Programmers finding Y2K bugs in software already repairedgreenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread
Hey, I'm on a roll. More of yesterdays papers. <:)=
WASHINGTON (AP) Even after the Social Security Administration had repaired and tested 42 million lines of software code for Y2K computer bugs, the agency paid an outside company to double-check its work.
The result? The agency widely praised as the federal government's vanguard in the battle against the Year 2000 technology problem found nearly 2,000 errors it had missed before.
Even now, just days before the new year, programmers around the world are scouring computer code previously certified as Y2K-ready and finding plenty of problems.
''Even when you think you're done, you're never done,'' said John Koskinen, President Clinton's top Y2K expert. He predicted overlooked computer bugs ''will create nuisance issues but in some cases they could be important.''
The late scramble to scrutinize again software blueprints believed to have been already repaired has given rise to a cottage industry worth hundreds of millions of dollars that so far has scoured billions of lines of arcane computer code for missed errors.
''We always find problems,'' said Doug Black of Data Integrity Inc., one such vendor in Waltham, Mass. The company convinces its customers by asking to scan the cleanest software they've already certified for 2000, then pointing out problems they missed.
''The truth is, most organizations find they have more bugs than they thought,'' Black said. Customers include the Air Force, Barnes and Noble Inc. and United Healthcare; all found Y2K bugs that had been missed during earlier reviews, Black said.
Another vendor, CCD Online Systems Inc., did work at the Social Security Administration and the Department of Health and Human Services. Its president, Jim McGovern, has complained about ''an unacceptable number of errors'' in software already fixed for Y2K.
The federal government urged all its agencies to get independent verification ''to provide a double-check that their own test results are sound,'' according to the Office of Management and Budget.
Most of the Social Security errors caught in the second check were minor, said Dean Mesterharm, the agency's deputy commissioner of systems. ''There were probably about four that would have had some kind of effect, a day or so of disruption.''
In a publicity stunt that extended until this week, McGovern's company challenged some of the nation's biggest organizations to let it scan their repaired software free. If it found fewer than 50 errors for every million lines of computer code, it offered to donate $50,000 to local schools for computer education. No one accepted.
Despite its success discovering these overlooked mistakes, the industry has managed to attract interest mostly from the world's largest companies and governments in fact, those that generally did the best work during earlier software reviews.
''Companies that came to the process relatively late, maybe did some minimal amount of testing, are just crossing their fingers,'' said Harris Miller, president of the Information Technology Association of America.
Many organizations don't want to acknowledge there may be Y2K problems lurking in programs already repaired by vendors, which universally refused to sign contracts that might leave them liable for missed errors.
''People who need it most are the ones who did the poorest job,'' said Andy Kyte, a research director in London for the Gartner Group, an analyst firm.
Companies that have gone back over already-fixed software ''concluded there are a lot more errors in the code, a lot more problems than they had imagined,'' agreed Rich Evans of the Meta Group Inc., another analyst firm. ''There really is a false sense of security.''
Experts said early efforts focused on checking dates typically identified with a heading ''mm-dd-yy'' or ''date'' buried within computer code. But prankster programmers sometimes used unusual nomenclature that can make these date variables nearly impossible to find.
Data Integrity said it found a date field called ''Shirley'' when it reviewed software at a major bank in the Northeast, which it declined to identify. The programmer responsible, it turned out, was dating a woman named Shirley when he wrote the software.
Air Force experts compete in a ''variable of the week'' contest to find the most obscure title for a date field.
''The name of a girlfriend or footballers or ice hockey players or the names of movie stars is unfortunately all too common as programmers express their creative free will,'' said Kyte, the Gartner analyst.
-- Sysman (email@example.com), December 31, 1999
Who would of thought?
-- Hokie (Hokie_@hotmail.com), December 31, 1999.