The Daily WTF: Curious Perversions in Information Technology

Having Fun with Words

by Jake Vinson in Error'd on 2007-10-31

M. T. wants to expandify your vocabulation!

119 comments - Last comment @ 2007-12-18

Breaking Broken

by Jake Vinson in CodeSOD on 2007-10-31

When Mickey's colleague was tasked with changing <br>s into newlines, he wanted to cover all the bases. Since <br />, <Br />, <bR />, etc. are all valid HTML, he clearly had his work cut out for him.

Damn case-sensitive string comparison, he must've thought. This could be so much easier! Oh well, I guess there's only one way to do it... brute force, baby!

156 comments - Last comment @ 2008-01-09

Secure This

by Alex Papadimoulis in Feature Articles on 2007-10-30

It's common knowledge that a security system is only as effective as its weakest point. You can install a reinforced steel door with a two-phase palm-print/retinal-scan entry to protect your home, but if you leave a first-floor window open, you're more vulnerable than your neighbor with a simple deadbolt. One of Nate's clients learned this lesson first hand with its e-commerce Web site. The operation didn't involve terribly sensitive data: there were no bank accounts, no Social Security numbers, nor even any credit card numbers. Pre-approved customers would simply sign in and place their orders. Accounts payable and fulfillment would take it from there.

Yet the Web site painted a different picture, featuring two-factor authentication, encrypted databases and a giant padlock graphic advertising "secure."

111 comments - Last comment @ 2007-11-15

Just a Little Chilly

by Alex Papadimoulis in Feature Articles on 2007-10-29

For many developers in a large company, visiting a department outside of I.T. is a rare treat. The people there are friendlier and, instead of the stolid I.T. grunt-nod, actually greet one another with a smile and words like “hello” and “how are you.” Not only that, but these departments often have donuts and other goodies in their break room past 9:03 AM! Apparently, without a horde of voracious programmers, such things can survive for more than three minutes.

Not too long ago, Devin was summoned to the Records Administration Department to see an issue that a user was experiencing first hand that couldn’t be remotely diagnosed. After wolfing down a handful of donuts from their break room, Devin stopped by to took a look. It was a pretty simple problem to fix: for whatever reason, the application’s registry entries were missing, so Devin added them and started up the application.

118 comments - Last comment @ 2008-09-02

Incredibly Accessible

by Alex Papadimoulis in Error'd on 2007-10-29

Kevin Sedgley was impressed with how accessible his local fire station's website is. Mousing over the image displays a movie clip showing the woman signing the page's text for the deaf...

94 comments - Last comment @ 2008-02-21

An Interesting Way of Excepting

by Alex Papadimoulis in CodeSOD on 2007-10-29

While spelunking through a cavernous J2EE application, Matt stumbled across this method, buried in a base Client Object class...

94 comments - Last comment @ 2007-11-21

Please Verify These Asterisks

by Jake Vinson in Error'd on 2007-10-26

From Dan B.: "Asking me to confirm my email address and respecting my privacy all at the same time... the nerve!" While this isn't actually a WTF, you have to admit that it's a pretty funny screenshot.

57 comments - Last comment @ 2008-01-05

Security by Letterhead

by Jake Vinson in Feature Articles on 2007-10-25

Security through obscurity is something we've all probably complained about. We've covered security by insanity and security by oblivity. And today, joining their ranks, we have security by letterhead.

John O'Rourke wrote in to tell us that as a part of his job, he often has to help clients transfer domain names. He's had to jump through all kinds of crazy hoops to transfer domain names in the past; including just about everything except literally jumping through hoops. After faxing in a transfer request and receiving a rejection fax an hour later, he knew he was in for a fight.

153 comments - Last comment @ 2011-07-11

A Medical Emergency

by Jake Vinson in Error'd on 2007-10-24

If you have blue lips, that's pretty messed up. If you have blue lips on some part of your body other than your mouth, that's really messed up, and WebMD would prefer not to get too many details on it.

(submitted by Cav)

71 comments - Last comment @ 2008-06-11

Not Doing Nothing

by Alex Papadimoulis in CodeSOD on 2007-10-24

Nathan was going through some of his company's fairly buggy JavaScript calendar code, and saw this perfectly described function.

function DoNothing()
{
}

98 comments - Last comment @ 2014-03-20

Classic WTF: Lock In Key Security

by Alex Papadimoulis in Feature Articles on 2007-10-23

It's been a pretty hectic day (server outage, fun!); hope you don't mind a classic. Lock In Key Security was originally published on August 29, 2006.

Noah Nordrum isn't proud of what he's become. He is now, officially, a cracker. I mean, "kr@xx0rs." Err, I think. I don't know. I got that from my "3773 Speek" guide.

98 comments - Last comment @ 2010-01-30

I Don't Understand the Question

by Jake Vinson in Error'd on 2007-10-22

Jordan, would you like to play some Counter Strike??????????????

Fine, reasoned a dejected Richard C., I didn't want to recreate the file anyway.

72 comments - Last comment @ 2021-11-10

Slightly More Sociable

by Alex Papadimoulis in Tales from the Interview on 2007-10-22

Today’s Tale from the Interview comes from Shanna...

Fresh out of college, and used to being the only woman in my engineering and computer science classes, I wasn't quite sure what to expect in the real world. I happily ended up finding a development job in a company which was nowhere near as unbalanced as my college classes had been. The company was EXTREMELY small and the entire staff, except the CEO, was in one office. I ended up sitting at a desk next to the office admin, another woman who was hired a month or two after me.

213 comments - Last comment @ 2011-01-14

WTf2c

by Alex Papadimoulis in CodeSOD on 2007-10-22

At Albert M.'s job, he was recently tasked with implementing a C++ module to calculate the earth's magnetic field at any point. While I'm sure most of you have that formula memorized, Albert was feeling a bit rusty and consulted the Internet to help him find the code. He was in luck. The National Geophysical Data Center had exactly what he needed, and provided two different versions: one written in Fortran and the other in C.

From all appearances, the C version was generated using f2c, which is a fairly ancient Fortran-to-C converter. Albert figured he'd just start with the C code and modify it as needed. But after staring at it for a few seconds, he decided the wisest course was to brush up on Fortran and pretend he never saw the C code. First, here's the original Fortran code:

67 comments - Last comment @ 2008-08-30

Obvious Requirements

by Alex Papadimoulis in Error'd on 2007-10-19

Fortunately, Potsie had the recommended requirements to view Charger Details...

75 comments - Last comment @ 2007-10-25

XML Upgrade

by Alex Papadimoulis in CodeSOD on 2007-10-19

As an e-commerce site selling specialized goods, Steve's company uses a third-party service that provides a Flash-based image viewer to display extra-large product images and allow visitors to zoom, pan, and so forth. Occasionally, the product images would get out-of-synch, so Steve was tasked with writing a script to ensure that images on the vendor's server matched images on the in-house server.

Determining which images were on the vendor's server was fairly easy; it just involved a HTTP Request with a product number in the querystring. The service responds with a comma-delimited list of image paths, like so:

82 comments - Last comment @ 2007-10-22

Point of Fail

by Jake Vinson in Feature Articles on 2007-10-18

"Hey, don't take another step!" Chris H. froze in his tracks. The voice cried out "we're dead in the water here!"

Tensions had been running high at The Book Bunker (as I'll call it) for weeks. The Book Bunker's point of sale system had been up and down and up and down more times than anyone could count. Sometimes it was a database connection issue, other times it was an overheating issue, and other times no one knew what it was.

178 comments - Last comment @ 2011-09-28

Banking So Advanced

by Alex Papadimoulis in Feature Articles on 2007-10-17

Last month, I wrote about US financial institutions, their failure to implement two-factor authentication, and the absurdity that has become Wish-It-Was Two Factor authentication. I thought that'd be the last I'd write about the topic, but when Steven King pointed me towards his bank, Synergy One. I couldn't resist a follow-up.

First and foremost, Synergy One seems to be a great, local institution. They invest in their community. They offer college scholarships. Heck, they even have student-run branches to encourage saving money while in high school. And this is exactly why it's such a shame that they've fallen prey to the Wish-It-Was Two-Factor placebo.

186 comments - Last comment @ 2017-07-30

Paperless PTO

by Alex Papadimoulis in Feature Articles on 2007-10-16

Many years back, Vinay's company phased out Form 11.18-B, or, as it was more commonly known, the vacation request form. Along with it went Form 11.18-M (sick day request form), Form 11.12-B (absence cancellation form) and Form 12.11-B (absence exceed form). They were all rolled into the new Absence Processing System (APS) as part of the company's Process Improvement Process, a far-reaching initiative to technologize all things bureaucratic. Most employees didn't care for the new APS. Before going electronic, applying for vacation was simple: Have your manager sign Form 11.18-B, send the yellow copy to HR and keep the pink one. Using the APS meant opening up the application, trying to remember your APS password, clicking to the vacation request form, filling it out and then telling your manager to follow the same steps in order to approve it.

Of course, that wouldn't be so bad, except for the fact that the APS was incredibly slow. As a basic Access application shared by tens of thousands of employees, response time in the APS ranged anywhere from two to 20 seconds. All the time saved in filling out a paper form was made up in triplicate waiting for the APS to respond.

99 comments - Last comment @ 2007-10-22

It's a Different Set of Rules

by Jake Vinson in Feature Articles on 2007-10-15

Learning to communicate effectively is highly important so that you don't make yourself, and by extension, your company, look stupid. That said, I probably used too many commas in that last sentence. Their our alot of common mistakes that people make to often that could of easily been avoided. In the case of Adam V.'s coworker (who we'll call Angie), though, her mastery of grammar worked against her.

In a frantic email, Angie asked Adam "What's wrong with my program? I can't figure out why it won't complile!" Adam stopped by her desk to have a look and found the line that was causing the build to fail.

157 comments - Last comment @ 2008-08-29

Taking It Outside

by Alex Papadimoulis in Error'd on 2007-10-15

Kevin Pickell was visiting London and decided to take the BBC tour. The scrolling marquee in the lobby had news headlines... with lots of bonus HTML-encoded characters still in it. Oops!

62 comments - Last comment @ 2008-08-28

Division By Zero, Solved Yet Again

by Alex Papadimoulis in CodeSOD on 2007-10-15

I thought that, when James Anderson announced the invention of nullity (i.e. Φ, or 0/0), we had finally gotten past the whole "impossibility" of dividing by zero. I don't know about you, but after installing the latest service pack including the "nullity patch," my programs happily hum along when they divide by zero. So why then did Mike C.'s predecessor bother with a DivisionWithZero method ... and why did he do it like this...

123 comments - Last comment @ 2013-08-17

No, Yes, or No?

by Alex Papadimoulis in Error'd on 2007-10-12

Kenneth Brody did a double-take on Question #4 in Home Depot's survey...

122 comments - Last comment @ 2008-08-28

XML Kōan from the Fourth Dimension

by Alex Papadimoulis in Representative Line on 2007-10-12

John Y recently had to deal with an XML-like dump from a "4D" database. This dump used a peculiar form of abbreviation in which letters were chosen seemingly at random from field names, in order to meet the well known XML limitation of only allowing 5 characters per tag name.

Sometimes less than 5 letters were used. Browsing this file, John encountered the following Zen-like line.

104 comments - Last comment @ 2008-09-28

The Circle of Strife

by Jake Vinson in Feature Articles on 2007-10-11

Marcel is whiling away the days as IT support for a few regional libraries. Typically, this means that he has to answer questions like "is this keyboard unplugged?" and "why does the screen turn off when I press this button on the monitor?"

Back in March, though, one of the libraries had a serious problem. The library has one central server that does all of their transaction logging — who has books checked out, which ones are overdue, which are on order, etc. It was turned off when Marcel arrived, and while he could get it to turn on, he couldn't get it to boot. Fortunately, they had a nightly backup, so Marcel had one of his coworkers run to get the backup tape. Meanwhile, Marcel tried everything he could to repair the system.

91 comments - Last comment @ 2008-07-21

Do Not Click!

by Alex Papadimoulis in Error'd on 2007-10-10

This popped up for Steve in Lotus Notes. I wonder if this is what happens when you click buttons labeled "do not click!"

71 comments - Last comment @ 2023-05-11

No Thanks, I Prefer SUBString!

by Alex Papadimoulis in CodeSOD on 2007-10-10

Apparently not satisfied with relying on Oracle's built in SUBSTR function, Connor's predecessor decided to write his own. Well, sort of...

Function SUBString(inputStr IN VARCHAR2,
                   startPos IN NUMBER,
                   endPos   IN NUMBER
                  ) RETURN VARCHAR2  IS
        result  VARCHAR2(100);
BEGIN
     result := null;
     SELECT SUBSTR(inputStr,startPos,endPos) INTO result FROM dual;
     RETURN result;
END;

105 comments - Last comment @ 2007-10-24

Avoiding Development Disasters

by Alex Papadimoulis in Alex's Soapbox on 2007-10-09

As most development managers know, the FBI's Virtual Case File (VCF) system has become the epitome of the software industry's most expensive failed project. Running taxpayers between $100 and $200 million dollars over four years, the VCF delivered little more than a mountain of useless documentation, nearly a million lines of code that will never run in production and a whole lot of costly lessons. Worse still, the lessons offered from this multi-million dollar failure could have just as easily been found in a $50 software engineering textbook. In fact, the major factors behind VCF's failure read much like such a book's table of contents:

Enterprise Architecture: VCF had none.
Management: Developers were both poorly managed and micromanaged.
Skilled Personnel: Managers and engineers with no formal training were placed in critical roles.
Requirements: They were constantly being changed.
Scope Creep: New features were added even after the project was behind schedule.
Steady Team: More people were constantly added to the team in an attempt to speed the project.

While these are all valuable lessons that every development manager should take to heart, one of the most important -- and certainly least discussed -- lessons stems from one of the rare correct decisions made on the project: the decision to cut bait and scrap the whole thing.

116 comments - Last comment @ 2010-08-04

Blinded By His Brightness

by Alex Papadimoulis in Tales from the Interview on 2007-10-08

Jay was excited: he finally landed a job interview for a developer position. While for many of us such an event registers pretty high on the “big deal, that happens to me all the time” scale, it was pretty rare for Jay. Like many of his young peers, Jay lacked experience in the industry. But unlike his peers, Jay did not have a college degree. And he lived in Mississippi, a state not exactly known as a hub for things high-tech. Or really even tech.

“Just work with what you’ve got,” a friend told him, “and you’ve got a damn good GPA from a damn good upstate New York public school. I mean, compared to the schools down here, that’s practically a college degree!”

106 comments - Last comment @ 2022-11-02

Sorry, You Used That Password 28,452 Times Ago

by Jake Vinson in Error'd on 2007-10-08

This one's from the Microsoft Knowledge Base:

(submitted by Sean)

So assuming 60WPM and 4-5 characters in a word, it'd take you over an hour to type in your password. And hopefully you'd type the correct one in, rather than one of your last thirty thousand passwords.

44 comments - Last comment @ 2007-10-26

unset() It, and Forget It!

by Alex Papadimoulis in CodeSOD on 2007-10-08

When Rus sent in his résumé for a systems administrator position, he made the mistake of including "PHP" as a bullet point. It's not that he doesn't know PHP - it's that he does, and is often stuck with trying to debug problems that the PHP developers blame on "the system."

Recently, he was tasked with diagnosing a problem where files uploaded to the site ending up at zero bytes in size. It had been thwarting the PHP developer for nearly three weeks. Due to the distributed nature of the site, uploading a file involved posting the file to one page, programmatically urlencoding the file, and then posting to a different page. Not trusting that it was a problem with "the system," Rus looked at the previous working code in the commit history ...

69 comments - Last comment @ 2008-01-13

Take That, The Bravery!

by Jake Vinson in Error'd on 2007-10-05

You'd think that Nine Inch Nails would be more popular after releasing the critically acclaimed "Year Zero."

(submitted by George J.)

Well, NIN fans revolted and thirty million eight hundred and one thousand five hundred thirty nine votes later, they'd successfully taken their anger out on The Bravery.

(submitted by Nick L.)

82 comments - Last comment @ 2013-01-24

Constant Extensibility

by Alex Papadimoulis in CodeSOD on 2007-10-05

Thomas P was working on some code a while back where the original developer had devised a "clever" way of encoding errors.

Errors were encoded into a single integer rather than using a Boolean for each error that occurred. A nice way to overcomplicate things, but fine.

110 comments - Last comment @ 2010-07-09

The Final Straws

by Jake Vinson in Feature Articles on 2007-10-04

As a bright-eyed, bushy-tailed class of 2006 graduate, Andrew M. was excited to start his first job as a professional developer. He was fortunate to find a job so quickly after graduating and he was ready to make a difference.

The first day he showed up to work, he was ready to meet his coworkers, get his email set up, and have a look at the code he'd be maintaining. He was introduced to the IT guy that greeted him with a friendly "oh, you're the new developer," which was the extent of their conversation while they walked to Andrew's new desk.

82 comments - Last comment @ 2007-10-12

Multiple Choice

by Jake Vinson in Error'd on 2007-10-03

I'm pretty sure this was sent in by Seth:

92 comments - Last comment @ 2007-12-12

A Very Valid validInt

by Alex Papadimoulis in CodeSOD on 2007-10-03

User-friendly data-validation is important. Rarely is a simple, red asterisk next to a form field enough to indicate what’s wrong with the input. Is it a required field? Is it too high? Is it not allowed? Generally, it’s a good idea to indicate what’s wrong with the form and how to fix it. For example, a good message for a poorly formatted currency field might be “must be formatted like currency (e.g. $9999.99).”

On the other hand, it can be easy to go too far. Take this snippet of validation code that Dai uncovered, for example. Even the most obtuse of users don’t need to be told “You must have a minus sign in the 1st position or immediately after a $ sign.”

122 comments - Last comment @ 2007-10-15

The Bug That Shut Down Computers World-Wide

by Alex Papadimoulis in Feature Articles on 2007-10-02

Where were you the morning of January 1st, 1984? Me? I was out living it up at Divestiture-fest ’84 and – let me tell you – it was quite a party. We drank until those seven little Baby Bells looked like fourteen, and kept drinking until it all looked like AT&T again. Ah, the good old days. But not all of us were out celebrating. Some – like Robert Reagan – were actually working, desperately trying to fix the bug that shut down computers across the world.

With all the “oh no, the world’s gonna end” date problems out there – Y2K, DST, The End of the Epoch, and Y2070 – it’s surprising that most haven’t heard of the day that the world actually ended. On that day – January 1st, 1984 – a single bug was responsible for shutting down – and keeping down – a whole lot of computer systems.

109 comments - Last comment @ 2021-10-27

Gosh Darn Computer

by Jake Vinson in Error'd on 2007-10-01

Jonathan Z. sent in this gosh darn screenshot:

71 comments - Last comment @ 2008-06-18

Prisoner of Process

by Alex Papadimoulis in Feature Articles on 2007-10-01

When Eric C. arrived at his new job, it was with a huge sense of relief. His old workplace had been a haven for cowboy coders and anarchic hackers, where the only semblance of consistency was in everyone's preference to modify code directly in production.

"Finally," Eric thought as he flipped through the Developer's Handbook. "Real processes!"

58 comments - Last comment @ 2014-07-31

The Road to Hell

by Jake Vinson in CodeSOD on 2007-10-01

They say the road to hell is paved with good intentions. Who they are and why they're so surly is beyond me, but I have to admit they're kind of right.

Take one of Sam's colleagues, for example. He had a well-intentioned tendency to provide helpful documentation via code comments, but... well...

105 comments - Last comment @ 2007-11-27

Recent Articles