406 comments

[ 4.6 ms ] story [ 262 ms ] thread
Related discussion (517 pts):

https://news.ycombinator.com/item?id=41891694

https://aworkinglibrary.com/reading/unaccountability-machine

(A very short overview of Dan Davies' book, quoted in TFA, that came up with the term)

EDIT: complementing book mentioned in that thread

Cathy O'Neil's "Weapons of Math Destruction" (2016, Penguin Random House) is a good companion to this concept, covering the "accountability sink" from the other side of those constructing or overseeing systems.

Cathy argues that the use of algorithm in some contexts permits a new scale of harmful and unaccountable systems that ought to be reigned in.

https://news.ycombinator.com/item?id=41892299

Heh. 6 months ago someone mentioned Deutsche Bahn and Switzerland. Deutsche Bahn is now banned from operating trains into Switzerland, by Switzerland, because they are never on time.
Great post and discussion as well! I learned from that about two just cultures and their different views of what "accountability" even is.
>If you combine those two frameworks, you could conclude that to be accountable for something you must have the power to change it and understand what you are trying to accomplish when you do. You need both the power and the story of how that power gets used.
This, and I think it gets deeper. I started reading more about history of "just culture" and it seems like historically it was the dominant culture of justice in the tribes and smaller communities.

It's the _just culture_ focused on repairing the damage – for the victim and for the community – and trying to fix the reasons and integrate the offender back into life (otherwise community would end up being a bloodbath of revenge and dies out).

What wasn't obvious to me is that switch from restorative justice culture to retribution justice culture happened for economic reasons. At some point of nation states formation, crime became an act of offence against the king, not the community. You didn't do wrong to the community, you "disobeyed the rule of king" and thus has to be punished. The whole "justice transaction" became a deal between an offender and the state/king, instead of community and victim and offender. Paying retribution fee became a source of income for the kingdom, incentivising this type of justice culture. Victim and community was largely left untouched by this new type of "fixing justice". Pretty dramatic change.

My eyes opened a little bit!

"Sidney Dekker" & "lese majeste" or even "Wilhoit" returned nothing interesting, so that's a new open secret (if I didn't totally misunderstand, that is)

Aside: does that make "The United States " a careless sovereign (monarch) in your book? -- most criminal cases are "The U.S. vs ____": not only are community/rehabilitation afterthoughts, nobody looks forward to any pleasure of a Majesty. The Judge+Jury as Middle Finger & Thumb of the Invisible Hand?

The book I still have open is actually by Sidney Dekker - "Restorative Just Culture in Practice: Implementation and Evaluation". A quote:

> In 1066, with the Norman invasion of England, William the Conqueror and his successors brought into existence a legal system that gradually replaced the church and local systems of conflict resolution. For the nascent state, the legal system turned out to be useful for exerting influence and extracting money. Crimes were seen not (just) as violations of a community’s mores, or the victim’s rights. They were seen as infractions against the state, and against the ruler, the king, as a disruption of the ‘King’s peace’. Fines benefited the ruler economically and often politically. The state and the offender were the primary actors around whom the justice was organized, and the victim played a lesser role.

TIL: SD inspired by air-crash investigations (which attract "informed" pundits like bugzappers), AND is a flight instructor himself!

https://www.sciencedirect.com/science/article/abs/pii/S00224...

>Investigators are often forced to rely almost exclusively on domain knowledge and common sense, but this exposes them to the mechanisms of hindsight.

(I was on a hunt for his dissertation (Ohio State, Cognitive Engineering, 1996) -- wanted to approach the topic at a level as low+concrete as possible))

As to the King's Peace (Wilderness?) , nobody really knows or cares who chairs NTSB/OSHA lol

https://www.fisherphillips.com/en/news-insights/trump-nomina...

I didn’t realize Martin is blogging again! Hurray!
It's interesting we always talked about the Holocaust and the Nuremberg trials when talking about accountability, as if similar atrocities aren't currently happening. It's because breaking an accountability sink of people who are long dead doesn't have any impact other than the explanation itself. Breaking an accountability sink of currently living people and currently active wars is much more dangerous.
Did you imply that there is another Holocaust currently ongoing?
There are numerous conflicts worldwide where one side is trying to systematically destroy the other population, civilians and all. Whether they are exactly the same or how you define that is pretty secondary to that fact.
Whatever. Since my last Wikipedia spree on that topic i feel such comparisons are highly inappropriate.
That way of saying that the holocaust is a thing of its own, that can be compared to nothing else is simply a way of separating genocide victims into first-class and second-class victims. The only outcome would be to weaken the collective "Never again" outcry against barbary.
From the perspective of the victims, it was not special, indeed. My "research" focused on the other perspective to learn social patterns.
Here are a few other genocides of the 20th century: the Armenian genocide [1], Porajmos [2], the Rwandan genocide [3].

Please enlighten us on how pointing similarities in the administrative involvement, the systemic nature of the targetting, the harnessing of technology, or the way individuals perpetrating it are made to feel less accountable is, in your words, "highly inappropriate".

I honestly don't see how you could make such a claim for all these examples without negationism.

[1]: https://en.wikipedia.org/wiki/Armenian_genocide [2]: https://en.wikipedia.org/wiki/Romani_Holocaust [3]: https://en.wikipedia.org/wiki/Rwandan_genocide

(comment deleted)
That's what they do in Germany. They teach it as a unique thing that can never happen again... which leads people to never question whether it could happen again... which may lead to it happening again, because any sign that it was happening again would be dismissed, because "it can't happen again" is drilled into people.

The default attitude of any human is to support the status quo, but you'd think Germany in particular would do a better job of changing that default with education. It seems like it doesn't.

Obviously, if someone was doing another holocaust, it would be in their best interests to make you think the very notion of more holocausts was prima facie completely absurd.

I went through German school, did the mandatory trip to Buchenwald, met Pavel Kohn in person and i think you are making shit up.

What if US people are less hesitant to make those comparisons because they know less about it?

In Germany it's illegal to compare things to the Holocaust, even if they are like the Holocaust, even if they are literally a second Holocaust. A politician couldn't run on a platform of "we'll do another Holocaust" (they'd be arrested) but could run on a less specific statement like "we'll eliminate the useless eaters to make Germany strong, sending them Aut to Schwitzerland" and you would be arrested for pointing out how Hitlery that implication was. You might get cleared of charges by the court... six months later.
You know i can check §130 StGB and see you are just making shit up?
You know I can just watch which signs get the people holding them arrested, and conclude what they're enforcing isn't what's written in 130 StGB?
Unfortunately this is one of those times where Wikipedia is not useful. Any page related to an ongoing conflict is under constant attack from bad actors on all sides. Go read some books or visit in person if you want to know the truth.

Israel is actively committing atrocities similar to the holocaust and the comparison is fitting. If German jews fought back it would have looked just like Gaza.

Look at what's happening in the US right now. People getting snatched off the streets. This is how it starts.
And a large part of the population are cheering it on.
There are proceeding at the ICC against at least two countries on the accusations of genocide right now.

Whether it's worse or better than Holocaust is debatable and you can bring up a metric. Did Gaza reach 10% of the Holocaust? At what rate we count abducted children against murdered adults? Do we count deaths or suffering too? Do the circumstances of death with genocidal intent contribute to the metric?

What can we learn from the quantitative comparison of one with another?

(comment deleted)
It’s often debated whether the public at the time was aware of the scale of the atrocities committed, whether they were accountable, and whether they could—or should—have done something. But only now am I realizing how much a certain part of the population actually does the propagandists’ dirty work by defending and whitewashing such atrocities.
Debated by whom? I'm from Slovakia which had voluntarily copied laws and process for deporting Jews verbatim from Nazi Germany and here is overwhelming amount of evidence that everyone knew something very bad is going to happen to them. Also the "arizácia/aryanization" dispossessing of Jew property made it doubly clear they weren't going to return.
The public was well-aware. They had stickers on shops. Your Jewish neighbors were paraded through the streets for deportation. Once they were gone, people took the furniture, the businesses, or simply moved into their apartments. On the country side, there were various land reforms where people who joined the NSDAP party were given fields from famers who were either simply deported as being Jewish or political opposition.

Of course people always had the feel-good lie "oh they're just being relocated to XYZ" but in those times you'd never leave your furniture and other valuables behind when moving if you were not forced to. For German people it was a win-win situation: More work for everyone (either as a party soldier or in the construction), steal some valuables from your neighbors who just got taken away, and feel good about your noble aryan genes.

Sorry for rambling on this topic but there are books for every mid-size Germany city which detail the unfathomable amount of looting, stealing and "M&A business" that was done by everyday "normal" German citizens during these times.

And most of these crimes were not prosecuted because of political decisions after the war.

As sad as things turned out for the squirrels it’s bizarre to worry too much about 440 squirrels dying in a country with lots of meat farming…
They even mention that the shredder was designed for newborn chicks. So something we routinely do to thousands and thousands of chickens is somehow suddenly horrible if they did it to random 440 squirrels that couldn't be accounted for.
You somehow can't apply logical statements to what we choose to kill and eat. Cultures differ on their opinions here. But at some extreme we should all be vegan.
The logic is simple, we eat what's convenient to produce and we construct our morals around that.
Meat costs a lot to produce. We eat it because it tastes good, not because it's convenient.
True. Habits also play an unconscious role and tradition a conscious one. To demonstrate the former: bellow two studies on cats exposed pre, peri and post natal with a specific aroma. From the first abstract:

> We conclude that long-term chemosensory and dietary preferences of cats are influenced by prenatal and early (nursing) postnatal experience, supporting a natural and biologically relevant mechanism for the safe transmission of diet from mother to young.

https://www.researchgate.net/publication/232700921_Prenatal_...

https://www.researchgate.net/publication/40452868_Effects_of...

I'll add that habits and taste can change later in the life voluntary or involuntary: There's plenty of people that "learn" to like something they didn't in their youth for many reason: new cultural environment, health, curiosity...

No. Dogs also taste good but they are way less convenient to raise per kilogram of meat then cows. That's one of the main reasons we rather eat cows, pigs and poultry than dogs, dolphins, squirrels or guinea pigs.

People do a lot of expensive and wasteful things just because they are convenient in many domains of life.

Meat isn't tasty. If it was you wouldn't always eat it fried almost to a char with salt and spices. Tasty things you can just eat straight up. Meat is easy. It's easier to keep some cows on grassy hill then kill them, than to create and maintain a field there.

Meat is also easy to cook and eat. It digests nicely. It can be used in mono diet with no immediate ill effects. It's a no-brainer food even an idiot can use to sustain themselves. It's hard to poison yourself with it because if it's not fresh it stinks like hell.

> If it was you wouldn't always eat it fried almost to a char with salt and spices.

I agree with the rest of your comment, except this.

You eat your meat "always fried to a char"? What? Also, I barely add some salt to it. Many people add way too much salt though.

By almost char I meant browning.

Salt is cheating. Add salt to any fat and it's immediately tasty.

But fried? I seldom fry my meat.

I also cook vegetables (eat them raw too, of course), so I don't think that's cheating.

Aren't steaks fried?
No. They can be cooked on a grill with no fat and they taste great.
Do they taste great? Or does the fatty salt taste great? Have you ever tried them without salt? Because salt or sugar can make anything fatty taste great.
Yes they taste great even without salt. I’m getting the impression you have never eaten a cow before. Maybe try some time before you say such things. I bet you’ll love it!
I'm eating steaks seared/fried on a pan almost weekly for few years now. I landed on a combination of herbs and spices to make them actually tasty (rosemary, black pepper, sweet paprika and of course plenty of salt). But still they are nowhere near the tastiest of the foods that I've eaten. I eat them because they are easily (and slowly) digestible, and rich in nutrients. I don't really have to think about the rest of my diet and I can eat whatever I have a craving for without risking some serious deficiency as long as I eat occasional steak and keep an eye on my weight.

I've also been to some steakhouses few times and what they serve ranges between terrible and passable.

I guess my tastes aren't typical.

You’re just not correct. It’s alright, happens to the best of us.
They taste great without salt or additional fat (other than what's already in the steak). We do not fry them in Argentina.
No? I've never fried a steak. I grill them.
You never eaten a steak from a pan? Or you just never used any additional fat under the steak, which technically makes it grilling? Sorry, I'm not a native speaker and I thought frying is anything you do on a pan with no cover. I guess there's also searing but I thought it was kind of frying.

I found a recipe for skillet-fried steak: https://www.thepioneerwoman.com/food-cooking/recipes/a9744/p...

Nope. We grill steaks in Argentina. We do not fry them.
> Meat isn't tasty. If it was you wouldn't always eat it fried almost to a char with salt and spices.

Allow me to introduce you to the concept of "steak".

Buy your steak, toss in a pot of unsalted water. Cook for a while to make it edible. Eat it when hungry. Tell me again how tasty the meat is.

Do the same with rice, potatoes or lentils and you'll have completely different experience. Pick any fruit. There's even no need to boil. Tasty from the get go.

Rare steak is nice.
Are you seriously trying to argue that food doesn’t actually taste good if it has to be cooked first?

Throw steak in a hot pan. It tastes great with no other seasonings. Tasty from the get go. Throw rice in a hot pan. It tastes awful.

Therefore, rice is not tasty.

If steak was tasty you wouldn't need steak sauce /s.
Have you tried? Eat unsalted steak fried/grilled/seared on the pan? It doesn't taste good.
I've tried a lot of different fake meats, and real meat tasted better to me. Sure, meat requires special cooking to taste good. That doesn't mean meat as a whole tastes bad. When other things are cooked the same as meat, they don't taste as good to me as meat.

>Dogs also taste good but they are way less convenient to raise per kilogram of meat then cows.

I'm not saying that meat producers don't optimize their production to lower prices. I'm saying that despite their optimizations, vegetarian foods are cheaper to produce than meat.

>It's easier to keep some cows on grassy hill then kill them, than to create and maintain a field there.

Look at the price of beef vs the price of vegetarian foods. Beef costs more. Also look at the carbon footprint of beef vs vegetarian foods. Beef production produces more carbon.

>Meat is also easy to cook and eat. It digests nicely. It can be used in mono diet with no immediate ill effects. It's a no-brainer food even an idiot can use to sustain themselves. It's hard to poison yourself with it because if it's not fresh it stinks like hell.

I don't think any of those are the main reason people eat meat. In a different comment you say rice, potatoes or lentils are easier to cook such they taste good. I don't think meat is easier to cook than other foods.

Why do some religions say don't eat beef or pork? Some religions care about how you kill the animal. How is this convenient?
Religions can be inconvenient. I'd still argue that source of some of their bans was convenience that just got frozen in time and kept alive way after its utility ended.

I think in case of meat bans it was a deeper convenience. Something like that it's not convenient to avoid pork, but it's convenient to not get sick from low quality pork or the process of raising this specific animal. It might have been quite convenient rule of thumb two thousand years ago.

I think this is one of the most fascinating aspects of solo non-stop around the world sailing: You have no one to blame other than yourself. It puts you into a mindset that is unique in this day and age. The sailors, when interviewed after their ordeal, also mention it a lot.
Same with overland travel. You either caused the problem or allowed it to happen. Either way it's your job to fix it and it's the only way to keep going. It requires preparedness, flexibility and resilience.

I remember many messes where I just stood there thinking to myself "alright nicbou, what did we learn today?"

In 2012 I've spent almost the entire year hitchhiking around Europe. Mostly alone, sometimes in a small ad-hoc group that would part whenever we had to take different turns. Sometimes there is someone else to blame: a driver who dropped me off in a far worse place (like in the middle of a busy highway); a mate who almost blew all of us up when mishandling a gas cylinder; unsolicited exhibitionism; etc.

Well, shit happens. Pick your stuff up and carry on.

There is no blame on holiday. Something will go wrong (how can it not?)
Another fun one is asking for a higher salary - for obvious reasons moderately sized companies have formal systems that make it logically impossible to do on an employees initiative (the boss doesn't control salaries, payroll doesn't control salaries and all the formal systems point to the boss and payroll). The real approach is that a worker has to somehow convince one of the people with serious power to overrule the default systems.

But the important thing to recognise is there are always people who can overrule a given formal process and they are being held accountable to something. The issue becomes what their incentives are. In the success stories in this article (like the one where the doctor saves a bunch of people) the incentives lead to a good outcome when the formal system is discarded. In the leading ground squirrel example someone without doubt had the power to prevent the madness and didn't because their incentives led them to sit quietly in the background hidden from history's eye. Ditto the Nazi example - obviously there was someone (probably quite a few someones) who could have stopped the killing. They didn't override the system because they through it was performing to spec, and it is probably difficult to prove they were in hindsight because informal systems don't get recorded.

If the incentive is the culprit, then the airport employee acted out of her mind because her own survival was more important than to act human... therefore, she is biologically similar, but spiritually guided differently. she would never tell you she gave herself or sacrificed (big word) to it (big word), she never knew anything else really, she saw things through the window all along her life, but never got to really experience it, it is so inconvenient to her, she whispered.

she feels more than a children of the cities, she has embodied them.

> the boss doesn't control salaries

I would call them a supervisor then.

It’s not logically impossible for any buyer to decide to pay or not pay more to a seller, it just depends how replaceable the buyer thinks the seller is, and how much they care (the buyer could be retiring with golden parachutes before shit hits the fan).

Interestingly if you’re denied a credit card in Europe a subject access request can be very helpful for understanding why
Another major accountability sink is employment. Employee is shielded from financial responsibility for the damage he incurs while working. While he may be punished for disobeying orders or acting criminally, he's not financially responsible for the fallout (especially if he was only doing the things he was ordered to do and/or reasonable things). Doing a job is inherently risky behavior. If you are doing it in a context of financial amplifier (a company) in a regulated society that can quickly hunt you down and destroy your life if you misstep then in the absence of accountability sink protections barely anyone would be brave enough to get employed. That's also why LLC exist. To enable risk taking by promising to not hunt you to the bottom if you fail.
>If you are doing it in a context of financial amplifier (a company) in a regulated society that can quickly hunt you down and destroy your life if you misstep

Sir, it's the year 2025 of our Lord. Nobody is out there to destroy your life most of the time.

The fact that they don't doesn't mean they can't or they wouldn't. Just reading news from USA from last 3 months should make it obviously clear.
I would say that corporate personhood is a better example. It seems very natural to us, but I'm not sure if it's an idea other intelligent species would also independently arrive at.
I don't see it natural at all. I think it's quite insane concept. A corporation is obviously not a person and even if you pretend it to be a person why only good things come from it for a corporation? Why isn't it sentenced to death and executed when it kills 11 people?

Why corporations are allowed to own other corporations? Isn't it a slavery?

I think GP's example is better, definitely more familiar. That's the fundamental difference between employment and running your own business: you're trading away both the downsides and upsides of business risk, in exchange for a stable, predictable salary.
> Bad people react to this by getting angry at the gate attendant; good people walk away stewing with thwarted rage.

Notwithstanding the rest of the column, this particular example brings the following thought to mind:

It could actually be argued that getting angry at the gate attendant is not a "bad people" response. Suppose that under those circumstances, the typical individual passenger would demand the gate attendant to either let them onto the flight, or compensate them reasonably on the spot, and if denied - even with a "it's not within my authority" - inform their fellow passengers, which would support the demand physically to the extent of blocking boarding, and essentially encircling the gate attendant until they yield (probably by letting the original passenger onto the plane), and if security gets involved - there would be a brawl, and people on all sides would get beaten. Now, the individual(s) would would do such a thing may well suffer for it, but in terms of the overall public - gate attendants will know that if they try to do something unacceptable, it will fail, and they will personally face great discomfort and perhaps even violence. And airports would know that such bumps result in mini-riots. So, to the gate attendant, such an order would be the equivalent of being told by the company to punch a passenger in the face; they would just not do it. And the airport would warn airlines to not do something like that, otherwise they would face higher airport fees or some other penalty. And once the company realizes, that it can't get gate attendants to bump passengers this way, it will simply not do it, or authorize decent compensation on the spot etc.

Bottom line - willingness to resist, minor ability to organize, and some willingness to sacrifice for the public benefit - can dismantle some of these accountability sinks.

a good "collective response" would be to deny the non-agency of the gate attendant. That is,

Still wouldn't change a thing. The gate keeper has no say into who gets let on the plane and who doesn't, they are there just to enforce the decision.

The only way to get this solved is if in the executive meetings one person goes "Our processes that bumps people resulted in xxxxxx cost, that's too much".

The way those costs are incurred doesn't matter, if its direct compensation or fines, but unless you can attach a price tag to it, nothing will change.

> The gate keeper has no say into who gets let on the plane and who doesn't, they are there just to enforce the decision.

No, that's not true. He is literally, physically, the gate keeper: To pass the gate, he has to let you pass. Now, you could insert another gate keeper into the scenario at the entrance to the airplane, or some turn-style with a scanner etc. but that wouldn't change the basic argument, just make the scenario a little more complex.

But they are not making the decision whether you are allowed to board or not, they are just there to enforce it. You can't talk your way on a plane with them no matter what you say if your scanned boarding pass lights up red instead of green. They don't have any authority to make decisions.
They do ultimately make the decision. I do things Im not allowed to do almost every day at work. They might have to deal with the consequences but it really is their decision
You misunderstood the point they tried to make. If a gate attendant was told to punch someone in the face, they still wouldn't. They'd probably get fired for not punching someone in the face, then win some civil suit for their lost income.

If rejecting people from flights without explanation was socially considered the same way as punching in them the face, they wouldn't do that, either.

You can deny the non-agency of the gate attendant without getting angry. My personal feeling is that no mature adult should ever get angry really under any circumstances, though I don't expect this or really blame people for being angry.
Maybe your point is valid for other situations, but believe me, letting someone getting on a plane after their names has been removed from the Flight Manifest (passengers list) will have very bad consequences for everyone involved.

Starting from the Captain deciding the plane will not depart until the police has taken care of the situation (assuming they find out before taking off, which is quite probable if the seat had been reassigned to someone else).

The reader can feel a glimpse of the author's ego the moment he explains his skills as a Google Site Reliabiliy Engineer and his glorious work on improving gmail post-mortems right after the section where a hospital team saves various people in a mass casuality situation by empowering nurses to perform formally doctor-only tasks.

Only with a healthy dose of cynicism I can understand where he's going. While the topic of accountability sinks is quite interesting, I'm searching for the author's reflection of their own accountability.

They worked at google, made a boatload of money for the advertising company and himself, and now philosophically lectures others how to detect and/or design accountability sinks.

So the author gives what, 10 examples, and one of them is about himself and his own experiences, and one of them is from a hospital.

And from that you convey that the author must have some kind of ego? I don't think that's justified critique.

The word "hero" is mentioned twice in the whole article. Once in the section before he talks about his own work, and once in the section directly following it.

> As one of the commenters noted: "Amazing! The guy broke every possible rule. If he wasn't a fucking hero, he would be fired on the spot."

> **

> Once, I used to work as an SRE for Gmail. SREs are people responsible for the site being up and running. If there's a problem, you get alerted and it's up to you to fix it, whatever it takes.

I only know Mr. Sustrik from this one article but had to mention this because it was just a too low hanging fruit in terms of criticism.

Not to mention, he has awareness of the ways people absolved themselves of responsibility during the holocaust, but fails to take accountability for his work at a company supporting an ongoing genocide (whether or not he had any involvement with Project Lavender)
Frankly, if the author has Google-style FU money and can find no better way than this to spend that and his time alike, ego isn't the first of his faculties I see cause to question.

Doesn't surprise me to learn he's big on LW, though. A bloodless, passionless dork who mistakes dollars for IQ points and of whom it's not obvious he ever had an original thought? He might have been made in a lab for those sad nerd wannabes to identify with.

Maybe he thinks it's too early to get sued over a blog-- he's only just got to the HN frontpage for the first time this year?

Subtext of his previous blogpost:

Capitalism is powered by greed.

https://250bpm.substack.com/p/per-tribalismum-ad-astra

EDIT: another post of his that got traction ~5 yrs ago was about the Swiss political system (Swiss are a pragmatic culture though afaik he's Slovak so we might have to account for some Iron Curtain baggage)

https://news.ycombinator.com/item?id=23881309

Maybe he quit google after 6 months, I don't know. It's easy to talk about greedy capitalism once you've made it. It's a bit harder to live by these kind of ideals for the whole duration of your career.
> he explains his skills as a Google Site Reliabiliy Engineer and his glorious work on improving gmail post-mortems right after the section where a hospital team saves various people in a mass casuality situation by empowering nurses to perform formally doctor-only tasks.

Isn’t this the practice we do to sell ourselves during interview about quantifying our work and value?

I firmly believe that the author is the perfect interview candidate who will pass an engineering interview with flying colors. For rest of us, “so erm… I fixed a bug which allowed my employer to scale quicker globally during natural disasters and erm… allow emergency response teams to coordinate. My manager tells me it saves billions of life but I do not have access to actual numbers but the number of promotion each of my managers get when I fix a bug tells me, my contribution has good values”.

P.S. Off-topic.

I think it's firmly on-topic as the author clearly suffers from delusions of grandeur which causes them to greatly overestimate the impact of their actions, leading them to flawed conclusions about accountability.
> The reader can feel a glimpse of the author's ego the moment he explains his skills as a Google Site Reliabiliy Engineer and his glorious work on improving gmail post-mortems

That's a horrible take. He did nothing of that sort. He didn't say anything about his skills, nor did he say anything about improving Gmail postmortems. You made everything up. He was just mentioning the fact that in this case, limited accountability when handling emergencies has strong benefits.

> Eventually, employees noticed a problem: The card design only allowed for 24 characters, but some applicants had names longer than that. They raised the issue with the business team.

I'm looking at you, ANA Mileage Club card! 24 characters should be enough for anyone according to their database. They even have a whole page dedicated to how you should work around it (I tried, this procedure & indeed it lets you truncate your name, but then you won't be able to associate any tickets you purchase in your real name with the card). https://www.ana.co.jp/en/jp/amc/reference/merit/procedure/in...

That's a .jp site. Is it 24 kanji? That should be plenty of space :)
Yup, 24 moji :-)
I am deeply suspicious of "blameless" post mortems. I agree that we should work in ways that minimize fear. We should, to some degree, celebrate the learning we glean from our failures.

But I keep seeing "blameless" being construed as lying about why something happened. It's construed in such as way that anyone can hide from their misdeeds. People screw up, and we need to hold them accountable, and THEY need to hold THEMSELVES accountable. Not necessarily with "punishment" (what does that even mean in a professional context) but perhaps atonement and retraining.

Sometimes failure comes from inherent risks. Sometimes we don't know what we don't know. You can't account for every possible factor, you'll be stuck in analysis paralysis while the world moves on.

If we're speaking of a justice system in more general terms, I agree with your line of thinking. I believe that repairing the damage and reintegrating with society would be far more effective than incarceration or other forms of punishment. Fear is a seed, you reap what you sow.

(Yes there are extreme cases. Still the long-term goal should be to minimise harm, not bring punishment.)

I'm nearly wrapping up Sydney Dekker's book _Just Culture_, and Allspaw has a few pages in it. And preceding that is a section titled "blame-free is not accountability-free."

Accountability under Dekker's restorative justice model means providing a complete record of what happened, so the justice system can focus on who was harmed and who needs to repair that harm. In some ways I think they can end up mirroring the typical punitive justice system, when the person who needs to repair harm matches what we would call a guilty party in other circumstances. But the idea is not to lie about what happened! It's to expand the network of causality beyond a simple thought terminating "Bob did it" so we can address the systemic problems that led to Bob doing the wrong thing.

> Not necessarily with "punishment" (what does that even mean in a professional context)

A few options depending on profession:

1. Demotion 2. Pay cuts or fines 3. Firing 4. Loss of certification, thus preventing this person from ever working in the field again 5. Jail time, preventing this person from even being in society for some time, perhaps forever.

Dekker's book is full of examples of professionals facing all of the above consequences. If you don't think these punishments are applied to the SRE community Allspaw addressed when originally describing "blameless postmortems" then you probably want to read the all time highest upvoted post to /r/cscareerquestions, "Accidentally destroyed production database on first day of a job, and was told to leave, on top of this i was told by the CTO that they need to get legal involved, how screwed am i?"[1]

[1]: https://www.reddit.com/r/cscareerquestions/comments/6ez8ag/a...

I didn't mean that I couldn't imagine a punishment. I meant that I don't know think that "punishment" is meaningful as a tool to improve anyone's behavior.

Certainly it is a tool for deterring people from doing serious crimes. But it is a terrible tool for performance management of someone you hope will perform better.

I think there's a strain of management that thinks if you fire people who make mistakes the number of mistakes your team makes over time will decrease.
I'd say he loves the sound of his own voice, but everything worthwhile here is in a blockquote. Oh well, even a poor collator has value as such.
And what value did this comment create?

While we’re being unnecessarily rude, and discussing people who enjoy the sounds of their own voice and lacking substance.

(comment deleted)
"Unnecessarily?"

And hon, unlike most in this dawning age of LLM slop replacing human speech, I deserve to enjoy the sound of my own voice. People tell me as much almost every day! Think of me as Wittgenstein's lion. Don't expect to be able to make sense of me.

I always remind myself when I have to go to the DMV[0] that I should plan on leaving with nothing more than another action or set of actions to take. I never enter the DMV expecting to complete a process, and the workers behind the counter always have this visible, visceral response when I DONT lose my fucking mind at their response to something. When I continue to be pleasant and understanding it’s like they suddenly come alive. It’s a depressing state of affairs because I understand exactly what they expect and why.

0: for non-Americans and for Americans from other states that may use different terms, the DMV is the department of motor vehicles in many US states and is the central place to get your drivers license, take the drivers test, register your car, get vehicle license plates, etc. Many processes that have many requirements that often are unfulfilled when people show up asking for things.

Interesting distinction is deliberate vs unintentional accountability sinks.

DMV sounds more like incompetence than design. Compare with airline where the system is “better” when you have no recourse.

Starting in four days, you will need, to board a commercial flight in the US or enter a federal government facility, either a passport, an 'enhanced' or 'real ID' driver's license, or one of a small class of alternatives. This has increased the burden on state DMVs, and any resulting deepening of the accountability sink is at least partly due to not doing anything to mitigate a predictable situation.
The DMV is frequently just a case of under resourcing. For the most part, once you get to the counter your business can be handled in a few minutes. It’s the fact that it takes a while to get to the counter that’s the issue.
I think it's more than incompetence or accountability sinks; The DMV (and similar offices; Service {Canada, Ontario}, etc) are also the points at which the bureaucratic system of government interfaces with actual people as well. Boundary-layer components in any system are complicated because they have to distill complex input into abstractions understood by the system.

I recently emigrated to Canada from the States and exchanged my US state driver's license for one in my now-home province, but there were a ton of hoops to jump through to add my US driving history to my provincial record. The process seemed to be somewhat exceptional as the supervisor for the DMV-equivalent had to guide the reps I spoke to on how to append the multiple-states-of-history that I had to offer.

That's just a microcosm of what it wakes to distill the complexity of a person's life into pieces of verified information that a government can ingest. That's a lossy, complicated process that relies on both the 'customer' and the agent having a matching mutual understanding of what points of information can be agreed upon or, indeed, offered.

In some cases it's not clear, either; my wife was told initially that she would have to hand over her license from two states ago to update her history, because the province's documentation showed it was still active (despite the fact that our immediately-previous state merrily punched a big VOID hole in it, and that it was expired), but when she returned after digging up her voided license they said they didn't even need to see it. That last bit was possibly 'incompetence'; possibly on the part of the Canadian agency, for not being consistent on if they needed to see the license or not, or the US states, for not being up to date on their record keeping, but again: these are complex systems tryng to maintain consistency. It's reasonable to expect noise.

Off-topic, but since you mention it, I've always been confused about what Americans always seem to be doing at the DMV. It seems to be a staple of pop culture that people are always there and the queue is always very long, but I've never known what anyone is actually trying to achieve.

The DVLA in the UK doesn't have a high-street presence. I took my driving test once, then received my driving licence in the post. When it needs renewing, I can do it online. I tax my car online. MOTs (annual vehicle safety tests) happen at any local garage. I've never needed a new numberplate, but I think you can buy those online too.

So what is it you all have to go to the DMV for? Because it sounds horrible.

In the US we don’t have a single DMV, but rather 50 separate DMV’s with varying degrees of efficiency and online capabilities. But in my state most routine things no longer require a physical visit. Licensing is pretty tightly controlled because in the US the card serves as a primary source of identification in the absence of a national ID card.
We have kiosks at grocery stores etc where we can get renew documents and print new license tabs etc, you can also do most things online and receive your new documents in the mail.

You really only need to go there for driving tests (for teenagers or immigrants), completing private vehicle sales, and other odds and ends

What I always found interesting is going there and people arguing with the workers about not having proof of insurance or a clear title etc.

Until recently you couldn’t do much online with the government in the US. In Nevada, you can do most of the routine stuff online now, too.
It's different in every state, but mostly it's an outdated stereotype that still sticks around even though it's not really indicative of reality. Most states let you do almost everything online, and when you do have to go in you can usually schedule an appointment and not wait in line at all.
Lol. I went the NY DMV a month ago to exchange my out of state license. Even with an appointment, a preapproved application completed online, and all the correct paperwork I had to wait 2 hours.

My experiences with the CA DMV were similar. Only in IL have I had quick, easy visits to the DMV

Usually dependent on the area and their population density. I know people who would drive out to more rural areas just to get a quicker DMV experience.

The whole taking appointments but still making you wait kills me a little inside though. There's a world where these processes could be so seamless.

I had an ok time with the NY DMV. I think it just depends on when you go. If less people would go when it was busy, I guess the reputation would be better, haha!
Because of the importance of driving in the US (right or wrong), drivers licenses are used as the primary identification document. It looks like there’s a similar use of the DL in the UK for buying tobacco.

In the US, you need to prove both residency and identity. To prove your identity in the US, many people don’t have passports, so they bring a tranche of documents to the DMV office. To prove residency, we typically bring utility bills, leases, etc. Usually people prefer to go in person so they don’t lose these documents and get feedback if they don’t have the right stuff.

It looks like in the UK, since driving licenses are administered nationally, you don’t have the same patchwork of 50 different organizations with different requirements and rules, and the process is much simpler.

I haven’t been to a DMV for 10 years. I can renew vehicle registration, renew my license, and so on online. When I bought a new car, the dealer handled all DMV stuff like getting plates.

I’m supposed to be due to get a new “enhanced” license that is good for air travel within the US, but I have a number of other documents (passport, global entry) that serve the same purpose so I avoid the DMV as much as possible.

In my state the DMV is probably worse than a checkup at the dentist, but not as bad as a weekend with the in-laws.

If a person does not (and does not want to) drive, how do they identify themselves? Where I live, everyone gets a government issue ID card, and the ID number is the citizen's primary key. Our government is still largely paper-driven, but there's little you can't get done if you show up in person with your national ID.
Every state in the US has some form of non-driver ID. They call them different things - but they're still usually administered by the state's DMV, since that's the office that is equipped to deal with identification procedures anyways.

In the US we don't have a standard form of national ID.

Driving licences are also the primary form of ID in the UK (alongside passports, which are more expensive). People who can't (or don't) drive can still get a provisional licence, which only allows driving under the supervision of an appropriate adult but works exactly the same for ID purposes.
You hit uppon an important difference between the US and most of Europe/the UK. An system for tracking who your citizens are. In the Netherlands, where I live, the municipalities cooperate to keep track of all citizens, and their address (or lack thereof). This means that you never need to convince any beaurocrat that your identity exists. You might need to authenticate that you are indeed who you claim to be, but that is normally trivial (Show government photo id).

This simplifies the process massively.

The UK should not be included in here. There is no official national system for keeping track of citizens and municipalities barely cooperate. This means you have to keep proving your address for things like an opening a bank account.

This is due to a historical political issue and repeal of a national identification system, see also https://en.wikipedia.org/wiki/Identity_Cards_Act_2006.

> MOTs (annual vehicle safety tests) happen at any local garage.

Oh, I think we should have that in Croatia, since I'm doing yearly car service at my dealership and than still need to take my car to our national inspection station to get the car certificate renewed. Not sure why can't they organize a system were certified car garages can also inspect the vehicle and notify the Center for Vehicles. Maybe that would allow for more cheating but it's not like inspection stations employees are currently immune to taking a small bribe to overlook minor issues during the inspection.

The incentives are very different - private garages would be very incentivized to find nothing wrong with your car and business would gravitate to those with the least checks. The government stations would not have that incentive (actually maybe incentivized the other way - to make up problems that can be waved away with money, depending on how corrupt things are there)
I'd have thought the private garages would also be incentivised to find problems - that they can then offer to fix for an additional fee.

As it is, I think most garages that offer MOTs in the UK are fair and honest, as the test is relatively strictly regulated, but I'm sure people do get ripped off.

The Netherlands has private garages do the yearly recertification inspection (APK here). There was a recent rise in 'remote inspections' where the garages had figured out tricks to avoid spot checks. This involved tricks like 'file the inspection very close before 17:00' or 'file the inspection result right before an actual true inspection' because apparently spot checks look at the last inspection.

They noticed the tricks as patterns, and are handling it. My point is, there is an incentive for private garages to do fraud here.

Remember US has no National ID card. America has 50 states, each state has its own ID and DMV.

Plenty of Americans move states, remember some of our states are reasonably small enough that you might commute to the same NYC job from any of 4 different states. I have a friend who sequentially moved NY->NJ->CT->NY in something like 6 years.

Also I forget why but when I moved WITHIN a state 10 years ago, it required a DMV trip. edit: apparently within NY moving COUNTIES at the time required DMV trip (insane)

Oh and the recent push for "Real ID" enhanced IDs requires a trip to DMV. I've avoided this and just been prepared to fly domestically with my passport.

Real ID requirements started 20 years ago, which I suppose is “recent” in government terms, but not really. In some states everyone has already had a Real ID compliant license for years. In others, notably California, they’ve been kicking the can down the road the entire time.
Well this year supposedly they are finally going to be required at airports so it’s really real :-)
In my experience, the DMV (or whatever its called) likes to see you in person for license renewals every so often. Get a new photo, make sure you can see the eye chart.

I've always gone into the DMV when I purchased a vehicle from a private party. In California, it has taken me a couple visits; the first visit with the title and sale documentation, the second with the emissions test documentation that the seller was legally suppossed to provide at the time of the sale but practically, the buyer must provide to register the vehicle. Maybe you can do this by mail, but if you do it in person, you walk out with documents so you can legally drive the car. If you buy a car from a dealer, they take care of this paperwork for you, which used to mean having someone stand in line at the DMV and process a bunch of transactions, but now they can typically do it electronically.

If you move to another state, you need to get a new license and retitle and reregister your car; this usually happens in person, and most states have a requirement to do it in under a month. If your car has a loan, expect multiple trips to get it registered... the first trip will let you know what you need from the finance company; the second will bring that back and get registration; then when you eventually pay off the loan and get the title, you'll need to bring that in so you can get the title issued in your current state.

You usually don’t. Licenses can be renewed online until you reach a certain age in some states where you have to go in to take an eye test. Car dealers will handle registration. If you buy from a private party you have to go in.

In metropolitan areas that have make you get car inspections like Atlanta, you go to a third party where the price is regulated and they send the results in. You still can do everything on line

> I've always been confused about what Americans always seem to be doing at the DMV

Getting your car registered in your state of residence, renewing your driver's license, stuff like that. The exact details of the process can vary wildly from state to state, but no matter where you live, it's gonna be a waiting room in a drab government office.

Here in Wisconsin, I got a title for my car, and plates and tags all online. Never stepped foot in the DMV. This is incredibly high tech stuff by state government standards.

As a fellow Brit I’ve always been puzzled by this too.

The DVLA website and online processes are very good. Which is rare to say about a government IT system. I don’t think I’ve ever had any problems for a decade (or two?) dealing with everything driving-related fully online.

I expect since we just have one single system, and a smaller number of possible workflows/situations to cover, it’s easier to create a central online system. In the US, with 50 different variations perhaps it’s a harder problem to solve.

Kafkaesque bureaucracy, it's common to a lot of government institutions, they send you from one window to the next, there is always paperwork missing or something needs to be stamped. It seems like the whole process is not to serve the people but just there to perpetuate itself.
I once booked a plane ticket from my home town airport to another country. The purchase notification said something like "PVA" instead of "POV". I looked it up and turned out, the newly built airport that had this exact code was about to open. In a week or so, so I assumed that I'm indeed flying from the new one and forgot about it. The purchase was made through a booking aggregator similar to Expedia.

On the day of travel I took a taxi to the new airport, which is 40 km outside the city. The taxi driver couldn't care less about where I was going. Upon arrival, there was much fewer people than I expected but I shrugged it off. At the entrance though I was asked where I was going and if I was an employee. Apparently the new airport was still closed and my fight was from the old, still functioning one. The one with the code not shown in the ticket purchase receipts.

Panicking since it was only about an hour until departure, I took a taxi back to the old airport, which was a desperate 40-50 minute drive to only realize the plane had already left.

I was flying abroad, with a connection the next morning, about 10 hours later. So I thought that the problem could be solved by just arriving there by any other flight, which I booked almost immediately. However, the airline representative (yes, there was a human to speak to that I could reach easily by phone) told me that a no-show for any segment of the flight invalidates all subsequent ones. There was no way I could convince her that it wasn't my fault. Perhaps there was a rigid process in place that disallowed her from helping, even though I'd make it to the second flight on time.

I ended up buying 2 new tickets, of course more expensive and less convenient ones. This taught me an important and rather expensive lesson on why connected flights with a single airline are sometimes the worst.

Funnily enough, I was bitten by this rule one more time when I didn't show to a flight in to the country due to visa issues (it was covid time) and wasn't allowed on the flight out of it because I didn't show up to the 1st flight, the flights being 1 week apart - but booked in one go.

As to the previous situation, I managed to get compensated by the airline (not even the intermediary!) about a year later after posting a huge rant on Facebook and getting their attention to the situation.

Yes, sorry for your problem but no-shows automatically invalidate everything else. If you decide to cancel part of a trip due to unexpected events, train strikes or whatever that is not directly under control of the airline itself you must contact them and make sure they will not cancel the rest (including the return flight).
Leaving aside the no-show rule, which doesn't make much sense to me, this situation is a good example of an accountability sink.

The intermediary I booked the tickets with made an obvious mistake and showed the wrong airport code. Maybe the airport opening was meant to happen earlier, and the intermediary had already updated their emails or something like that. They refused to do anything meaningful and did not even acknowledge their mistake.

The fact that I was compensated by the airline that had nothing to do with this mistake is even more astonishing to me, although they were obviously protecting their brand reputation.

I was not trying to dispute the accountability part. Btw my company was hit by the delayed opening of BER airport. Colleagues had to rebook thousands of tickets because the BER iata code had to be "retconned" to use TXL again... so I am more than happy to sympathetic with your problem, trust me.
>Leaving aside the no-show rule, which doesn't make much sense to me

A->B->C can be cheaper than B->C. If people could skip flight A, then people already in B would buy the cheaper A->B->C.

I could probably be convinced of this reason.

But why would they cancel B-A when there’s a no show for A-B? More so when there’s a few days gap between A-B and B-A? The only issue being they were booked as a single itinerary/PNR. I don’t see what cost has got anything to do with it.

Because they could use the now "vacated" seats for:

- Last minute travellers (who pay significantly higher for this)

- move their own personnel from B to A

- alleviating problems caused by overbooking, canceled flights, delayed flights or any other disruption.

> There was no way I could convince her that it wasn't my fault. Perhaps there was a rigid process in place that disallowed her from helping, even though I'd make it to the second flight on time.

Yeah they generally have the capability to prevent that auto cancellation of your segments (within a certain time frame) but in this case unfortunately they were unwilling or it was too late to catch it.

It's generally to protect revenue because buying A-B-C instead of B-C can be cheaper, and hoards of people used to just segments to save money. So they just assume everyone is trying to cheat them.

> It's generally to protect revenue because buying A-B-C instead of B-C can be cheaper, and hoards of people used to just segments to save money. So they just assume everyone is trying to cheat them.

Isn't it ridiculous in the first place that flying A-B-C is less expensive than B-C? These are the pricing games airlines deliberately play to make more money out of nothing.

This is just an oversimplification though. If you had any experience about travel industry (or logistics) you would understand things much better.

Here is an example for you (from logistics): Sending a truck from Berlin to - say - Györ may cost 3 times less than sending the same truck from Györ to Berlin - even on the same exact date.

Is this because shipping companies try to make money out of nothing, for you?

I think that's a misrepresentation though because A to B is not a subset of B to A. Whereas B to C is a subset of A to B to C.
If you are answering to my Berlin->Györ example:

Yes, it is not exactly the same thing but the point is: by getting off at B you are making the B->C flight travel with a wasted (empty) seat. Which they would have preferred to either sell to someone else or use for moving a pilot or technician to C.

(Note also that this trick of getting out mid-itinerary only works if you do not have checked baggage, because that will arrive in C, and neither the airline nor the airport will be happy to reroute it to wherever you thing you want to go next.

Flying is expensive and logistically complex. Just making sure you end up where your ticket say is complicated. If you (as a customer) decide to change your plans you are making everything more complicated (and possibly preventing other customers to pay for the whole itinerary).

The actual question here is why they won't sell you a ticket for A->B for the actual cost of that leg of the A->B->C flight, and then sell the same seat for B->C to someone else.
See above: let's say that on Frankfurt-Hannover and back you get on average 52 passengers a day, and Hannover-London is more or less the same, while people flying Frankfurt-Heathrow are so numerous that direct flights are always full and therefore you need to offer FRA-HEA with a stopover to satisfy the extra request.

If you are sure that 80% of your passengers will go to Hannover only to then fly to London (and back) your prices will reflect that... and Frankfurt-Hannover cannot be lowered too much because you still has to try to reach your quota for the flight per se.

A fair comparison would not be the return, but Berlin-Györ being more expensive than Vilnius-Berlin-Györ. Is that common in logistics, in your experience?
This was a fabricated example, actually: I work in tourism not in logistic (but I have friends in that field).

My point was that to the layman this does not make any sense while if you are managing a shipping company you soon realize that some destination are more profitable because your truck that was maybe taking specialized replacements parts from A to B can easily pick up some other stuff to send back to A, while travelling in the opposite direction your truck has a high chance to travel empty on retutning to base... but you still have to pay the drivers, the fuel, the maintenance and possibly tolls.

The point some of us are making in the replies is that, while true, this is not an appropriate comparison to airline travel rules.

Do you agree there is a difference between charging more for a return, vs charging more for a leg of a compound trip?

Airlines tend to work like this: at the start of the "season" analyst define the margin for each seatbof each departure. Let's say that for Sunday flight from Venice to Hamburg, Economy, your target is 112€. (For simplicity I will discuss only a direct flight, but the same idea applies to any leg of any Itinerary).

Yield manager for that area/period has now the task to make sure he gets 112 or more on each ticket. And take in account that an unsold seat gets 0, so lowers the averge margin (which is what the yield is calculated upon).

This will soon make you realize that any chance to sell again a newly vacated seat is a boon.

So in the case of the OP the company can either assume that it was a honest mistake and he will somehow miracously get there in time to get on the second flight (3% chance?) or assume that he decided he does not care anymore, he had a serious accident, got fired, won the lottery, whatever (97%) and promptly put the seat back on sale.

The problem with a-b-c costing less than a-b is less obvious, maybe, but it has similar causes: for the airline it is more efficient to sell you the itinerary with a stopover so their pricing reflects that.

There have even been attempts to take passengers to court for getting off at the intermediate stop (they were dismissed) so it's definitely not just because the airlines are throwing a fit if you decide to change your plans.

Probably the a-b leg and the b-c legs sold alone are not very popular so they want more money to maximize the yield, while everyone wants to go a-c and return.

Of course I can understand it from their point of view. But this doesn't make it any more sensible to me as a consumer of their services.

In the aforementioned situation I wasn't trying to exploit the airline, it was a simple mistake that happened and could be easily alleviated. But the rigid processes, precisely the ones where accountability sinks, made it impossible for the humans involved to correct the mistake.

I still stand by the ridiculousness of that. If not the logistics quirks per se, then the fact that this completely unrelated matter dictated the resolution of the situation against common sense and my interest.

What makes this even worse is that presumably the PR department of that very company had to be involved later and they still spent their employees' time and money to compensate me for the mistake that could be corrected for free.

And what is the actual explanation that actually makes sense (apart from profit increase)?

I have booked flights A->B->C and got down at B because that was cheaper than booking A->B only. Not sure where this all makes sense at all.

The full explanation would take a wall of text (and still let you unconvinced because you feel entitled to do as you please, probably).

Super-condensed version: civilian flight are a pretty difficult "product" to handle efficiently. Price increases until 1 minute before closing the airplane doors, then falls to zero. On top of that, the product "provider" also needs its own product in order to move personnel and technicians all over the globe, but of course they cannot just cannibalize their own products beyond the point of profitability.

Plus they have to handle rebookings and passenger protection in cases like delays, sudden airport close-down and so on. (Have you ever been on a waiting list, btw?).

All this is pretty complicated to manage already, so they need to exert as much control as possible on yield and occupancy.

TL;DR: a flight is not a bus ride. So if you just decide to cut it short the airline will try to reuse your vacant space for whatever reason.

It seems to me that since airlines can't force you on a plane except for taking your luggage hostage, you're free to drop as long of a 'tail' as you wish. I'm wondering whether they'd put you on a black list or something for doing this consistently.
It’s called “skip lagging”. The airline can possibly try to collect money and if you do it often, ban you from flying with them.

https://www.npr.org/2023/08/23/1194998452/skiplagging-airfar...

The reason is happens is that take for instance ATL (former home). ATL is a Delta hub and has direct flights to a lot of places that other airlines don’t. Between people preferring direct flights and the lack of competition, they can charge more.

But flying out of MCO with a layover in ATl, they lose the non stop flight advantage and they have to compete with other airlines.

Also ATL sees a lot more price insensitive business travelers than MCO. Businesses aren’t going to force their salespeople and consultants on one of the low cost carriers.

>Isn't it ridiculous in the first place that flying A-B-C is less expensive than B-C?

It's no more ridiculous than something being cheaper at a liquidation store than a retail store.

OMG this stirred my memories. I was interviewing with companies in Amsterdam and Berlin. The Berlin recruiter made onward and return flight bookings for me from India. I though went to Amsterdam first on a separate flight because I was juggling the schedule. I thought it’s no big deal didn’t bother informing the recruiter of my side arrangement.

I then took a train to Berlin from Amsterdam, finished the interview and went to the airport for my return flight that was booked by the recruiter. To my absolute horror I was told that since my onward journey was a no show the whole PNR was cancelled. I felt like an idiot. Since then I double and triple check whenever I’m booking flight tickets.

Sorry to hear that. Sounds like not a lot of fun!
> So I thought that the problem could be solved by just arriving there by any other flight, which I booked almost immediately.

Why did you do that? Especially when that cost you extra money?

You should have talked to the airline directly, explained you'd missed your flight because they gave you the wrong airport, and the airline would have rebooked you and everything would have been fine. People miss flights all the time and this is an entirely normal process.

It's been standard practice for a long time if you miss a first leg, that you forfeit the rest. They're going to reuse those seats for e.g. other people who missed their original flights. It's a type of flexibility built into the whole system.

Connecting flights are super useful because you can work with the airline to reschedule the whole thing, and the airline is responsible if you can't make a connection because an earlier leg is delayed.

I truly don't understand why you would have taken it into your own hands to buy a separate replacement ticket on your own, instead of talking to the airline. Even in your second example, why didn't you work with the airline to reschedule your missed flight? Even if they for some reason can't reschedule, they will often keep your return flight valid if you have an obviously good reason (e.g. a visa issue during COVID). But you do have to contact them immediately.

I'm sorry you didn't know how all this worked, but when in doubt, contact customer service ASAP to see if they can help. Don't just go buy separate tickets on your own, and then assume later legs will still be valid. That's not how it works.

This reminds me of the quote "I know just enough to be dangerous"

I wonder how long until we have an AI on our shoulder saying "Hey why are you booking a new flight, there is a better option"

> explained you'd missed your flight because they gave you the wrong airport, and the airline would have rebooked you and everything would have been fine

Do you really believe this? There are a lot of bad airlines. Enough that a terrible airline is often the best option.

This usually just leads to getting dicked around for so long until you need to just do the original plan anyways. It only works if you have infinite time. Ideally he could just book a new flight and send them the bill

Interesting article, but picking Johnson and Cummings's handling of Covid as a positive example is a very odd choice, given their falling out and the numerous corruption allegations and parliamentary inquiries into their actions since then.
I 100% agree with you, but it looks like that specific, single instance is a clear example of the famous broken clock being right twice a day.
Surely it is that specific example that counts. It seems perverse to dismiss one sensible decision on the grounds that the persons concerned made many other bad decisions. It's the decision that is the focus not the persons making it.
> Bad people react to this by getting angry at the gate attendant; good people walk away stewing with thwarted rage.

I disagree, slightly. We have to expect some degree of ethical behaviour from everyone, even those who nominally have no room to manoeuvre. If everyone in such positions were to disobey unjust orders the orders would eventually have to change.

Walking away stewing in rage does nothing except fill you with damaging hormones.

and enables the situation at the expense of your own health.
If I ever feel like writing my own "12 Rules for Life", one of them is going to be called "Don't yell at the Barista" or some version of that. You can get angry, but not at the person who would probably get fired for showing initiative. Find the people actually responsible and yell at them.
Being angry is not synonymous with being abusive. Your assumption that they would be fired for showing initiative says a lot about the society that you live in. I'm glad that generally where I live we expect people to take responsibility and their managers to support them. It doesn't always work of course.
(comment deleted)
It's only related to what he wrote but it reminded me of something that low-key annoys me whenever I hear Americans talk about the Holocaust.

I know he only touches on it very slightly and indirectly raises a related point to what annoys me about most coverage about it.

It's pretty simply that the people that were systematically slaughtered during that time period were classified to be Jews, Gypsies and other "undesirables", but they were first and foremost German and identified as such. Nazi Germany didn't kill "other" people, it systematically alienated groups of the population to then eradicate them, by first walling them off to make communication impossible, then spreading enough propaganda to make the average Joe no longer consider them his neighbor.

Seeing the social climate all over the world change, chief among them Americas, does make me think this lesson hasn't been taken in whatsoever.

The first step to atrocities is always to cut of communication between the groups, and people nowadays are actively doing that themselves now - not artificially enforced like it was back then.

At first yes, because they had control over the German Jews. It expanded of course as their control spread through conquering.
Absolutely, the atrocities didn't stop there. That was only the beginning. I didn't mean to insinuate that only Germans were mistreated. The sociopaths running the government in Nazi Germany were very methodical about it and forced everyone into becoming either a collaborator or victim themselves, facilitating even more atrocities as WW2 progressed
I'm now in a stage of my consulting career where I sometimes really get called into big organisation just to find out, that whatever they need to do is already panned out and they all want to do it! Still they call me cause ... it's a big decision and the "higher ups" (which quite often are not even part of the workshop/session then) want an external expert voice. cause the responsibility for this decision lies with them and they can not share it up or sideways, so they share the responsibility partly external.

As the plan quote often (not always) is already very good I mostly end up making sure the goal is measurable in a quantitative and qualitative way, trends towards to and away from the goal are visually available and distributed , and its clear who is responsible to look and report them.

Ah yes, ass cover as a service.

There's a classic article (2010) about it: https://thetech.com/2010/04/09/dubai-v130-n18 (HN: https://news.ycombinator.com/item?id=1257644)

The difference is that while the decision has been made, it isn't necessarily very good.

Often, getting a decision (ANY decision) made is both absolutely critical, and with all the ass covering and office politics involved, nearly impossible. Even if (or sometimes especially) it’s patently obvious to everyone what the decision should be.
Yeah I guess there's a continuum between a) hiring someone impartial and not entangled politically to advise on an important decision and break the deadlock and b) paying someone to justify an obviously crappy decision while providing ass cover.
In any sufficiently large organization, these are the same thing.
>I mostly end up making sure the goal is measurable in a quantitative and qualitative way, trends towards to and away from the goal are visually available and distributed , and its clear who is responsible to look and report them.

Unrelated to the post, but it sounds like you and I do similar work and have arrived at similar conclusions but I often fail to get organizations to actually spend the correct amount of time identifying these success indicators - which I think are critical to focus and scope stability. I’d love to chat sometime.

I always thought that was a big reason for buying external consulting. Reminds me of that George Clooney Movie
Michael Clayton?
Probably more Up in the Air
Yeah that probably makes more sense.
> I'm now in a stage of my consulting career where I sometimes really get called into big organisation just to find out, that whatever they need to do is already panned out and they all want to do it! Still they call me cause ... it's a big decision and the "higher ups" (which quite often are not even part of the workshop/session then) want an external expert voice.

"Clients always know how to solve their problems, and always tell the solution in the first five minutes."

  - Gerald Marvin Weinberg
    The Secrets of Consulting
https://www.goodreads.com/book/show/566213.The_Secrets_of_Co...
So basically, you're adding formal processes to ensure accountability. ;-)
This is no secret, most of "big 4" consulting is about telling directors what they want to hear anyway (eg layoffs) but wrapping that in a glossy report with a logo on it
I once worked on a public sector project as a consultant, spent a year doing studies for similar projects that had been done elsewhere, resulted in a document presenting a budget and timeline with options that I presented to their board of elected officials. They wanted the number and timeline to be half of what we showed, and scope unchanged.

I opened my mouth to argue, my partner at the time cut me short "we'll see what's possible".

We spent the next couple months massaging numbers under his supervision removing all contingency, selecting the most optimistic paths and assumptions, and plain lowering numbers. Until, for all intents and purposes, our document was the same but showing the numbers they wanted with out signature at the bottom.

They were very happy with our work. They're elected officials you see, they are concerned with re-election and appearing to behave reasonably with money. I got a promotion out of it.

The project ended costing 30% more than what we initially planned and took 30% more than our estimate.

One example that's missing from the list is the TV series 24. A recurring plot point was that, yes, of course torture is bad and it's against the rules and we don't do it, etc etc, but it just so happens that here is such an exceptional, unprecedented, deeply urgent emergency situation where we need to have the information now or horrible things will happen, we need the hero who breaks the rules and goes on torturing anyway. [1]

Fast-forward a few years and you find there were in fact many such "heroes" in reality - in Abu Ghraib and in the Black Sites - and the situation weren't exceptional at all.

So accountability sinks can also be used as calculated ways to undermine your own ostensible ethical guardrails.

[1] https://www.theguardian.com/tv-and-radio/2017/jan/30/24-jack...

Wasn't 24 cited by Cheney when he was defending USA-as-torturer ?
Antonio Scalia name dropped Jack Bauer.
That shows you the true depth of his legal thinking. Good riddance.
Chomsky's "Manufacturing Consent" comes to mind here.
Another perspective is that it's a clever way of asking for consent. Like a trial balloon, except not even carried out for real. You get to see if the public approves of the character or not, and then you decide how to proceed with that information.
Convictions aren't convictions if you abandon them when it's hard. It's just cosplay
This is simplifying the definition to the point of defining the term out of existence. No one actually has any convictions in this world. This is actually kinda bad if your goal is for people to really think about ethical issues and try to maintain a degree of rational consistency.

Plus being so black and white in the manner you're describing would.. well actually be really stupid a lot of the times. The fact that Batman doesn't kill the Joker is a storytelling device, in the real world it would be monumentally stupid to do anything other than blow his brains out. Literally millions of lives saved. But it also makes sense, and his good, that Batman still maintain is strong conviction to not kill despite choosing to do it sometimes.

Rules necessarily have exceptions and it's healthy to do so, black and white thinking should be for the jedi/sith, not real life humans.

It’s interesting that you picked up The Dark Knight. The Joker says that he’s only holding a mirror to the society which I tend to agree with somewhat. He used the people from inside the system to take on Batman and in fact succeeds. Killing him would achieve absolutely nothing when the system is so insidiously corrupt.
Also, if you do something every day, it is not an exception.
(comment deleted)
One of the things that strikes me about 24 is that it started running about 2 months after the 9/11 attacks. I wouldn't be surprised if there was a debate about running it or edits, but in retrospect it does seem like the timing worked and fit with the public mood of the time. What would be interesting is how 9/11 and following real life events influenced the show's writing in later series.
You don't put together and film a show in 2 months if that's what you're implying here. it was planned for a long time before that
You're right, you plan them both together before the fact.
They are suggesting that the events of 9/11 would have made the showrunners debate whether they should delay the release of 24, or edit it to change the content somewhat.
What’s also interesting is that the tortured always turn out to be the bad guys. It never happens that he mistakenly tortured a good guy.
But dear sir, we have an autocracy <cough cough> a known corruption-free society with infallible and omniscient leaders, so you are not even allowed <cough cough> only reptilian slanderers would question the authorities.
If they were good guys, we wouldn't be torturing them in the first place, obviously.
I watched a season of Chicago PD, and noticed that they had a convenient "plot accelerator."

Whenever they got to a point, where the detectives and CSI would be painstakingly going through the evidence, sifting out clues, they'd throw the suspect into "the cage," and beat a confession out of them.

Every police show aggressively pushes the "civil rights bad" angle. Maybe once a season they will graciously consider "maybe civil rights good?" for part of an episode before concluding "no, civil rights bad."
s/show/department/
It seems to be a hallmark of Dick Wolf's shows.

His son is getting into the act, but seems to be more interested in depicting "the right way."

His show is an Amazon show, named On Call: https://www.imdb.com/title/tt14582876/

I enjoyed it.

I noticed the difference in this show as well, and I hope it continues.

Besides any conscious philosophy of the producers & writers, perhaps making the show more character driven as opposed to procedural has an impact on the stories. Maybe it's easier to understand when a suspect's rights are being violated (and to not be banal about it) when you're writing a deeper portrayal of the person who wields the power.

I always wanted to see a "pop up video" take on a cop show, where they have expository information and trivia from actual legal experts.

"Officer Jones just blew the entire chain of custody around the bloody knife"

"Flabbodell vs Borkweather says they have to give you access to counsel within X hours and they just ran out the clock"

"This type of traffic stop is explicitly forbidden in 17 states, including the one this show is nominally set in"

The sad thing about all those observations is, all these things surely happen anyway, and lots of people end up in jail anyway, because they don't have good representation to point out how they've been railroaded and they've got a plea bargain dangling in front of them.
People at least know "Nobody read me my rights", "I want to plead the Fifth", and "I want my lawyer" from seeing it on TV. If your arrestee-- or your jury pool-- has a higher level of awareness of common legal gotchas, they'd be able to demand a better deal. "I know you screwed up, the plea deal isn't good enough."
I’d like to see more:

Main character tortures a low-level grunt

Gets false confession

Goes off on wild goose chase based on that confession

Bad guys get away with their plot as a result

“Yes, you were torturing me, I’d obviously have said anything to get you to stop.”

I feel like I’ve seen this sequence once or twice, but I can’t remember what it was in. It actually seems like something that is more likely to be put in a comedy, where the protagonist can be shown to be stupid occasionally. Maybe Brooklyn 99, or Barry, or something like that?

Well, it's the motive behind any atrocity committed during war, what's a few cracked eggs if there is a grand goal in mind. There are always people in places who feel like it's a historical duty to carry out those plans. And the war crimes stay in the past and get forgotten but nobody can deny the new reality on the ground. You can ethnically cleanse an area and in a 100 years that becomes barely a historical footnote and a new reality emerges and nobody can dispute that the area is occupied by a nation that claims rights based on self determination. Same for settler colonialism, they're not invading, just changing the actual conditions as a precursor to claiming political legitimacy.
There is no connection between Ab Ghraib and 24, a fictional TV series. If you think this stuff didn't happen before 24 then I'd like some proof. TV reflects reality (or a very stretched version of it), not the other way around, and 24 also wasn't the first version of such a thing. It's just that Abu G they used people who were young and not professionals so it leaked. It has probably been happening as long as the USA has had police forces like the CIA, military intelligence, and even cops.
In real world, that stuff happens to innocent people, to people guilty of completely different or lesser crimes and cops get out a lot of false claiks they use against whoever they dislike.In real world, it happens as a power trip with no saving factor.

In real world, it happens to cover up crimes cop did themselves or to facilitate them.

That is where the lie is.

There is a direct connection.

Antonin Scalia was one of the architects of substantial limitations on the 8th amendment and was a key figure in a number of cases specifically about extraordinary rendition and "enhanced interrogation."

Scalia has multiple times in public referenced Jack Bauer as an argument for why prohibitions on torture are unworkable. At a panel on the very topic, Scalia responded to "Thankfully, security agencies in all our countries do not subscribe to the mantra 'What would Jack Bauer do?'" with "Jack Bauer saved Los Angeles" and "are you going to convict Jack Bauer?"

Christ, what a ghoul.

"The ends justify the means" is a horrific way to run a society in any case, but of course it skips over the question of whether the means actually caused the ends, let alone were the only way to do so. Even if torture did save lives, it isn't a great justification - but then pile on top that your only evidence that it actually does work is fiction and it starts to look like the means were what you really wanted in the first place.

Star Trek: Deep Space Nine introduced Section 31, an organisation which regularly acted in the way you describe the characters from 24. They operated outside official channels and used questionable methods to do whatever was necessary “for the good of the Federation”. The character of Odo criticised it well:

> Interesting, isn’t it? The Federation claims to abhor Section 31’s tactics, but when they need the dirty work done they look the other way. It’s a tidy little arrangement, wouldn’t you say?

https://memory-alpha.fandom.com/wiki/Section_31

DS9 had an actual instance of torture too, but it was a hero being tortured by... half-hero, half anti-hero[0]? Not sure that one led anywhere, beyond being a very disturbing way to do character development.

Section 31 angle is tricky, because the writers unintentionally[1] made them literally save the entire alpha and beta quadrants, and possibly the entire galaxy, from slow-burn genocide. The Dominion was known to systematically subjugate and ultimately eradicate solid life, and other than the Federation Alliance bloc (that prevailed only because of Section 31's bioweapon short-circuiting the war[2]), the only power left in the known galaxy strong enough to resist the Dominion would be... the Borg Collective, which wasn't really that much better[3].

So, as much as I love DS9, I feel the show (and the larger franchise) has so much unintentional depth, that most obvious takes don't work with fans, because they don't survive scrutiny :).

--

[0] - The simple tailor was anything but.

[1] - At least as far as I recall, Section 31 were written to be the rotten apples that got revealed and removed by the heroes, in a pretty straightforward way - but IMO, they failed at this, and instead created something more of Deus Ex Realpolitik.

[2] - And a little bit of actual fleet-eating Deus Ex Machina, on the account of having a demi-god in their midst.

[3] - And nobody in or out of universe really wants to talk about what happened to the latter, except the last season of PIC that tacitly acknowledged it in a "blink and you'll miss it" way.

> Section 31 angle is tricky, because the writers unintentionally[1] made them literally save the entire alpha and beta quadrants, and possibly the entire galaxy, from slow-burn genocide.

I mean, Jack Bauer, too, saved America from all kinds of unspeakable evil by his clever use of torture. I'd say it's not tricky at all. The morally gray "it's bad but we'd be even worse off without it" justification is kind of the point of those narratives.

Yes, but the difference is that Section 31 in DS9 is obviously "the baddies" to the heroes and the audience, and writers meant it to be "the baddies", and everyone in and out of universe was supposed to be appalled at the mutagenic virus subplot, and yet, taken in context of the larger events in the show, Section 31 came out as a light shade of gray instead of black.

It's one thing if them doing their thing was merely convenient, but the rest of the writing in the show converged into a situation where the Federation was under the wall, with no way to talk or shoot their way out of total defeat (and Earth being glassed to make a point). For Star Trek, that's pretty much a franchise-terminating event; they needed to write their way out of that corner - and Section 31 plot basically did that, before they realized it.

AFAIK the writers did not intend Section 31 plot to be posing the question whether any means are justified if the alternative is being exterminated - but it's what they inadvertently ended up doing.

(It's not the only time they hit a problem like this. AFAIR, the episode "Waltz" was made specifically because fans found more depth in the character of Dukat than the writers intended; as such, the whole point of that episode was to drive home that yes, Dukat is just that evil, period.)

> DS9 had an actual instance of torture too, but it was a hero being tortured by... half-hero, half anti-hero

If you’re talking about Garak torturing Odo, that seems different than the 24 case because in that instance Garak was explicitly working for “the bad guys”. And even so he was doing the torturing reluctantly and only doing so because the alternative was the torturing being done by another operative which wouldn’t restrain themselves. In other words, in that instance the show was explicitly treating torture as bad.

> made them literally save the entire alpha and beta quadrants, and possibly the entire galaxy, from slow-burn genocide.

Technically it wasn’t the disease which defeated the Founders, though I supposed one can argue it debilitated them enough. Even so, despite the results I didn’t feel like the show was necessarily approving of Section 31 (the main characters actively tried to defeat them).

> Technically it wasn’t the disease which defeated the Founders, though I supposed one can argue it debilitated them enough.

It put a countdown clock on their remaining lifespan. Infecting all the Founders simultaneously with a lethal disease made the entire war (that they were very much winning) moot. For the Founders, the entire reason behind the conflict was to ensure their own safety from hypothetical future threats (they were a paranoid bunch); that obviously is not achieved when all Founders are dead, so the entire calculus changes.

That's what I mean by saying that the virus short-circuited the war. It may have been the compassionate and extremely risky act of Odo that, in true Star Trek fashion, changed hearts and minds and got everyone back to the negotiating table, but even without it, the virus would've ended the war within a week or such - leaving alpha and beta quadrants in a bad state (fighting against now feral but still superior Dominion invasion force), but still much better and more survivable than the war itself was.

> Even so, despite the results I didn’t feel like the show was necessarily approving of Section 31 (the main characters actively tried to defeat them).

The show was very much not approving of Section 31; that one was communicated quite clearly. What I'm saying is that, if you ignore what you're being told and look at what you're being shown - the events that happened, not the main characters' opinions on them - it's becomes much harder to paint Section 31 as villains of the story.

I believe this outcome was not intended by the writers; it's just what the whole storyline ended up adding up to.

Sounds a lot like Special Circumstances in The Culture books.
[flagged]
1. Not specific to the Dutch at all. Worldwide practice.

2. These are also human traits! Maybe not so much humane traits.

https://en.wikipedia.org/wiki/Chick_culling

> Worldwide practice.

For sure we don't do that sociopathic thing here in Romania. Ok, I get it, the regulations were set in stone, but after shredding (again, what the flying fuck?!?!) the first animal hasn't any of those Dutch employees just stopped and ask themselves: "What the hell are we doing here?". It certainly explains Anne Frank, after all she was violating the regulations that were in place back then in that desolate and sad country.

> 2. These are also human traits! Maybe not so much humane traits.

We're talking about mammals here. Not that what happens with chicks is the correct way to do it, and God knows we deserve everything that comes our way as a species for doing that, but there are degrees in all this madness.

Dug around a little, found this map:

https://www.reddit.com/r/europe/comments/1hbmivg/which_count...

So at least in 2023, no bans were in place in Romania for this practice.

I'm not entirely sure why it makes sense to distinguish between nations, with regards to questionable practices. A nation is large, with many different people in it. So, there will be many on each "degree of madness" as you call it. Over the course of a long history and a numerous population, you will every bad practice that you can think of, and then some.

This has nothing to do with nation - people themselves are like this, everywhere. In fact, I think that it's very dangerous to put it like that, to distance oneself so much from the horrific acts. I believe that the capability to turn on the chick shredding machine exists between you and me just as much as they do in the people who currently operate these machines. Bad acts are way easier than they seem, and, depending on circumstances of course, it takes a lot of resolution and work to build a kind and wholesome life.

My go-to example of a whole mesh of "accountability sinks" is... cybersecurity. In the real world, this field is really not about the tech and math and crypto - almost all of it is about distributing and dispersing liability through contractual means.

That's why you install endpoint security tools. That's why you're forced to fulfill all kinds of requirements, some of them nonsensical or counterproductive, but necessary to check boxes on a compliance checklist. That's why you have external auditors come to check whether you really check those boxes. It's all that so, when something happens - because something will eventually happen - you can point back to all these measures, and say: "we've implemented all best practices, contracted out the hard parts to world-renowned experts, and had third party audits to verify that - there was nothing more we could do, therefore it's not our fault".

With that in mind, look at the world from the perspective of some corporations, B2B companies selling to those corporations, other suppliers, etc.; notice how e.g. smaller companies are forced to adhere to certain standards of practice to even be considered by the larger ones, etc. It all creates a mesh, through which liability for anything is dispersed, so that ultimately no one is to blame, everyone provably did their best, and the only thing that happens is that some corporate insurance policies get liquidated, and affected customers get a complimentary free credit check or some other nonsense.

I'm not even saying this is bad, per se - there are plenty of situations where discharging all liability through insurance is the best thing to do; see e.g. how maritime shipping handles accidents at sea. It's just that understanding this explains a lot of paradoxes of cybersecurity as a field. It all makes much more sense when you realize it's primarily about liability management, not about hat-wearing hackers fighting other hackers with differently colored hats.

+1 Insightful

Thank you for sharing this really illuminating take. I spend an unreasonable amount of time dealing with software security, and you've put things in a light where it makes a bit more sense.

> "we've implemented all best practices, contracted out the hard parts to world-renowned experts, and had third party audits to verify that - there was nothing more we could do, therefore it's not our fault"

The amount of (useless) processes/systems at banks I've seen in my career that boil down to this is incredible, e.g. hundreds of millions spent on call center tech for authentication that might do nothing, but the vendor is "industry-leading" and "best in-class".

> It's just that understanding this explains a lot of paradoxes of cybersecurity as a field. It all makes much more sense when you realize it's primarily about liability management, not about hat-wearing hackers fighting other hackers with differently colored hats.

Bingo. The same situation for most risk departments at banks or healthcare fraud and insurance companies.

I thought risk at a bank was going to be savvy quants, but it's literally lawyers/compliance/box-checking marketing themselves as more sophisticated than they are. Like the KYC review for products never actually follow up and check if the KYC process in the new products works. There's no analytics, tracking, etc. until audit/regulators come in an ask, "our best-in-class vendor handles this". All the systems are implemented incorrectly, but it doesn't matter because the system is built by a vendor and implemented by consultants, and they hold the liability (they don't, but it will take ~5 years in court to get to that point).

Beginning to understand what "bureaucracy" mechanically is.

What's funny is that checklists in hospitals have been shown, empirically, to be massive life-saving devices.

cyber perhaps not so much...

Checklists work well in high stress situations where you cannot forget a step (medicine, aviation).

A checklist in a security incident? Probably helpful.

A security checklist to satisfy auditors and ancient regulations? This is an entirely different kind.

Yea, the problem most often in computer security checklists is misapplication of the checklist.

I do cyber security related stuff for the finance and they have some of the dumbest checklists ever.

A more recent one I got was

"We only allow the HTTP verbs 'GET' and 'POST', your application can only use that and the verbs PUT, PATCH, and DELETE cannot be used.

After not replying 'are you fucking stupid' I said

"You do realize that you are using a RestAPI application and that these verbs can go to the same interface to modify the call in different way? Not only would we have to rewrite our application which would probably take months to years, you would have to rewrite tons of applications on your side to make this actually work."

You get these dipshit auditors from other firms that pick up some 'best practice' from 2003 and put it in a list then get a god complex about it needing to be implemented when they have absolutely zero clue why the original thing was called out in the first place.

For those who wonder, typically these verbs are disabled to prevent the accidental enablement of WebDAV on some platforms, especially Windows/IIS that had some issues with security around it. It makes zero sense for such a rule in a modern API application.

> For those who wonder, typically these verbs are disabled to prevent the accidental enablement of WebDAV on some platforms, especially Windows/IIS that had some issues with security around it. It makes zero sense for such a rule in a modern API application.

Thanks. One thing that's more interesting than the revealed stupidity of such rules is the actual (and often sensible) reason they were first created long ago.

"Temporary" hacks outliving both the problem they solved and the system they were built for seems to be a regular occurrence in bureaucracy as much as it is in software and hardware.

Most of this comes about because the talent pool for cyber is so small. Cyber Auditors, should understand what the risk is, and what controls should be in place, and how they operate.

Most don't because they lack the appropriate technical skills. Therefore we fall back on checklists, as less skilled people can do a compliance check to it.

In large organisations this can also happen between cyber and engineering teams, where the teams don't understand security and are just focussed on releasing features, and so cyber enforces checklists or non-negotiables or compliance assessments.

All of this comes down to skills and awareness. Not enough people have the skills/knowledge to cover all the roles out there.

Don't think the talent pool is small. It's the budget. InfoSec is seen as a huge money sink in the eyes of many unfortunately.
Checklists solve the problem of forgetting specific details. They work very well in situations where all possible problems have been enumerated and the only failure mode is forgetting to check for one.

They do not solve the problem of getting people to think things through and recognize novel issues.

There are some jobs you can't do well. You can do them adequately or screw them up. Checklists are helpful in those jobs.

Checklists are a good tool for making sure you don't forget something. They're a terrible replacement for actually thinking.
The fun part of bank bureaucracy is you get to experience it 10x worse if you actually work at one.

I once worked on a global, cross-asset application. The change management process was not designed for this and essentially required like 9 Managing Directors to click "approve release" in a 48 hour window for us to do a release.

We got one shot at this per week, and failing any clicks we would have to try again the next week. The electronic form itself to trigger the process took 1-2 hours to fill out and we had 3 guys on the team who were really good at it (it took everyone else 2x as long).

Inevitably this had at least 3 very stupid outcomes -

First we had tons of delayed releases. Second the majority of releases became "emergency releases" in which we were able to forego the majority of process and just.. file the paperwork in retrospect.

Finally, we instructed staff in each region to literally go stand in the required MD delegates office (of course the MD wouldn't actually click) until they clicked. The conversations usually went something like this "I don't know what this is / fine fine you aren't gonna leave, I'll approve it if you say it won't break anything / ok don't screw up"

The most unfortunate thing about much of corporate 'cybersecurity' is that it combines expensive and encumbering theatre around compliance and deniability... with ridiculously insecure practices.

Imagine, for example, if more companies would hire for software developers and production infrastructure experts who build secure systems.

But most don't much care about security: they want their compliances, they may or may not detect and report the inevitable breaches, and the CISO is paid to be the fall-person, because the CEO totally doesn't care.

Now we're getting cottage industries and consortia theatre around things like why something that should be a static HTML Web page is pulling in 200 packages from NPM, and now you need bold third-party solutions to combat all the bad actors and defective code that invites.

> Imagine, for example, if more companies would hire for software developers and production infrastructure experts who build secure systems.

I do imagine that, and they get hacked (because you have to get lucky every time, but the hackers only need to get lucky once), and then the press says "were you doing all the things the whole industry says to do?" and they say "no, but we were actually secure!" and the press goes "well no you weren't, you got hacked, and you weren't even doing the bare minimum!" and then the company is never heard of again.

Honestly is is just like Insurance. You understand the value of things you are protecting (and simple compliance has a value to you in penalties and liabilities avoided) and make sure it costs more than that to break into your system.

At a corporate level, it is contractually almost identical to insurance, with the product being sold liability for that security, not the security itself.

Right. I sometimes call it meta-level insurance, because it's structurally what it is. Funnily, actual insurance is a critical part of it - it's the ultimate liability sink, discharging whatever liability that didn't get diluted and diffused among all relevant parties.

And, I guess it's fine - it's the general way of dealing with impact that can be fully converted into dollars (i.e. that doesn't cause loss of life or health).

It’s really not fine. Expensive and useless security theater isn’t just inefficient and corrupt, it’s way more actively harmful than that because there’s a huge opportunity cost associated with all the wasted time and money AND the incentivized deliberate refusal to make obviously good/easy/cheap improvements. Even in matters pertaining purely to dollars.. Spreading out liability can’t erase injury completely. it just pushes it onto the tax payer because someone is paying the judge to sit in the chair and listen to the insurance people and the lawyers.
I wonder what the difference is between cybersecurity and civil aviation safety. At a glance they both have a lot of processes and requirements. Somehow on one side they are as you said, a way to deal with liability without necessarily increasing security, while on the other safety is actually significantly increased.
I think a big part of it is that failures in aviation safety cost lives, often dozens or hundreds per incident, in quite immediate, public and visceral fashion. There also isn't much gradation - an issues either causes massive loss of life, or could cause it if not caught early, or... it's not relevant to safety. On top of that, any incident is hugely impactful on the entire industry - most people are fully aware how likely they'd be to survive a drop from airliner altitude, so it doesn't take many accidents to scare people away of flying in general.

Contrast that to cybersecurity, where vast majority of failures have zero impact on life or health of people, directly or otherwise. Even data breaches - millions of passwords leak every other week, yet the impact of this on anyone affected is... nil. Yes, theoretically cyberattacks could collapse countries and cause millions to die if they affected critical infrastructure, but so far this never happened, and it's not what your regular cybersecurity specialist deals with. In reality, approximately all impact of all cyberattacks is purely monetary - as long as isn't loss of life or limb, it can be papered over with enough dollars, which makes everyone focus primarily on ensuring they're not the ones paying for it.

I think it's also interesting to compare both to road safety - it sits kind of in between on the "safety vs. theater" spectrum, and has the blend of both approaches, and both outcomes.

> I think a big part of it is that failures in aviation safety cost lives

This is an interesting point, and it certainly affects the incentives involved and the amount of resources allocated to mitigating the problems.

I do think cyber security incidents with real consequences are likely to become more common going forward (infrastructure etc). We haven't experienced large state actors being malicious in a war time footing (yet).

Will we able to better mitigate attacks given better incentives? I think that is an open question. We will certainly throw more resources at the problem, and we will weight outcomes more heavily when designing processes, but whether we know how to prevent cybersecurity incidents even if we really want to... that I wonder about.

I do think you're broadly right -- the lack of immediate and obvious impact creates a perception that there is no impact. But even your first example -- data breaches -- does have an impact. It might not have happened to you, it might not have happened to me, but people do get their identities stolen, and recovering from that is a nightmare. And nobody is going to 'paper over' John Doe's missing retirement fund or ruined credit score, that harm is permanent.

> this never happened

This is also wrong. Russia has employed cyberwarfare against Ukraine multiple times -- e.g. in 2016 when they took large chunks of the grid for an hour, or more pointedly in 2022 when it was used to disrupt infrastructure and digital operations across the country as part of an invasion. Stuxnet and Triton were also pretty serious -- unlikely to kill millions, but they did have a real effect. If you're bringing this up to explain why people don't care as much as they should, then I agree -- but I would think that it's misguided to suggest that "this has never happened" actually implies that it never will. It took 20 years after the advent of commercial airlines for someone to bomb one, but clearly that is now a major and continuing concern.

Aviation safety is mostly about learning from past experience. You mitigate known hazards that, once mitigated, stay mitigated.

Cybersecurity is about adversarial hazards. When you mitigate them they actively try to unmitigated themselves.

It is more analogous to TSA security checks than to FAA equipment checklists. The checklist approach can prevent copycats from repeating past exploits but is largely useless for preventing new and creative problems.

There is lot less aircraft models as well. About 17 in current production(although more variants), 3 in planning, 26 "out-of-production" and some more historical.

In the end there is just not that many products overall.

Now compare that to amount of software being worked on. And number of companies involved just on buying bespoke ones or developing for own use...

Security is closer to product management and marketing than engineering. It's a narrative and the mirror image of product and marketing, where instead of creating something people want based on desire, it's managing the things people explicitly don't want. When organizations don't have product management, they have anti-product management, which is security. We could say, "There is no Anti-Product Division."

Specifically on accountability, I bootstrapped a security product that replaced 6-week+ risk assessment consultant spreadsheets with 20mins of product manager/eng conversation. It shifted the accountability "left" as it were.

When I pitched it to some banks, one of the lead security guys took me aside and said something to the effect of, "You don't get it. we don't want to find risk ourselves, we pay the people to tell us what the risks and solutions are because they are someone else. It doesn't matter what they say we should do, the real risk is transferred to their E&O insurance as soon as they tell us anything. By showing us the risks, your product doesn't help us manage risk, it obligates us to do build features to mitigate and get rid of it."

I was enlightened. Manage means to get value from. The decade I had spent doing security and privacy risk assessments and advocating for accountability for risk was as a dancing monkey.

I worked in GRC space for a while, which is where I finally realized the things I wrote above. Our product intended to give CISOs greater visibility into threats and their impacts, making it easy to engage in probabilistic forecasting to prioritize mitigations. Working on designing and building it made me see the field from the perspective of our customers, and from their POV, cyber-threats are all denominated in dollars, mitigating threats boils down to not having to pay corresponding dollars, and that it's often more effective to ensure someone else pays than to address the underlying technological or social vulnerability.
we have close experiences for sure. mine was positioned as pre-GRC, more of a design stage tool. like an aha.io/roadmap.com for security. an early champion kept asking how it got them compliance and what compliance frameworks did it implement. I kept insisting this isn't for compliance, it's product level design for security- and that I wasn't interested in making a compliance tool because compliance is stupid. ironically it was essentially an anti-corporate security product.

of course security people said, "wat, wut?" and it it was because I had made something for what I thought people should do, but not what they wanted. it's funny looking back at it, as I was so burned out and hating the security work I was doing that I just said f'it, and automated it. the biggest conceit (among many) was believing customers would want the results of the risk assessment consulting services I offered if they could do it themselves for 1/100th of the price. the other lesson was, if someone doesn't or won't take accountability for risks, it's almost never because they are dumb.

Rhyming with this observation - the only time I've ever heard someone getting fired over a phishing incident anywhere I've worked.. was a guy on the cybersecurity team who clicked through and got phished.
This is the ultimate nihilistic take on security.

Yes, 'cyber' security has devolved to box checking and cargo culting in many orgs. But what's your counter on trying to fix the problems that every tech stack or new SaaS product comes without of the box?

For most people when their Netflix (or HN) password gets leaked that means every email they've sent since 2004 is also exposed. It might also mean their 401k is siphoned off. So welcome the annoying and checkbox-y MFA requirements.

If you're an engineer cutting code for a YC startup -- Who owns the dependancy you just pulled in? Are you or your team going to track changes (and security bugs) for it in 6 months? What about in 2 or 3 years?

Yes, 'cyber' security brings a lot of annoying checkboxes. But almost all of them are due to externalities that you'd happily blow past otherwise. So -- how do we get rid annoying checkboxes and ensure people do the right thing as a matter of course?

> For most people when their Netflix (or HN) password gets leaked that means every email they've sent since 2004 is also exposed. It might also mean their 401k is siphoned off. So welcome the annoying and checkbox-y MFA requirements.

Not true. For most people, when their Netflix or HN password gets leaked, that means fuck all. Most people don't even realize their password was leaked 20 times over the last 5 years. Yes, here and there someone might get deprived of their savings (or marriage) this way, but at scale, approximately nothing ever happens to anyone because of password or SSN leaks. In scope of cybersec threats, people are much more likely to become victims of ransomware and tech support call scams.

I'm not saying that cybersec is entirely meaningless and that you shouldn't care about security of your products. I'm saying that, as a field, it's focused on liability management, because that's what most customers care about, pay for, and it's where the most damage actually manifests. As such, to create secure information systems, you often need to work against the zeitgeist and recommendations of the field.

EDIT:

> This is the ultimate nihilistic take on security.

I don't believe it is. In fact, I've been putting efforts to become less cynical over last few months, as I realized it's not a helpful outlook.

It's more like, techies in cybersecurity seem to have overinflated sense of uniqueness and importance of their work. The reality is, it's almost all about liability management - and is such precisely because most cybersec problems are nothingburgers that can be passed around like a hot potato and ultimately discharged through insurance. It's not the worst state of things - it would be much worse if typical cyber attack would actually hurt or kill people.

This really resonated with me because I'm also working to avoid becoming more cynical as I gain experience and perspective on what problems "matter" and what solutions can gain traction.

I think in this case the cognitive dissonance comes from security-minded software engineers (especially the vocal ones that would chime in on such a topic) misunderstanding how rare their expertise is as well as the raw scope of risks that large corporations are exposed to and what mitigations are sensible. If you are an expert it's easy to point at security compliance implementation at almost any company and poke all kinds of holes in specific details, but that's useless if you can't handle the larger problem of cybersecurity management and the fallout from a mistake.

And if you zoom out you realize the scope of risk introduced by the internet, smart phones and everything doing everything online all the time is unfathomably huge. It's not something that an engineering mentality of understanding intricate details and mechanics can really get ones head around. From this perspective, liability and insurance is a very rational way to handle it.

As far as the checklists go, if you are an expert you can peel back the layers and realize the rationales for these things and adjust accordingly. If you have competent and reasonable management and decision makers then things tend to go smoothly, and ultimately auditors are paid by the company, so there is typically a path to doing the right thing. If you don't have competent and reasonable management then you're probably fucked in unnumerable ways, such that security theater is the least of your worries.

Actual accountability. Do not let companies be like "Well, we were SOC2 compliant, this breach is not our fault despite not updating Apache Struts! Tee Hee" When Equifax got away with what was InfoSec murder by 6 months of jail time suspended, Executives stopped caring. This is political problem, not technology one.

>So -- how do we get rid annoying checkboxes and ensure people do the right thing as a matter of course?

By actually having the power to enforce this, if you pull our SBOM, realize we have a vulnerability and get our Product Owner to prioritize fixing it even if takes 6 weeks because we did dumb thing 2 years ago and tech debt bill has come due. Otherwise, stop wasting my time with these exercises, I have work to do.

Not trying to be mean but that's my take with my infosec team right now. You are powerless outside your ability to get SOC2 and we all know this is theater, tell us what piece of set you want from me, take it and go away.

It's a two-sided coin though.

We should be stopping leaks, but we also need to reduce the value of leaked data.

Identity theft doesn't get meaningfully prosecuted. Occasionally they'll go after some guy who runs a carding forum or someone who did a really splashy compromise, but the overall risk is low for most fraudulent players.

I always wanted a regulation that if you want to apply for credit, you have to show up in person and get photographed and fingerprinted. That way, the moment someone notices their SSN was misused, they have all the information on file to make a slam-dunk case against the culprit. It could be an easier deal for lazy cops than going after minor traffic infractions.

The problem with "identity theft" specifically is that, in itself, it's just a legal term for allowing banks to save on KYC by letting them transfer liability to society at large.

If someone uses your SSN to take a loan in your name, it shouldn't be your problem - in the same way that someone speeding in the same make&model of the car as yours shouldn't be your problem, just because they glued a piece of cardboard over their license plate and crayoned your numbers on it.

That is also why so much of the security[tm] software is so bad. Usability and fitness for purpose are not box-tickers. The industry term in play is "risk transfer".

Most security software does not do what it advertises, because it doesn't have to. Its primary function is for the those who bought the product, to be able to blame the vendor. "We paid vendor X a lot of money and transferred the risk to them, this cannot be our fault." Well, guess what? You may not be legally the one holding the bag, but as a business on the other end of the transaction you are still at fault. Those are your customers. You messed up.

As for vendor X? If the incident was big enough, they got free press coverage. The incentives in the industry truly are corrupt.

Disclosure: in the infosec sphere since the early 90's. And as it happens, I did a talk about this state of affairs earlier this week.

We should really define a new term for such work.

Perhaps "Risk Compliance Security" or "Security Compliance Engineering"

Where "Security Compliance Engineering" is the practice of designing, implementing, and maintaining security controls that satisfy regulatory frameworks, contractual obligations, and insurance requirements. Its primary objective is not to prevent cyberattacks, but to ensure that organizations can demonstrate due diligence, minimize liability, and maintain audit readiness in the event of a security incident.

Key goals:

- Pass external audits and internal reviews - Align with standards like ISO 27001, SOC 2, or NIST

- Mitigate organizational risk through documentation and attestation

- Enable business continuity via legal defensibility and insurability

In contrast…

Cybersecurity is focused on actively detecting, preventing, and responding to cyber threats. It’s concerned with protecting systems and data, not accountability sinks.

(comment deleted)
> Bad people react to this by getting angry at the gate attendant; good people walk away stewing with thwarted rage.

> You ask to speak to someone who can do something about it, but you're told that's not company policy.

People somewhere in between realise that the point of the gate attendant (or Level 1 tech support person) is to shield management from customers, so you have to outflank the shield.

Being yelled at by a customer is bad for the Level 1 support person, although there's usually a policy in place for phone support that you can hang up if the customer is getting aggressive. What's much worse is saying to management "hey here's something you might want to look at" and being super yelled at by their boss for not doing their duty of keeping the customer away from the higher-ups. That kind of thing can get you fired.

But you can hack the system in many ways. The point is to find someone higher up without going through the person who's not allowed to help you, and without blaming them for doing their job.

Some possibilities: find the higher-ups on linkedin, speak to a company rep or executive personally at an event if your professional circles overlap, send a printed physical letter to someone in control, and so on.

Something I've seen work many times: if you're a student, find out about the university's management structure and ask for a personal meeting with the Dean of X of whoever sits above the department admin person who's assignment is "we've taken this decision, now make the students happy with it". A dozen students asking to personally speak with the Dean or President lets them know something's up and the shield was ineffective. Since there's usally some kind of statement of values about how the "student experience" is central to everything they do (read: "students are paying customers"), they can't just turn you away.