• Greg Barton (unregistered)

    A Pentium 2 processor must be involved somewhere...

  • Anonymous Coward (unregistered)

    What fool would use a '7' in their PIN?  IT IS UNLUCKY!  This is simply input validation working as intended.

  • (cs)

    Maybe the ATMs are superstitious?

  • (cs)

    I've always hated that number 7.

  • (cs)
    <font color="#006600">Clearly someone forgot to put '7' in the valid characters array:

    /** Valid inputs from ATM */</font>
    <font color="#000099">private </font><font color="#000099">char </font>[] validInputs =
    {
    <font color="#990000">'1</font><font color="#990000">',</font> <font color="#990000">'2</font><font color="#990000">',</font> <font color="#990000">'3</font><font color="#990000">',</font> <font color="#990000">'4</font><font color="#990000">',</font> <font color="#990000">'5</font><font color="#990000">',</font> <font color="#990000">'6</font><font color="#990000">',</font> <font color="#990000">'8</font><font color="#990000">',</font> <font color="#990000">'9</font><font color="#990000">',</font> <font color="#990000">'0</font><font color="#990000">'</font><font color="#990000">
    </font>};
  • (cs)

    if (isTrue(digit == 7))
        throw;

  • (cs) in reply to Anonymous Coward
    Anonymous:

    What fool would use a '7' in their PIN?  IT IS UNLUCKY!  This is simply input validation working as intended.



    Heyyyy.. I use 7's in my pin. 4 of them! its easy to remember and near the "enter" button on the ATM I use every day.


    As for the code, I can't imagine....

  • (cs)

    "The problem occurs since one month"

    Does that mean it happens once a month, or it's been happening for a month, or it started a month after installation?

    I need to know so I can conjecture about what horrible code is involved in this!

    (ED: Updated the main post text)

  • anonymous coward (unregistered) in reply to zip

    "the problem happens since one month" = "we've been experiencing the problem for the last month"

  • (cs) in reply to zip
    <FONT size=2>

    In the C#/.NET world...</FONT>

    <FONT color=#0000ff size=2>private</FONT><FONT size=2> </FONT><FONT color=#0000ff size=2>void</FONT><FONT size=2> SevenButton_Click(</FONT><FONT color=#0000ff size=2>object</FONT><FONT size=2> sender, EventArgs e)
    {

       Environment.Exit(0);

    }

    </FONT>
  • Jeff (unregistered) in reply to zip

    My impression is that it has been occurring for a month now.  Hey guy with all 7s, what's your account number?  :)

  • (cs) in reply to Mike R
    Mike R:
    Anonymous:

    What fool would use a '7' in their PIN?  IT IS UNLUCKY!  This is simply input validation working as intended.



    Heyyyy.. I use 7's in my pin. 4 of them! its easy to remember and near the "enter" button on the ATM I use every day.


    As for the code, I can't imagine....



    Ironically, this was the 7th reply to the article. I'ma buyin me a lottery ticket tonight!
  • (cs) in reply to Jeff
    Anonymous:
    My impression is that it has been occurring for a month now.  Hey guy with all 7s, what's your account number?  :)


    7777-7777-7777-7777, Naturally :)
  • Paul O (unregistered) in reply to Anonymous Coward

    The code works!  I tested it!  I just assumed the "7" key was busted on the machine I tested it on! :)

    And, of course, we don't need a field trial - just go directly to mass deployment!

    Just more stuff that should be taught in "the first CS course you take" - that fills that course out to about five years.

  • some1 (unregistered) in reply to Mike R
    Mike R:
    Anonymous:

    What fool would use a '7' in their PIN?  IT IS UNLUCKY!  This is simply input validation working as intended.



    Heyyyy.. I use 7's in my pin. 4 of them! its easy to remember and near the "enter" button on the ATM I use every day.


    As for the code, I can't imagine....

    Now, Where do you bank and what's your account number?

  • (cs)

    So the problem has been going on for one month(4 weeks) and is expected to be working again in 3 weeks.  7 weeks total that it won't be working.  Coincedence?  I DON'T THINK SO!

    dons tin-foil hat

  • Merit (unregistered)

    Maybe they tested with 10^4 randomly generated pins thinking that would get them all possible combinations, and they happened to have the (un)luckiest guy in the world run the generation program

  • (cs) in reply to Ytram

    Ytram:
    So the problem has been going on for one month(4 weeks) and is expected to be working again in 3 weeks.  7 weeks total that it won't be working.  Coincedence?  I DON'T THINK SO!

    *dons tin-foil hat*

    This is getting out of control Curse you JJ Abrams! Now everyone that watches "Lost" is looking for number patterns everywhere!!

    *steals Ytram's tin-foil hat*

  • joe_bruin (unregistered) in reply to Paul O

    I'm not going to speculate about sevens, but let me give you a similar case in which obvious wtfery is involved:

    My cable company (Adelphia) accepts credit card payments by phone.  When you pay, you give the system your CC number, as well as a four digit expiration date (MMYY).  However, if your four digit expiration date starts with a zero (for, y'know, those months other than October,  November, and December), the system complains that you did not give it a valid input.  Obviously, what's going on is the leading zero is getting dropped off as the input is treated as a number, but when the string length of that number is taken later, it is three, not four (and no, it does not accept 3 digit values).

    So, this is kind of a case of checking your boundry cases.  Or, er, your 75% cases to make sure they work..

  • (cs) in reply to Manni
    Manni:

    Ytram:
    So the problem has been going on for one month(4 weeks) and is expected to be working again in 3 weeks.  7 weeks total that it won't be working.  Coincedence?  I DON'T THINK SO!

    *dons tin-foil hat*

    This is getting out of control Curse you JJ Abrams! Now everyone that watches "Lost" is looking for number patterns everywhere!!

    *steals Ytram's tin-foil hat*



    4 8 15 16 23 42  ----   notice that there is no 7!!
  • (cs)

    Clearly the people need to learn to press 3 and 4 together instead of using 7's.

     

  • (cs) in reply to kipthegreat
    kipthegreat:
    <FONT color=#006600>Clearly someone forgot to put '7' in the valid characters array:

    /** Valid inputs from ATM */</FONT>
    <FONT color=#000099>private </FONT><FONT color=#000099>char </FONT>[] validInputs =
    {
    <FONT color=#990000>'1</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'2</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'3</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'4</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'5</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'6</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'8</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'9</FONT><FONT color=#990000>',</FONT> <FONT color=#990000>'0</FONT><FONT color=#990000>'</FONT><FONT color=#990000>
    </FONT>};

    Visiting this site regularly, I suspect we all are becoming experts at debugging WTF code. A perverse skill, I know. Personally, I'd search immediately for a home-grown string-to-number converter and look for a cut-and-paste error.

    <FONT face="Courier New" size=2>Function Key2Num(Key As String) As Integer</FONT>

    <FONT face="Courier New" size=2>Select Case Key
    Case "1": Key2Num = 1
    Case "2": Key2Num = 2
    Case "3": Key2Num = 3
    Case "4": Key2Num = 4
    Case "5": Key2Num = 5
    Case "6": Key2Num = 6
    Case "7": Key2Num = 1
    Case "8": Key2Num = 8
    Case "9": Key2Num = 9
    Case "0": Key2Num = 0
    End Select</FONT>

    <FONT face="Courier New" size=2>End Function</FONT>

    "Invalid PIN? No way that's code --my PIN worked fine. You must've just forgotten yours."

    --RA

     
  • (cs) in reply to Mike R

    Mike R:
    Heyyyy.. I use 7's in my pin. 4 of them! its easy to remember and near the "enter" button on the ATM I use every day.

    "That sounds like the code an idiot would have on his luggage." [:P]

  • Robert. (unregistered) in reply to Rank Amateur
    Rank Amateur:


    Visiting this site regularly, I suspect we all are becoming experts at debugging WTF code. A perverse skill, I know. Personally, I'd search immediately for a home-grown string-to-number converter and look for a cut-and-paste error.

    <font face="Courier New" size="2">Function Key2Num(Key As String) As Integer</font>

    <font face="Courier New" size="2">Select Case Key
    Case "1": Key2Num = 1
    Case "2": Key2Num = 2
    Case "3": Key2Num = 3
    Case "4": Key2Num = 4
    Case "5": Key2Num = 5
    Case "6": Key2Num = 6
    Case "7": Key2Num = 1
    Case "8": Key2Num = 8
    Case "9": Key2Num = 9
    Case "0": Key2Num = 0
    End Select</font>

    <font face="Courier New" size="2">End Function</font>

    "Invalid PIN? No way that's code --my PIN worked fine. You must've just forgotten yours."

    --RA

     


    Close, but not quiet. You're making use of a case statement we all know it would be a nested if-end if  that's surround by atleast 4 loops that walk through a 20 character array string.
  • frosty (unregistered) in reply to Otto

    Isn't that supposed to be 1234?

  • boa13 (unregistered)

    I wasn't able to find anything on Google, Google Groups, Google News (U.K., U.S., French editions) about Dexia and various combinations of the words "seven" "digit" "atm" "brussels" "blocks" etc., in both English and French.

    Searching for "Cijfer 7 blokkeert Belgische geldautomaten" brings plenty of hits, but it all boils down to blogs talking about blogs talking about the same very short article.

    A bit surprising, given this is the kind of sillyness people love to spread around.

  • Paul Tomblin (unregistered) in reply to zip
    zip:

    "The problem occurs since one month"

    Does that mean it happens once a month, or it's been happening for a month, or it started a month after installation?



    In French, they say "depuis un moin" to mean "for the last month".  If you translate it word for word, that comes out "since one month".  They'll also say "depuis 1999", which is what you'd expect.  I suspect the language this story was written in (dutch?) was similar.
  • (cs) in reply to Robert.
    Anonymous:
    Rank Amateur:


    Visiting this site regularly, I suspect we all are becoming experts at debugging WTF code. A perverse skill, I know. Personally, I'd search immediately for a home-grown string-to-number converter and look for a cut-and-paste error.

    <font face="Courier New" size="2">Function Key2Num(Key As String) As Integer</font>

    <font face="Courier New" size="2">Select Case Key
    Case "1": Key2Num = 1
    Case "2": Key2Num = 2
    Case "3": Key2Num = 3
    Case "4": Key2Num = 4
    Case "5": Key2Num = 5
    Case "6": Key2Num = 6
    Case "7": Key2Num = 1
    Case "8": Key2Num = 8
    Case "9": Key2Num = 9
    Case "0": Key2Num = 0
    End Select</font>

    <font face="Courier New" size="2">End Function</font>

    "Invalid PIN? No way that's code --my PIN worked fine. You must've just forgotten yours."

    --RA

     


    Close, but not quiet. You're making use of a case statement we all know it would be a nested if-end if  that's surround by atleast 4 loops that walk through a 20 character array string.



    I think a for-switch WTF pattern would be appropriate here:

    <font size="1">/** Valid inputs from ATM */
    private char [10] validInputs;
    for (int i = 0; i < validInputs.length; i++)
    {
      switch (i)
      {
        case 1:
          validInputs[1] = '1';
          break;
        case 2:
          validInputs[2] = '2';
          break;
        case 3:
          validInputs[3] = '3';
          break;
        case 4:
          validInputs[4] = '4';
          break;
        case 5:
          validInputs[5] = '5';
          break;
        case 6:
          validInputs[6] = '6';
          break;
        case 8:
          validInputs[8] = '8';
          break;
        case 9:
          validInputs[9] = '9';
          break;
        case 0:
          validInputs[0] = '0';
          break;
      }
    }</font>

    Note that 7 is left out, so it contains uninitialized data, which just happens to crash the machine.  Or something like that.
  • mozka (unregistered) in reply to Rank Amateur

    i'll give it a try as to how the code might look like


    Function isValidPinNumber(strKeyNumber as String) As Boolean

     Dim validKeyNumber as Boolean
     
     If IsTrue(GetNumber0(strKeyNumber) = 0) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber1(strKeyNumber) = 1) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber2(strKeyNumber) = 2) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber3(strKeyNumber) = 3) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber4(strKeyNumber) = 4) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber5(strKeyNumber) = 5) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber6(strKeyNumber) = 6) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber8(strKeyNumber) = 8) Then
        Return IsTrue(True)
     End If
     
     If IsTrue(GetNumber9(strKeyNumber) = 9) Then
        Return IsTrue(True)
     End If
     
     Throw KeyNumberNotValidException

    End Function

    And of course the GetNumberX function might look like

    Function GetNumber0(strNumber as string) as integer
     If strNumber = "0" Then
      Return 0
     End If

     Throw NumberNotValidException
    End Function

    repeat this last function up until 9

     

  • (cs)

    It's a pretty elementary WTF. The PINs are stored in base-7 notation (aka "almost octal, but no cigar"), so the digit 7 itself is off limits. 8 and 9 are as well, but who uses those big digits in their PINs anyway, right? At any rate, the base-7 to base-10 converter (written in COBOL) has a slight bug that causes a kernel panic when the input is invalid.

    You guys couldn't debug a WTF if it hit you in the face. I am terribly disappointed.

  • Anonymous coward (unregistered)

    What, you expect me to test EVERY possible combination of personal PIN numbers?

  • (cs) in reply to Ytram

    Ytram:
    So the problem has been going on for one month(4 weeks) and is expected to be working again in 3 weeks.  7 weeks total that it won't be working.  Coincedence?  I DON'T THINK SO!

    *dons tin-foil hat*

    <FONT face="Courier New" size=2>bwah ha ha.</FONT>

    <FONT face="Courier New" size=2>hey!  i've got it!  alright, the problem is that if you're going to check in the input pin with the real pin, it's fast and efficient to directly look at the bits.  four bits are needed per digit, for a total of 16 bits.  only three would be needed, since '0' can't be used as a pin (you wouldn't want to speak to an operator, now would you?) - so 000 == 9.  of course, this leaves pesky 8 to have to deal with.  well, we still want this scheme, so let's just make 8 be four zeros (i'll tell you why in a minute), so 0000 == 8.  on average inputs, close to 3 or 4 bits are saved with every transaction.</FONT>

    <FONT face="Courier New" size=2>the problem with 7 == 111 is that it's the only number now that doesn't have a zero.  this causes problems because to distinguish what a number is, you have to rely on those zeros to be able to identify 8.  so, for example:</FONT>

    <FONT face="Courier New" size=2>5168 = 101 001 110 0000 [check]</FONT>

    <FONT face="Courier New" size=2>7478 = 111 100 111 0000 [check]</FONT>

    <FONT face="Courier New" size=2>9349 = 000 011 100 000  ... or is it
    878? = 0000 111 0000    ?</FONT>

    <FONT face="Courier New" size=2>a 7 screws up whatever parsing they used.  the atm sits there and waits for the next number.  when the person enters it, there's a buffer over-run and the thing crashes and burns.</FONT>

  • WNivek (unregistered)

    "Ten, nine, eight, six..."
    "You missed out the seven."
    "Did I? I've always had a bit of a blind spot with sevens."

  • Arachnid (unregistered) in reply to Rank Amateur
    Rank Amateur:
    kipthegreat:
    <font color="#006600">Clearly someone forgot to put '7' in the valid characters array:

    /** Valid inputs from ATM */</font>
    <font color="#000099">private </font><font color="#000099">char </font>[] validInputs =
    {
    <font color="#990000">'1</font><font color="#990000">',</font> <font color="#990000">'2</font><font color="#990000">',</font> <font color="#990000">'3</font><font color="#990000">',</font> <font color="#990000">'4</font><font color="#990000">',</font> <font color="#990000">'5</font><font color="#990000">',</font> <font color="#990000">'6</font><font color="#990000">',</font> <font color="#990000">'8</font><font color="#990000">',</font> <font color="#990000">'9</font><font color="#990000">',</font> <font color="#990000">'0</font><font color="#990000">'</font><font color="#990000">
    </font>};

    Visiting this site regularly, I suspect we all are becoming experts at debugging WTF code. A perverse skill, I know. Personally, I'd search immediately for a home-grown string-to-number converter and look for a cut-and-paste error.

    <font face="Courier New" size="2">Function Key2Num(Key As String) As Integer</font>

    <font face="Courier New" size="2">Select Case Key
    Case "1": Key2Num = 1
    Case "2": Key2Num = 2
    Case "3": Key2Num = 3
    Case "4": Key2Num = 4
    Case "5": Key2Num = 5
    Case "6": Key2Num = 6
    Case "7": Key2Num = 1
    Case "8": Key2Num = 8
    Case "9": Key2Num = 9
    Case "0": Key2Num = 0
    End Select</font>

    <font face="Courier New" size="2">End Function</font>

    "Invalid PIN? No way that's code --my PIN worked fine. You must've just forgotten yours."

    --RA

     


    Unless I'm forgetting my VB (It's fortunately been a long long time since I wrote any), that select will fall through, and always return 0.
  • James Schend (unregistered) in reply to WNivek
    Anonymous:
    "Ten, nine, eight, six..."

    "You missed out the seven."

    "Did I? I've always had a bit of a blind spot with sevens."



    HOLLY: It takes time, this.  One slight error in any of my thirteen
    billion calculations and we'll be blasted to smithereens. Here we go,
    then: 10, 9, 8, 6, 5--
    RIMMER: You missed out the seven.
    HOLLY: Did I? I've always had a bit of a blind spot with sevens.
    RIMMER: (Sotto voce) We're going to die.
    HOLLY: No problem. I'll start lower down. 1, blast off.

    One of the great episodes, no doubt.

  • Todd Larason (unregistered)

    Apple published a knowledge base article in 2003 titled 'Open Firmware: Password Not Recognized When It Contains the Letter "U"'.

    Solution

    Don't use a capital letter "U" when setting up an Open Firmware password. Change your password if necessary.

  • cheezy (unregistered) in reply to boa13
    Anonymous:
    I wasn't able to find anything on Google, Google Groups, Google News (U.K., U.S., French editions) about Dexia and various combinations of the words "seven" "digit" "atm" "brussels" "blocks" etc., in both English and French.

    Searching for "Cijfer 7 blokkeert Belgische geldautomaten" brings plenty of hits, but it all boils down to blogs talking about blogs talking about the same very short article.

    A bit surprising, given this is the kind of sillyness people love to spread around.

    The original article in "Het Laatste Nieuws" can be found at http://www.hln.be/hln/cch/det/art_129694.html

  • (cs) in reply to Arachnid
    Anonymous:
    Rank Amateur:

    Visiting this site regularly, I suspect we all are becoming experts at debugging WTF code. A perverse skill, I know. Personally, I'd search immediately for a home-grown string-to-number converter and look for a cut-and-paste error.

    <FONT face="Courier New" size=2>Function Key2Num(Key As String) As Integer</FONT>

    <FONT face="Courier New" size=2>Select Case Key
    Case "1": Key2Num = 1
    Case "2": Key2Num = 2
    Case "3": Key2Num = 3
    Case "4": Key2Num = 4
    Case "5": Key2Num = 5
    Case "6": Key2Num = 6
    Case "7": Key2Num = 1
    Case "8": Key2Num = 8
    Case "9": Key2Num = 9
    Case "0": Key2Num = 0
    End Select</FONT>

    <FONT face="Courier New" size=2>End Function</FONT>



    Unless I'm forgetting my VB (It's fortunately been a long long time since I wrote any), that select will fall through, and always return 0.

    Mm, no, it's not like C*. But you raise a good point. It's not a real WTF without GOTOs after every Key2Num assignment.

    --RA

  • notJohnO (unregistered)

    That's a scary thought above, "it must be a hoax if it's not in google"...  EPIC anyone? or how about theinternetisshit.org ?

  • (cs) in reply to Greg Barton
    Anonymous:
    A Pentium 2 processor must be involved somewhere...
    It  reminds me of Mac System 3.1 Crapware a few years back  (March '86).  I hope their QA is a bit better now?
    If I recall every app. crashed  when you printed or nested folders on your hard drive.  I fixed the few Macs at the secretaries' desks with Suns and a sledge hammer.
    I haven't associated with Macs or their owners since.

    program with an iconprogram with an icon
  • Joe (unregistered) in reply to emptyset

    This would not surprise me at all.  it's like a huffman code gone horribly wrong eh?

  • Jonathan (unregistered) in reply to Joe

    Maybe the person that coded the self-destruct mechanism in spaceballs wrote this as well...in the movie, didnt the count-down skip 7 by "accident"?

  • ComputerGuyCJ (unregistered) in reply to frosty

    If you're referring to SpaceBalls, that code was "1-2-3-4-5". Per Dark Helmet: "So the combination is one, two, three, four, five? That's the stupidest combination I've ever heard in my life! The kind of thing an idiot would have on his luggage!"

    And here's another great quote from SpaceBalls: "Six! What happened to seven?" Interesting thing is that imdb.com claims that both Dark Helmet and President Skroob said the same line. I don't remember that.

  • (cs)

    Maybe the 7 on the keypad had a crossbar... and the optical character recognition embedded in the ATM mistook it for a script capital F...

  • llxx (unregistered)

    If it hadn't happened before and just started happening, maybe a virus has infected their software. Virii are known to do strange things, you know...

    Otherwise the software must've been operating on each digit one at a time. The programmer was debugging each of the 10 nearly identical routines, found an error in one of them so he fixed all of them except for the one with the 7. As he thought all of them were corrected, his minimal testing allowed this obvious bug to remain unnoticed until actual use.

  • Hans (unregistered)

    I feel so safe with my money kept by the bank, with all that well-tested software around, there is no way there could be a security hole somewhere. Could there?

    (deeply worried...)

  • (cs) in reply to WNivek

    Haha, perfect quote for that thread indeed [:D]

  • Leon (unregistered)

    pfftt... its obvious what has happened here.

    switch ( key )
    {
        ...
        case 7 : BeginSkimmingTransfer();
        ...
    }

    ....

    private void BeginSkimmingTransfer()
    {
        TransferAmount transferAmount  = Math.Rand() * 100000;
        TransferToSecretSquirrelFund( transferAmount );
    }

  • (cs) in reply to Leon

    Maybe the guy was an Anti-Theist with a particular aversion to the Christian God so he excluded everything associated with the aforementioned divine entity?

  • (cs) in reply to Jon Limjap

    Actually something similar once happened in a piece of software I wrote. It handled uploading files from JavasScript through an ActiveX control. We tested it (and even used it for about a month on our own Intranet) and nothing went wrong. Until it went to the customer.

    It fell apart. They couldn't upload their files. Finally it became apparent that files starting with the letter 'u' or in folder starting with the letter 'u' caused a failure.

    Can any of you figure out why? It's rather silly.

    Drak

Leave a comment on “The Trouble With Seven”

Log In or post as a guest

Replying to comment #46548:

« Return to Article