True tech confessions II: sinners and winners

Recursive deletes, deep-sixing servers, bugs that become rewarding features -- let he who is without IT sin cast the first bits

By , InfoWorld |  IT Management, data center, IT management

When the company's regression testers got hold of Warren's code they printed out some records from the test database and discovered that the SSN fields were printing out with letters in them instead of just numbers. They asked Warren about it.

"It was an all-Blue shop at the time, and IBM had a dozen format specifiers for numbers," he says. "The argument to the database access function I chose was off by one letter, which caused the numbers to be stored to disk in hexadecimal format. It wasn't a big mistake --  programs that retrieved the number would identify it as hex and convert it -- but I did screw up."

But that's not what he told them. Thinking on his feet, Warren explained that this was in fact a security feature. In order to comply with federal regulations regarding the confidentiality of Social Security numbers, he explained, they had to be stored in non-human-readable form. That's why he chose hex. When he created the documentation for the app, he added that lie to it as well.

Not only did the company swallow Warren's explanation without even blinking, they gave him a $4,000 bonus for "finding an innovative solution that met the law without any new investment," he says. "I've never bothered to find out if there actually is such a law. Now when I look out my kitchen window and see my swimming pool I think, 'Well, there's my security feature.'"

Related articles


Originally published on InfoWorld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness