Aardvark Daily

Please visit the sponsor!

The Y2.01 bug strikes

It was about this time a decade ago that we were all breating a collective sigh of relief and reflecting on what a bunch of doomsayers we turned out to be.

Promises that civilization as we know it would collapse as a result of cascading computer failures brought about by the roll-over from 99 to 00 as the new millennium dawned were proven groundless.

The sun still rose and, with very, very few exceptions, computers continued to chug away, tirelessly crunching numbers as they had done for decades previous.

However, at the turn of this decade on 1 January 2010 a far more unexpected software bug appeared, completely out of the blue and it left some people red-faced -- either with anger or embarrassment.

The cause of the bug was a little thing known as BCD (binary coded decimal).

Those who program computers for a living or who know a bit about maths already know that it's impossible to exactly represent some fractional base-10 numbers in binary.

We all know that the number 10 (decimal) is 1010 in decimal. In fact it's exactly 1010.

But what's the binary value of 0.1 (decimal)?

Well there is no exact representation in binary so computers tend to store such values using the "closest" binary value they can. Given that even our humble desktop computers often work to 16 digits of accuracy, the effect of a tiny error might seem inconsequential but in some cases it's not.

One such case is the iterative addition of a series of numbers which include decimal fractions.

Add enough numbers up and eventually that tiny error between the true value and the most accurate binary representation the computer can deliver will accumulate to the point where it becomes significant.

And that's where BCD comes in. Here's what many IT experts are speculating caused the problem which affected EFTPOS terminals operated by The Bank of Queensland in Oz.

The BCD system doesn't attempt to represent base-10 numbers in binary form by simply converting them to a binary value -- it converts each digit to a binary equivalent.

So the digits 23 (base 10) are converted to two 4-bit values. The 2 will occupy the top 4-bits of the storage byte and the 3 the lower 4-bits. In hexidecimal that meas the value becomes 0010-0011, (23 in base 16) which is actually 2x16+3 = 35 in base 10.

If you're confused, don't worry -- it's that very confusion that is the cause of the bug which knocked a number of ATMs offline this weekend.

Since the individual digits of any number are themselves whole numbers -- the problem associated with trying to accurately represent a decimal fraction disappears when BCD is used. For this reason, BCD is popular in financial software that has to deal with adding large lists of numbers or performing iterative summed functions.

It seems that the Aussie businesses hit by this bug found the date on their systems suddenly jumped from 2009 to 2016 as the clock ticked past midnight on December 31st.

How did that happen?

Well, the BCD value for 09 is... 09. This means it's the same in BCD as it is in decimal. So, everything was working fine for the past decade.

But, when the clock ticked over to 2010, one piece of software assumed that the year value was stored as a BCD number and incremented it accordingly. Remember that BCD values are treated as two seperate digits stored in one byte so they go 01, 02, 03... 09, 10, 11 etc. Now, when the software incremented the year 09 it left a new BCD value of 10 (00010000) in that byte.

However, the software that reads that byte was obviously assuming that the value was binary and, as a result, that 00010000 was interpreted as a pure binary rather than as a BCD "10". Hence, the intended value of 10 was read as 16 and 2010 became 2016.

Clearly, the programmers never tested this piece of code beyond 2009 or they'd have caught the mix-up.

I wonder if this piece of code was a sloppy fix-up performed a decade ago in an attempt to avoid the Y2K bug in the first place?

So there you go -- the Y2K bug has finally arrived, just 10 years late and still a little underwhelming in both its scope and severity.

Please visit the sponsor!

Have your say on this...

PERMALINK to this column

Oh, and don't forget today's sci/tech news headlines

Rank This Aardvark Page

Change Font