Cameron needs to stop rewarding the lucky

Martha Gill's Irrational Animals column.

If we’ve learned anything in the past few weeks, it’s that life at the top is even better than we thought and life at the bottom is probably just going to keep getting worse.

The thought for the day was brought to you by David Cameron, who seems to be operating under the healthy, no-nonsense, fresh-air-and-cold-showers theory that removing housing benefits from the unemployed will make them all the more determined to do well (rather than, say, depressed to the point of comatose). The super-rich, on the other hand, deserve gold stars for their achievements, and tax law like a cable-knit jumper. It’s motivational.

There are many problems with Cameron’s approach but, in the interests of staying within my word count, I’m going to distil them into one – which is that he is not the headmaster of a small private school. The world of work, you see, operates a little differently. A recent study from Oxford’s Saïd Business School highlighted how, in professional life, ending up at the very bottom or the very top is much more to do with luck than whether you pull your socks up and stop smoking behind the sheds.

Such is the power of luck that society’s biggest failures share a surprising similarity in approach to society’s biggest successes. To demonstrate this, the experimenters created two computer models, simulating five million players of differing skill going through a win/lose game of 50 rounds. The “success” of each person was then modelled on how many rounds they won.

The first model showed that in careers where success builds on previous success (ie, most jobs), luck has a vastly magnified impact on those at the top. Those giving “exceptional performances” were of lower skill, on average, than those giving merely very good performances. The important factor was an early chance success, which then snowballed. Similarly, “extreme failures” (the long-term jobless) were not the least able – they were just unlucky early on.

Highs and lows

The second model looked at careers in which there is an element of risk (investment banking, for instance). Results showed that both the highest and lowest achievers took the riskiest paths. The experimenters noted again that huge success did not correlate well with skill.

They concluded that we should be more careful about dismissing the failed and praising the exceptional, writing of the danger that “high rewards for exceptional performance may tempt other people to deliberately take risks or to cheat because they are unlikely to achieve extreme performance otherwise”. Instead, we should strive to copy the second- or third-in-command.

What can we take from this? Well, first, we should throw out our Mark Zuckerberg biographies and fill our shelves with titles such as Making It to the Middle: How I Only Gave Up on Some of My Dreams and Reaching for the Stars: How I Once Groped John Barrowman. But perhaps we should also take another look at Cameron’s penchant for punishing the unlucky and rewarding the already fortunate. Lady Luck is a harsh mistress, and the day she is allowed to dictate policy is the day she becomes a tyrant.

This article appeared in New Statesman edition 02/07/12

Photograph: Getty Images

Martha Gill writes the weekly Irrational Animals column. You can follow her on Twitter here: @Martha_Gill.

This article first appeared in the 02 July 2012 issue of the New Statesman, Clegg the martyr

Getty
Show Hide image

Marcus Hutchins: What we know so far about the arrest of the hero hacker

The 23-year old who stopped the WannaCry malware which attacked the NHS has been arrested in the US. 

In May, Marcus Hutchins - who goes by the online name Malware Tech - became a national hero after "accidentally" discovering a way to stop the WannaCry virus that had paralysed parts of the NHS.

Now, the 23-year-old darling of cyber security is facing charges of cyber crime following a bizarre turn of events that have left many baffled. So what do we know about his indictment?

Arrest

Hutchins, from Ilfracombe in Devon, was reportedly arrested by the FBI in Las Vegas on Wednesday before travelling back from cyber security conferences Black Hat and Def Con.

He is now due to appear in court in Las Vegas later today after being accused of involvement with a piece of malware used to access people's bank accounts.

"Marcus Hutchins... a citizen and resident of the United Kingdom, was arrested in the United States on 2 August, 2017, in Las Vegas, Nevada, after a grand jury in the Eastern District of Wisconsin returned a six-count indictment against Hutchins for his role in creating and distributing the Kronos banking Trojan," said the US Department of Justice.

"The charges against Hutchins, and for which he was arrested, relate to alleged conduct that occurred between in or around July 2014 and July 2015."

His court appearance comes after he was arraigned in Las Vegas yesterday. He made no statement beyond a series of one-word answers to basic questions from the judge, the Guardian reports. A public defender said Hutchins had no criminal history and had previously cooperated with federal authorities. 

The malware

Kronos, a so-called Trojan, is a kind of malware that disguises itself as legitimate software while harvesting unsuspecting victims' online banking login details and other financial data.

It emerged in July 2014 on a Russian underground forum, where it was advertised for $7,000 (£5,330), a relatively high figure at the time, according to the BBC.

Shortly after it made the news, a video demonstrating the malware was posted to YouTube allegedly by Hutchins' co-defendant, who has not been named. Hutchins later tweeted: "Anyone got a kronos sample."

His mum, Janet Hutchins, told the Press Association it is "hugely unlikely" he was involved because he spent "enormous amounts of time" fighting attacks.

Research?

Meanwhile Ryan Kalember, a security researcher from Proofpoint, told the Guardian that the actions of researchers investigating malware may sometimes look criminal.

“This could very easily be the FBI mistaking legitimate research activity with being in control of Kronos infrastructure," said Kalember. "Lots of researchers like to log in to crimeware tools and interfaces and play around.”

The indictment alleges that Hutchins created and sold Kronos on internet forums including the AlphaBay dark web market, which was shut down last month.

"Sometimes you have to at least pretend to be selling something interesting to get people to trust you,” added Kalember. “It’s not an uncommon thing for researchers to do and I don’t know if the FBI could tell the difference.”

It's a sentiment echoed by US cyber-attorney Tor Ekeland, who told Radio 4's Today Programme: "I can think of a number of examples of legitimate software that would potentially be a felony under this theory of prosecution."

Hutchins could face 40 years in jail if found guilty, Ekelend said, but he added that no victims had been named.

This article also appears on NS Tech, a new division of the New Statesman focusing on the intersection of technology and politics.

Oscar Williams is editor of the NewStatesman's sister site NSTech.