have been the members of the governing party themselves, many of whom never bothered to grapple with the policy before. The Republicans have spent the year desperately trying to pass a repeal, even in the face of staggering public disapproval for their efforts, because they cannot admit their entire case against Obamacare has been built on a lie. “They can’t accept they’ve been promising something that is undeliverable and a bad idea for seven years,” a “well-connected former Republican aide” told a reporter.

On the one hand, this kind of cheerfulness can understandably be mistaken for Pollyanna-ish naïveté. Every time your side gets a win, you can’t pat yourself on the back and say “of course, it was always going to be fine.”

But on the other hand, look: I’m exhausted and it’s less than a year into Trump’s first term. The other day, I listened to three podcasts about the dangers posed by the North Korean nuclear ICBM program. I appreciate—no, I need—a little of Chait’s relentlessly positive mentality. It’s good to hope that no matter how hard the Trump Administration tries, it can’t roll back every bit of Obama’s legacy.

So while I still have the reflex to throw up my hands and say “there are no political consequences for anything anymore,” I want to think that Chait’s right. How can you have watched a Republican House, Republican Senate, and Republican President fail to repeal Obamacare, and not believe that our politics are at least a little tethered to reality? The proposed legislation was wildly unpopular, even moreso than the existing legislation.

More Chait:

For eight years, Republicans drove themselves into a fever-pitch hysteria against the Affordable Care Act without bothering to learn how the law worked. Working from the premise that Obamacare was a uniquely ill-designed law — death panels! train wrecks! — they easily persuaded themselves and much of the country that Republicans could write something vastly better.

Half a year of Republican-run government has systematically exposed the right-wing arguments against Obamacare as bad-faith rhetoric or outright fantasy. One small-business owner, who told the New York Times in 2012 that he opposed the law as something jammed down the public’s throat, was re-interviewed this year. “I can’t even remember why I opposed it,” he now says.

It’s hard to argue with results in this case, but you have to wonder what the next year looks like. ​

Filed on under Shame About Those Death Panels Though

Last month, the WannaCry ransomware attack caused a lot of damage to computer systems worldwide, but it could have been worse. It was limited in large part because one security researcher stumbled across a web domain named in the WannaCry source code. When the researcher looked up the domain, he saw no one had registered it; and so he put down the ten bucks for it, figuring it might be important. It turns out, if there was a web site at the domain, WannaCry uninstalled itself instead of encrypting users’ files and holding them for ransom.

A lot of outlets reported this web domain as a secret “kill switch” coded into WannaCry, but the anonymous security research wrote a fascinating essay titled How I accidentally stopped a global Wanna Decryptor ransomware attack:

The reason that was suggested is that the domain is a “kill switch” in case something goes wrong, but I now believe it to be a badly thought out anti-analysis.

In certain sandbox environments traffic is intercepted by replying to all URL lookups with an IP address belonging to the sandbox rather than the real IP address the URL points to. A side effect of this is if an unregistered domain is queried it will respond as it it were registered (which should never happen).

I believe the malware creators were trying to query an intentionally unregistered domain which would appear registered in certain sandbox environments, then once they see the domain responding, they know they’re in a sandbox and the malware exits to prevent further analysis. This technique isn’t unprecedented: the Necurs trojan queries five totally random domains, and if they all return the same IP it exits.

However, because WannaCrypt used a single hardcoded domain, my registration of it caused all infections globally to believe they were inside a sandbox and exit… thus we unintentionally prevented the spread and further ransoming of computers infected with this malware.

Got that? Your computer has a special file that it uses to look up the address of a server before it checks the internet’s version of that server address. When you type barelylegally.com into your web browser, your computer first checks that special file—called a Hosts file—to see if it already knows what IP address barelylegally.com is. Spoiler alert: your Hosts file is empty by default, so unless you added something by hand, your computer will end up asking the DNS computers what this site’s IP address is.

Security researchers (like Mr. I Stopped WannaCry By Accident) use software that creates a fake computer within their computer. That way, they can get their fake computer infected with viruses in a controlled environment, and see what they do, and inspect them forensically. All this without compromising a real computer.

However, many of these fake computers—called sandboxes—come with a Hosts file that points every unregistered domain back to the sandbox. So the WannaCry author mashed his or her keyboard for a few seconds, came up with a super long and random-ish domain name, and assumed that the only way that domain could do anything but fail to load was if WannaCry was running in a sandbox.

Or if a security researcher registered the domain for ten bucks. ​

One more thing

In addition to checking to see if they’re running in a sandbox, viruses usually check to see what they’re supposed to be doing once they’ve infected a computer. They need their instructions: send out millions of spam emails for one client, mine a whole bunch of bitcoins for this other client, etc. Viruses do this by talking to control servers, and you’ll never guess where Russian spies are hiding their control servers:

According to a report published Tuesday by researchers from antivirus provider Eset, a recently discovered backdoor Trojan used comments posted to Britney Spears’s official Instagram account to locate the control server that sends instructions and offloads stolen data to and from infected computers. The innovation—by a so-called advanced persistent threat group known as Turla—makes the malware harder to detect because attacker-controlled servers are never directly referenced in either the malware or in the comment it accesses.

​Basically, the people who want to control a botnet put a specially-coded comment on one of Spears’s photos. The comment looks innocuous to the human eye, but infected computers recognize it and use that to receive their instructions.

Filed on under Fear of a Bot Planet

Craig Garthwaite, a professor of strategy and healthcare at Northwestern University, on why replacing Obamacare is so hard: it’s fundamentally conservative.

Republicans are engaged in a brutal civil war between hard-liners and moderates as they struggle to craft legislation to repeal and replace Obamacare. The episode invites an almost existential question for the GOP: Why, after seven years of nearly endless war against Obamacare, is the party unable to deliver a more conservative policy that provides access to health care to a similar number of Americans?

As a life-long Republican who has spent months contemplating this question, I’ve come to an answer that will be hard for many conservatives to swallow: Passing an Obamacare replacement is difficult because the existing system is fundamentally a collection of moderately conservative policies.

​Garthwaite’s op-ed is a nice recitation of the philosophical reasons conversatives should be comfortable supporting a market-based healthcare system like Obamacare. However, it doesn’t delve into the parentage of Obamacare, or why the DNA of the bill is so amenable to conservative principles.

For example, the right-leaning Heritage Foundation think tank consistently advocated for implementing the sorts of health insurance exchanges core to Obamacare, as recently as 2006. As governor of Massachusetts, Mitt Romney signed into law and implemented health insurance reform that looks awfully like Obamacare’s.

Fact is, there are a lot more reasons Congressional Republicans could support health care than ‘Reagan thought government could do stuff okay sometimes.’

Filed on under Dog Bites Car Stories

Alastair Pal for Reuters UK: Fake online stores reveal gamblers’ shadow banking system.

The seven sites, operated out of Europe, purport to sell items including fabric, DVD cases, maps, gift wrap, mechanical tape, pin badges and flags. In fact, they are fake outlets, part of a multinational system to disguise payments for the $40 billion (31.6 billion pounds) global online gambling industry, which is illegal in many countries and some U.S. states.

The findings raise questions about how e-commerce is policed worldwide. They also underline a strategy which fraud specialists say regulators, card issuers and banks have yet to tackle head-on.

​Okay, so it’s no great surprise that despite the fact that gambling is illegal in the U.S., it’s still possible to find web sites that’ll take your money. That’s not news. What’s interesting about this story is how they take your money. Gambling sites set up stores that accept real money for fake goods, laundering the funds:

In December, a reporter placed an order for a yard of burlap cloth on one of the sites, myfabricfactory.com, a website run by a UK company called Sarphone Ltd. The fabric, advertised in U.S. dollars at $6.48 per yard, has “many uses including lightweight drapes,” the website says. Sarphone did not respond to requests for comment.

This order went unmet. After a few weeks an email from My Fabric Factory arrived saying the product was out of stock. The payment was refunded.

​The most surprising thing about this is that it sounds like regulators largely rely on credit card processors to self-report gambling transactions.

Filed on under The Ol' Burlap Switcheroo