There was an article a while back about how cell service providers were selling extremely granular location data, and some of the programmers working on those systems immediately showed up on HN to comment on their moral dilemma. I suspect it's not an isolated case.
I created software that was used by call center agents to bid on “bathroom” break time slots and kept track of who was on break and actively punished those who didn’t follow the rules. It rewarded those that had higher performance and who took less breaks with higher priority. If an agent didn’t come back from their break a security guard would automatically be dispatched to find them. For the same company I also made software that reduced the same call agents to numbers and effectively automated the layoff/termination process. It would contact security with orders to have people escorted out, and had a sinister double verification process that would check to verify the agent was actually fired, or else the responsible security guard would be punished via the same point system. Everything was done via e-mail and would come from “System” and at the time used fancy HTML e-mail templates that looked official. I would frequently hear people talk about how they received a “System e-mail” with a chill in their voice, not knowing I was the one responsible. People who I ate lunch with sometimes didn’t even really know. Embedded in each e-mail was a count-down timer to create a sense of urgency to do whatever was being asked before a “punishment” was applied.
After an agent had been terminated, their punishment points would decay over time until such a time they reached zero (or another configurable threshold depending on how desperate the company was for warm bodies), at which time they would be sent an e-mail to their personal e-mail (which was collected during the application process), inviting them to “re-apply”. Being an early telephony company we also would send them a robo-call with the “good news”. This process was known as a “life-cycle” and it was common in certain labor markets for employees to have many such lifecycles. Another way employees could stave off automated termination was to work for unpaid overtime, which offered to reduce their point values per unit of overtime worked. Everything was tracked to second granularity thanks to deep integration with phone switches and the adoption of the open source Asterisk CTI.
This orwellian automation terrorized the poor employees who worked there for years, long after I left, before it was finally shut down by court order. I had designed it as a plug-in architecture and when it was shut down there were many additional features, orders, and punishment_types.
I was just starting out in my career and was more pre-occupied with the task at hand to have enough mental headspace to contemplate the full picture of what was happening. The system itself was designed by traditional software means: trial and error, trying to see what worked and didn’t, usually trying to maximize some KPI at the company. There was also the thought that punishment and reward should be applied fairly and be “data driven”; take the bias and human factor out of decisions and implement performance management in a predicable, deterministic and transparent way.
The problems arose when people realized that the same controls and abilities to instill this equity and “fairness” provided the platform to enable wide scale exploitation in the other direction. Want more profit? Change a variable that was a single number whose action would cause great stress for many people, but would produce a desired result. The goals and metrics would always start out resonable but eventually would cross a certain point, and once they did, there was no going back to the way things were.
Draw your own conclusions to the similarities in this system to our modern day technical web triumphs.
Personally, as both a writer and a programmer, I often consider implementing the systems that I’ve written dystopian fiction about. Not to create a dystopia, but for the same reason I write: to point one out, such that people can get incensed, laws can be made, etc.
To put this another way: the most efficient way we could have possibly found to get the use of nuclear arms in war globally banned, was to have someone use one. The Cold War would have been far riskier if the world hadn’t seen Hiroshima and Nagasaki—it would have been a stand-off to the use of weapons we would have as-yet had no understanding of the consequences of using. It probably would have ended with the use of hundreds of bombs, rather than just two.
It’s sort of the moral equivalent of a “work to rule” strike: the best way to get through the lesson that something is bad, is to stop pushing back against it and just let it happen for once.
You’re actually suggesting being a sociopath is a good thing because it’ll make all the bad ideas eventually die by us trying them. This is simply not true, we have to make bad ideas die by reason and logic, before we do too much harm.
I suppose doubling down of fossil fuels and burning of rainforest is great, we’ll just have to adapt quicker to the super extreme weather. But we can adapt with more aircon! Yay!
Maybe we are just monkeys who can’t actually learn from things that we haven’t experienced but then we’ll be replaced by nature any day now. I’d rather learn things the easy way, if at all possible.
This is an extremely uncharitable reading. Infosec is a field rife with kneejerk dismissals until people actually see the exploitation in action. How long has the (ethical) tech community been warning people about the NSA and Faceboot, until Snowden and Cambridge Analytica actually happened?
Infosec is totally different because it’s exposing problems people have already created in a standard way. This is using technology for maliciousness in the first place. Try telling to those people who were abused by that system they were just collateral damage in a bigger plan.
I think there's merit to his argument. People really are very stupid, especially in groups. Maybe you're smart enough to realize that burning rainforests and doubling down on fossil fuels is a stupid strategy, but there is no shortage of people in the US, who actually have an education no less (unlike many people in developing nations where the rainforests are being burned), who really think we can't hurt the environment and laws to protect the environment are wrong. In fact, there's probably a bunch of them right here on this site; they usually call themselves "libertarians", and will scream about "private property rights" in regards to this issue.
It'd be nice if humanity was smart enough and empathetic enough to avoid the horrible mistakes we've made, but we're really not.
Ironically this is sort of why I supported the 'Bernie or Bust' movement, I felt in order for us to get a social democratic leader, we needed Trump to ruin things and push us more towards a dystopia. I'm in utah anyhow, so red state doesn't matter, but as a principle it still mattered to me.
Not trying to hijack and turn things political here, but it was just an observation. Sometimes you need some chaos to bring about change for the good...sometimes the thing we fear most is what we NEED to happen in order for those in power to pivot and change their ways.
I would file this under 3. Moral Disengagement - A generalized cognitive orientation to the world that differentiates individuals' thinking in a way that powerfully affects unethical behavior.
But see, I can understand weapons building. The motivation is protective towards one's society, and that is the intended result, even if that might not be the actual case.
Whereas the intention of building an oppressive system such as the one described above is, what, selfishness? Laziness? Programmers, because of the high-demand nature of our role, do not tend to be subject to the usual financial pressures that other communities are. I'm not sure what would motivate someone to build such a system as opposed to walking and finding a better job offer.
>But see, I can understand weapons building. The motivation is protective towards one's society, and that is the intended result, even if that might not be the actual case.
If you work for a defense contractor, you are not 'protecting your society' - that's not even the intent. The intent is to make money by selling tools designed to kill other human beings.
Not saying this was likely, but one potential reason could be a kind of selfless penny-pinching.
Say you have a call center run as a co-op. You’ve got workers and HR people. Both the workers and HR people are shareholders. If you can eliminate the HR people, then the workers can each have a larger proportionate share for the same work. Automating HR eliminates the HR people.
Automating a job is one thing. Some people may consider it unethical. But it is going to happen.
But writing coffee to terrorize people is something else.
Eventually someone will come in and say the system in the OP was necessary for the company to stay afloat, pay its employees or retain value for its retired shareholders.
There is a difference between defending your nation and defending your country.
But in this particular case, some of the things described are actually illegal. While building a weapon is not necessarily illegal. Ignoring the ethical implications.
There is not really all that much difference. Weapons are used to terrorise and murder people. What this person wrote will give some humans stress but it will never cause physical harm.
That you think one is justified and the other is not has very little to do with their relative harm, which is by no means a solved problem or a given. It has to do with your view of it, and those views will differ between different people.
It enables cooperation. Human nature is such that it's hard to keep working hard when others slack, you feel taken advantage of and a fool. This way, you know everyone's doing their part.
It creates jobs. A lot of people don't have the self-control to keep from taking longer and longer breaks, either costing the company money or getting fired. Some jobs pay more to hire people that do have this self-control, but there are only so many of those people. This creates a business model that works when supplied only with the lazier employees who are left.
Another system like this is the timeclock. It's a tyrant and getting out of bed on time every morning is the hardest thing I've ever had to do, but there's just no way to run a factory without it.
I’ve always looked at these systems as “if someone else built this, it would be worse.” Doesn’t the same moral conundrum exist anytime you build a system that dehumanizes people for profit. Ad networks? Drug trials?
Ad networks - people can just disconnect or look away if they like.
Drug trials have benefit to society.
I would argue that creating a system to fire people in an automated fashion when they take too many bathroom breaks like this is morally worse than both of those systems you mentioned.
However using that as an example, there are people who work as vermin exterminators, or people who work in labs that have to euthanise lab mice. They probably don't enjoy it, but when there's a need for something you'll find someone to do it.
It's not a straw-man, because it's using your literal point. I can't get any closer to your argument than that.
> However using that as an example, there are people who work as vermin exterminators, or people who work in labs that have to euthanise lab mice. They probably don't enjoy it, but when there's a need for something you'll find someone to do it.
Yes, but that does not serve as a reason why I should be the one to do it (instead of them), that only postulates that there are other people out there to do it, which is an irrelevant point.
Woah. That's just scary. Also: didn't know about the whole "life-cycle" thing before, is such re-use and re-termination of workers common in this industry?
I often say that telemarketing should be considered a less honourable occupation than prostitution (in the latter case, you have two people voluntarily exchanging value; in the former case, you have one person trying to scam the other). Now I'm beginning to suspect it also has worse working conditions.
Since you mentioned it in this thread, you clearly are aware that such a system is morally "challenged". How did you rationalize it to yourself? Was it something that started innocuous and evolved to become worse, or were you aware of how insidious it was from the start?
This isn't fiction anymore. Amazon uses systems essentially identical to this to manage their warehouse "pickers". Their performance is continuously tracked and they're retained or terminated based on those performance metrics.
First i thought that this is scary but I've had many friends who told me that they they play games all day at their office and once boss called them in their cabin and they expected to be laid off but were given a small raise instead.
"I take lots of cigarette and bathroom breaks to fix my makeup/hair and Snapchat my friends. I can't see myself working hard. I am not a sheep". Those are the exact words.
This is a scene from a government organization in Romania.
Now, i am in the US and I've not witnessed it here but here i am in executive role so i hangout with different people.
I asked them why not do your job properly? They answered, if they are going to do their job then they'll most likely receive a promotion, raise and more responsibilities come with it. For them more money = more problem.
They told me that for them money does not matter and all they want is experiencing different cultures, traveling etc... and work has no place in it.
This is something I had never heard before!
They somehow managed to rationalize not performing their jobs.
I don't slack off, but I feel like there's a position as a Software Engineer past which I wouldn't want to be promoted. I see folks in the higher levels and the stuff they have to deal with has zero appeal to me. My salary and bonus at my current level are already more than enough to sustain my lifestyle and save plenty for retirement - I don't need more.
A lot of people are attracted to the idea of "getting more responsibility", and they like the prestige/visibility that comes with a fancy (e.g. "Principal" or "Staff") title. Me, I just want to put in my hours solving problems and go home do something else.
This is a I believe a common sentiment in post-communist countries, esp. for anyone working for the state/city/municipality. It's normal for people to take a one or two hour break to go shop for groceries, or even leave at noon if they don't feel like working longer. There is even a common saying in ex-yu countries: “They can never pay me so little that I can't do even less work.” (sorry for the bad translation).
Why would you consider such a system unethical? As a customer constantly annoyed by laziness and incompetence of the low-level support employees, I can only thank you for working on such system.
Not a programmer at the time, but a system administrator. I won't mention the company. This was 2011-2012 -ish.
We hosted dedicated servers and most of the time, they were mostly Plesk or cPanel servers run by people selling email and or web hosting to hundreds of clients from a single server.
This one time a client joins the network, buys a server from us, and migrates from Rackspace. We wondered why he'd move from Rackspace given they were better than us, and it turns he was kicked off of their network because he basically submitted tens of support tickets daily asking for all kinds of optimisations, improvements, and silly stuff not covered by the support contract. Rackspace had decided he wasn't worth it and booted him.
We ended up with him and boy was he a pain in the backside. Anyway...
Long story short, he cost us more in engineering time than he paid us and this irritated the owner of our business. The owner had my team leader find someone on his team willing to do the following: dump the guy's Plesk database containing all of his customers and make a copy of it on our network. I took on the task and was told it was simply a backup. I was young and didn't really think things through. I feel bad about it now because...
The customer was booted from the network a month later and all of his customers were offered free email and or web hosting for the year, including migrating them over to our network... the owner absolutely annihilated the guy. He contacted all his customers and simply wiped him out.
That same owner is now a highly respected business man and an MBE.
You might be able to do some digging and find out who this company and owner is, if you look hard enough.
One of the HostGator former admins actually doxxed one of my old accounts on reddit by typing my full name in response to some random comment. When I asked him how he knew it, it's because my reddit username was the same as my domain name at the time, and he remembered looking through my server. Whenever the admins would get bored, they'd just dig through peoples' servers and see what they had. He remembered mine because I had a lot of sheet music on it.
They get people like this because they put their admins through the puppy mill process. Basically hire anyone not braindead, train them to do basic shit, and then pay them peanuts. The company men eventually get a high position in the hierarchy for a negligible pay bump and then help keep the new ones in line.
Such a shitty company, but I don't host anything sensitive there and it's been reliable for the last 10 years so I haven't migrated anything yet.
He was working on a large, industrial construction project and they were nearing the end of it, so a QA engineer was scheduled to do a walk-through, and before that happened a higher-up purposefully damaged finished work, dented a pipe with wrench, unscrewed a bolt, etc... That way when the QA engineer did his checks, he'd find these obvious, easily fixable defects and mark them, whereas if he had found no problems, he would end up digging deeper, since he'll feel like he has to find something, and then he might potentially uncover some major, catastrophic problem that'd be impossible to fix and still hit the customer's deadline.
Theoretically everyone's happier at the end of it... QA because they did their job and found stuff wrong, the client cause the project was finished on time, and all that for an afternoon of extra work.
I worked for a company with an extensive QA process and on occasion I found myself being less then thorough before handing the code off. I knew there were bugs, but just left them in there, because they had bug quotas they had to meet, and we had a tight deadline, etc... At least that's what you tell yourself to justify the behavior.
Sometimes I wonder just how much of this kind of greasing-the-wheels goes on in other industries...
I used to do this defensively when submitting 8-bit games for publication back in the 80s.
The non-gamers at the publishing company seemed to feel they had to get back to you with a handful of changes. If your game was really polished, the changes would be pointless or even harmful things. I quickly learned to leave in a few obvious things that were trivial fixes, e.g. blocky bitmaps, misspellings, jarring colors.
Instead of coming back with:
> we really like the game, but couldn't the snake be an F-15 fighter, and couldn't the scrolling be vertical instead of horizontal?
...it would be more like:
> Change that color, fix that icon, correct that spelling
Came here to say this! I've told this parable of the duck before, but I did not know the origin of the story... "get that duck out of there please otherwise looks OK"
I did this in our University laboratory for OHS, we called it window shopping. By giving the inspector a few easily visible, but not dangerous issues out in the open, he was satisfied we were up to scratch safety wise but could also tick all his little boxes. An out of date MSDS for chemicals we no longer had, a not tested and tagged electrical cable used prominently, a drink bottle left next to the lab computer by a student.
I've done this, leave an obvious trivial bug for the QA to find otherwise they'll keep digging until they find something pointless and hard to fix, which is not a problem in the first place. they have to find something to justify their jobs.
Not me personally, but the company I started my career with (was an intern there for a few months).
ERM software. When a new client comes onboard, install the product and database, but make sure not to make any optimizations, not even the basic indexes in the DB. Depending on the usage, the DB will get slower and slower in a few months. Then send a "consultant" who will simply run a script and add indexes etc and test a bit (no more than an afternoon worth of effort) and charge a high fee for it.
We had a project once for conversion (not getting into details). My team found a tool online. Boss bought it, finished the entire project in one day. Boss bills for month (which was the original estimate), puts the team to work on another project for the next 29 days, gets paid for that too. The only decent thing in this story is that we didn't know before the quote, that such a tool was available. Some would say this is smart way to do business, it felt shitty for me though.
For the second part, I dont think about it as you sold a month of work. You just agreed with a customer that this task is worth X amount of money. If you managed to do it in one hour, that's just good business.
I still think they could have charged for less than the full month. The goodwill and trust that would have engendered would probably have been more than worth it in the long run.
That's not ethical if it's a time&materials statement work agreement (because it's an estimate; if the actual work takes 10% over you bill that).
If it was a fixed-bid, then yeah it's completely fine. Though usually I'd say there should be a bit more time spent delivering some additional (canned) documentation and the like.
That would require that you eat up the cost if something takes more time. Most of the time the customer will pay for the additional time or at least part of it.
We had a 'missing indexes' consultant do a big job for us. The database quickly got really slow. Needlessly to say we do not hire them any more and do not recommend them to anyone else. The index problem I fixed in five minutes plus eight hours waiting time.
Sounds like a dream job or a nice side gig if you just want a job. Login, run script, log out, bill for thousands, then go back to doing your own thing.
Intentionally withholding stuff without offering an upfront option is shady though.
Where do you draw the line? My grandma was once contacted by a scammer who offered to "optimize" her laptop, and she ended up paying roughly the same as the price of a new laptop.
We have a mechanic now that constantly surprises us by billing us something like 2-5x times less than we expected. Turns out, he's good, and he bills us for actual time spent and parts cost. Like last time, I expected to pay ~$270, ended up paying $65 - $32.5 for parts, $32.5 for work time.
This guy only takes work from existing customers and people referred by them, because it's widely known in the local community that he's good, and has way more people wanting his services that he can handle. He could rise his prices, but it turns out, he's a decent human being.
An IT person who used to do be an engineer on a merchant ship told me that in IT finding the problem takes time but the fix is quick. But in physical mechanical work finding the problem is usually easy but the fix takes time. Sounds cute at least!
I worked on a penny-bidding site. These guys "auctioned" items like PlayStation, tvs, cars to the user who placed the final bid on an item after 60 seconds of no further bids. Each bid would increase the final price by 1 pence/cent, but each bid would cost 50 pence/cents. You could "win" a $20,000 car for $500.37 and the house would have taken 50,037*50 cents. It might be okay if that was it -- but I was asked to code some "house bidders" who would outbid players until a certain threshold was met. I left that job shortly afterwards.
A few years back I was house hunting with my wife. We found a lovely house that was a short sale, and put in a bid.
Holy crap, that process was all kinds of frustrating and drawn out.
About 3 months after we placed the offer, the bank put the house up for auction on another site, to try and drum up more offered. On the auction day, I checked in routinely no one was bidding. All was looking great. About three hours before closing, a bid came in that was lower than our offer. OK, still good. Then another about an hour later. Still good. Then the "final hour" of the auction happened and it slowly but surely started ticking upwards, bids started trickling in and the price started climbing higher and higher. About 20 minutes before the end it got past our offer and my heart sank. As the end time drew near it started getting bumped out by further offers.
I told my wife we'd been outbid, after a stressful day, following on from months of stress and frustration.
Next day, our realtor reaches out to the selling realtor who reported that the bank told her no one else had actually bid on the house.
The dollar auction is usually run as an experiment in game theory classes and works a little differently from the penny auction sites. In the latter, all of your bids at any point are a sunk cost.
I saw an ad for something like that a while ago, but realized that you couldn't sell an ipad for $0.56 if you weren't getting the full retail plus a margin from somewhere. Thankfully I never got into it.
I wonder what the percent of that unethical charity's income was spent on its stated mission? Many charities are just fronts for marketing companies with super high salaries and almost none of the money goes to what the donors would expect.
Ditto, in my case the site was like this, wasn't itself a non-profit organization, but said proceeds from it would go to the specified NPOs... but that never actually happened as far as I know.
I suspect you're not going to get many personal stories here because it would be self-incriminating. But I have a couple from some people I know in tech.
1. I know the guy who, pre-Snowden, actually designed many of the pieces of network gear needed for the dragnet. His perspective was basically: Yes it's wrong, but what do I know? I just design electronic circuits.
2. Same guy also mentioned how at another company he worked at they used DNS tricks to exfiltrate data out of their enterprise clients. Nothing crazy, mostly just analytics to aid in things like product design. They got caught though. First Intel went out, then a couple hours later 4 other big tech companies (including Apple and Microsoft). Then a huge swath of devices stopped reporting. They got acquired shortly afterwards for a large, but sub-billion dollar amount.
3. I know a couple people that crack into devices and sell the 0days to the highest bidder. I consider this practice for anything cyber-physical (self-driving cars, etc) to be so unreasonably unethical that it should be against international law. It's one thing to sell these things to an allied government, it's quite another to have them on the open market.
>It's one thing to sell these things to an allied government, it's quite another to have them on the open market.
Honest question...why?
The result/intent seems the same whether done by a state or nonstate actor. In fact a state actor seems more likely to use it because of a greater feeling of moral justification.
> 1. I know the guy who, pre-Snowden, actually designed many of the pieces of network gear needed for the dragnet. His perspective was basically: Yes it's wrong, but what do I know? I just design electronic circuits.
In case anyone wonders, this is why so many engineering schools are increasing their focus on teaching ethics.
EDIT: I don't expect to receive an answer to this (and that's fine), but I'll give more color to my guess. Meraki had a side venture in internet connectivity-enabled location analytics which was more profitable than its actual router sales. This is one of the reasons why its acquisition price was so high. It has since contributed to a location analytics service within Cisco.
I am not sure I understand the distinction you make between a government and the higher bidder? How can you be reasonably sure that your findings will not be used wrongfully by X gov official?
You can't, but if the NSA or CIA wanted to kill a bunch of people they could. Whereas ISIS and company can't. Not knowing who is buying your 0day is dangerous to public safety.
> Yes it's wrong, but what do I know? I just design electronic circuits.
This outlook, along with "well if I don't do it someone else will anyway", is why tech workers are quickly becoming the new bankers in the view of the public.
> This outlook, along with "well if I don't do it someone else will anyway", is why tech workers are quickly becoming the new bankers in the view of the public.
Which really annoys me, because while moral indifference of some tech workers is wrong, there are still the business guys actually giving the immoral orders. Those are conveniently forgotten in the new narrative.
At what level of technical skill/background does a business guy become a tech guy?
People are people and this "oh the business guys are the bad ones, not poor little programmer making $200k/yr implementing business guy's idea" mindset is odd.
It's not about the skills/background, but decisionmaking capacity. The blame for executing an order is separate from the blame for issuing one. If a tech worker is both the decisionmaker and the implementer then they get to be blamed for both, of course.
Was fed up with Quake Live not providing any matchmaking, so I tried to make my own. Of course they didn't have any API, so I needed to scrape their website to get the match results. I sent a lot of requests.
So when they blogged about their web site becoming occasionally very slow, I sheepishly emailed them, and asked if this might be due to my scripts. I assumed that of course they'd have some sort of IP based limiter in place in case I got to greedy. Well, they didn't. They requested that I send them my scripts, which I happily did. They also banned my account, which I thought was quite petty.
They might have unbanned me a couple weeks after that, but I quickly lost interest in Quake Live.
There was an ongoing prank in my high school (late 70's) to insert John Holmes' name whenever/wherever possible. For example, one trick was to ask someone in the front office to add to the end-of-day announcements "{popular girl}, John Holmes won't be able to give you a ride today". Eventually the front office caught on, and it got riskier and more difficult to do.
I was asked to write an Applesoft BASIC program to help the front office collate and remove duplicates from attendance lists taken first and second period. At some point,
I added some obfuscated code that would add John's name in when the total number of names was over some threshold.
Worked for a company that was contracted by DOW to make an app promoting some extremely toxic agrochemicals, such as Forefront. They talked about this being so poisonious that if animals eat grass sprayed with it, then crops grown with their manure will be unsuitable for human consumption. Was also asked to fake ("round up") the calculations of how much money you'd save if by those chemicals.
Read up a bit about DOW and the Bopal disaster and started to feel horrible about my work.
Tried to gently bring concerns up with the management, and was laid off immediately.
I feel really bad about doing that work, but trying to make up for it by not eating animal products anymore.
Good idea. I don't really know anything that isn't already out there, but still happy to talk to any journalists/NGOs/regulators about it.
I have been going on about this to a journalist friend of mine who's works at a public broadcaster, but it didn't really go anywhere. Well, at least I'm airing this on HN now.
It's made me wary of wild-camping on grassy areas around farms, knowing what some farmers might be spraying there.
And what if they can tell from the information leaked who leaked it? This person's life will be destroyed by armies of lawyers. Just so some journalist can report on something that'll be out of the news in a few weeks and change precisely nothing.
That is always a risk when someone does something in the public interest. But doing stuff for the betterment of others at risk of your own lifestyle is a noble endeavour that many have undertaken despite these reasons.
My point is that others are not bettered by this action, because the action of leaking to a journalist no longer improves anything. Just as it hasn't the last few times this happened. It is arguably a good idea to sacrifice something for everyone's benefit, but it is always a bad idea to sacrifice if nobody benefits.
Animal husbandry has a large negative impact on the environment. After this DOW Grassland app I felt I needed to take a look at the environmental destruction I'm contributing to.
Except the alternative - ie, relying on annuals for food production - destroys top soil and relies on fossil-based fertilizers. It's the epitome of nonsusteinability and environment destruction.
Perennials combined with animals can be made into a much more self-sustainable cycle.
Be careful with numbers, they can be useful but fail to show the full picture at the same time.
Back when I was eating meat, I was probably still aware that it was harmful, but in a kind of cynical denial about it.
I've heard that one about "the annual crops" before, and it's simply not true that it's "the" alternative. It's claimed in this one study that's echoed in loads of articles[0][1][2][3] that assumes that vegans don't eat perennials, which is kind of ignoring the existence of apples, apricots, asparagus, artichoke, avocados, broccoli, currants, basil, blue- and blackberry, chives, fennel, garlic, ginger, grapes, kale, kiwis, leek, mint, onions, oregano, pears, persimmons, pineapples, plums, pomegranates, potato, rasp- and strawberries, radish, rhubarb, rosemary, sage, thyme, tomatoes for a start.
This view about animal husbandry being harmless for the environment has been disproven[4][5][6], and is on the line with global warming denialism.
It's not a question of being harmless but sustainable. Everything you do will harm or imbalance the environment somehow, the question is how much the environment can recover or if it can at all.
There are a ton of lines I could go to discuss your points, from "meat is not equal to beef" to "could one live healthily only on the things you listed?" (hint: no).
I see tons of articles with statements of journalists but no real evidence, if you want to discuss with references I suggest going to better sources. Actually, I suggest checking your references as well - this was written on [4]:
"[a major report into the environmental impact of meat eating claimed] eating some meat was good for the planet because some habitats benefited from grazing."
So yeah, even your references "disproving" what I'm saying are actually are actually agreeing with me to a certain extent.
Last, but not least, it's not about who eats what but about sustainable systems - either the system works as a cycle or it will eventually run off. You need to look at the bigger picture.
I've done a lot of work involving scraping, data analysis and reversing private API access from mobile applications. A lot of this work is legally defensible (if you do it correctly) and not particularly unethical. After doing a bunch of this type of work I started to accrue subject matter expertise in the area that led other companies to come to me with more questionable projects in mind. I turned down many of these, but two projects stand out to me as unethical or borderline. In fact, this was the reason I eventually stopped working with these companies.
The first project was for a large, (now) well-known fintech company. They needed to develop login integrations with consumer banks to acquire customer account information for verification purposes. But many such banks didn't particularly want to grant them any special API access. More importantly, these banks typically forbid scraping and made it explicitly difficult by implementing JavaScript-based computational measures required on the client in order to successfully login. I helped this company develop methodologies for bypassing the anti-scraping measures on several banking websites. However, I stopped working on this because 1) I felt uncomfortable with the cavalier way they were ignoring banks' refusals, then using the reversed integrations and onboarded customers as a bargaining chip for more formal partnerships, and 2) performing huge amounts of analytics on customer data acquired as part of the account verification process.
The second project was for a tech startup working on insurance and credit analytics. This company is one of several that popped up in recent years to use machine learning and social data in order to develop a more "complete" credit score (in their eyes). They had an impressive team of machine learning researchers but their data acquisition team was comparatively mediocre. So I worked with them to improve their acquisition methodologies for a variety of social media websites. I stopped working with them for three reasons: 1) fundamentally, I lost faith that their product was actually generating a meaningful signal over traditional means, 2) I was worried that the data they were collecting might introduce spurious correlations or illegal biases, and 3) if any team was going to do this correctly, I didn't think this particular team was the qualified one to do it.
I'm guessing the first company is Plaid. I'm in the ACH payments space so we're a potential customer of Plaid and I vaguely remember a presentation or something where they (Dwolla + Plaid) promise merchants the ability to grab 12 months worth of transaction history from a user's bank account. Could be wrong about that. I do know for sure I made a mental note to myself to never use Plaid as a consumer.
I would have no issues working on this. Doesn't seem very unethical. (For people who know the space, it's pretty obvious that you're talking about Plaid :))
Well I subscribe to moral relativism, so I don't have an issue with you not finding it to be unethical. But personally, it bothered me that so much user data would be mined from their financial statements.
I know B2C companies like Mint do this as well, and I don't have an issue with user data being used for market research. But it seemed underhanded since most customers aren't aware of it. If you use Mint you can read their T&C and understand your data is mined. But Plaid is not sold to users, it's sold to companies. So end users of a completely different company which simply uses Plaid for account verification would be implicitly volunteering their data.
The other thing that bothered me is that companies which have valid reasons for not wanting to develop API integrations for Plaid would be strong armed into doing so once Plaid had acquired a critical mass of their users using the methods I helped them develop.
Thank you for sharing. This is why I never sign up for any fintech services. The amount of data I hand over is never worth the "benefits" they provide.
Most of those sorts of companies (both B2C and B2B) ultimately end up selling the user transaction data (or some derivative analytics thereof) to hedge funds. It's used (for example) to forecast the revenue of B2C companies in advance of equity earnings announcements.
NB: I don't have an issue with user data being mined for things like market research if it's a situation where the product is free and users can be easily made aware of it. But I find it dishonest if the company mining that data is doing so without direct user consent, or in a "backdoored" manner using their status as a downstream client's "affiliate" for T&C purposes.
> A lot of this work is legally defensible (if you do it correctly)
Could you expand on the correctness aspect? I'm currently working in this space for what I believe to be good reasons (to improve the accessibility of a particular service for visually impaired users). But I'm eager not to abuse my position and knowledge.
To be clear, I'm talking about scraping. I think the sibling commenter is talking about developing competing products via reverse engineering ("clean room implementation"). I am also not a lawyer, so I can only tell you the guidance I received from one for the projects I worked on.
Technically speaking you can scrape data in a legally defensible way if you do not need to accept any terms of service explicitly prohibiting scraping in the course of grabbing the data. The distinction is that browsewrap T&C have plausible deniability, but clickwrap T&C do not. And if you receive a cease and desist order, you abide by it with a mea culpa. This also means you don't scrape so loudly as to be noticed, which has the happy side effect of probably not disrupting the target's service.
But again: The grey areas of ethics are a separate question from legality. Please engage a lawyer for your specific work.
Depends on the jurisdiction. For instance Europe allows reverse engineering for inter compatibility. Terms of services carry little value here (none for this clause that's already covered by a specific law).
However, it would be interesting in the case of bank services. Accessing the account from the customer probably let you initiate a variety of actions like money transfers or loans, it's sensible to argue for limited and controlled inter interoperability.
Also, customers are not allowed to share their credentials and he is in breach of his contract. The account should be considered compromised and be locked.
Depends on jurisdiction OP operates in, but clean room reverse engineering is one technique, i.e. OP reverse engineers a piece of software, documents how it works at a high level, and hands off the documentation to legal counsel who reviews it for IP infringement etc. The doc is then handed off to a completely different team/engineer who implements the API contract documented by OP.
What's wrong with allowing customers to fetch their own data from their bank? I hold the opposite point of view, that banks withholding information from their customers is unethical.
Sounds like you would be a valuable member of any company, especially a startup. I’d love to hear your thoughts on more ethical ideas for analyzing difficult to obtain data. Feel free to ping me directly.
> hear your thoughts on more ethical ideas for analyzing difficult to obtain data.
See, this data is not difficult to obtain if you're operating in an ethical manner.
You can't do ethical analysis of data obtained in an unethical fashion. Fruit of the poisoned tree and all that. I guess it worked for radiologists after nazi germany however...
I don't necessarily agree that the first project was unethical, the banks were saying no because they wanted to develop a product of their own to compete with the company that hired you, not because they had any moral standing to prevent the customer from running analytics on their own data. The company you did the work for is immensely helpful to the consumer, and banks refusing to let consumers interact with their own data is, IMO, more of the moral violation than forcibly scraping that data out.
Even worse, the banks preventing users from straightforwardly accessing their own data is exactly what is pushing users right into the arms of these "fintech" surveillance companies.
The technology (OFX direct connect) and software (Quicken, now Moneydance) for users to privately track their finances has been around for quite some time. But the protocol appears to be getting deprecated in favor of this "web download" rigmarole as banks attempt to decommodify.
I had thought about futzing with Plaid for my own monitoring purposes, figuring since they were B2B they wouldn't be directly surveilling (leaving that up to customers instead). Apparently I was wrong. Surveillance capitalism, indeed!
Throwing in a guess for the second company, was it Zest Finance?
I know this isn't the point of the thread, but I couldn't help myself. I will ask for forgiveness (as I am sure we have all done in both technical and ethical matters)
After Jared Kushner originally bought the New York Observer, I was hired to lead the tech team, which I did for a year and a half in house then for three more as a vendor. He asked me, out of band, to blackhole articles critical of his commercial real estate colleagues and I complied.
I appreciate the sentiment, but I've been open about this on Twitter and to a team that wrote a profile of him in the wake of the election. That a newspaper publisher would participate in an administration that labels the press the enemy of the people is a total betrayal of the journalists and other media professionals who worked hard for him for years.
Not questioning your story a bit, I'm sure it's true. But shouldn't we all be a little concerned that CNN is posting a story as fact without verification or even talking to the person making the claims? The article even implies heavily that they've talked to you.
The number of people who led that team for a year and a half as an employee and three years after as a vendor is probably sufficient to identify them regardless of the account used.
The way you handled this does not speak well of your character. You should have: 1. Preserved the articles in a safe place. 2. Resigned. 3. Given the articles to another publication and state what happened. What I see here is that you were concerned first about your own finances. That is what makes you look bad. Ethics first, finances second.
Giving the articles to another publication would constitute unethical behavior as well though, considering he didn’t own the content and could not claim any authorship over it, though perhaps alerting authors or editorial staff could have spurred that result. And obviously a question about the most unethical thing a person in this field has done isn’t going to be something that speaks well of their character. I don’t think it speaks well of a person’s character to judge someone for the single most unethical thing they’ve done in their career.
I made software 15 years ago to automatically buy concert and sports tickets from Ticketmaster and other websites. At the moment tickets went on sale we used hundreds of computers to buy up the good tickets.
I mean, without scraping, it basically comes down to whether or not you care enough about the event to be online refreshing the page at exactly 10 AM or whatever. with scraping it becomes about whether you have more money. some artists prefer the audience be more of the former and less of the latter
I once got pulled into an arbitration hearing to explain how certain code functions operated. While not necessarily unethical it was a moral moment because I knew the inquiry came with the loaded intent to twist whatever explanation I gave into the worst possible extreme.
Sure enough that's exactly what happened and a really hard working and honest developer lost their job so an executive could save face.
Left that company a month later but I still feel horrible
Without giving away more details than you feel comfortable with, could you share more about what the developer was fired for and how it made that executive safe face?
It was a feature set that was supposed to provide additional reporting views and expose data to customers when queried. Turns out one exec had some very embarrassing transactions that emerged from this and he wanted that info suppressed and the person who leaked it fired.
The feature worked as designed, and this exec was the one who pushed for it to go to market despite all warnings that a review of the depth of exposed data was needed first. Nothing was ever leaked, as I mentioned it worked exactly as we were instructed to build by the product managers and our engineering lead.
The outcome is the outcome scoped for.
Fwiw many engineers left after that moment. We were already at odds with leadership and when they showed their colors in that incident it resulted in nearly the entire engineering department bailing.
This never made it publicly, it was an internal product demo to the whole company leading up to launch. To my knowledge no customers or media outlet caught wind of the transactions or the internal coup that resulted.
Are we talking personal transactions on behalf of the exec that happened to be in scope because they were also a user of the software/in the data set?
Or are we talking about business transactions by this exec that were professionally embarrassing?
I built my computer graphics final project in Haskell so that the TA wouldn't be able to run it and grade it. Then for our presentation, I babbled on and on about the math and went over time so we wouldn't have to give a really crappy demo.
int main(int args, char ** argv)
{
static int foo[640*1024];
return 0;
}
This compiled into a valid MS-DOS .exe, but spit out "Out of memory" and exited when attempted to run. Was quite handy for getting an extra day to work on lab assignments back at school.
These were basically home assignments that we would demo at a lab for a grade. The lab machines had several "resident" programs running on them (some legit, like basic AV, and some installed by lab admins for their own questionable purposes), so the amount of available RAM varied wildly, sometime dipping as low as 300KB. The TAs knew that, but didn't care enough to do anything about it.
So when an assignment that you did on your own machine failed with "oom" at the lab, it was plausible that it was due to all the junk taking up too much space on the lab boxes. The assignments themselves were math-heavy physics modelling tasks, so you they did actually need a lot of memory.
All that said, I think only once someone used this "trick" to get an extension and it was because his truly needed few more hours to hammer its sim into converging.
If it didn't cleanly compile and run on linux, it was a autofail. I found a discrepancy in MPICH2 the hard way: it would correctly implement my leader election on my mac, and on my little raspberry pi, but not on a Solaris linux!
Once, I implemented an interpreter/compiler for a toy-language in Opal (a functional language developed and maintained by my prof). A compiler for Opal was only available for Linux. I had zero experience with Linux and no intention to gain any. So I wrote my code without compliling/testing. Suprisingly, I got a good grade with a remark that the grade would have been even better without syntax errors :D
First, I'd have been able to run it (or grade it even without running it). And yes. I've seen a lot of crappy Haskell code. I've written a good amount of that myself when I was learning Haskell back then.
Second, assuming I didn't know Haskell, I'd have stopped your babbling in the presentation at some point and asked you to run it.
Third, any student that does unusual things is either very good or very cheeky, so those students deserve special attention. So 10 minutes at your and my convenience to run the demo in my office would always have been an option.
(But then, teaching at my university probably was quite different from teaching at your university).
During the Ashley Madison incident, a partner and I put up what was either the first or one of the first online tools for checking to see if a particular email address or phone number had been exposed.
I'm still not sure whether or not that was net good/bad. I'm sure that the tool has caused some real familial stress. We could fall back on the "well if not us someone else would have" but that's a cop-out.
Our site was checkashleymadison.com. Later on we got rid of the domain. We had a ton of interest from advertisers, but we thought it best not to try and make money off of the exposition of others. Overall we took in something like 1.2mm uniques over 24 hours. It was a pretty crazy day, and my first time speaking with the media. Looking back, I'm glad that I didn't say anything too dumb.
Originally we intended to stay anonymous, but I forgot to tell a The Hill reporter of that wish and my name was published. After that I spoke on the record to whatever journalists were still interested.
At a previous employer we used the data referenced in the question. We bought the "anonymised" telecom data from one of the big providers in the USA. We would then analyse that data to figure out where the phone spent 6-8 hours during the night to determine where the phone owner lived. Then we'd pull the USA consensus data(free!) so the system would know what demographic the user probably belongs to. We got a
surprising amount of data from the consensus, we had things like ethnicity, income, age.
Then we'd loaded all this in google maps and let users of the app figure out what demographics frequent particular locations on the map. For example a use-case of this would be a coffee company figuring out where to open a new coffee shop.
In my opinion the sale of phone location data is already unethical on it’s own.
The location data was pretty accurate too in suburban areas. And the provider in question was not very good at anonymising it either. On multiple occasions we could track individuals over a longer period of time. Which would shut down the entire project until it was fixed.
So the company did the right thing whenever the data was compromised. Probably because they were publicly traded and had a good name. I doubt scrappy startups would do the same.
Market research is not unethical unless you think capitalism is unethical at its roots. And if you do I'm curious why you're spending time on a venture capital forum.
And catercorner means diagonal to, not sure what word you're trying to use here.
(I didn't go through with this, but considered) While I was a student I worked for a small shop that sold online services. I was something between an intern and a junior developer/security guy.
The boss (non technical) privately asked me one day to do some research about automating some data entry processes, basically reading from excel files, some databases, formatting and putting it all in another database.
I found out later that if that script is made it would lay off a number of people doing data-entry. I didn't go through with it for many reasons.
It's the only thing close to a justifiable reason, honestly. But even then, if you're paid for a full-time job as a developer, and asked to develop a piece of software, you can't very well say "I'm paid enough to develop all the other stuff you want, but not this one thing" with a straight face. You could certainly use your development of it as a good reason for a raise, though!
While there are some truly bad things in the top-level comments, it seems a non-trivial percentage of the responses here are some form of "my employer attempted to make money, sometimes even a profit, in legal ways."
Agreed, it's pretty much what we (programmers) do. A cleverer boss will use his people to make more profit, instead of fire a bunch to reduce costs, but cest la vie.
Sometimes, sometimes not. Not all automation puts people out of work. I work for a company whose service facilitates a marketplace and allows a real life industry to grow.
Without our service nobody was doing the job of connecting the people who find each other on our platform. The industry was simply smaller and people could find others to work with only through their personal networks. There are no jobs being lost to our automation, only jobs being created.
I remember my first on site project at a paper mill in the north of England. I couldn't figure out why the people involved were so hostile. It was only later when I was talking to the salesman about it that I found out they were all going to loose their jobs once I'd finished.
I once used curl to continuously upvote a family member's art submission to some national contest. The contest site did no validation so continuously sending POSTs with was almost too easy to game it. They won and got a free trip across the country (among other things).
In my first job out of college i worked at a big consulting company on a project at a company that used interwoven teamsite cms.
Teamsite was a cms written in Perl, JavaScript, and Java with lots of xml sprinkled in. It was a horrible system.
I blogged about it on my personal blog. All the posts were about how to solve issues I had using it. This was before stack overflow.
After I had about 10 such posts I wrote a post titled "interwoven teamsite sucks" and linked all the other posts there.
I started noticing traffic to that post from specific ips accross the country.
A week later I was pulled into a meeting with the top see directors and told to remove my blog.
Interwoven was an Accenture client.
I had already given notice at this point, so maybe that is why they didn't fire me. They could still tell interwoven "this asswipe is no longer with us".
Worked quite a while for an "Internet Cafe" SAAS company. If you're confused by the quotes, these internet cafe companies basically sell internet time to users and with each minute purchased, you also get an entry into a sweepstakes where the prize is a jackpot. The sweepstakes entries would be redeemed electronically by way of slot machines, video poker, etc. They're basically legalized gambling. I suppose that in and of itself isn't unethical, but we didn't exactly operate by by the book.
In order for this to be legal, the sweepstakes games have to have a defined number of entries as well as a defined number of winners and losers. None of our games did, it was just too prohibitive. We did provide to our customers, by law, our average payouts and our games did adhere to those through averages over time. But there were many occasions where the games didn't pay out jackpots regularly or paid them out too frequently, hurting stores that were using our software. Our recourse was to provide them more "entries" to distribute to sell to their players, which of course cost us nothing.
Business was good for quite a while, but stricter laws and states cracking down really killed profits. I just feel like any type of gambling in unethical, it seems to really pray on people's dopamine addictions. And these internet cafes, in particularly, are largely occupied by retires who, I'd wager, can't really afford to be throwing their money way.
Years later, my Aunt and Uncle became addicted to gambling on those casino boats and have now lost the house my Grandmother left to them when she passed. I don't necessarily believe in karma, but that certainly made me rethink it.
After an agent had been terminated, their punishment points would decay over time until such a time they reached zero (or another configurable threshold depending on how desperate the company was for warm bodies), at which time they would be sent an e-mail to their personal e-mail (which was collected during the application process), inviting them to “re-apply”. Being an early telephony company we also would send them a robo-call with the “good news”. This process was known as a “life-cycle” and it was common in certain labor markets for employees to have many such lifecycles. Another way employees could stave off automated termination was to work for unpaid overtime, which offered to reduce their point values per unit of overtime worked. Everything was tracked to second granularity thanks to deep integration with phone switches and the adoption of the open source Asterisk CTI.
This orwellian automation terrorized the poor employees who worked there for years, long after I left, before it was finally shut down by court order. I had designed it as a plug-in architecture and when it was shut down there were many additional features, orders, and punishment_types.