←back to thread

630 points xbryanx | 1 comments | | HN request time: 0.326s | source
Show context
mike_hearn ◴[] No.44531351[source]
To the NY Times: please don't say they died by suicide. The passive voice makes it sound like some act of God, something regrettable but unavoidable that just somehow happened. It's important not to sugarcoat what happened: the postmasters killed themselves because the British state was imprisoning them for crimes they didn't commit, based on evidence from a buggy financial accounting system. Don't blur the details of what happened by making it sound like a natural disaster.

Horizon is the case that should replace Therac-25 as a study in what can go wrong if software developers screw up. Therac-25 injured/killed six people, Horizon has ruined hundreds of lives and ended dozens. And the horrifying thing is, Horizon wasn't something anyone would have previously identified as safety-critical software. It was just an ordinary point-of-sale and accounting system. The suicides weren't directly caused by the software, but from an out of control justice and social system in which people blindly believed in public institutions that were actually engaged in a massive deep state cover-up.

It is reasonable to blame the suicides on the legal and political system that allowed the Post Office to act in that way, and which put such low quality people in charge. Perhaps also on the software engineer who testified repeatedly under oath that the system worked fine, even as the bug tracker filled up with cases where it didn't. But this is HN, so from a software engineering perspective what can be learned?

Some glitches were of their time and wouldn't occur these days, e.g. malfunctions in resistive touch screens that caused random clicks on POS screens to occur overnight. But most were bugs due to loss of transactionality or lack of proper auditing controls. Think message replays lacking proper idempotency, things like that. Transactions were logged that never really occurred, and when the cash was counted some appeared to be missing, so the Post Office accused the postmasters of stealing from the business. They hadn't done so, but this took place over decades, and decades ago people had more faith in institutions than they do now. And these post offices were often in small villages where the post office was the center of the community, so the false allegations against postmasters were devastating to their social and business lives.

Put simply - check your transactions! And make sure developers can't rewrite databases in prod.

replies(19): >>44531419 #>>44531429 #>>44531441 #>>44531521 #>>44531528 #>>44531663 #>>44531829 #>>44531922 #>>44531950 #>>44531986 #>>44531999 #>>44532057 #>>44532232 #>>44532622 #>>44532757 #>>44532759 #>>44533432 #>>44535081 #>>44538524 #
mannykannot ◴[] No.44531663[source]
While there is no real doubt that most, if not all, of these suicides were a direct consequence of the appalling way this monumental failure and its investigation was handled, reporting the news responsibly has become a minefield in which any deviation from what is strictly known is liable to be exploited by those who do not want their role in events to become public.

As you want to call a spade a spade, can we agree that the software engineer who testified repeatedly under oath that the system worked fine, even as the bug tracker filled up with cases where it didn't, is undoubtedly among those who are morally (if not legally) culpable to a considerable extent?

replies(4): >>44531822 #>>44532000 #>>44532293 #>>44532514 #
noisy_boy ◴[] No.44531822[source]
> Perhaps also on the software engineer who testified repeatedly under oath that the system worked fine, even as the bug tracker filled up with cases where it didn't

I don't think you needed to ask for agreement.

replies(1): >>44532526 #
1. mannykannot ◴[] No.44532526[source]
Partly on account of the "perhaps" in the original, and partly because I have seen (elsewhere) "just doing his job" defenses.

In corner cases, culpability for uncertain expertise can be a tricky issue - you may recall the case of the Italian geologists, a few years back, indicted for minimizing the risk of an earthquake shortly before one occurred - but the case here seems pretty clear-cut (again, I'm speaking morally, not legally.)