• Lily Sloan (unregistered)

    Money? In the 24th century? WTF.

  • Sheldon Cooper (unregistered)

    rist

  • da Doctah (cs)
    In the long run, his simple heuristic would almost certainly fail to categorize transactinos correctly, but Adam wasn’t concerned with the “long run”.
    Transactinos.

    I like it.

    An uncharged, massless particle, almost impossible to detect.

  • Habib (unregistered)

    The problems will increase after offshoring! We will make sure of it! The rich infidels will pay!

  • Mariachi (unregistered)

    Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.

  • Don (unregistered) in reply to Mariachi
    Mariachi:
    Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.
    This all day long... easiest, most meaningful solution.
  • Who (unregistered) in reply to da Doctah
    Doctah:
    Transactinos.

    An uncharged, massless particle, almost impossible to detect.

    ...and all traces of its existence vanish if it causes an inconsistency with the rest of the universe. Kind of like some theories about the grandfather paradox.

  • Steve (unregistered) in reply to Mariachi

    Hello, bank? Those cards weren't really stolen, the reports were fraudulent. Yes, that's right, it was Adam. Such a shame, he was a subordinate of mine before he turned to evil.

  • Miriam (unregistered)

    Does this artcle contain more typos or more bad Star Trek puns? I lost count on both.

  • Lawrence (cs)
    That’s impossible.
    Yeah, right.
    There should never be any repeats in the suffix.
    Hmmm. And maybe there are more than 10000 cards in circulation, too.
  • np (unregistered) in reply to Don
    Don:
    Mariachi:
    Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.
    This all day long... easiest, most meaningful solution.

    Glad to know that more than 1 person thought of a non-software method of solving this problem. Especially since the bank said it was "impossible" that the company have multiple cards with the same suffix. Least frequently used duplicate-suffix card is "stolen/lost" until there are no duplicate-suffix cards.

    And make that 4-digit suffix the primary key for the pcard table so that new duplicate cards can't even get entered.

    Bug fixed.

  • Jibble (unregistered) in reply to Don

    [quote user="Don"][quote user="Mariachi"]Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.[/quote This all day long... easiest, most meaningful solution.[/quote]

    That was my first thought, too.

    Except it was more along the lines of "keep ordering new/secondary cards for the all the affected PHBs until they get one with a unique number".

  • beginner_ (cs)

    The real WTF is obviously Adam. If you can't explain this to your boss why it doesn't work your either dumb or should quit.

  • CigarDoug (unregistered) in reply to Mariachi
    Mariachi:
    Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.
    Beat me to it. So why is it, that casual readers of a web site can see a solution to the problem, and the people paid to solve the problem can't?

    I would also think there is a contract violation with the bank, if they insist the suffixes do NOT repeat. So, what do companies with more than 10,000 cards issued do?

  • lurker (unregistered) in reply to da Doctah
    da Doctah:
    In the long run, his simple heuristic would almost certainly fail to categorize transactinos correctly, but Adam wasn’t concerned with the “long run”.
    Transactinos.

    I like it.

    An uncharged, massless particle, almost impossible to detect.

    Just be careful they don't start mutating

  • Dan (unregistered)

    "If one and only one card had previous transactions with this vendor, assign the transaction to that card."

    How do you do this if you dont know what card did what?

  • ¯\(°_o)/¯ I DUNNO LOL (unregistered)

    I once worked at a place that had a custom message format for an embedded system. It used 0xFF to mark the start of fields in IPC messages, so 0xFF was not allowed in field data, because then you couldn't find the next field. (The protocol normally passed numbers as BCD.)

    They also had a PoS system, with multiple DOS-based terminals (this was back in the '90s) connected via Ethernet. There was a message defined to announce the Ethernet address of the PoS system computers, and the last field in the message was the MAC address.

    Except MAC addresses are binary, and may contain an 0xFF. But this was always the last field, always a specific message type, always a specific field ID, and only passed between the PCs, not the embedded system. They could have made it a special case.

    Nope. What they did was every time they got a new Ethernet card, they checked its MAC address. If it contained an 0xFF, they threw it in the trash. I left before Ethernet ports started becoming standard on PC motherboards.

  • ratchet freak (cs) in reply to CigarDoug

    birthday paradox says you only need 118 to have a more than 50% chance to get a dupe

  • Matt Westwood (cs)

    TRWTF is storing all this dangerously sensitive and confidential data in plaintext in a database file, yeah?

  • ¯\(°_o)/¯ I DUNNO LOL (unregistered) in reply to CigarDoug
    CigarDoug:
    I would also think there is a contract violation with the bank, if they insist the suffixes do NOT repeat. So, what do companies with more than 10,000 cards issued do?
    The last digit is a check digit, based on the other 15 digits. You have to mess with the other 12 (and four of those are usually fixed) to get all 10,000 combinations. They are not guaranteed to be sequential.

    Also, if you just start dumping and re-issuing numbers to find one that isn't used, instead of intentionally constructing a number, it's going to get harder and harder as you start to fill up your 10,000 number space.

  • ¯\(°_o)/¯ I DUNNO LOL (unregistered) in reply to ¯\(°_o)/¯ I DUNNO LOL
    ¯\(°_o)/¯ I DUNNO LOL:
    Except MAC addresses are binary, and may contain an 0xFF. But this was always the last field, always a specific message type, always a specific field ID, and only passed between the PCs, not the embedded system. They could have made it a special case.
    FWIW, they could have also passed it as hex ASCII, but they still decided that throwing away $40 Ethernet cards was the right solution.
  • jarfil (cs)

    "Fix the bug!", they told me. So I grabbed a gun, and went to see the bank manager.

  • MP (unregistered) in reply to ratchet freak
    ratchet freak:
    birthday paradox says you only need 118 to have a more than 50% chance to get a dupe

    If my math is correct, you should be able to do it with only 101:

    ((101 * 100) / 2) / 10000 = 0.505

    Incidentally, with 118, I got this;

    ((118 * 117) / 2) / 10000 ~= 0.69

    Now wondering whether this was a very clever and subtle 69 joke...

  • skotl (cs)

    Hey! I love this new commenting platform! Can we move the old Discourse comments over here?

  • faoileag (unregistered)

    Nice one, this wtf. Reminds me of a creditcard wtf I came across some 15 years back:

    I got a new creditcard, this time from bank X.

    Next day at work: "Got a fresh new card from bank X." "Oh, so did I, just this month!"

    Since we were working on an online payment module at the time, we decided to compare our card's numbers.

    Surprise: both cards were identical save the last two digits. Last digit is the check number and for the previous to last, I had a 3 and he had a 2 (he had received his card a day or two earlier than me).

    Those days online payments did not involve the suffix number and I was very tempted to see if .....4right_checknumber had been issued as well.

    But I didn't do it.

  • mister stick (unregistered) in reply to skotl
    skotl:
    Hey! I love this new commenting platform! Can we move the old Discourse comments over here?
    discourse:
    Unfortunately, your browser is too old to work on this Discourse forum. Please upgrade your browser.
    thedailywtf:
    ha-ha!
  • faoileag (unregistered) in reply to skotl
    skotl:
    Hey! I love this new commenting platform! Can we move the old Discourse comments over here?
    +1. Or, since you mention Discourse: <3
  • Miriam (unregistered) in reply to faoileag
    faoileag:
    skotl:
    Hey! I love this new commenting platform! Can we move the old Discourse comments over here?
    +1. Or, since you mention Discourse: <3
    You surely mean <span style="color:gray;">♥</span>?
  • Miriam (unregistered)

    They just ... changed the link to point to Discourse?!

    This is really turning into Worse Than Failure 2.0 ...

  • clydesdale (unregistered) in reply to Jibble

    [quote user="Jibble"][quote user="Don"][quote user="Mariachi"]Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.[/quote This all day long... easiest, most meaningful solution.[/quote]

    That was my first thought, too.

    Except it was more along the lines of "keep ordering new/secondary cards for the all the affected PHBs until they get one with a unique number". [/quote]

    Mine too. except it was more along the lines of "keep ordering new/secondary cards until you've got at least 10,000 of them and they are all duplicates. Solves nothing, but it's more fun.

  • balazs (cs) in reply to ¯\(°_o)/¯ I DUNNO LOL
    ¯\(°_o)/¯ I DUNNO LOL:
    I once worked at a place that had a custom message format for an embedded system. It used 0xFF to mark the start of fields in IPC messages, so 0xFF was not allowed in field data, because then you couldn't find the next field. (The protocol normally passed numbers as BCD.)

    Once I saw an application that were sending out large messages via MQ. It had been decided that those messages must be cut into multiple parts of 32000 characters. They also invented a brilliant solution to mark the last message with appending the character sequence "END" to it. It all worked "fine" until one of the records in one of these messages contained a partner company's name of "VENDING MACHINES Co." or "HAPPY-END Co." or something like that and also that message got cut right after the "END" sequence like "VEND" + "ING MACHINES". The rest of the story is up to your imagination. (Got fixed, nothing interesting)

  • Anonymous Will (unregistered) in reply to MP
    MP:
    ratchet freak:
    birthday paradox says you only need 118 to have a more than 50% chance to get a dupe

    If my math is correct, you should be able to do it with only 101:

    ((101 * 100) / 2) / 10000 = 0.505

    Incidentally, with 118, I got this;

    ((118 * 117) / 2) / 10000 ~= 0.69

    Now wondering whether this was a very clever and subtle 69 joke...

    This is not how the probability is calculated: given a collision probability p and a sample space d, the number n of samples that has a collision with probabibility p is approached by

    sqrt(2dln(1/(1-p)))

    For d = 10,000 (4 digits) and p = 0.5, that's ~= 117.74. So, you need 118 samples to have better than even odds.

  • Miriam (unregistered)

    Oh look, cross-software quoting, manually done!

    faoileag:
    FroshKiller :
    This is more like it. Clear, well written, with a sense of resolution.
    You mean the article, don't you?
    I don't think so. Surely he praised Paula Bean's brillant frist post!
  • faoileag (unregistered) in reply to Miriam
    Miriam:
    They just ... changed the link to point to Discourse?!

    This is really turning into Worse Than Failure 2.0 ...

    Yes, that came as a very nasty surprise as well. Luckily, the two systems seems to exist happily right next to each other, so we can spread the word.

    And BTW: yes, I meant ♥ :-)

  • faoileag (unregistered) in reply to Miriam
    Miriam:
    Oh look, cross-software quoting, manually done!
    faoileag:
    FroshKiller :
    This is more like it. Clear, well written, with a sense of resolution.
    You mean the article, don't you?
    I don't think so. Surely he praised Paula Bean's brillant frist post!
    LOL! :-)
  • Bruce W (unregistered)

    All those full card numbers are making my PCI compliance brain cells cry.

  • Neil (unregistered)

    Of course suffixes don't repeat, just like SIM and IMEI numbers don't repeat.

    (I had to write a database to track SIM cards being put into mobile phones. This was basically a table of unique SIM and IMEI numbers linked to a batch table. Naturally the complaints started rolling in, and I could say "Run the report to find out which batch the it thinks the IMEI is in", and sure enough they would find a phone with the same IMEI barcode. What I don't know is whether the duplicate IMEI was erroneously issued or whether it was some barcoding issue.)

  • lurker (unregistered)

    Oh god, I just came back to look at comments and it had changed to that bloody awful discorse system.

    So glad there is a way to find the real comments here rather than deal with that steaming pile of dog poo.

  • faoileag (unregistered) in reply to lurker
    lurker:
    Oh god, I just came back to look at comments and it had changed to that bloody awful discorse system.

    So glad there is a way to find the real comments here rather than deal with that steaming pile of dog poo.

    I just pointed out on the Discourse counterpart, that on CS the article is discussed, while on Discourse Discourse is trashed. Could you please stick to that convention? ;-)
  • your browser is too old (unregistered)

    That's why, when I see a natural PK being used for storing some non-trivial amount of data (i.e, not a constants dictionary), my fingers twitch and reach for the developer's throat. Sometimes a simple explanation just doesn't work.

  • Anon (unregistered)

    I'm really loving the meta WTF that Alex is pulling with Discourse. It's a great bit of performance art.

    Or is it an early (or late) April fools day joke?

    Who can tell.

  • D-Coder (cs) in reply to da Doctah
    da Doctah:
    In the long run, his simple heuristic would almost certainly fail to categorize transactinos correctly, but Adam wasn’t concerned with the “long run”.
    Transactinos.

    I like it.

    An uncharged, massless particle, almost impossible to detect.

    I think the whole point of a transactino is that it does have a charge.

  • faoileag (unregistered)

    For those of you who read the comments after appr. 10EDT:

    The comment system for today's article started out with CS (this system), then was changed to Discourse after an hour or so.

    That however turned out to have been accidental and Alex changed the link in the article back to point to CS again.

  • anonymous (unregistered) in reply to Mariachi
    Mariachi:
    Why not have the bank issue replacement cards for the duplicates? If they send more dupes, report them stolen or something and get more replacements. Rinse and repeat until there are no collisions.
    QFT.

    As soon as the bank said "but __ should not occur" your immediate reaction should be to pin the blame on them. "But __ DID occur, and it's your fault, so fix it." Do NOT start brainstorming ideas on how they can implement a workaround! That is THEIR problem.

    Meanwhile, tell your boss that the bank is sending you incorrect transaction information (which is true) and there's not a damn thing you can do until they fix their problem (which is mostly true).

  • Blah (unregistered) in reply to beginner_
    beginner_:
    The real WTF is obviously Adam. If you can't explain this to your boss why it doesn't work your either dumb or should quit.

    What a blissful utopia you must work in.

  • Jake (unregistered)

    But boss, I checked with the bank and they said there is no problem, so there's no problem.

    Done.

    You're welcome.

  • Taemyr (unregistered) in reply to anonymous
    anonymous at 2014-06-03 10:04:
    Meanwhile, tell your boss that the bank is sending you incorrect transaction information (which is true)

    This is not true. The bank is sending incomplete transaction information. Incomplete is distinct from incorrect transaction information. - Further the bank's information is presumably in accordance with the specification.

  • Matt Westwood (cs) in reply to Blah
    Blah:
    beginner_:
    The real WTF is obviously Adam. If you can't explain this to your boss why it doesn't work your either dumb or should quit.

    What a blissful utopia you must work in.

    As in: we are sufficiently competent that we are in demand, and can easily change jobs if the one we are currently in compromises our sense of aesthetics.

  • RichP (cs) in reply to balazs
    balazs:
    Once I saw an application that were sending out large messages via MQ. It had been decided that those messages must be cut into multiple parts of 32000 characters. They also invented a brilliant solution to mark the last message with appending the character sequence "END" to it. It all worked "fine" until one of the records in one of these messages contained a partner company's name of "VENDING MACHINES Co." or "HAPPY-END Co." or something like that and also that message got cut right after the "END" sequence like "VEND" + "ING MACHINES". The rest of the story is up to your imagination. (Got fixed, nothing interesting)

    Hanzo crept through the darkened hallways of WTFU. Somewhere lurking in the shadows was a dark presence, a force that was slashing MQ messages into bits like a fine katana bites through a melon. Hanzo knew that his quest was dangerous, and had driven his predecessor to madness deeper than that of Lorne Kates trapped in a Discourse fourum. Hanzo would have to rely on all of his Ninja training, all the secrets he learned in pubs across Spain, and all of his experience watching The Ring over and over again. Little did he know that the quest would delve into his worst mixed metaphors and tangled quasi martial arts imagery.

    To be continued for some inexplicable reason...

  • Blah (unregistered) in reply to Taemyr
    Taemyr:
    anonymous at 2014-06-03 10:04:
    Meanwhile, tell your boss that the bank is sending you incorrect transaction information (which is true)

    This is not true. The bank is sending incomplete transaction information. Incomplete is distinct from incorrect transaction information. - Further the bank's information is presumably in accordance with the specification.

    Depending on where you work, I suppose, it could also be in accordance with the law. I've run into that before where if you are going to put the info in any format where it could be read by any unauthorized person that the suffix was ALL that could be sent or shown of the card number. That may have been the case here. Adam's company could have gotten perfect statements directly from the bank like a regular customer but since this transaction info was being transferred as plain text, only the last 4 digits could be legally sent.

Leave a comment on “Half Credit”

Log In or post as a guest

Replying to comment #:

« Return to Article