By Rajesh Mathur
I attended the International Conference on IT Management and Engineering Practices (ITMEP2013) in January. Before me there was another speaker who insisted that testing is expensive. When I spoke, I had to say that testing is not expensive, not doing it is expensive. People laughed. As the laughter died down the questions erupted. Suddenly this became an interactive discussion as I found online examples of bugs that cost companies millions.
I also used those ‘globally known bugs’ in meetings at my workplace when a few colleagues were unable to understand why we were spending precious time in testing and asking questions like, “Why can’t developers perform tests during that period to save time & effort?” I have shared those bugs below for they are excellent examples for testers as well as anyone who thinks bugs are just bugs. These bugs are a good way of self-learning and educating others too.
Below is the list of few funny and not-so-funny bugs that I found on Internet. I have added credits wherever the source was known to me.
1. Love trading? Read this: This was a story on Bloomberg about BATS Exchange. Bats said its computers allowed trades that violated rules intended to ensure all investors get the best prices for equities over a period of four years. Read the complete story at http://www.bloomberg.com/news/
2. Knight Capital fiasco: Last year, Knight Capital lost $440 million in 30 minutes due to a defect in the trading algorithm. The shock, and sell-off that followed, caused Knight Capital’s stock to lose 75 percent of its value in two business days. The loss of liquidity was so great that Knight Capital needed to take on an additional $400 million line of credit, which, according to the Wall Street Journal, effectively shifted control of the company from the management group to its new creditors. Read the complete story at http://www.reuters.com/
3. The leap second bug: June last year, machines running the Amadeus Altea system were brought down soon after an extra second was added to Coordinated Universal Time (UTC) at midnight on Saturday, 30 June. Many airlines had to check-in passengers manually. The ‘Leap second bug’ also affected servers run by Mozilla, StumbleUpon, Yelp, FourSquare, Reddit and LinkedIn. A short search on google will reveal a lot, http://bit.ly/YZDBUc. I also wrote a post about it at http://dogmatictesting.
4. We should have done some database testing: Georgia’s largest health insurance company, with millions of members, sends 202,000 printed letters containing patient information and Social Security numbers to the wrong patients due to a mismatch of contact information in customer database. They designed a system that would send patients information about how each visit was covered by their insurance. The EOB (explanation of benefits) letters would provide sensitive patient information, including payment and coverage details, name of the doctor or medical facility visited and the patient’s insurance ID number. Someone must be wondering why database testing was that important.
5. In God we trust…but we shouldn’t have trusted the SQL queries: A poorly programmed Web page designed to provide access to the Sexual and Violent Offender Registry, Web visitors were able to gain complete access to the entire Department of Corrections database. Among the data stored in the database were names, addresses, Social Security numbers, medical histories, and e-mail addresses. Database queries in URLs permit anyone with passing knowledge of SQL to pull down full personal information of anyone affiliated with the department. You hate your neighbour? And you know SQL? Add them to the sexual offender list. The two examples above are part of an article at http://www.itworld.com/
You will find many more interesting stories about bugs if you start looking around you. What is really important is to learn from them and try not to make the similar mistakes, again!