Showing posts with label intermediaries. Show all posts
Showing posts with label intermediaries. Show all posts

Monday, August 10, 2020

Reputation among thieves: ransomware and kidnapping

Like everyone else, I occasionally get notifications of data breaches from organizations with which I have digital relations.  Often the breach involved a third party.  Sometimes the breach involves the theft of data accompanied by a demand of ransom--i.e. the victim is invited to pay the cybercriminal, who then promises to destroy the data instead of selling it on the dark web or otherwise using it.

This bears some resemblance to the kidnapping business, and its high-seas version, piracy.

Here's part of an email I recently received informing me of such a breach, and subsequent payment of ransom.

"I’m writing to inform you that Blackbaud, the company that hosts [xxx’s] relationship management system, suffered a security incident in May. Blackbaud is the world’s largest provider of fundraising technology for non-profits and educational institutions, and many organizations have been impacted by this incident.
...
"We were also informed by Blackbaud that in order to protect data and mitigate potential identity theft, it met the cybercriminal’s ransomware demand. Blackbaud has advised us that it received assurances from the cybercriminal and third-party experts that the data was destroyed. Blackbaud has been monitoring the web in an effort to verify the data accessed by the cybercriminal has not been misused. "
************
Why should "assurances from the cybercriminal" be reassuring? (and for how long?).  And what are the roles played by "third-party experts"?

My guess is that, as in the kidnapping biz, intermediaries have emerged to conduct the negotiations, get some sort of assurances, and make it possible for criminal organizations to maintain reputations for honor among thieves.

It is of course possible to regard ransom paying as a repugnant transaction that facilitates ransomware, kidnapping, etc.  In fact the U.S. for some time made it a crime to pay ransom to kidnappers, but relaxed that view over time, as kidnapping became a bigger international business, and there was often a considerable desire (sometimes covered by insurance) to pay ransom when it seemed the best way to recover the kidnapped person alive.

Here are some related posts which touch on that story:

Monday, June 24, 2019  Kidnapping insurance

Tuesday, September 13, 2016 Ransom as a (not so) repugnant transaction

Monday, August 9, 2010 Brokers for pirate ransom

Saturday, December 5, 2009 Market for kidnapping

Sunday, November 30, 2008 Pirate ransom: counterparty risk

Monday, December 26, 2016

Matchmaking nudges and noodges in the internet age

The internet dating site JSwipe has a program called ParentPay. The website has a banner reading (subtly) "We want grandchildren."

Here's the text of the ad that made its way into my email:

"Hey Mom, Hey Dad,

Hanukkah is here! We have the perfect gift. 

We both know your kid is a catch and anyone would be lucky to date them. It's time to give your son or daughter (friend, cousin, or grandkids) the right tools for finding *Jewish* love in the digital age --- and fast track your way to grandkids.

JSwipe is the #1 Jewish dating app with nearly one million users across the world. We're responsible for hundreds of marriages and want your kids to be next! Really. That's our job.

JSwipe offers a First Class membership that provides premium features to maximize the impact of their dating experience. Better matches = better dates. While their unpaid internship is great for their career, it's not so great for helping them afford a First Class membership.

That's where you come in!

Because you're such incredible parents, we're offering you the opportunity to gift your child one-year of JSwipe First Class for $99, less than half of what it usually costs! Consider it their "love allowance." The perfect Hanukkah gift! The gift of love that keeps on giving.

Would you be happy to have a new guest at your next family holiday? We know Bubbe would. Don't Passover this opportunity! "

*************

JSwipe has a free mode and a paid mode, and the paid mode gives more signals (superswipes) that can be sent per day, etc.  Here's a review

Monday, January 18, 2016

Equilibrium, mediation, and differential privacy

Here's a paper that caught my eye...

Robust Mediators in Large Games
Michael Kearns, Mallesh M. Pai, Ryan Rogers,  Aaron Roth, and Jonathan Ullman
December 14, 2015
Abstract
A mediator is a mechanism that can only suggest actions to players, as a function of all agents’ reported types, in a given game of incomplete information. We study what is achievable by two kinds of mediators, “strong” and “weak.” Players can choose to opt-out of using a strong mediator but cannot misrepresent their type if they opt-in. Such a mediator is “strong” because we can view it as having the ability to verify player types. Weak mediators lack this ability— players are free to misrepresent their type to a weak mediator. We show a striking result—in a prior-free setting, assuming only that the game is large and players have private types, strong mediators can implement approximate equilibria of the complete-information game. If the game is a congestion game, then the same result holds using only weak mediators. Our result follows from a novel application of  differential privacy, in particular, a variant we propose called joint differential privacy.

Monday, November 9, 2015

Assisted suicide legislation is clarified in Germany (family members won't be prosecuted, but professional assistance is forbidden)

Timo Mennle writes  from Zurich:

"the German parliament ("Bundestag") passed a new law concerning assisted suicide. The law generally forbids aiding others in their own suicide. However, it has two important points: first, it imposes a penalty of up to 3 years imprisonment if assistance for suicide is provided in a "business-like" fashion. This explicitly rules out the provision of such services for profit but also the professional provision by organization. Second, relatives and persons with a close relationships are exempt from punishment if they assist in a suicide out
of “altruistic motives.” The same is true for medical doctors in case of
decisions on a by-case basis. The new law closes a legal gap that previously left medial doctors and relatives in an ambiguous situation.

The express purpose of the new law is to "prevent a habituation of society to assisted suicide and to prevent the pressuring of old or sick persons into killing themselves." The vote in parliament was taken anonymously; the usual obligation of the members of parliament to vote according to their respective party's recommendation was explicitly suspended and they were asked to follow only their own conscience in this decision.

This and more information can be found in the following news articles
(unfortunately in German):

An English article about the topic can be found here:

Thursday, September 25, 2014

Competition by intermediaries can drive up prices:

A paper by Ben Edelman and Julian Wright considers how intermediaries can compete with each other for buyers by offering bigger refunds than do their competitors, resulting in higher prices and lower welfare...

Price Coherence and Adverse Intermediation by Benjamin Edelman and Julian Wright


Monday, June 9, 2014

Qatar, and the role of trusted intermediaries

Trusted intermediaries receive some attention in game theory and market design, since there are things that can be accomplished with the aid of intermediaries that are otherwise difficult or impossible.

The recent prisoner exchange between the United States and the Taliban was intermediated by Qatar. This story from the NY Times emphasizes some of the promises that they made and how they will have to continue to work to carry them out if they wish to be a trusted intermediary in the future: P.O.W. Deal Gives Qatar a Victory, and a New Test