[SC-L] 2010 bug hits millions of Germans | World news | The Guardian
McCown, Christian M
c.mccown at intel.com
Thu Jan 7 16:33:56 EST 2010
Anybody heard of Von Neumann probes? Google it. Then imagine what might happen if we (humans) employ the same (p*ss) poor programming discipline we do today into something like that. Fun to ruminate on.
________
Chris McCown *
Intel Corp
-----Original Message-----
From: sc-l-bounces at securecoding.org [mailto:sc-l-bounces at securecoding.org] On Behalf Of Wall, Kevin
Sent: Thursday, January 07, 2010 12:37 PM
To: 'ljknews'; Secure Coding
Subject: Re: [SC-L] 2010 bug hits millions of Germans | World news | The Guardian
Larry Kilgallen wrote...
> At 10:43 AM -0600 1/7/10, Stephen Craig Evans wrote:
>
> > I am VERY curious to learn how these happened... Only using the last
> > digit of the year? Hard for me to believe. Maybe it's in a
> single API
> > and somebody tried to be too clever with some bit-shifting.
>
> My wife says that in the lead-up to the year 2000 she caught
> some programmers "fixing" Y2K bugs by continuing to store
> year numbers in two digits and then just prefixing output
> with 19 if the value was greater than some two digit number
> and prefixing output with 20 if the value was less than or
> equal to that two digit number.
>
> Never underestimate programmer creativity.
>
> Never overestimate programmer precision.
While I never fixed any Y2K problems I worked next to someone
who did for about 6 months. What you refer to is pretty much what
I mentioned as the "fixed window" technique that was very common
to those developers who were addressing the problems at the time.
IIRC, it was a particularly popular approach for those who waited until
the last moment to address Y2K issues in there systems because it still
allowed for 2 digit year fields in all their forms and databases and output.
---
Kevin W. Wall Qwest Information Technology, Inc.
Kevin.Wall at qwest.com Phone: 614.215.4788
"It is practically impossible to teach good programming to students
that have had a prior exposure to BASIC: as potential programmers
they are mentally mutilated beyond hope of regeneration"
- Edsger Dijkstra, How do we tell truths that matter?
http://www.cs.utexas.edu/~EWD/transcriptions/EWD04xx/EWD498.html
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
_______________________________________________
Secure Coding mailing list (SC-L) SC-L at securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
More information about the SC-L
mailing list