Risk Factor iconRisk Factor

Small Typo, Big Problems in Carver County, Minnesota

accounting.gif You may have seen the small typo problem in Georgia where Joe Martins recently closed his account at Wachovia Bank, paid off an outstanding check, and then got a letter about the account closure and his final balance -- a minus $211,010,028,257,303.00. Wachovia apologized to Martins, and promptly blamed the letter and the erroneous amount on a word processing error - the number supposedly owed actually matched the gentleman's bank account number.

A similar computer typo problem, but with real side-effects happened last week in Carver County, Minnesota. Eric Mattson received a real estate assessment notice stating that his 4,400 square foot vacant lot was being assessed at a market value of $189,000,000 (or $42,955 per square foot) and would he please fork over the $2.5 million in property tax he owed. Since is about 10 times the value of prime property in London, which is the most expensive property in the world ($4,585 per square foot), Mattson had a good laugh and called the assessor's office about the obvious error.

The assessor's office wasn't laughing. It was indeed an error, but the County had already budgeted and spent the money.

According to the story in the Minnesota Star Tribune, there was change in the property's status which required a change in its tax status. In August, a "clerk filled in the $18,900 proposed valuation, but then mistakenly hit the key to exit the program. The computer added four zeros to fill out the nine numerical spaces required by the software, thus indicating the value was $189,000,000."

Several officials questioned the windfall, but the tax office assured everyone that it was true; that is, until Mattson complained.

Now the County is trying to figure out how to make up for the shortfall, like cutting back on services to raising taxes. The issue will be debated at a meeting on Tuesday.

The tax folks say they have instituted new procedures to ensure this problem never happens again. Of course.

Oh Where Oh Where is SBInet?


The status of Boeing's Secure Border Initiative (SBI) Project 28 seems to be in limbo. System verification testing of the "virtual fence" was completed at the end of last month, and the US Customs and Border Protection (CBP) agency was expected to quickly make a decision as to accept or reject the project.

In September, Department of Homeland Security (DHS) Secretary Michael Chertoff said successful acceptance testing of the trouble plagued project was critical because he didn't want to get stuck with a lemon.

The Chairman of the House Homeland Security Committee Bernie Thompson fired a warning shot across Chertoff's bow in a letter he released this week, holding him to his "no lemon" pledge:

"If, as it now appears, the technological problems encountered are such that Project 28 has become more of a technology "test bed" than a new operational tool for the Border Patrol, the Department needs to address this directly. Frankly, I am as disturbed about this apparent lack of candor and the attempt to "spin" Project 28's troubles as I am by the technical difficulties you have encountered with the initiative. Technological problems can be fixed. Credibility, once lost, is unlikely ever to be regained."

"To be clear, I strongly support the use of technology to secure our border. I do not, however, support accepting a deliverable that does not provide the Border Patrol with the promised improvements in operational capability. Again, I urge you to defer accepting Project 28 until you can provide this Committee and the American people with an assurance that it does so."

Of course, if SBInet has to be canceled, then CBP can always turn to the Arizona-based Techno Patriots who are putting up their own home-grown version of SBInet.

Smart Cars: Coming to a Showroom Near You

The New York Times this week had an article on smart cars and how one will "soon" be in a showroom near you. It quotes Dr. Sebastian Thrun, a computer scientist who heads up Stanford's Artificial Intelligence Lab, as saying, "Within five years, itâ''s totally feasible to build an autonomous car that will work reliably in several limited domains."

Furthermore, the article says, "In 20 years, Dr. Thrun figures half of new cars sold will offer drivers the option of turning over these chores to a computer, but he acknowledges thatâ''s just an educated guess. While he doesnâ''t doubt cars will be able to drive themselves, heâ''s not sure how many humans will let them."

It will be interesting to see what happens when the first smart car crashes into one driven by a plain old human driver and results in a severe injury or death. Will the smart car's software be blamed? Will the argument be that the human driver has to be at fault since the smart car is assumed to be more carefully driven? And will the case be argued by "smart lawyers," a term that seems somehow oxymoronic to me?

UK Gov Admits to More Serious Data Breaches

CD_Object.gif HM Revenue and Customs (HMRC) has finally officially admitted to six (as of now) significant data breaches in the last two years on top of the most recent one that saw the personal details of 25 million citizens go missing, the London Guardian reports.

The acting chairman of HMRC David Hartnett acknowledged that the numerous breaches "may well" indicate a systemic operational failure.

I wonder how many data breaches it would take over a two year period to indicate that it truly does mean a systemic failure exists? Especially after Hartnett explained that after a major data breach in 2006 - that no one in HMRC bothered to tell the public about - more stringent rules were introduced that obviously failed. The HMRC seems to me to have set a pretty high risk threshold.

Another interesting snippet is that the London Telegraph is reporting that the lost HMRC data discs contain the real and new names of hundreds of people in police witness protection programs. A senior police source told the Telegraph that, "This is disastrous. People's lives could be in danger. It makes a mockery of the witness protection programme."

One more bit of information to ponder is that ComputerWeekly says that insurance broker Jardine Lloyd Thompson estimates that the cost of a similar data breach (as the latest one by the HMRC) to a public company would be around £4 billion. No wonder the UK government is trying to pawn off the costs to the banks.

Microsoft's Potty Mouth Santa Fired


As first reported yesterday in the Register and then picked up today by ComputerWorld, Microsoft has had to pull the plug on its on-line "artificial-intelligence Santa bot" that was meant to talk to children about what they wanted for Christmas. Seems that the bot, as ComputerWorld put it, "wandered off topic" when certain words - like pizza - were used.

According to ComputerWorld, "Microsoft recently added the artificial Santa as a bot that Windows Live Messenger users could insert into their IM buddy list as northpole@live.com."

You can read about the bot in a Microsoft press release I found from last year titled: For a Jolly Good Time, Chat With Santa on Windows Live Messenger. A line in it is: "Filling Santa in on Christmas wishes and asking all about how the reindeer are doing or whatâ''s new at the North Pole are a few of the things kids can talk to Santa about. Santa can even tell kids where they stand on his list: naughty or nice."

I guess the press release forgot to mention that Santa would be informing the kids about whether he was naughty or nice this year.

Microsoft said in a statement posted on the Register site: "Yesterday we received reports that the automated Santa Claus agent in Windows Live Messenger used inappropriate language. As soon as we were alerted, we took steps to mitigate the issue, including the removal of language from the agentâ''s automated script."

"We were not completely satisfied with the result of these actions, and have decided to discontinue the automated Santa Claus agent. We apologise for any offence or upset caused by this disturbing incident."

I guess Microsoft tested this year's Santa bot using the same strategy it does on most of its products - let the users find the bugs.

Japanese Fighting Robots

The London Guardian has a short video of two-legged robots battling out for the Robo-One grand championship at Tokyo's convention center. I particularly liked Mr. Balloon-head.

Needed: Tech Smart Political Candidates


As I mentioned the other day, too many politicians pass legislation without understanding the full IT ramifications involved. In the Washington Post on Sunday, blogger-reporter (or is it reporter-blogger) Garrett M. Graff travels a bit further in his essay entitled Prehistoric Pols Don't Know Their Yahoo From Their YouTube.

Graff hopped on Sen. John McCain for saying at last Wednesday's CNN/YouTube debate that he "wouldn't need to lean on his vice president, George W. Bush-style, for national security expertise, but might 'rely on a vice president' for help on less important issues such as 'information technology, which is the future of this nation's economy.' "

"Hold it," Graff says. "Would we allow a serious presidential candidate to admit to knowing so little about any other key subject?"

You can see McCain's full response in Question 25.

Graff points out that all the presidential candidates except possibly Sen. Barack Obama don't know or give much more than lip service to the importance of IT to the nation's economy.

My friend Allan Holmes over at Government Executive magazine amplifies on Graff's point a bit more:

"The problem, as Graff points out, is the odd allowance we as a nation give presidential candidates to admit that they know so little about an industry that is vitally important to the national economy â'' and for that matter, to national security. Such admissions happen with surprising regularly. Weâ''ve written about Defense Secretary Robert Gates â'' who oversees the worldâ''s largest military complex, which has pursued network-centric warfare as its primary strategic objective â'' that he is 'a very low-tech person.' President Bush also has made statements about his ignorance of IT, as my colleague Tom Shoop pointed out in his FedBlog this past summer."

Allan might have noted that Gates doesn't do e-mail, nor did his predecessor Donald Rumsfeld, nor does Homeland Security Secretary Michael Chertoff. Chertoff also doesn't like e-mail because, â''When you write an e-mail, you have to be mindful of the fact that nothing ever disappears. It can be deleted, but it is still in the system somewhere.â'' It's ironic that he is worried about his privacy, but that is another story.

You can be sure that many others in senior government management positions, not only in federal service but also state and local government feel very uncomfortable with IT just like Gates, Rumsfeld and Chertoff, even as they are also supposed to be developing strategies that are critically dependent upon IT's use.

Graff says, "As the United States advances into the information age, it can't afford to have its leaders' base of knowledge be rooted in the industrial era, lest their intellectual capacities come to resemble such relics as the decaying steel mills of Pittsburgh."

I heartily agree.

FDA: Science and IT Risks Place Nation at Risk


The Food and Drug Administration (FDA) Science Board's Subcommittee on Science and Technology released a very worrying report late last week on the current state of science and technology at the FDA:

"The Subcommittee concluded that science at the FDA is in a precarious position: the Agency suffers from serious scientific deficiencies and is not positioned to meet current or emerging regulatory responsibilities."

According to the FDA, it is responsible for protecting the public health by assuring the safety, efficacy, and security of human and veterinary drugs, biological products, medical devices, the nationâ''s food supply, cosmetics, and products that emit radiation. The FDA is also responsible for advancing the public health by helping to speed innovations that make medicines and foods more effective, safer, and more affordable; and helping the public get the accurate, science-based information they need to use medicines and foods to improve their health.

As the Subcommittee points out in its report,"The nation is at risk if FDA science is at risk."

In addition to the scientific deficiencies, another one of the critical findings of the Subcommittee's report is that, "The FDA cannot fulfill its mission because its information technology (IT) infrastructure is inadequate."

The report notes:

The Subcommittee was extremely disturbed at the state of the FDA IT infrastructure. While some good progress is being made to improve information sciences and technology, the Subcommittee found that the FDA lacks the IT infrastructure necessary to meet its mandate. It also found that the FDA has insufficient access to data and cannot effectively regulate products based on new science due to lack of a supportive IT infrastructure. The Subcommittee noted that the FDA IT infrastructure is obsolete, unstable and lacks controls to execute effective disaster recovery protocols that ensure continuity of operations when systems are compromised. Finally, the IT workforce is insufficient."

The report notes that FDA IT systems fail frequently, and even email systems are unstable. The report goes on: "More importantly, reports of product dangers are not rapidly compared and analyzed, inspectorsâ'' reports are still hand written and slow to work their way through the compliance system, and the system for managing imported products cannot communicate with Customs and other government systems (and often miss significant product arrivals because the system cannot even distinguish, for example, between road salt and table salt)."

I urge you to read the report; it makes for some very sad as well as scary reading.

What's par for the course these days in Washington, but is still depressing nevertheless is that the Subcommittee blames Congress for insufficiently funding the FDA while asking it to do more, while Congress says the FDA hasn't been asking for more money because the current Administration wants less government regulation of business and more "market-based regulation."

The truth is a bit of both, which means a standoff and so science and technology at the FDA languish. Even where there is agreement between Congress and the Administration over the necessity some of the FDA's missions, the FDA is no longer able perform these well if at all.

A sorry state of affairs, indeed.

I guess we'll all just have to be a little more cautious when we eat, or take medicines, or use medical devices, or apply cosmetics, or are near products that emit radiation.

Fixing the AMT: Politicians As Software Architects

I love politicians who think they are software architects or system engineers. I wince whenever they pass some ill-conceived legislation, the success of which critically depends on information systems & technology (IS&T) without ever bothering to consider the technological and management risks involved. Like Captain Jean-Luc Picard, they just order, "Make it so."

This time Congress has screwed around and not passed legislation that has another signficiant IS&T component, namely the promised fix to the alternative minimum tax (AMT). The AMT was passed in 1969 as a way to make 155 very wealthy families (of the time) pay some taxes (they were able to avoid doing so by claiming lots of state and federal deductions).

Over time, the AMT has grown (it isn't inflation adjusted) to hit more and more taxpayers - 4 million in 2006. If changes aren't made, it will likely hit 25 million taxpayers this year, most who aren't aware that they will owe lots more money (about $2,000 on average), and possibly penalties for underpaying their taxes.

Congress is supposed to legislate a fix, but squabbling between Congress and the White House has delayed progress. Any legislative change, of course, may require changes to millions of lines of software in IRS computer systems since the AMT affects so many different tax computations. Reprogramming the IRS computer systems to deal with new AMT legislation requires 12 weeks from the time the bill is signed into law; the IRS also needs three weeks to print new tax forms.

The IRS is warning that if Congress waits too much longer, it may have no choice but to delay not only the tax filing season start date of 14 January 2008 to mid-February, but also refund checks for another 25 million taxpayers to the tune of some $87 billion.

I also suspect that, on top of all the confusion that will ensue, those IRS computer systems won't be able to be fully system tested given the schedule pressure, so some AMT-related problems likely won't surface until well into next year. And even though the various makers of home tax preparation software claim the delay is no big deal, I bet it will be if things drag on much longer. The risk of both deliberate and unintended tax noncompliance will soar.

Congress has been warned about this problem for over a year, but I guess it had better things to do.


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Willie D. Jones
Load More