True tech confession No. 7: Hex marks the spotThere are three essential rules of programming. Rule one: Code carefully. Rule two: Test thoroughly. When those two aren't enough, be sure to follow rule three: Cover your assets.
William Warren (not his real name) was working as a software engineer at a major telecom company in the mid-'90s when he was asked to create an application that allowed clerks to enter Social Security numbers into a database. Part of the app's job was to clean up user input to make sure no non-numeric characters (like dashes) were stored in the numbers field.
When the company's regression testers got hold of Warren's code they printed out some records from the test database and discovered that the SSN fields were printing out with letters in them instead of just numbers. They asked Warren about it.
"It was an all-Blue shop at the time, and IBM had a dozen format specifiers for numbers," he says. "The argument to the database access function I chose was off by one letter, which caused the numbers to be stored to disk in hexadecimal format. It wasn't a big mistake -- programs that retrieved the number would identify it as hex and convert it -- but I did screw up."
But that's not what he told them. Thinking on his feet, Warren explained that this was in fact a security feature. In order to comply with federal regulations regarding the confidentiality of Social Security numbers, he explained, they had to be stored in non-human-readable form. That's why he chose hex. When he created the documentation for the app, he added that lie to it as well.
Not only did the company swallow Warren's explanation without even blinking, they gave him a $4,000 bonus for "finding an innovative solution that met the law without any new investment," he says. "I've never bothered to find out if there actually is such a law. Now when I look out my kitchen window and see my swimming pool I think, 'Well, there's my security feature.'"
- Read the Off the Record blog for stories from IT pros -- and share your own tech tale
- Dirty IT jobs: Grime and punishment
- Stupid user tricks 6: IT idiocy loves company
- Stupid tech support tricks: IT calls of shame
- Stupid hacker tricks: Exploits gone bad
- Jackass IT: Stunts, idiocy, and hero hacks
- IT personality types: 8 profiles in geekdom
- 2011 geek IQ test
- "Hello, world": Programming languages quiz
- Programming IQ test: Round 2
- Linux admin IQ test
This story, "True tech confessions II: sinners and winners" was originally published by InfoWorld.