True tech confessions II: Sinners and winners

Recursive deletes, deep-sixing servers, bugs that become rewarding features -- let he who is without IT sin cast the first bits

1 2 Page 2
Page 2 of 2

William Warren (not his real name) was working as a software engineer at a major telecom company in the mid-'90s when he was asked to create an application that allowed clerks to enter Social Security numbers into a database. Part of the app's job was to clean up user input to make sure no non-numeric characters (like dashes) were stored in the numbers field.

When the company's regression testers got hold of Warren's code they printed out some records from the test database and discovered that the SSN fields were printing out with letters in them instead of just numbers. They asked Warren about it.

"It was an all-Blue shop at the time, and IBM had a dozen format specifiers for numbers," he says. "The argument to the database access function I chose was off by one letter, which caused the numbers to be stored to disk in hexadecimal format. It wasn't a big mistake --  programs that retrieved the number would identify it as hex and convert it -- but I did screw up."

But that's not what he told them. Thinking on his feet, Warren explained that this was in fact a security feature. In order to comply with federal regulations regarding the confidentiality of Social Security numbers, he explained, they had to be stored in non-human-readable form. That's why he chose hex. When he created the documentation for the app, he added that lie to it as well.

Not only did the company swallow Warren's explanation without even blinking, they gave him a $4,000 bonus for "finding an innovative solution that met the law without any new investment," he says. "I've never bothered to find out if there actually is such a law. Now when I look out my kitchen window and see my swimming pool I think, 'Well, there's my security feature.'"

Related articles

This story, "True tech confessions II: Sinners and winners," was originally published at For the latest business technology news, follow on Twitter.

Copyright © 2012 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
How to choose a low-code development platform