Second draft of 'Open Letter to Alan Greenspan' : LUSENET : TimeBomb 2000 (Y2000) : One Thread


I've corrected some typos, revised a few words, and added some 19 footnotes (and a chart) to provide some backup and corroboration for the points I was trying to make.

As before, it's available at An Open Letter to Alan Greenspan

Paul, I'm sure this version will still fail your "molly-coddling" benchmark, but this is the best (and perhaps the only) way I know how to communicate.

As always, feedback and comments are welcome.


-- Ed Yourdon (, September 19, 1999


What a knock-out response to Alan Greenspan.

Thank you for both the response and formulating it so quickly. You might be surprised as to how influencial it has been to people in my circle who sent me Greenspan's comments by way of ridiculing my spectical viewpoint. I forwarded your article to them. Their tune has changed within hours. Amazing the power of analysis.


-- IPQ (, September 19, 1999.

Okay ... "skeptical." Whatever.

-- IPQ (, September 19, 1999.


-- Mara Wayne (, September 19, 1999.

How odd, as I was writing in my comments on this old Norwest brochure, before I had read Ed's open letter, I used that same analogy about having a house built. Some kind of wavelength UFO thing or what? Anyway, here it is again, but with my sarcasm and questions. Maybe just junk, but it seems relavant to me. How about it Mr G? Will you respond to us, the Great "Un-Wise"?

THE YEAR 2000 Dealing With the Millennium Bug -------------

"All of us have a responsibility to ensure the highest priority is placed on the Year2000 Project within our business units, so that we're ready for business as usual when the new century dawns. Our goal is that, by year-end 1998, all systems supporting Norwest businesses will handle the year 2000 without visible effect on our customers." Dick Kovacevich, Chairman and CEO, Norwest Corporation.

[" by year-end, 1998 ALL systemsit does NOT say "substantially all", it says "ALL"]

The Year2000 Problem

The Year2OOO problem, issue, challenge. The Millennium Bug. Y2K. Whatever you call it, every organization must deal with it. Ignoring it could put you out of business. Correcting it may be the largest systems project you've ever undertaken. And the time to get started is now!

[Ignoring it could put you out of business]

At one second past midnight on January 1, 2000, many of the world's computer systems will stop operating properly - or entirely. Why? Because, after December 31, 1999, most computers won't know what year it is. Is the problem really serious? Will it affect your company in any significant way? We believe the answer to both those questions is yes. We've produced this special brochure to alert Norwest customers to the urgency of the Year2OOO issue and the importance of dealing with the Millennium Bug before it bites you.

[Will it affect your company in any significant way? yes, but it WON'T be "Visible." To me this is a rather telling statement, in other words, Norwest's non-compliance WILL affect me in a significant way, but they won't tell me.]

Q: What is the Year2000 problem?

A: Most of us are accustomed to writing the year in shorthand, that is leaving out the century and just writing the last two digits - '97 for 1997, for example. When the calendars roll from 1999 to 2000, we'll know that '00 means 2000. Unfortunately, our computers won't. Most com-puter programs were written to provide two digits for dates, not four. So, when the year changes to 2000, a computer may incorrectly read '00 as 1900.

["Unfortunately, our computers won't." Won't what? Work? Duh.]

Q: How will that affect my organization?

A: The Year2OOO problem affects any computer program that produces information based on time or date. For example: accounts payable and receivable, inventory tracking, and interest calcu-lations. When computers use the wrong dates in calculating billings, earnings, and date-sensitive information, the result will be errors in calcula- tions, invoices, and processing - and, in some cases, complete computer failure. Consider the information your business needs that requires the calculation of how much time has passed from one event to the next. When was this product produced? When is this invoice due? When should this machine undergo maintenance? When must we make payment to avoid late charges? When will this perishable product no longer be safe? Now consider what would happen if your com-puter could no longer make those calculations.

["When computers use the wrong dates in calculating billings, earnings, and date-sensitive information, the result will be errors in calcula-tions, invoices, and processing - and, in some cases, complete computer failure" In other words, when Norwest's computers fail, I will be affected, again, DUH!]

Q: Does this affect all computers?

A: Yes, because essentially all computers use dates for part of their processing. The starting point for most dates is built into the computer. Software uses the date provided by the computer for calcu- lations using data that is entered or stored in files. If the hardware, software, or data uses a two-digit year, the entire system is at risk. The size of the computer is not a factor; the risks are the same from PCs to mainframes. The problem is particu-larly serious because almost all large computers and many PCs are linked together to process information and manage other systems and devices. Errors in or failure of one computer could have wide-ranging impact.

[ "All computers", "linked together", "entire system", "wide ranging impact", this sounds like a "Systemic" problem to me]

Q: Are computers the only system at risk? A: Unfortunately, no. Any electronic devices controlled by computers may be affected. These include elevators, heating and cooling systems, utilities, leased equipment, building access controls and security systems, vaults, phones, fax machines, clocks, and more. Many of these automated systems contain microchips that are triggered by date-sensitive information.


Q: How did we get into this mess?

A: The seeds of the Year2OOO problem were plant-ed decades ago when programmers instituted the practice of representing dates as two digits instead of four. At the time, two digits saved two valuable commodities: money and memory. They saved labor costs at a time when most data was keyed onto 80-column punched cards then fed into a computer. They saved computer memory when there was very little memory available. Even when memory ceased to be an issue, money remained one. The thinking went, why spend money to fix something that isn't broken? And the year 2000 seemed very far away.

["The thinking went, why spend money to fix something that isn't broken? And the year 2000 seemed very far away." Amazing, here is someone actually admitting their lack of foresight! And now we are supposed to trust these people? Why should we? They have already proven they blew it!]

Q: How difficult is it to get out of it?

A: It isn't that the solution is so difficult. It's that the problem is so massive. To change from two-digit to four-digit years, organizations have to analyze every hardware and software system operating in the company - every platform, application, database, internal and external interface - to discover every line of code in which date references are imbedded. Then the programs must be rewritten or replaced and integrated back into your operation. It's not as simple as giving "find" and "replace" commands to your computers and computerized systems. We all wish it were.

[It's that the problem is so massive, not that greedy banking executives kept putting it off!]

Q: How long will this take?

A: We can't speak for your organization, but Norwest has approximately 100 million lines of code installed throughout the corporation in main-frame and distributed systems. We estimate that it will take one million plus people-hours to assess, repair, replace or retire, and fully test our systems.

[Let's see, 100 million lines of code, one million plus people hours, that works out to 100 lines of code per hour. I wonder who can examine 100 lines of code, find and fix the errors and return those 100 lines to service with no errors, in 1 hour? No wonder they pulled this brochure!]

Q: How much will it cost?

A: Norwest and other companies that have begun to tackle the Year2OOO problem have found it to be larger and more costly than originally expected. The IRS has ruled that Year2OOO re-programming costs can't be amortized; they must be expensed. It's important to plan ahead for the costs, so they don't cause cash flow problems for your company. Plus, the longer you wait, the more expensive it will get, as the supply of programmers able to fix the problems will rapidly diminish as demand for their services increases.

["have found it to be larger and more costly than originally expected." But HOW MUCH? They still don't know. How about that, how would you feel if you hired a contractor to build a house for you and they not only over ran the initial estimate, but then told you the house would be no good unless you agreed to spend an unlimited and unknown amount to finish it? And then added that even with an unlimited budget, it may never actually be habitable? And then, started telling you the problem was not their shoddy and irresponsible management, but your desire to move in?]

Q: Aren't there off-the-shelf correction programs we can use?

A: There are tools available to help you assess where date-sensitive problems may lie, and it's probably worth investigating them. However; each company's systems are unique. Your programs may be written in a variety of programming languages. The symbols used in various programs to represent dates are likely not consistent. Your applications may have been revised or modified over the years, and they may connect and inter-connect to other applications in unique ways. If you wait for an off-the-shelf solution, you may find your company in serious trouble when the millennium rolls around.

["you may find your company in serious trouble when the millennium rolls around." YOUR company? What about Norwest? Are they in serious trouble? Have they been waiting for that "Silver Bullet"? Uh, yep, I think they are STILL waiting for it, just like that 65% of organizations are.]

Q: If I get my systems fixed, what about my vendors systems?

A: You're right. The Year2OOO problem does go beyond your own systems and programs. Consider your payroll processor; your stock transfer agent, your foreign manufacturers, your employee benefits providers. You will need to contact every supplier and organization you exchange information with or rely on to make sure their computer fixes are compatible with yours, and yours with theirs. You will want to test the interfaces between your companies to make sure everything works. You should also contact vendors that have supplied you with any automat-ed systems - computer hardware, software, and computerized equipment - to learn when and how they plan to make their products and services Year2OOO compliant.

[According to their website, they will NOT respond to questionnaires, so just how do we get this information from THEM?]

Q: How soon will the Year2000 problem become a concern?

A: It's a serious concern NOW! Financial institu-tions such as Norwest must have their systems re-programmed and tested by December 31, 1998. In our view, 1999 should be a year to re-test to ensure all systems are "Go" by January 1, 2000. If yours is among the 65% of organizations that have not yet begun to assess the impact of this critical problem, start today! This is one deadline that is not negotiable.

[The smoking gun "Financial institu-tions such as Norwest must have their systems re-programmed and tested by December 31, 1998" Emphasis NOT mine. "This is one deadline that is not negotiable." Nevertheless, they negotiated it to June of 1999, and even now, with 14 weeks left, they are not done. So much for a non-negotiable deadline. Also, I wonder where they got the 65% figure? Perhaps they have access to "inside" information? ]

Q: How do we get started?

A: By becoming aware of the urgency of the Year2OOO problem, you've taken the first step. Now it's time to assess your systems and formu- late your Year2OOO battle plan. Call in your systems programmers for their advice, and treat them well. They could be your most valuable allies as the 1900s draw to a close.

[Battle plan? I should have a battle plan? Should my battle plan include ceasing to do business with non-compliant vendors, like Norwest? Does this mean I should take my money out of the bank?]

There are many facets to the Year2OOO problem. Make it your business to be informed. The Internet is a vast resource on the subject. For starters, check out , , and . If you would like to know more about Norwest's Year2OOO project, talk with your Relationship Manager or Banker, or call 1-800-805-6571.

[This is the information given to me by my bank in October of 1998. I have the brochure, which has since been replaced by an "updated" lawyer approved version. According the most recent information from Norwest, they will discontinue doing business with vendors who are non-compliant, why shouldn't I adopt the same policy and cease doing business with my non-compliant vendor, Norwest? ]

-- Tim Castleman (, September 19, 1999.

Dear mr. greenspan,are you jewish-if-so what does the TORAH say about=lying?

-- it is written. (, September 19, 1999.

Ed -- I did a text search of your paper on the following words: fraud, dishonest, fiat. No mention of any of those in a banking system context.

-- A (, September 19, 1999.


Re the non-use of "fraud," "fiat," and "dishonest": I wasn't attempting to comment on the banking system in general. Among other things, I have no credentials in the banking field per se, and there's enough amateur commentary about banking on this forum already .

I do feel qualified to talk about software, software projects, software defects, and related topics. And I do feel that I've got a credible basis for critiquing a speech that basically argues that Y2K is no longer a serious threat to the economy, the banking system (whether or not it's good, bad, or neutral), the government agencies that provide our services (again, without regard to whether those services are good, bad, or indifferent). I thought that was enough to tackle in one essay...


-- Ed Yourdon (, September 19, 1999.

dEAR MR. YOURDON, seeing that your a sorta leader type fella,what about your spiritual STAND? OH please don,t tell me, it,s a private thingee,JESUS said whoever is ashamed of him BEFORE Mere men, HE jesus WILL BE ASHAMED OF BEFORE GOD. there ain,t no secret agents in HIS KINGDOM.WHAT DO YOU THINK OF AMERICA,S MORAL-DECLINE?HOW LONG DO YOU THINK GOD WILL LET US'GIVE HIM A COLD SHOULDER?WILL TECHNOLOGY [SAVE US?]

-- not ashamed of the TRUTH. (, September 19, 1999.

Ed, I just wanted to drop you a note of encouragement for all of your effort in this regard. Your style of communicating has already saved more lives than any fire breathing name calling - mine and my family's included.

-- James (, September 19, 1999.

Ed - I have the following fundamental concern about what Greenspan has said. The all-important contingency or backup plans that companies will have in case all is not really fixed assumes as part of those plans a need to stockpile. Yet Greenspan seems to be saying that virtually no companies have started to stockpile and that very few will be able to. If that's true, then my concern has risen a major notch. (I have similarly been concerned about what proportion of companies or agencies are relying on backordered software, hardware or supplies that will not be available in time, yet their public assurances that they will be ready by a certain date assume that they will be.) All of this adds up to the need to be 100% remediated, because the contingency plans are destined to fail.

-- Brooks (, September 19, 1999.

Congrats Ed for your outstanding reponse to Mr Greenspan.He is brilliant but your points show exactly where he missed the boat.I resented his implication that those of us who have prepared for possible disruptions are in the camp of the ignorant and unpatriotic.Will Mr Greenspan give me 100% assurance and give me assistance if there are problems in 1/00?When is being prudent anti- American?Your point about contingency plans apparently being wise for businees and government but not for Mr American Citizen was beautiful.You clearly showed the subtle dishonesty of his comments which will surely create more complacency than ever.Thanks for your efforts antway.I appreciate them.

-- Dennis Chornomaz (, September 19, 1999.

Ed, I think the content and tone of your letter are excellent. Some folks on this forum seem to feel that you ought to sound the alarm, but I like your approach of politely poking at the holes, as if to say, some of us aren't fooled. My comments follow.

1. EY: "Meanwhile, the more serious flaw in your optimistic assessment is that the difficult Y2K problems will involve interfaces and interactions between companies."

This sounds as if interfaces is part of AG's assessment, whereas it's really an omission in his assessment. This is made clear in the rest of your paragraph, but I'm just trying to close off any weasel room.

2. EY: "In the worst case, when a bank fails, the FDIC will use whatever banking records it can obtain to determine the status and balance of customer account."

It's actually worse (for the public). FDIC regulations state that so long as the bank's records are consistent and unambiguous {even if they are wrong}, the depositor's records (statements, canceled checks, etc.) are irrelevant.

3. AG: "But as I mentioned earlier, the probability of a cascading of computer failures in mission-critical systems is now negligible, given the testing that has been done, the backup plans that are in place, and the great adaptability and ingenuity of the American worker."

Your answer might be expanded to include cascading of computer failures across an entire industry or even across industries, and the difficulty in arranging testing on such a large scale.

Also, how does AG define negligible? 5%? 1%? .01%?

4. AG: "If only a small percentage of businesses choose to add to their inventories as a hedge, the effect on production will be insignificant. However, should a large number of companies want to hold even a few extra days of inventories, the necessary, albeit temporary, increase in production (or imports) to accommodate such stock building could be quite large. Bottlenecks could develop, and market pressure could ensue. Thus, the more we share information, the more informed our decisions and, hence, the smaller the need for precautionary hedging.."

Not necessarily. The information might tell businesses that things are in worse shape than they thought, which in turn may require even more hedging than had been planned.

5. The quote of Luigi Pirandello seems to be missing a close quote.

Thanks again for your efforts.

-- David L (, September 20, 1999.

Dennis, "Ignorant and unpatriotic."?? Same tactic and guilt trip the Chinese government uses on the people when they are about to lose control and demand more from the people. Of course for govenrment officials it's always "don't do as I do, but do as I say." They have the best of both worlds, control, control and more control.

-- ~~~~~ (, September 20, 1999.

Ed, good work. A lot more... what's a good phrase here... "impassioned edginess" than much of your other work. AG strike a nerve here?

re: chance negligible of cascade failure comment by AG. Comparing to other works of Alan, his statements here leave open to interpretation the results of the testing - he did not say successful remediation - and because of backup plans reference, one could infer the testing proved problematic and the need for the good ole American fix means the backup plan is a work in progress... in other words, "the risk is negligible because we have found there are numerous problems therefore the problems are not unknown, and the plan is to have someone smart fix them on the fly and by so doing we will avoid cascade failures"

Seriously... 2/3 of his reasons as to low risk depend on contingency plans and the "silver-bullet man (or woman)"? Gives one that warm fuzzy feeling. If he were talking interest rates the market (and I) would be expecting a rate hike. I can hear it now... "The chances for a rate hike are slim based on the data, other factors which affect the data, and assuming the consumers take the right actions so as to affect the data in the right way." Then... "well we had to raise rates because other factors and actions taken did not affect the data as we would have liked"

MAybe it's just me, but I think the gov is starting to release "clues" on purpose. The famed Navy report - stays online, AG's between the line stuff, some other things said by Kos. on roadtrip (was it Indiana?) ("definitely prepare for 3 day storm"), Other "works" people keep finding.

-- W. Stalcup (, September 20, 1999.


1. Has been a professional programmer 2. Worked in a professional IS shop 3. Managed IS projects (not to mention the Federal Reserve)

Here's the REAL IS work Yourdon has done:


So where's his credentials? Give me a reason to believe he has even a fragment of an idea what goes on in IS shops.

-- N.Arro (, September 20, 1999.

Ed, with an attitude like that you are never going to get a job managing software projects. You have to tell the top dogs what they want to hear.

"While we're on the subject of Nasa" Too funny. There you go airing that dirty laundry again.

To the poster above, Ed has 30 years experience in IT which is how he developed his bad attitude. He has authored many books, done the lecture curcuit, etc.

-- Amy Leone (, September 20, 1999.


I wrote software when I was a wee young lad (including the assembler for the PDP- 8, and the FORTRAN math library for a couple of DEC machines, among other things). I managed software projects when I got a little older, and saw the politics first-hand. I've been a consultant for quite a while now, and I get a chance to visit more companies and observe more projects than most of the programmers down in the trenches will see in a lifetime.

One of the advantages of being a more-or-less independent consultant is that you don't always have to tell the top dogs what they want to hear. You have the option of telling them what you feel to be the truth, in a polite, constructive fashion; sometimes they'll listen, sometimes they won't. If they get annoyed by what you're telling them, you can agree to disagree, and move on to find another client. It's one way of maintaining integrity in today's business environment...


-- Ed Yourdon (, September 20, 1999.

Gee, Ed, you yourself must be mistaken about what you yourself have done in your own career. Somebody called N.Arro ( says you ain't got none of that there IS experience.


(I started out on a PDP-11/40 running RSTS V6C. Some COBOL compilations would literally take hours of elapsed time.)

-- Lane Core Jr. (, September 20, 1999.

Thanks for another thorough article. I am going to send the link on to my SDGI (still don't get it) family members.

I am curious about your decision to include "World Net Daily" as a source. The article was shocking. I am under the impression that WND has a reputation for presenting stories in a sensational manner, and often with an anti-government bias (sometimes even leaving out important facts that would give the story a different 'spin').

Personally, I would be able to give more weight to the article if the source had been an LA paper, AP, or Reuters.

Thanks again,

-- Berry Picker (, September 20, 1999.

Berry Picker,

Re the WND article ... yeah, I debated (with myself) about putting in that reference. But I think that all of the warnings about people being victims of criminals if they withdraw money from the bank is also pretty sensationalist -- and it's being repeated over and over again by all the Fed authorities, bank spokesmen, etc. So even though I'm not sure how much credibility to put in the WND article (I agree, it would have been better if it came from Reuters or AP), I thought it was worth a brief mention, in order to reinforce the overall point in that paragraph that there is a broad spectrum of risks that we citizens have to contemplate whenever we make financial decisions.


-- Ed Yourdon (, September 20, 1999.

Well, you are polite and sometimes quite humorous. Still you must know what they say about fighting city hall. They are always bigger than you and there are always more of them. The best tactic for a big enemy is to go around them (called manuver warfare) rather than attempt to confront them. Of course I have no idea how you would do this. I just can't stand watching you get beat up.

-- Amy Leone (, September 20, 1999.


You may not be aware that the story of the tragedy in Compton was also reported in the LA Times on August 26, and in several subsequent articles. The first was referenced here in:

Compton story link

While the link to the LA Times story is obsolete, the report is in their archives, but while it seems that it may be searchable, it seems not to be linkable.


-- Jerry B (, September 20, 1999.

From: Y2K, ` la Carte by Dancr near Monterey, California

For those who may have missed it, the handle of N. Arro, above was the name used in an earlier character assassination.

Ed -- Thanks so much for all the work that you do. When I hear people like Greenspan speak, I get so discouraged. I printed out the first draft of your article to share with my husband, even though I have long ago been told that he didn't want to hear another word about Y2K. I felt justified in doing this because he had told me that "One has to listen to Greenspan, you know. Anyone would have to be a fool to think he doesn't know what he's talking about." I don't know if he'll read it or not, though. I doubt it.

As impressed as I was with the first draft, the second is much improved with only the addition of the footnotes. I have only cosmetic comments, in addition to the comments I shared privately about the first draft. I post them here, publicly, so that you may hopefully avoid receiving 1000 or more similar comments in your mailbox.

An additional space is needed between the italicized word "Journal" and the hyperlinked word "article" in first paragraph.

Link #2 in the footnotes does not work for me.

In footnote #10 ASsistance should be Assistance.

I can't read the percentages at the top of the bars on the graph.

-- Dancr (addy.available@my.webpage), September 20, 1999.


Recomend you include the "time" (8 months delay in opeing the Denver Airport ?) as an example of the time that "fixing" computer problems inside of complex systems may take.

One thing I've consistently noticed is that the y2k problem is seen as a "programming" problem, and so "programmers" have to discuss its implications. Once outside of the "code" itself in the bigger systems (COBOL mainframes is the classic example), which only programmers can correct, or outside of the "business-business" or "business-government" data exchanges, the rest of the impact is in management, is between business divisions and departmetns and people, and is inside of production or distribution PROCESSES.

Thus, despite what the anonymous poster above claims, does it matter what older programming experience Greensan has? Or even your experience for that matter? The ability to recover from a control or data problem in a water plant, in a warehouse distribution system, or in a manufactoring facility is an industrial and civil engineering function: the programmer is only one small step in the process.

Greenspan (and every other federal spokesman I've heard) can only address (at this stage) the banks, a limited bit of the Socail Security System, and parts of the Security and Exchange processes, at most only the 8% of the federal systems that have been declared mission-critical have been remediated.

Consider independent testing. With the possible exception of the FAA - who have been unable to tell us whal exactly systems have been tested, much less audited by SAIC- and the NRC's 120 power plants, what other systems (worldwide) have been independently audited other than the banks? Now consider that of the 120 US nuclear power plants, "exceptions" and delays were required for 26 to be declared compliant .... despite having the best maintained and best documented designs, the best vender support, and the most highly trained operators of all power plants in the US.

How can we reconcile the fact that: the only independently-audited group of power plants receive a 78% completion rate, while the self-reported data from the non-nuclear group of power plants shows these are 99% successful, and all finished on time?

No other systems have been audited.

-- Robert A. Cook, PE (Marietta, GA) (, September 20, 1999.

Moderation questions? read the FAQ