Risk Factor iconRisk Factor

The Software Issues Behind Heathrow's T5 Meltdown


It now appears that the baggage problems at London Heathrowâ''s Terminal 5 were caused in part to a bit of test software that wasnâ''t removed properly.

According to a story in ComputerWeekly, British Airways (BA) Chief Executive Willie Walsh claims that "the main IT problem with the baggage system was a software filter that was mistakenly left in place after the system - designed by BAA (the airport operator) - went live. Walsh said the filter was used during the testing period to ensure the messages generated were restricted to the BAA operation, and were not sent out further than that. But because it remained in place after the terminal opened, it interfered with the messages coming into the system, meaning the system could not recognise a number of bags.â''

â''One other IT problem at the terminal concerned server capacity. Walsh said the servers had not been able to cope with the â''significant increasesâ'' in the volume of bags going through. The amount of messages the servers were coping with was significantly more than the amount run on them during modelling, and more server capacity is still required.â''

Willie Walsh also admitted in testimony reported in the London Guardian before the Commons Transport Committee that he had considered delaying the move to Terminal 5 right up until a few weeks before the opening because he knew things were very dicey, but decided to go ahead anyway.

In fact, Walsh said that he knew as far back as last September that â''the building programme was not 100 percent completeâ'' and would likely not be by the opening on 27 March.

But, given the costs of delaying for six months (the minimum time Walsh said was required), he decided to take a â''calculated riskâ'' to open anyway.

As a London Telegraph story put it, â''The upshot was that a planned six-month testing period to familiarise 15,800 BA staff with the new terminal and iron out glitches in baggage and other systems, could not be completed as intended.â''

Only 80% of the BA staff actually had the required training.

â''â''My regret is we did compromise on our testing programme. But we did this with our eyes open. It was a calculated risk,â'' Walsh said.â''

Walsh also said, â''If we did it again, we would do things differently.â''

Well, he will get another chance soon when BA plans to complete its move to Terminal 5 later this year.

Walsh also tried to play the same "forgive me for my relative bad behavior" game my children play with me. Walsh referred to other baggage system problems at Denver, Hong Kong and Barcelona as excuses for why BA's problems should not be seen in a bad light. Of course, he didnâ''t mentioned that other airports, like Singapore's and Beijingâ''s were able to open their new terminals without problems.

Finally, there are now rumors that BA is looking to replace Walsh, especially now that the Terminal 5 fiasco has caused tens of thousands of passengers to avoid flying BA. Better late than never.

Fun With Windows


There is a story in ComputerWorld that according to posts to a Microsoft support forum Windows XP Service Pack 3 has been sending some PCs into an endless series of reboots. According to the story, the problem has been tentatively identified as being a problem involving only machines using processors from Advanced Micro Devices Inc.

As the story notes, "This isn't the first endless reboot problem Microsoft's faced in relation to a service pack recently. In February, the company pulled a Windows Vista SP1 prerequisite update from automatic delivery because it was crippling some machines."

I haven't had the reboot problem. Instead, I have had to try multiple times on my Intel-based machines to get SP3 loaded properly. One machine took three attempts, another five, and the third is at seven and still counting. I won't bore you with the details, but needless to say, it has been a barrel of fun trying to determine where the conflicts reside.

My admiration for Microsoft just continues to grows whenever I have to update its software - it really does.

Your Face as Password

I get bombarded with press releases, most of which don't interest me much, but I did receive an interesting one concerning new PC log on software from XID Technologies. According to the release, â''Face LogOn Xpress uses a simple web camera to ensure the identity of the user by providing biometric verification in an automatic, continuous process, based on XIDâ''s award winning face recognition technology. The new software uses XIDâ''s Face Recognition artificial intelligence technology and learns each time a user enrolls his or her face, enabling Face LogOn Xpress to develop high accuracy in varied conditions.â''

â''Targeted to computer users seeking to control access to their machines by verifying identity while logging on in a simple and convenient way, Face LogOn Xpress can be customized to allow users to control the applicationâ''s sensitivity levels. This control ensures accurate face recognition to address different lighting conditions. Additionally, Face LogOn Xpress compensates for extreme conditions such as complete darkness by allowing users to access the PC through the use of a default password instead of the camera.â''

There is a video of its use here, and there is a free 30-day trial of the software available.

I like the idea of having my face be my password. I donâ''t think too many people look like me (although I have been told I have a passing semblance to Richard Dreyfuss) and I generally remember what I look like each day. My only concern is that I look a lot different after a couple cups of coffee in the morning.

Don't Do Software Updates in Prime Time


Foxtel, a cable company in Australia made its customers very unhappy last week when it decided to send a software update to its cable boxes during prime time. Viewers claim they lost cable from 15 minutes to a half-hour, while Foxtel claimed that the outage only lasted five to eight minutes.

â''Due to a system issue last night subscribers' service was temporarily affected by a software update," a Foxtel spokeswoman said.

â''This meant subscribers may have needed to come out of standby mode on their set-top unit once the update finished to restore service. We apologise for any inconvenience.â''

Of course, I suppose that every Foxtel subscriber should be able to recognize instantly that their cable went out due to a software update, and once the update was complete, that they needed to get their cable box out of standby mode to get their television back.

It would have been obvious to me.

Yeah, right.

Or should I say crikey?

HM Revenue and Customs Taxpayer Snooping


Last December, I wrote about the 219 Internal Revenue Service (IRS) employees disciplined for snooping into taxpayer records last year.

This week, the UK's HM Revenue and Customs (HMRC) which suffered a major data breach last year, announced this week that it had disciplined 600 of its staff over the past three years for inappropriately accessing customer records. There were 238 people disciplined in 2005, 180 in 2006, and 192 in 2007.

I guess the temptation to peek is just too great for many people in these organizations.

More Airbus 380 Troubles?


Airbus is preparing its customers about a further delay to the Airbus 380 the London Times reports. The Times reports that Airbus is still having trouble with fitting the aircraft with the 311 miles of cabling it requires. For the last two years, Airbus has been rewiring 26 A380s that had cables installed incorrectly.

Boeing, which has seen its share of troubles lately on its 787 Dreamliner, announced this week that it should be able to hold to its revised April schedule.

The only possible monkey wrench is that Boeing's two largest unions, the International Association of Machinists' Seattle-based District 751 and the Society of Professional Engineering Employees in Aerospace are threatening to strike in September and December respectively. According to one report, the unions see that they have leverage over Boeing given the 787 delays, as well as the major future revenue the 787 promises.

Should be an interesting autumn for both Airbus and Boeing.

Virginia Pilots Web Safety Courses for Kids


The Washington Post ran a story over the weekend about Virginia's pilot program to teach students about safe Internet practices. Beginning this September, students in all grades will be taught about Internet safety. Virginia's program is the first in the nation that is mandated by law.

While I was aware of the program when it got signed into law in 2006, I kind of lost track of its status until the Post article. With two young children in Virginia public schools this fall, I will be interested in what they are taught and how much it sinks in. My older child has an occasional computer class, but she hasn't said anything about the program to me. Nor do I recall seeing any announcements from her school. When I quizzed her about whether her teachers had taught her about safe Internet practices, she didn't seem aware of any instruction being given in relation to the program itself.

This has made me curious about how effective the program will be, since the according to the Post story, "The state initiative calls for including parents. One chapter in a state resource book covers 'What Parents, Grandparents, and Caregivers Need to Know.' " The story does say that in some jurisdictions, there has been a move to get parents involved - I just don't know how widespread it is. It hasn't reached me yet.

I'll let you all know what transpires when the Fall school session starts. I think it is a good idea - the ultimate value, however, will be in its implementation.

Practice Safe Computing - Or Else

There is a report in the London Times that says UK banks are likely to start getting tough on customers who fall for phishing attacks. New rules to the Banking Code (these cover how banks must treat their customers) that came into effect last month state that â''victims of online fraud must have up-to-date antivirus and antispyware software installed, plus a personal firewall, to claim redress from their banks,â'' the Times story says.

If a person fails to have the required safeguards in place, the banks can refuse any claim for a refund.

The onus is on the individual to prove that they have these safeguards in place at the time of the hack. I see a small boon to an enterprising company that develops a software program to keep a log of the total state of the security profile of a person's computer. The company could even suggest, for a small additional fee, to keep the log on its central system to prove to the banks that the profile wasn't tampered with in any way.

There is a problem, of course, in that a person's personal information may have been hacked months before it was used in an attack, but that is another story.

At least one of my banks has a similar "redress" policy. This bank makes it very clear every time you sign on that protection of the information that allows access to my accounts through its website is my responsibility, and that the bank will not be liable in any way if that information is used by an unauthorized third party due to my negligence.

How I can prove that some future unauthorized access wasnâ''t due to my negligence is not spelled out in any way (What, do I have to get the hackers to tell the bank where and how they got my information?), so I have started to stay away accessing my bank account information through this bankâ''s website. I suspect some bank customers in the UK faced with a similar dilemma may decide to do the same.

UK banks, like those in the US, want their customers to do more on-line banking to reduce their personnel and other overhead costs - I am going to be interested in seeing what happens if the banks start refusing to pay refund claims from hacked (off) customers.

Heathrow Terminal 5 Better But Still Has Problems


Last week, it was reported that London Heathrow's Terminal 5 problems have greatly abated, but they haven't gone away, and may flare up again. British Airways (BA) Chief Executive Willie Walsh admitted at a conference at London's Institute of Directors that the baggage system was still not working properly.

BA ended the first quarter of 2008 with the most lost bags of any European airline (270,106 bags). BA lost 28.9 bags per 1,000 passengers, up from 22.4 bags per 1,000 passengers in the last quarter of 2007. The odds given for losing a bag on BA was said to be 1 in 34.

Walsh blamed the problems on Terminal 5's disastrous opening and the crash of its Boeing 777 at Heathrow in January. He also said another reason was because BA took baggage handlers from its other Heathrow Terminals (1, 3 and 4) over to Terminal 5 to train on the new baggage system there: "Staffing levels were lower than usual in Terminals 1, 3 and 4 because we were running test and training operations in Terminal 5."

In that case, the total number of lost bags attributed to Terminal 5 should be both the ones lost both during the chaotic opening, and those lost due to staff training. It's also too bad Walsh didn't tell all BA passengers that their bags were at higher risk of being lost during that training period, which started the previous September.

The problems of lost baggage has gotten so acute not only for BA but for other European airlines as well that the Association of European Airlines announced that it would be providing lost baggage statistics only on a half-yearly basis, not quarterly as it has always done before. It claims that this isn't to hide embarrassing bad news, but that people (i.e., the press) were giving too much significance to the numbers.


Livermore Lightbulb is 107


It isn't an IT story, but I came across this article in the LA Times today about a light bulb in a Livermore, California firehouse station that is still working after 107 years. According to the story the light bulb has been on for almost 1 million hours, and the firemen dare not turn it off because they are afraid it won't come back on.

You can see the light bulb for yourself at www.centennialbulb.org.

I do wonder, though, how many software programs will still be running after a hundred years. Maybe some of the COBOL programs at the Social Security Administration?


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Willie D. Jones
Load More