10 worst programming mistakes in human history

If bugs in the software cause the computer to freeze, then this is nonsense. It is much worse if, due to bugs in the software, cars break down, missiles explode and people die.

The very first computer bug in history was discovered in 1945, when engineers found a moth in a Harvard Mark II computer case. This moth shorted contacts - and the computer crashed. The engineers made an entry in the event log "The first case of a bug" (in English "bug" means "insect"). Since then, computer failures have been called bugs.

As digital devices proliferate, bugs are penetrating deeper into our lives. They surround us everywhere - on mobile phones, in household appliances, in cars. Fortunately, bugs usually do not cause any harm, except moral. But it also happens in another way, when a bug causes huge financial losses and even takes human lives. Wired magazine devoted an entire issue to this issue and published a list of the 10 worst bugs in human history, in chronological order.

On July 28, 1962, the Mariner I spacecraft launched towards Venus. Due to the breakdown of the antenna, the ship lost contact with the terrestrial control services and switched to its own piloting system. But this system contained an annoying little bug. As a result, the device flew in the wrong direction and had to be blown up over the Atlantic Ocean. Subsequent investigation revealed that a small typo was made while programming the navigation system - one character was missing when entering one of the formulas.

1982 Accident on the Trans-Siberian pipeline. CIA operatives injected a bug (PDF report) into the Canadian software that controlled the gas pipelines. Soviet intelligence received this software as an object of industrial espionage and implemented it on the Trans-Siberian pipeline. The result was the largest non-nuclear explosion in human history.

1985–87 Several people received lethal doses of radiation during radiation therapy sessions with the Therac-25 medical accelerator. Based on the previous version of the accelerator, the "improved" Therac-25 could generate two types of radiation: weak electron beta radiation and normal X-rays. Another "improvement" consisted in the fact that instead of electromechanical protection of the patient, software protection was implemented in the device, supposedly more reliable. Both new features were incorrectly implemented by an inexperienced programmer, resulting in at least five deaths and a huge number of non-fatal overexposures.

1988 Berkeley Unix buffer overflow. The world's first computer worm (the so-called Morris worm) infected 2, 000 to 6, 000 computers in less than a day, exploiting a vulnerability in the implementation of the gets () function. On Berkeley Unix OS, this I / O function did not have a maximum length limit.

1988–96 The Kerberos random number generator has been widely used in various encryption systems for several years. The program was supposed to choose a key at random from many billions of numbers, but the random number generator chose from a much smaller set of about a million. As a result, within eight years, any user could easily break into a computer system that used the Kerberos module.

January 15, 1990 AT&T telephone network crashes. A bug in the new firmware version of long distance switches caused the switch to reboot if it received a specific signal from a neighboring switch. But the trouble is that this signal was generated at the moment when the switch was restoring its work after a failure. One day, when some switchboard in New York rebooted, it gave that same ill-fated signal - and it began. Soon, 114 neighboring switches were continuously rebooting every 6 seconds, and 60, 000 people were left without long distance communications for 9 hours until engineers installed the previous firmware version on the switches.

1993 The highly publicized Intel Pentium processor incorrectly did floating point division with a 0.006% error. Although this problem has really affected a few users, it has become a real nightmare for Intel's image. At first, the firm agreed to change the processor only for those users who could prove that they needed such accuracy in their calculations, but then agreed to change the processor for everyone. This bug cost Intel about $ 475 million.

1995–96 Ping of death. The lack of error checking when processing IP packets made it possible to destroy almost any operating system by sending a special packet ("ping") to it via the Internet.

June 4, 1996 The new Ariane 5 launch vehicle, the result of many years of work by European scientists, the pride of the EU countries, exploded 40 seconds after its first launch. The scientific equipment aboard the rocket alone cost about $ 500 million, not to mention the many side financial consequences. The missile auto-detonation system triggered after stopping both processors as a result of an error chain. This chain started with a buffer overflow because the navigation system supplied an unacceptably high value for the horizontal speed parameter. The fact is that the Ariane 5 control system was reworked from Ariane 4, and there could not be such a great value theoretically. In order to reduce the load on the working computer, the engineers removed the protection against buffer overflow errors in this software module, since they were sure that such a value of the horizontal speed could not exist in principle - and they miscalculated.

November 2000 National Cancer Institute, Panama. A series of incidents occurred here, caused by the fact that the radiation therapy planning software from the American company Multidata Systems International did not correctly calculate the radiation doses for patients. The program allowed the doctor to draw on a computer screen the location of protective metal shields that protect the body from radiation. But the program only allowed four shields to be manipulated, while the doctors wanted to use five. They found a way to trick the program by drawing all five shields as a single block with a hole in the middle. The only thing they didn't know was that the program calculates different doses of radiation depending on how the hole is drawn. If you draw it in a special way, then the device gave out a double dose of radiation. At least eight people died and another 20 were overexposed. Doctors who had to manually recheck the program's calculations were convicted of murder.

All of these examples, and especially the last one, once again show that you can never fully trust computers. After all, programs for computers are created by people, and people tend to make mistakes.