• JohnB (unregistered) in reply to freakshow
    freakshow:
    facetious:
    If your development had as many errors as your writing, I wouldn't be surprised. I chose to only highlight the most obvious mistakes and leave the numerous other grammatical ones alone.

    Thank you, facetious. As a certified grammar Nazi myself, I had a very difficult time reading that post.

    I, too, had some difficulty and I, too, am a grammar perfectionist. But he was a coder and the compiler directive is Option Explicit -- not Option SpellCheck.

    Emerson noted that a foolish consistency is the hobgoblin of little minds, and it is equally true that it takes a certain constipation of imagination to be able to find only one way to spell a word.

    Captcha: onomatopoeia (is that today's buzz word?)

  • (cs) in reply to oh geez
    oh geez:
    This story is completly BS. I used to be a developer at Sun Life Canada, and this was never an issue....

    Hello, remember Alex obfuscates the details of everything....

    Sun Life Canada (and every other real company name you read here....) is never the actual company name....

    -Me

  • freakshow (unregistered) in reply to JohnB
    JohnB:
    freakshow:
    facetious:
    If your development had as many errors as your writing, I wouldn't be surprised. I chose to only highlight the most obvious mistakes and leave the numerous other grammatical ones alone.

    Thank you, facetious. As a certified grammar Nazi myself, I had a very difficult time reading that post.

    I, too, had some difficulty and I, too, am a grammar perfectionist. But he was a coder and the compiler directive is Option Explicit -- not Option SpellCheck.

    Emerson noted that a foolish consistency is the hobgoblin of little minds, and it is equally true that it takes a certain constipation of imagination to be able to find only one way to spell a word.

    I know, and I didn't necessarily mean to single the guy out, because I see poor grammar everywhere on the Web. But honestly, mistaking "threw" for "through?" Option SpellCheck would not have caught that.

    I'll get off my high horse now.

  • (cs) in reply to freakshow

    To those of you complaining about Jan 1st birthdays, try February 29th.... And no, I won't just use March 1st, fix your f-king system!

    And to the original problem, hell no I wouldn't have accepted entering twins as being born a month apart. Companies get away with crap like this because people are too willing to accept workarounds.... -Me

  • Franz Kafka (unregistered) in reply to themagni
    themagni:
    skippy:
    chris:
    Jerim:
    Maybe I am crazy, but wouldn't using the SSN be the most glaringly obvious choice? It is unique for every American citizen.
    Except this is a problem in Canada. Do Canadians have something equivalent to a SSN?

    Oh course we do! It's a Social Insurance Number (SIN). Why they don't use it is anybody's guess, but sometimes people are always walking on eggshells being worried about the privacy implications of storing that number. In this case, it's completely stupid cause they require it anyway. sigh

    Your SIN should only be given to:

    1. Your employer.
    2. The government.
    1. Your bank
    2. your stock account
  • JohnB (unregistered) in reply to dnm
    dnm:
    Canadian law stipulates that nobody can make you hand over your SIN if you don't want to, except the government, and an employer.

    Here is the answer from the appropriate Canadian government web site:

    17. Who is authorized to use my Social Insurance Number?

    In general terms, every person who works in insurable or pensionable employment in Canada is required to have a Social Insurance Number (SIN). By law, you must provide your SIN to authorized federal agencies, such as Service Canada and Canada Revenue Agency, your employer, and anyone else who prepares income tax information on your behalf. This includes some provincial and municipal agencies that must report financial assistance payments for income tax purposes, and all institutions from which you earn interest or income, such as banks, credit unions and trust companies.

    One additional tidbit: only your employer needs to see your card -- everyone else who is authorized to collect it, just needs the number.

  • aGould (unregistered) in reply to skippy
    skippy:
    Oh course we do! It's a Social Insurance Number (SIN). Why they don't use it is anybody's guess, but sometimes people are always walking on eggshells being worried about the privacy implications of storing that number. In this case, it's completely stupid cause they require it anyway. *sigh*

    If memory serves (and I'm writing off-the-cuff), the problem with the SIN was that it was easily leveraged into other documentation (driver's licences, bank accounts, etc). As an added bonus, since they're assigned, you can't change one even if there is fraud using your SIN number. (This may have changed, since there's been some higher-profile cases in the news of people who were victims of obvious fraud, and yet couldn't get a new number.)

  • Francois (unregistered) in reply to waefafw

    Well, if you can really count that as "grief", I had to forgo registration at a video rental store because they insisted on taking my driver's licence number. The next nearest one is a block away...

  • (cs)

    I can't help reading SIN as Social Insecurity Number every time I see it here...

  • DelawareGuy (unregistered)

    SSNs are not unique. Even with no identity theft or mistakes, there should only be one person for each SSN at a given point in time. When a person dies, their SSN goes back in the pot and after a period of time is issued to someone new.

    Also, each state has a range of prefixes (the first 3 digits of a SSN). These were laid out a long time ago, and some states like Nevada that were rural have very few prefixes (Nevada has only one - 530). These state recycle numbers faster than states with more. Eventually the folks at Social Security will issue additional prefixes to a state, which they have done. You can tell where someone lived when their SSN was issued by these prefixes.
    http://www.sibflorida.com/ss.html

  • Greg (unregistered) in reply to facetious

    Actually, it's happened before:

    Twin boys born nearly 2 months apart http://www.msnbc.msn.com/id/6936808/

  • Guess at the real problem (unregistered)

    Hmm, here's what I bet happened: The real way people are distinguished is by an ID number, but when adding people to the system (who don't have ID numbers yet), it does a check for people with the same name and number, to try to avoid both honest mistakes and fraud attempts. So it really just needs to make that check overridable by the CSR, and also probably check more criteria.

  • Big Vuda (unregistered) in reply to craaazy
    craaazy:
    This is why I'm planning to name my kids {9FCAF0A2-ACA0-11DB-8059-D4BD55D89593} and {443aa11b-7973-45f0-ac4a-8e0f1e0169ec}

    captcha: craaazy

    My vote for "Reply of the Day" (TM)

  • canuckotter (unregistered) in reply to its me
    its me:
    Hello, remember Alex obfuscates the details of everything....

    Sun Life Canada (and every other real company name you read here....) is never the actual company name....

    He'll probably want to change this one quickly then so he doesn't get yelled at by SunLife Financial for making false statements that damage their reputation...

  • JGM (unregistered) in reply to WIldpeaks
    WIldpeaks:
    Jim:
    No testing for twins, triplets etc eh?
    The application must have been made by programmers without a life

    Programmers without a Wife is more like it!

    Captcha: dreadlocks, ya mon!

  • (cs) in reply to Jerim
    Jerim:
    Maybe I am crazy, but wouldn't using the SSN be the most glaringly obvious choice? It is unique for every American citizen. That way, you could have as many John Smiths born on 4/15/1970 as you wanted, their SSN would tell them apart. I just don't understand why that wasn't the obvious choice when developing the software.

    Privacy. I don't want my SSN given to every Tom, Dick and Harry in the corporate world. I seem to remember hearing that nobody can leagly ask you for your SSN outside of the Social inSecurity Department anyway.

  • Cody (unregistered) in reply to The OLD Geek
    The OLD Geek:
    pc:
    It's also not required to have an SSN in the U.S.

    Yeah, it is, and has been for at least a decade. They changed the rules - you MUST apply for an SSN at birth - in fact, at least in NY, the hospital is required to do it for you!

    There must be a provision for refusing on religious grounds. The orthodox Amish still do. Then again, they wouldn't be using your hospital for giving birth, so it probably doesn't come up much.

    For tax purposes, if you don't have a SSN you can get assigned a TIN (Tax Identification Number). That's how foreign workers working on visas get registered under our tax system. Theoretically, SSNs are supposed to be used only for the social security system. Someone decided they'd make great IDs and passwords though, so enough systems use them for that that they're useless as passwords now, hence the identity theft problems.

  • oh geez (unregistered)

    Sorry about all my gramatical errors in my previous post. I only had minutes left on my lunch break so I quickly wrote a response without any proofreading. (And I rely on Firefox spell checker way too much, and since I don't have FF on my works comp...)

    Alex might anonymize most postings, but I highly doubt he did for this one. Sun Life Canada is a too specific name to just "pull out of the air" especially when it has to do with financial stuff. Also why would he protect, say Royal Bank of Canada, and turn around and use another widely known legit companies name?

    If this would have happened, it would have made news everywhere in Canada - so either it didn't, or the bug would have only been in the system for a day - if that.

  • P A U L A (unregistered)

    I just don't think you'd be able to get to my identity if I simply posted my SSN, 678-67-5309. I believe you would get a FILENOTFOUND boolean in response.

  • ringbark (unregistered)

    Vanuatu is a republic in the SW Pacific, with a population of about 200,000. In their census in 1989, the key for records was:

    • Last Name
    • First Name
    • Date of birth
    • Island of birth There are about 80 inhabited islands in Vanuatu, and an average of about ten births per day through the whole country. Sounds like a unique key? Well, unfortunately, in some of the islands, there is a tradition of naming babies after some significant current event. So typically, twins there will get the same name. And of course, they are born on the same day and on the same island...

    And "muhahaha" is a new captcha, isn't it?

  • (cs) in reply to its me
    its me:
    oh geez:
    This story is completly BS. I used to be a developer at Sun Life Canada, and this was never an issue....

    Hello, remember Alex obfuscates the details of everything....

    Sun Life Canada (and every other real company name you read here....) is never the actual company name....

    -Me

    Although {oh geez} has a point here. If the idea behind anonomization is to protect Alex from liable, then why anonomyze to a real company name? Why not just use Initech and claim they have moved into the insurance business?

    If you go back to the reason he gave for this practice you will realize it was not to protect Alex from liable but rather to protect the submitter from backlash.

  • George Jansen (unregistered)

    C.J. Date wrote an article on the failings of "intelligent" keys somewhere around 20 years ago, and mentioned a state (unspecified, but I inferred European) that used a scheme encoding birth date or at least date of issuance into the key. At that time, he said, persons had been denied permission to immigrate based on overload for that birth date.

    It's nice to see the same old stuff come back around.

  • joni (unregistered) in reply to DamnedYankee

    Very true. My twins were born while I lived in California - United Healthcare would routinely reject one claim out of the two that would be submitted by our GP each time they had a visit. It meant that we were constantly making phonecalls consisting of 95% routing and 5% resolution.

  • (cs) in reply to P A U L A
    P A U L A:
    I just don't think you'd be able to get to my identity if I simply posted my SSN, 678-67-5309. I believe you would get a FILENOTFOUND boolean in response.

    No, that number only has tu possible values.

  • Seth (unregistered) in reply to Jerim

    Canadians have SSNs?

  • Commies Suit Ya (unregistered) in reply to oh geez
    oh geez:
    This story is completly BS. I used to be a developer at Sun Life Canada, and this was never an issue (unless if it happened within the last year, or a very long time ago).

    I was thinking this situation could have been caused by a no good lazy CSR. Once a CSR knows that customers will believe anything you tell them, regarding blame of "the computer", "the systems", or "the software" - the door is open for many a tall-tale.

    Captcha: craaazy -- (no fooling?)

  • uninvited (unregistered) in reply to George Jansen
    George Jansen:
    C.J. Date wrote an article on the failings of "intelligent" keys somewhere around 20 years ago, and mentioned a state (unspecified, but I inferred European) that used a scheme encoding birth date or at least date of issuance into the key. At that time, he said, persons had been denied permission to immigrate based on overload for that birth date.

    In Denmark we have the CPR number consisting of birthday (DDMMYY), key (3 digits) and a modulo 11 checksum digit which must be even for girls, odd for boys. So that makes for at most 500 girls and 500 boys per day[1]. Given an annual birth rate of about 65,000 kids and an all time birth record (in 1941) of 90,111 there should be more than enough CPR numbers, right?

    Except that immigrants whose birth date isn't known are automatically assigned Jan 1, so some Jan 1s have become overloaded and numbers have had to be re-used from dead people. WTF - why not randomize the default birthday?

    (Another WTF is that since the century is not encoded in the CPR, people who live to 106 are automatically invited to sign up for kindergarten class :) )

    1. It is too late for me to be arsed to actually calculate how many of these 1000 keys are usable mod 11.

    Captcha: Tesla. Bzzzzt.

  • (cs) in reply to facetious
    facetious:
    Two children born a month apart is more likely than twins! Woo overlapping pregnancies!
    With proper pipelining and an initial delay of nine months, it would be possible to produce one baby per month.*
    • Assuming one female and monthly ovulation.
  • Nicholas Piasecki (unregistered)

    This is why you throw all the talk about "finding natural keys" out the window and use a surrogate key that -- and this is very important -- doesn't mean a #@#$%$# thing.

    I worked on a project for an insurance company that used Social Security Numbers (SSNs) as its primary keys. Bad idea. They forgot to consider that (1) you don't have to give your SSN to your insurance company anymore and (2) sometimes people get fired from their jobs (thus canceling their coverage) and then are later rehired (thus resuming their coverage, with a gap). But they were storing coverage dates in the table that had SSNs as its primary key. Oops.

    When business requirements change, so will natural keys, because the meanings/uniqueness of those keys will change. So use a surrogate key--it doesn't HAVE to be an int--and stick to your guns, because you'll find a lot of people who insist on finding a natural key. They'll say that auto-number fields have problems with replication; remind them that SQL Server has supported that since 2000. Or, use a GUID. Just don't use anything that has meaning.

    Granted, I've only been out of college for two years, but that's how I've been burned by them before.

  • (cs)

    Of course this debate all comes up, artificial vs "natural" primary keys.

    I have never ever heard a good argument for using a "natural" key. There is almost NOTHING in a natural key that will stay the same forever. The stuff in a natural key is data, treat it as such. Waste a little disk space and create an artificial key.

  • gl (unregistered) in reply to D. T.
    D. T.:
    Why not organize by SS#/tax number like everyone else?

    Apart from the other reasons cited, even in the U.S. there are many people here legally who are prohibited by law from having either an SSN or an ITIN (specifically, dependents of visa holders who do not file a tax return).

    Neither SSN or SIN are unique. Despite "modern database systems" these numbers have been issued manually in many cases for over 50 years resulting in many duplications. There are also several situations where the numbers are re-issued.

    Just a note to an earlier poster: SINs have to be provided to anyone who will be providing you with a T-slip, not just employers and banks.

  • PackRat (unregistered) in reply to pc

    It is required to have an SSN for any person over the age of 2(?) in the US if that person appears on a federal tax return.

  • (cs) in reply to themagni
    themagni:

    But this isn't the point. What the system should do is have a 32-bit number as the primary key for their client database. When you start up a new client file, they get an automatically generated number. That number is by definition unique.

    A little pessimistic aren't you? What happens when they get their 4.3 billionth customer?

  • darwin (unregistered) in reply to KattMan
    KattMan:
    If the idea behind anonomization is to protect Alex from liable, then why anonomyze to a real company name? Why not just use Initech and claim they have moved into the insurance business?

    If you go back to the reason he gave for this practice you will realize it was not to protect Alex from liable but rather to protect the submitter from backlash.

    Libel. "Liable" means something else. "If you defame a real company in writing, you are liable to be sued for libel."

  • hexatron (unregistered)

    first, Icelanders don't have euro-style last names--it's somebody's son or somebody's dottir (see the Icelandic Names Wiki entry for more thrilling facts), so they really need unique identifiers. But they have birth and marriage records going back hundreds of years, not like the rest of us bastards.

    And the girl with the 1/1/1970 birthday...there should really be a big celebration for these folks on 30sep2034 or 19jan2038, when unix ends and all the airplanes fall out of the sky the way they did on 1jan2000. They'll be 64 (or 68) and just 22 (or 18) years from retirement age.

    captcha=atari -- i'm game.

  • (cs) in reply to its me
    its me:
    To those of you complaining about Jan 1st birthdays, try February 29th.... And no, I won't just use March 1st, fix your f-king system!

    And to the original problem, hell no I wouldn't have accepted entering twins as being born a month apart. Companies get away with crap like this because people are too willing to accept workarounds.... -Me

    And ended up with running to a lawyer in order to get a court order while your kid (for months and months maybe) has no health insurance when it is needed most ... you, Sir, are obviously not a parent.

  • (cs) in reply to JGM
    JGM:
    WIldpeaks:
    Jim:
    No testing for twins, triplets etc eh?
    The application must have been made by programmers without a life

    Programmers without a Wife is more like it!

    Captcha: dreadlocks, ya mon!

    Why a wife - you have to be married in order to legally have children ?

    (Unless you are living in one of the Arabian Gulf countries.)

  • Jerim (unregistered) in reply to ssprencel
    ssprencel:
    Jerim:
    Maybe I am crazy, but wouldn't using the SSN be the most glaringly obvious choice? It is unique for every American citizen. That way, you could have as many John Smiths born on 4/15/1970 as you wanted, their SSN would tell them apart. I just don't understand why that wasn't the obvious choice when developing the software.

    Privacy. I don't want my SSN given to every Tom, Dick and Harry in the corporate world. I seem to remember hearing that nobody can leagly ask you for your SSN outside of the Social inSecurity Department anyway.

    No, they can't force you to give them your SSN, but they can require it for service. Try buying a car, going to college, getting insurance or even getting a job without giving them your SSN. The reason the SSN is such a good thing, is that it can be used across several systems. Who wants to have to remember 15 different ID numbers from various institutions like colleges, banks, employers, etc.? It is also unique enough that you will never have two John Smiths living in the same town with the same SSN, much less the same street.

    I don't buy into the whole identity theft paranoia. If someone wants your identity, they can always just knock you upside your head and take your wallet. Not everyone in the world is out to steal your identity. If it ever does happen, it is a pretty easy thing to take care of. Just file a police report and inform everyone. Yeah it's a pain in the butt, but it is not like someone is going to ruin your life. That is just media hysteria to get you to pay an extra $5 a month in identity theft protection that you will never use.

  • Thomas (unregistered) in reply to Jerim
    Jerim:
    I don't buy into the whole identity theft paranoia. If someone wants your identity, they can always just knock you upside your head and take your wallet.

    Not that simple. You'd know it, right away. Standard theft is one you hear when police starts to ask weird questions or credit card company sends you huge bills. Not earlier.

    Jerim:
    Not everyone in the world is out to steal your identity. If it ever does happen, it is a pretty easy thing to take care of. Just file a police report and inform everyone. Yeah it's a pain in the butt, but it is not like someone is going to ruin your life. That is just media hysteria to get you to pay an extra $5 a month in identity theft protection that you will never use.

    You obviously don't get the scope of identity theft. While I agree that not everybody is trying to steal your identity, it doesn't matter, one is enough. You only need to get killed once, too. Most people try to be careful and not to be killed.

    You can buy a house or two, couple of airplanes or whatever you want, drive drunk or over somebody, beat people up and do whatever you want which doesn't put you to jail immediately. And everything eventually falls on the guy you stole the identity from, not you.

    Credit is wonderful thing, when you are not the one who gets the bill and I'll wish you very good luck when you try to prove to a credit card company it wasn't you who bought two mansions. If "identity theft" were a acceptable cause not to pay, everybody would use it (and get stuff for free).

    Financial ruin, jail: Good reasons to beware.

  • Baston (unregistered) in reply to andr01d
    andr01d:
    Crap, I have triplets born on Jan 1.

    Their name are True, False, and File Not Found.

    I can't get them insured anywhere!

    ROFL

    Aren't you from the well known Boolean family ;o)

  • Bo, the ancient mainframer (unregistered) in reply to uninvited
    uninvited:

    In Denmark we have the CPR number consisting of birthday (DDMMYY), .. .. .. Another WTF is that since the century is not encoded in the CPR, people who live to 106 are automatically invited to sign up for kindergarten class :) )

    Actually, the century IS encoded in the CPR, though in a rather cryptical manner. A combination of the two-digit year of birth, and the first three digits of the control digits will yield the century.

    For instance (slightly anonymized), I'm officially known as DDMM66-121X: the year 66 and control digits in the range 1000-1999 yields year of birth 1966.

    As far as I know, the encoding only works for years-of-birth up to 2057.

    The WTF of the Danish CPR is not that the century isn't encoded - it is that some IT professionals are too lazy to understand the encoding when using it - thus inviting 106-year-olds to kindergarten.

    Bo

    Captcha "dreadlocks" - no way, bald is beautiful!

  • Anonymous Coward (unregistered) in reply to Mickey
    Mickey:
    Sounds like a requirements WTF.
    No. It sounds like an information analysis WTF. You fuck up the information analysis, you fuck up the system.

    Database keys (that are used to maintain referential integrity) should be informationless. Obviously this fact was overlooked in the design of mentioned database- the key was chock full of information, which is what caused the trouble.

    Ideally database keys should remain hidden from the end user -- otherwise there will always be reasons to change the key afterwards, which will at that point either require a huge database migration or pollute the design of the database.

  • (cs) in reply to unklegwar
    unklegwar:
    Um. Why a MONTH apart instead of a day?

    I can't wait til they claim fraud or deny benefits in a few years when a claim is made and the birthdates don't match.

    Because the month, year and lastname was used. So next day would still make the system think you were the same person :|

  • uninvited (unregistered) in reply to Bo, the ancient mainframer
    Bo:
    uninvited:

    In Denmark we have the CPR number consisting of birthday (DDMMYY), .. .. .. Another WTF is that since the century is not encoded in the CPR, people who live to 106 are automatically invited to sign up for kindergarten class :) )

    Actually, the century IS encoded in the CPR, though in a rather cryptical manner. A combination of the two-digit year of birth, and the first three digits of the control digits will yield the century.

    For instance (slightly anonymized), I'm officially known as DDMM66-121X: the year 66 and control digits in the range 1000-1999 yields year of birth 1966.

    As far as I know, the encoding only works for years-of-birth up to 2057.

    The WTF of the Danish CPR is not that the century isn't encoded - it is that some IT professionals are too lazy to understand the encoding when using it - thus inviting 106-year-olds to kindergarten.

    Bo

    Captcha "dreadlocks" - no way, bald is beautiful!

    2036, as far as I can see. There is also some encoding of whether the person is an adoptee from another country - I went to school with three adopted Korean girls who all had CPRs in the 8XXX range. Racial profiling on the fly, yay!

  • (cs)

    Best one I've read in weeks. Even discounting twins, it never occurred to the designers that spouses typically have the same surname and are of similar age, making the same birth year and name not unusual? Never mind the fact that in computing, if it can theoretically happen, it will. It never occurred to them social security numbers are numbers?

    Let's hope that system has a notes field so an audit doesn't detect children born one month apart and scream fraud.

  • Jack Moxley (unregistered) in reply to akatherder

    I do the same, the only reason not to have an id field is to save space, and these days that kind of issue is more or less irrelevant.

  • Roger Wolff (unregistered)

    FYI, I found out yesterday that at the postbank two online-banking accounts cannot have their tranasction confirmation codes sent to the same mobile phone.

    One person handling transactions for multiple accounts is apparently above their level of understanding.

  • ricster (unregistered) in reply to Josh
    Re: Disjoint Twins 2007-01-25 11:53 • by Josh I had a similar problem with my daughter - she was born on Jan. 1. We've come across THREE separate software systems that reject Jan. 1 as a valid birth date. I can't POSSIBLY imagine how that got in there.

    Not that i'm advocating this behaviour but sometimes you need to say "year" when you are speaking the language of "date". 00/00/2007 is not a valid date so 01/01/2007 would be used instead. plus it's a bank holiday, no one's going to be at work, they're all going to be hung over, what could possibly go wrong!?

  • David (unregistered)

    In the UK this would be illegal under the Data Protection act as all data stored must be accurate.

  • Hognoxious (unregistered) in reply to Jerim
    Jerim:
    but wouldn't using the SSN be the most glaringly obvious choice? It is unique for every American citizen.
    It would be, if not for this inconvenient thing called "the rest of the world".

Leave a comment on “Disjoint Twins”

Log In or post as a guest

Replying to comment #:

« Return to Article