Pluralistic: 21 Apr 2020

infosec,phishing,contact tracing,john scalzi,science fiction,podcasts,audio,mp3s,private equity,surprise billing,ads, media theory,supercuts,d&d;,rpgs,makers,old school,trash future,masque of the red death,plutewatch,bunkers,luxury bunkers,labor,guillotine watch,late stage capitalism,whole foods,unionization,class war,automation,amazon,texas, voter suppression,1a,ken paxton,christ what an asshole,australia,competition,right to repair,john deere,big ag,parenting,gadgets,iot,internet of shit,infosec,snoo smart bassinet,conspiracies,china,truthers

Phishers deploy fake contact-tracing warnings; Podcasting John Scalzi's The Last Emperox; Private equity blew millions on pro-surprise-billing ads while cutting doctor pay; Every Covid-19 Commerical is Exactly the Same; Multi-level dungeon built into the drawers of an old dresser; Talking bunker-busting with Trashfuture; Whole Foods has a union-busting "heatmap" app; Amazon workers plan nationwide walkout; Texas AG: We'll imprison people who warn about getting covid while voting; Australian regulator takes up Right to Repair for tractors; Smart bassinet can be remotely hacked; Covid did not escape from a Chinese lab

Pluralistic: 21 Apr 2020 all-in-it-together


Today's links

Phishers deploy fake contact-tracing warnings (permalink)

Phishers are sending out fake contact-tracing messages warning people they've come into contact with infectious individuals and asking them to click a link to a malware dropper.

It's both totally predictable and extremely clever. We're primed to expect these messages, we don't know what they're supposed to look like, and finding out what this message says is really urgent. It's an ideal moment to be sending out this kind of thing if you're a scumbag.

It's easy to feel invulnerable to phishing, but phishing is so persistent that the moment you are vulnerable, there will almost certainly be a phishing scam waiting to pounce.

Podcasting John Scalzi's The Last Emperox (permalink)

I am about to start a serialized podcast reading of my novel Someone Comes to Town, Someone Leaves Town, whose first hour I've already got in the can. It debuts later this week on the Podapalooza festival, a pay-what-you-like, virtual podcasting festival that benefits Givedirectly, which makes direct cash grants to families affected by coronavirus — and I'll be putting it in my feed next Monday.

In the meantime, I have been casting about for something to read into this week's podcast; this weekend, my friends Doselle Young and Gretchen Ash stopped by and sat at the end of our driveway while my wife and I sat on our porch and we all ate tacos together (socially distanced socializing!) and I mentioned this to them and Doselle suggested that I read aloud John Scalzi's new novel, The Last Emperox, and I texted John and asked if he'd be up for it, and he was, and here we are.

The Last Emperox is the final volume in the "Interdependency" trilogy that began with "The Collapsing Empire," a novel about a galactic civilization that depends on wormholes that allow for faster-than-light travel, just as those wormholes start mysteriously failing. The first book came out at the same time as my 2017 novel Walkaway and John and I toured our books together back then.

John was supposed to be on an intense, national tour with his book right now, but, of course, he is not.

He is one of the first wave of writers experimenting with what book publicity looks like in the age of pandemic, and is blazing the trail for those of us who will come later (I have three books out between now and Christmas, so this is something I'm watching very closely). A lot of the future of authorship is going to rely upon mutual aid, so getting a chance to plug Scalzi's (excellent) new book in the podcast is something I'm really excited about.


Private equity blew millions on pro-surprise-billing ads while cutting doctor pay (permalink)

When private equity firms started buying up hospital doctors' groups and opting them out of insurance plans and nailing critically ill and injured people with "surprise bills" for thousands, they said that the doctors were in charge, not the PE companies.

That pretence wore pretty thin when PE companies denied doctors access to PPE, cut their wages and started firing doctors who spoke out about their working conditions ("The doctors are in charge. Also, the doctors are fired").

Even as health workers' wages have vanished, the health firms themselves are making massive windfall profits and paying out billions in stock buybacks.

But PE companies aren't entirely adverse to spending. Even while they were slashing health workers' pay, they found millions for ad campaigns aimed at convincing lawmakers not to ban surprise billing in the stimulus bill.

PE companies like KKR and Blackstone funneled the money to the astroturf group Doctor Patient Unity, a dark money org that lobbies for lower health-care standards and higher bills.

In addition to the millions for TV/radio ads, there was a massive online campaign whose spending need not be disclosed.

It's not KKR's only stimulus rodeo event: they're also backers of coal company Longview Power that exploited Payroll Protection Plan loophole that let them harvest millions in government handouts, declare bankruptcy, and pocket the money.

Every Covid-19 Commerical is Exactly the Same (permalink)

I am in awe of Microsoft Sam's supercut, "Every Covid-19 Commerical is Exactly the Same."

Sam's right: every one of these videos hits the same notes: "We're here for you," "uncertain times," "people," "families," "we're all in this together."

And Sam's right about the reasons: they're all laboring under the same constraints: producing in a hurry, using stock footage and B-roll, while in the same crisis (in part, this is testament to how similar every director's idea of B-roll is, too).

But the writing and narration are eerily similar, too, reflecting just how quickly our rhetoric has ossified into cliche.

More than that, I think the writing represents the limited number of ways to paper over the truth we are all sensing.

That these corporations are not our friends. They are colony organisms that treat us as their inconvenient gut flora. If they survive, it will be because they hire the lobbyists who help them divert stimulus away from us to their shareholders.

"We're all in it together" the same way were were "all in it together" in 2008, when the banks trousered trillions, used signature mills to steal our houses, and corrupted our political process for a decade.

They firehosed the money they grifted to back the Trump campaign, because of course they did, because they'd back Adolf Hitler if he'd lower their taxes by a nickel.

"We're all in this together." Some of us are more in this than others.

Multi-level dungeon built into the drawers of an old dresser (permalink)

The best thing I've seen on Twitter this week (month?) is Justin Alexander's thread documenting "The Dungeon of Drezzar," Peter Heeringa and Troy Wilhelmson's spectacular multilevel dungeon built into a series of dresser drawers.

Heeringa and Wilhelmson built an entire dungeon-level into each drawer, painstakingly painted, staged and decorated. It's intricate: the "tavern" includes a teeny tiny noticeboard where adventurers can leave notes for one other.

There are effects that span multiple drawers, like a well that goes straight down, and each drawer can be removed and played on a game-table.

But that's nothin', because, as Alexander notes, the dragon guarding the bottom level and her lair match the cover of the 1981 Basic D&D; box set.

This is so amazing that I am in a state of grace and prepared to meet my maker.

Holy. Shit.

(Bonus: After I posted this as a Twitter thread, Heeringa sent me this video of a walkthrough of Drezzer:)

Talking bunker-busting with Trashfuture (permalink)

I had a fantastic time as a guest on the latest Trashfuture podcsat; we discussed the British effort to dominate the global championship for "Making empty symbolic gestures rather than compensating health care workers" Premier League.

But the real meat of our discussion is the luxury bunker industry and the plute hobbits who are fleeing to New Zealand to cower in them, wetting their beds while proles reboot civilization (AKA the plot of my novella Masque of the Red Death):

These trembling masters of the universe are planning to emerge someday with thumb-drives full of Bitcoin and AR-15s, enabling them to assemble a harem and live out an eternal Frazetta-painting future.

They will be disappointed.

Here's an MP3:

Whole Foods has a union-busting "heatmap" app (permalink)

Whole Foods management have found a cost-effective way of managing employee dissatisfaction. Instead of providing adequate pay and protection, they're tracking union activity with an "interactive heatmap" that prioritizes union-busting activities.

What signals does the heatmap incorporate to predict unionization? It's quite a list: "employee 'loyalty,' turnover, and racial diversity; 'tipline' calls to human resources; proximity to a union office; and violations recorded by OSHA."

Also: "Local economic and demographic factors such as the unemployment rate in a store's location and the percentage of families in the area living below the poverty line."

It's basically an immiseration index.

Fighting unions is expensive. Between 2014-17, US companies spent $100m on anti-unionization "consultants."

But it's still cheaper than paying a living wage and providing a safe work environment.

Ever since mass digital surveillance burst on the scene, I've been asking myself "Why spy?" What utility does mass surveillance provide to the states (and firms) that procure it?

I think the answer is that unequal states are intrinsically unstable. Every era has needed a narrative to prevent the many from redistributing the concentrated wealth of the few. Once, it was the divine right of kings: aristos are richer for you because God made it so.

Today, we hear stories like "meritocracy" (the people on top are the best people, and if you're better you can join them) or "shared prosperity" (allowing the natural leaders of the genetic lottery to dominate will produce more for us).

But these stories are wearing thin.

People are increasingly unwilling to accept fairy tales about how someday they might rise to the exalted heights (the spectacle of the idiot children of the rich frolicking in pools of vintage Veuve make it obvious that rewards are not allocated by merit).

And the cod-eugenic explanation wears thinner by the day, revealing the white supremacist face behind its mask.

Absent a normative tale of why we should accept inequality, elites turn to other methods. Historically, these are either:

  • Redistribution, or
  • Guard labor.

That is, you can either suffer yourself to be taxed for schools, hospitals and roads, or you can pay armed guards to prevent proles from building guillotines outside the gates of your manor.

Redistribution is obviously a nonstarter for plutes who take it as gospel that "taxation is theft."

If you're a neo-aristo who doesn't want to normalize being taxed, you can engage in a performance of redistribution through "philanthropy."

This allows you to retain the moral position that there should be no democratic say in the allocation of the wealth of the nation, but rather, that the super-rich alone should decide what social programs we'll have and how they should run.

This has the side-benefit of allowing dilletantes like Betsy DeVos and Bill Gates to do things like remake our education system in forms dictated by their pet theories, irrespective of the evidence to support those theories.

But if you yank on the philanthropy lever long and hard enough, it'll break off in your hand, so you turn to guard labor.

Guard labor costs! You have to pay for guards, and then you have to fret that they might turn on you and stage a palace coup.

But automation is a great boon to guard labor. Not only does it act as a force-multiplier (the Stasi needed one spy for every 60 people in the DDR; the NSA can effect global surveillance at a ratio more like 1:10,000) – but computers don't stage palace coups.

As our friends in the right like to say, "Solve for equilibrium." The more "union heatmaps" you have (assuming they actually work), the less you have to pay your workers in order to maintain a stable workplace.

Rather than squandering resources on either paychecks or indiscriminate unionbusting, you can direct your fuckery budget with laser focus, targeting only those shops likely to organize.

Amazon workers plan nationwide walkout (permalink)

Amazon warehouse workers are planning a nationwide "mass call out" – a stay-at-home protest whose demands are for facilities where someone tests positive to be shut and cleaned, and for workers to receive pay while they're waiting for it to reopen.

Workers at 50 Amazon warehouses have signed up to participate. They also want to eliminate the quotas that force them to work at such an intense pace that they have to choose between handwashing and getting the job done.

Amazon has been aggressively union-busting its warehouse employees even as they have raked in record profits due to the pandemic (Jeff Bezos added $24B to his fortune thanks to the crisis).

The company's panic that the pandemic tilts the balance of power towards its low-wage workers is palpable. They've even started firing their (nominally) impossible-to-replace tech workers in retaliation for solidarity with warehouse workers.

Recent years have seen tech worker uprisings wherein high-waged workers openly defied their employers, staged mass walkouts, and embarrassed and humiliated senior management both publicly and internally. The reprisals were limited, a testament to the scarcity of tech workers.

It's nice to extract higher profits for your tech company shareholders, sure, but it's hard to do that without tech workers.

Now, it's warehouse workers that have the leverage. Getting new workers into those jobs during pandemic lockdown is very hard.

Without warehouse workers, Amazon ceases to be a going concern.

It's no wonder the company is lashing out like a maddened bull. Yes, the company is stronger than ever – but it's also weaker.

Texas AG: We'll imprison people who warn about getting covid while voting (permalink)

The Attorney General of Texas, Ken Paxton, has threatened Texans with prison if they publicly state their belief that the coronavirus pandemic means that everyone should be casting postal votes to avoid getting infected.

His argument: the risk of covid infection is not a disability under relevant laws. Therefore, if you say people should apply for a mail-in ballot, you violate Texas law prohibiting "intentionally causing false information to be provided on an application for ballot by mail."

The penalty for violating TEX. ELEC. CODE ยง 84.004 is "a state jail felony," carrying 6mos-2yrs in jail and up to $10,000 in fines.

Australian regulator takes up Right to Repair for tractors (permalink)

A breakthrough in the agricultural Right to Repair fight: the Australian Consumer and Competition Commission is investigating whether it's legal for companies like John Deere to bully farmers into exclusively using their repair services.

The ACCC is investigating whether the use of DRM in tractor parts (which necessitates an expensive and useless service call to type an unlock code into the tractor's keyboard after the farmer effects the repair) and the extraction of data from farmers are legal.

Check Jenny List's commentary at Hackaday for more:

Smart bassinet can be remotely hacked (permalink)

The Snoo "smart bassinet" is a $1,300 gadget that allows you to control its rocking motions and send sounds to its speaker over the internet.

You. Will. Never. Guess. What. Happened. Next.

Ang Cui and Red Balloon Security audited the Snoo and found authentication and infrastructure issues that allowed them to take control of the device over the internet and direct its rocking motor with forces exceeding the safe levels set by the manufacturers.

They raised the neck-stresses from 0.2g to 0.7g, and the forehead stresses from 0.3g to 1.8g.

They were also able to push the sound output of the Snoo's speaker from its nominal max of 94.7dB to 113.93dB.

Red Balloon disclosed the flaws to the manufacturer, the Happiest Baby Company, which patched them. Then Redballoon found new flaws and disclosed those. The manufacturer says it's patched those too.

I'm sure those are the only defects anyone will ever find.

Or not. Because, as Red Balloon notes, the fundamental problem here is that the hardware safety interlocks are inadequate, so there will always be the risks that software defects will be used to do bad things to tiny babies.

The Snoo was designed to prevent SIDS. The company says that parents who are worried about these attacks can use the physical wifi disconnection switch, which also switches off remote monitoring (the fact that this switch exists is actually really good news).

As Lily Hay Newman notes in her excellent story, the finances behind this are messy. Red Balloon's lead investor, Bain Capital (ugh) own a Snoo competitor company that uses Bluetooth, but not wifi, thus limiting its attack-surface.

But also, Red Baloon and Snoo share an investor, Greycroft (ugh), so maybe this mitigates any conflict of interest?

(Image: Cryteria, CC BY, modified)

Covid did not escape from a Chinese lab (permalink)

Covid did not escape from a Chinese lab.

China is an untrustworthy, paranoid, autocratic state with a history of deadly epidemiological coverups (SARS), and it mishandled and lied about the covid crisis early on.

But covid is not a bioweapon. Nor did it escape from a lab.

Here's a pretty good high-level explainer from Eliza Barclay:

Here's Snopes rebuttal to an incredibly irresponsible Washington Post op-ed that pushed the conspiracy theory:

tldr: "Not only do these arguments โ€” discussed in detail below โ€” lack merit on their own, factual scientific studies concerning the origin of SARS-CoV-2 actually provide the strongest refutation to date of the claim the virus was 'created in a lab.'"

Article after article has quoted esteemed scientists with direct expertise in the field who have staked their reputations to rebut these claims, using evidence and reason.

It's not true.

There are actual coronavirus conspiracies, like the loopholes that let big businesses siphon 94.5% of the $349 Paycheck Protection Program earmarked for small businesses:

And the conspiracies by private equity companies to slash health workers' pay while collecting bailouts and denying claims and spending millions to lobby against surprise billing:

As with 9/11 truthers, the coronavirus-in-a-lab truthers have grasped something essential – that opportunistic sociopaths view tragedies as opportunities to loot and consolidate power – and then reach the wrong conclusion: that they caused this crisis.

Disaster capitalists and other war criminals DO sometimes cause crises (toppling governments in Latinamerica, say), but they don't need to.

They have created a world that's so unstable that disasters happen on the reg, and they have "ideas lying around" waiting for the right moment.

This is actually way more sinister. It means that when elites contemplated a crisis like 9/11 or coronavirus, their response wasn't to plan to prevent the crisis or soften its impact, it was to plan how to use it to their advantage.

We don't need to indict sociopaths for conspiring to cause crises. The depravity of planning to profit from them is more than sufficient to condemn them as unfit to rule.

This day in history (permalink)

#15yrsago Ghana nationalizes folklore, threatens jail for folk artists

#5yrsago Sony sends pre-emptive threat letter to journalists

#5yrsago Tory chairman accused of smearing party rivals' Wikipedia entries

#5yrsago Drowned in the Mediterranean: Libyan refugees tell their stories

#1yrago Stop & Shop strike convinces 75% of loyal customers to take business elsewhere

#1yrago Most Republican voters were Trumpists before Trump, and most of the rest have converted since 2016

#1yrago A secret Finnish subculture of women and girls who ride hobbyhorses has come out of the shadows

Colophon (permalink)

Today's top sources: Super Punch (, Waxy (, Slashdot (, Naked Capitalism (, Beyond the Beyond (, Editor David (

Currently writing: My next novel, "The Lost Cause," a post-GND novel about truth and reconciliation. Yesterday's progress: 517 words (5816 total).

Currently reading: I'm getting really into Anna Weiner's memoir about tech, "Uncanny Valley" and Jo Walton's forthcoming novel "Or What You Will."

Latest podcast: Podcast swap: Wil Wheaton on Little Brother
Upcoming appearances:

Upcoming books: "Poesy the Monster Slayer" (Jul 2020), a picture book about monsters, bedtime, gender, and kicking ass. Pre-order here:

"Attack Surface": The third Little Brother book, Oct 20, 2020.

"Little Brother/Homeland": A reissue omnibus edition with a new introduction by Edward Snowden:

This work licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commerically, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastadon (no ads, tracking, or data-collection):

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
When life gives you SARS, you make sarsaparilla -Joey "Accordion Guy" DeVilla

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.