Why do you think I believe it was definitiely involved?
I just don't think it's ruled-out by the simple official story. Some but not all of the reasons why I believe there might be more to the story are based on decades of life experience:
* Whenever the media reports on something I know about intimately, they get it wrong, preferring pleasing simple narratives to the full details. Hence, I assume their stories on things I don't know intimately show a similar skew towards oversimplification, missing-details that are embarassing to the key actors, and audience-pleasing explanations.
* I've not ever been in IT security for a major or public company. But even in tiny organizations, I've observed strong incentives – not all misguided! – to downplay malicious mischief as a contributor to any problems. Organizations don't want to encourage the perpetrators with publicity, nor encourage copycats. Orgs also don't want to be embarassed by lax measures. From direct reports from individuals at larger organizations – and reliable public accounts of late-reported hack/extortion incidents – I believe these incentives can be even stronger at large, slow-moving, distributed-responsibility public companies (though of course the penalties for explicitly-misleading statements also larger).
* Plenty of mean, crazy, or self-interested people may have it out for Southwest, from previously-angered travellers to disgruntled employees to motivated short-sellers (individuals or formal funds). And even if the potential for sabotage was under formal investigation right now, the investigators – private or public – might want to hide that fact until definitive evidence collected & perpetrators are prosecutable. It can take months or years for the real story to emerge!
A fragile outdated system finally reaching a chaotic breaking point is one possible & sufficient answer, of course.
But it's also a potential weak-point to be pushed-over-the-edge by motivated saboteurs or extortionists. In fact, such a weak point is ideal for certain criminal schemes, because of its deniability by both perpetrator and victim as merely a problem of aged systems & incompetence.
So, only the naive would rule it out entirely based on only self-serving public narratives.
Nothing we know about anything rules out the possibility that we might later learn something new that shows differently. But we can only make informed decisions based on what we do know, because the unknown is infinite. In the end, most occurrences in the world are just as plain as they appear.
> So, only the naive would rule it out entirely based on only self-serving public narratives.
I don't technically disagree, but it is also just as naive to ignore our human proportionality bias and discount the relative probability of the available evidence.
But the comment that I was responding to claimed, "Southwest's meltdown was definitely not an attack." [emphasis added]
I'm not saying it definitely was an attack, nor even that it likely was. Just that it's premature to "definitely" rule it out so soon, a mere 3 weeks out, given the organizational incentives involved & base rates of both extortion/vandalism & (often well-meaning but at the very-least ass-covering) reporting-misdirection about the same.
You seem to agree with me that it remains a possibility, so not sure we actually disagree about any particulars of the event, just the discussion.
Imagine there were a well-refereed, bettable proposition like, say, "By the end of 2030, will either (a) someone be criminally charged for contributing to the Southwest service disruptions of late 2022; or (b) will a knowledgeable Southwest insider or law enforcement agent report they saw evidence that intentional acts worsened the Southwest service disruptions of late 2022?"
Just from base rates of such mischief, & without yet digging deeper, I'd consider an answer of "YES" to have around a 2-3% chance. And something with a 1-in-50 chance of having happened is absolutely a valid topic of speculation deep in forums like this!
Such tail events are where lots of the big wins, & big losses, for industry & society arrive. But also, such real-but-rarer outcomes get habitually ignored by simple mainstream summary coverage, which needs to put neat bows on stories for uninformed & distracted audiences, by short deadlines, reliant on spin from involved entities.
To protest deep in the threads, and insist that a few-weeks old official-sources story is "definitely" the whole explanation, case-closed, stop-speculating-its-hurting?
That's actually hostile to helping curious people understand a complex world based on limited & conflicted information sources.
I just don't think it's ruled-out by the simple official story. Some but not all of the reasons why I believe there might be more to the story are based on decades of life experience:
* Whenever the media reports on something I know about intimately, they get it wrong, preferring pleasing simple narratives to the full details. Hence, I assume their stories on things I don't know intimately show a similar skew towards oversimplification, missing-details that are embarassing to the key actors, and audience-pleasing explanations.
* I've not ever been in IT security for a major or public company. But even in tiny organizations, I've observed strong incentives – not all misguided! – to downplay malicious mischief as a contributor to any problems. Organizations don't want to encourage the perpetrators with publicity, nor encourage copycats. Orgs also don't want to be embarassed by lax measures. From direct reports from individuals at larger organizations – and reliable public accounts of late-reported hack/extortion incidents – I believe these incentives can be even stronger at large, slow-moving, distributed-responsibility public companies (though of course the penalties for explicitly-misleading statements also larger).
* Plenty of mean, crazy, or self-interested people may have it out for Southwest, from previously-angered travellers to disgruntled employees to motivated short-sellers (individuals or formal funds). And even if the potential for sabotage was under formal investigation right now, the investigators – private or public – might want to hide that fact until definitive evidence collected & perpetrators are prosecutable. It can take months or years for the real story to emerge!
A fragile outdated system finally reaching a chaotic breaking point is one possible & sufficient answer, of course.
But it's also a potential weak-point to be pushed-over-the-edge by motivated saboteurs or extortionists. In fact, such a weak point is ideal for certain criminal schemes, because of its deniability by both perpetrator and victim as merely a problem of aged systems & incompetence.
So, only the naive would rule it out entirely based on only self-serving public narratives.