When Bad Software Can Kill 354
bhoman writes "A wrist computer that tracks and calculates safe diving times and
limits for SCUBA divers had a dangerous software bug that may have been covered
up by company executives.
This SF Chronicle Article
details the problem, product, company, and some of the lawsuits.
According to the Chron article, company execs tried to cover up and
deny the problem for years, but their
official website
makes it look like they did a voluntary recall."
I wear an insulin pump (Score:5, Interesting)
Probability of punishment? (Score:5, Insightful)
Anyway, it wouldn't have been bad PR to admit a mistake, hell it's only human to make mistakes, even when something is as serious as this. The problem shouldn't have been there at all, but it was caught before anyone was hurt, so they should have just apologised and fixed it. Cover-ups make me sick.
MOD PARENT DOWN! (Score:5, Funny)
Re:MOD PARENT DOWN! (Score:5, Insightful)
We don't want government getting too involved with businesses, but we want them to kick them in the ass hard when they do something that not only can hurt/maim/kill someone, but also creates an adverse environment for corporations who DO act responsbibly.
In the end, you are correct: both left and right do not want companies to get away with 'hiding' a recall that could potentially hurt someone. That is not politics, its common sense. If they DID hide this recall or information about flaws in the product, they need to be taken out to the proverbial woodshed, even if it puts them out of business.
Re:MOD PARENT DOWN! (Score:2)
Unfortunately, your version of 'the right' is not the operative one. The businessman we see today would kill their own grandmothers to increase the value of their stock options. And the politicians they put in place want nothing more than to let them do it. Look at those scumbags Harvey Pitt and Michael Powell - thy can't move fast enough to sell us down the river.
Re:MOD PARENT DOWN! (Score:2, Interesting)
Re:Probability of punishment? (Score:5, Interesting)
Some of the most serious problems with defective products in recent history have occured when government was entirely in control. In some cases they screw up because, like business executives, they want to cut costs (providing HIV/AIDS infected blood for example [cnn.com]). Sometimes they wind up killing people because they are too cautious. Scandals usually occur when actions kill people, not so much when inaction kills people (delays in FDA approval for new treatments cost thousands of lives [cato.org]).
If you think this is a problem with Capitalism then you should take a look at the sorts of things that went on in Communist countries like the USSR [chernobyl.co.uk] and still go on in places like Communist China [cnn.com].
Cover-ups make me sick.
I think that the only effective remedy for this sort of problem is greater transparency in both business and government. These kinds of problems thend to occur when the people involved think that they can get away with a cover-up.
Re:Probability of punishment? (Score:3, Informative)
Is th
Re:I wear an insulin pump (Score:5, Insightful)
Re:I wear an insulin pump (Score:2)
The FDA should inspect my caribeaner? My car? My oven? Every electric appliance in my house requiring more than enough electricity to kill me?
Re:I wear an insulin pump (Score:2)
Re:I wear an insulin pump (Score:3, Informative)
It's a common misperception that the FDA inspects medical devices - in most cases, they do not. They merely inspect the paperwork that you provide them to prove that you did the device inspections yourself.
It's actually a relatively rare occurance that the FDA performs an onsight inspection.
-jerdenn
Re:I wear an insulin pump (Score:4, Insightful)
It's not like you aren't supposed to fly on a plane within 24 hours of diving, or anything.
It's not like every diver knows that the dive computers and dive tables are approximations, and that they can vary drastically for a number of reasons.
Pushing the absolute limits of what your computer says you are allowed is dumb.
I'm not saying the company is not responsible to a degree... they absolutely had an obligation to make their gear as safe as possible, and not informing the diving world that their gear had a flaw was totally unacceptable.
There is a large element of recklessness involved in this situation.
Computer and dive tables (Score:4, Interesting)
I routinely do dive profiles that my dive tables say I should get bent on. My computer knows better, because it knows the actual depth profile I dive, and not just the max depth and total dive time.
Almost any dive profile on a wall will do this. You start deep, and drift slowly more shallow as you go, and you can do a nice hour-long dive with a max depth of about 80ft, and an average noticably shallower than that.
Yes, you can do this with a multi-level dive table, with a wheel or similar. I've done that. You know how much trouble that is? And how difficult it is to know, for a sloping wall dive, exactly how long you'll spend at any particular depth looking at coral? Yes, plan your dive, and dive your plan. But realize that you aren't a robot, and don't dive like one.
Multilevel dive planning is for deco diving where your computer can't handle it, and, incidentally, you *have* to know deco times ahead of time so you can hang stage bottles at the right depth.
But that dive profile above, for a normal set of dive tables, diving with a computer, will almost always end with your tables telling you that you went into deco. Because all it uses is max depth and total bottom time.
Yeah, and the tables are approximations, too. Actually, they are statistical representations, and state that 98% of divers that stay within these guidelines will not get DCS, with some confidence bound. Yes, diving tables, you can still be that unlucky 2% that does everything right and gets bent anyway. Sometimes it's just not your day.
No. You do research, you find out what algorithm your computer uses, how conservative or liberal it is, how it was modified from standard industry-published algorithms, and you pick a computer that works the way you want it to. And then you dive within the bounds the computer sets, so long as those bounds pass your internal bullshit detector. (You *do* have an internal bullshit detector, right?) But diving close to those bounds is not "dumb" it is simply using your equipment to the limits you are comfortable with.
Can't disagree with that at all. Finishing a dive at 10pm and flying at 6:30am the next morning is not safe.
Re:Computer and dive tables (Score:4, Insightful)
Being comfortable and being dumb are two very different things. Pushing the absolute limit set by your dive computer IS DUMB, and if you are comforatable with that then it is VERY dumb. You give the reasons not to push the limits yourself. 1)Every person is different, 2)the dive tables that the PC programming is based upon is an approximation, 3)as is the programming itself.
You have a pretty fine-tuned bullshit detector if you can tell the difference safe and not safe when pushing the limits of a dive computer. One problem with this particular computer was that it gave the right results MOST of the time, but in certain situations it gave very wrong results (short, frequent dives). No one's bullshit meter would have detected the problem with these dive computers that gave reasonable results 99% of the time and then totally screwed you the other 1%. Neither is there any way you could have "researched" the algorithms in this particular computer to determine its accuracy because the error came from a hidden programmning error. So I think we return to the original idea - pushing the limits of any dive computer is very dumb.
The bigger issue here for /.ers is that because of its digital readout too much importance was probably given to the dive computer's implied precision. I'm sure it said it something like it was safe to fly after 6 hours and 18 minutes. Digital readouts imply greater accuracy than is often actually present, whether it is regarding a safe number of minutes to fly displayed on a dive computer or milliseconds until your cake is ready on the microwave. Placing one's life on th eline using this implied but non-existent accuracy is very dumb. All that apparent accuracy is totally useless given your original parameters were wild-ass guesses and approximations to begin with.
Re:I wear an insulin pump (Score:5, Informative)
As a certified diver (of about a year and a half), I know that they specifically say that you should never go flying less than 12 hours before you take a plane ride (even a small cesna), and, if you do multiple dives you should wait at least 24 hours.
This is not to say that the company was not at fault on this one, but, the divers themselves said that they finished the one dive at 10pm for a flight at 6:30am. I know that the absolute minimum is 4 hours (I did a flying after diving study with DAN), but, this is the limit of the dive tables and should NEVER be approached. All of the major certifying organizations will tell you this.
-CPM
Tables, Computers, and Estimation (Score:2, Informative)
Dive computers allow the use of less conservative "tables" by applying the algorithms to sensor data. By applying actual depth/time/gas data to the algorithmic tables a diver can dive more agr
Man... (Score:5, Insightful)
Fortunately, there are still (I hope) some companies out there that are honest and worry about the safety of their users, particularly in life-critical applications.
What a slimy guy though, to prevent any notice of the fault from getting out, and firing managers for trying to get the word out! Man. Makes me angry. *Fumes*
Re:Man... (Score:5, Insightful)
From whom would you buy your critical applications software (and hardware)? What if the guy down the street starts building them in his garage? Would you trust him? Would you trust your life with him?
Let's say he's very responsive to customer issues. Whenever there's a serious incident, he tracks down the bug in the software, issues a patch, and moves on. Unfortunately, there are a lot of bugs, and a lot of deaths, because he couldn't do proper QA by himself in his garage...
Well, you say, let him hire some QA people. Maybe a few marketing guys--he has to make a living, after all. Perhaps an engineer or two. Pretty soon, it starts to sound like he's running a *gasp* corporation.
You're right--directors and executives of companies that suppress reports of safety concerns should be drawn and quartered. To suggest that all corporations are reckless, deceptive, and grossly irresponsible is unfair.
Then there are some damned-if-you-do, damned-if-you-don't cases. I'm familiar with the Therac-25 accidents [vt.edu] in the mid-1980s, but I'm not going to ask the pharmacy for cobalt-60 so I can do home radiotherapy. I have to accept that there is a probability that somewhere, someone screwed up--and my life might be at risk because of it, and there is little (if anything) I can do about it.
By extension: Ford Pinto (Score:4, Insightful)
So you're saying you're not going to ever drive a car [uoguelph.ca] again?
Computer applications aren't the only life-critical products we depend on. You put your life in the hands of corporations every minute of the day. How are you going to make sure your house is structurally sound? Buy open-source lumber and build it yourself? Are you going to keep eating food which has been prepared by corporations?
But as you, the Pinto history and others [imdb.com] point out, corporations will only care about the lives of their consumers to the point at which it becomes economically favorable to do so. If it's cheaper to settle 10 probable death cases than issue a recall for the faulty product, they settle. The value of human life doesn't factor in. Today's cars only sell themselves on safety because it has become economical to do so, i.e., consumers value safety and demand it from their products.
This is why we need government oversight. I'll tell you what makes me want to put my head in the sand: how we are not funding the oversight agencies [cspinet.org] enough to do their job. We just passed two tremendous tax cuts in three years; I don't know where the cuts are going, but I feel like people take safe food and transportation for granted around here. I hope at least the sand is clean.
Diving Computers (Score:5, Interesting)
This is attractive to people who do decompression diving, because it means that they don't have to hang out shivering at 5-10m with nothing to see as long at the end of the dive.
Suunto takes a different approach, has a more conservative model, and makes it easier to force your computer to be more conservative still. Most divers don't use that function, because it is contrary to their desire to have maximum bottom time.
Proper diving procedures recommend using two different computers, and always relying on the more conservative unit for your decompression limits. (Assuming that you are doing a computer-only dive and not a table dive.) When your life is at stake, you have to assume that equipment has problems, and act accordingly.
Re:Diving Computers (Score:5, Informative)
Checks and balances. I use the computer to make sure I'm doing the manual calclations correctly, and the manual calculations to keep the computer honest.
Then again, I'm strictly a recreational diver. Pros and semi-pros are a completely different story.
Re:Diving Computers (Score:2)
Re:Diving Computers (Score:5, Interesting)
You have to remember that it doesn't matter why you're diving - sport, recreation, pro sport, commercial/industrial - it's all happening in a hazardous environment which the human body has no defences against.
What the dive tables[1] represent is a boundary to which most humans can push their bodies and not suffer a critical failure(embolism/bends/nitrogen narcosis[2]). Past that boundary, bad things happen. Some people don't reach that boundary before they happen. An identical stress applied to two people may not affect one person, but kill the other.
[1] Originally created by trial and error(diving and bending) by the US Navy, then becoming more accurate and conservative over time.
[2] NN is akin to getting high - and getting high is *NOT* a good idea when you're at 20m and breathing through a regulator! People who offer their regulators to passing fish, or loose track of time/depth die.
Narcosis, no` (Score:2, Informative)
When you learn to dive, you usualy do a deep dive to a) show you what depth you start to experience narcosis and b) learn what it feels like, so you can recognize it when you are diving.
Re:Diving Computers (Score:3, Informative)
Thus, hobbyists and amateurs use methods very similar to those of the "pros"; both need to ensure the utmost level of safety. Most of the time that caution isn
Re:Diving Computers (Score:2, Interesting)
The wheel isn't actually any more accurate than tables, it's just showing the same calculations in a different way.
And PADI does not recommend that you do not use computers.
And if you want to feel safe because you are using tables, use the US Navy Tables, and limit your ascent speed to 9 to 12 metres / minute, and you
Dive computer is a backup for me too (Score:3, Informative)
It sounds to me like the market for these computers was agressive divers...people who were trying to push the limits of safe dive times.
Comment removed (Score:5, Interesting)
Re:Diving Computers (Score:2)
Actually, for recreational, non-decompression diving(which represents the vast majority of recreational diving- technical diving is a whole other beast), PADI tells you to use the tables they give you on a waterproof card. You're supposed to plan your dive AHEAD OF TIME using the tables, and stick to the plan. You're not supposed to just grab a dive computer an
This is not lethal but ... (Score:5, Interesting)
Fortunately, his LASIK succeeded. Later on however, he went back to the hospital and asked about the operator's behaviour : the response was "well, we were worried at first, but that error message comes back every five minutes and the machine always works anyway".
Scary
Re:This is not lethal but ... (Score:5, Interesting)
* What software do you use?
* How do I get a safety report on this software for as long as it's been used?
* How many revisions/updates has it had in the past year?
* What's the underlying hardware and OS platform it runs on?
* What kind of training do the operators of this software have to go through.
If I get ANY BLANK stares or anything less than definitive answers, I'll be going somewhere else. If it's the difference between a place that charges $500 an eye and one that charges $1000 an eye, so be it.
Re:This is not lethal but ... (Score:4, Informative)
Of particular interest are the stories concerning doctors who have overridden software safeguards and have continued the procedure, resulting in broken blades in the eyes and some other not-so-pleasant outcomes. Not strictly in the "bugs killling people" dept., but it does make you think whether you trust your eyes to a software developer.
Re:This is not lethal but ... (Score:2, Informative)
I've read several articles when journalist X went to the mall on the corner and had both his eyes done in a snap! Any everything was all smiles and thumbs up.
The normal procedure on this side of the pond is that after a thorough evaluation you get one eye done. After two followups to check that you everything went well and the eye is healing OK you zap the other eye.
Or as we say: Don't look into laser with your r
Re:This is not lethal but ... (Score:2, Interesting)
Healthcare Software (Score:5, Interesting)
Same here. (Score:2)
Unfortunately my boss just want's it out the door! Lol, I guess when he's out of a job (me included), I can look back and say I told you so! (Not a good concilation prize by any stretch.)
Exposure. (Score:5, Informative)
Ethics Lectures (Score:5, Insightful)
Re:Ethics Lectures (Score:2)
Do you really think that ethics can be taught in a lecture?
Re:Ethics Lectures (Score:2)
Of course not, but it does help to show people that in reality, their mistakes can mean alot more than a few points deducted from a project.
Think about what you are saying for a second. These guys are professional programmers, probably trained as engineers (after all these dive computers are hardware) but maybe not. They are working on software literally designed to save people's lives. And you think that they didn't know that "their mistakes can mean alot more than a few points deducted from a project
Re:Ethics Lectures (Score:2)
Why just the engineers? (Score:2)
The simple truth is that management will decide what type of product is shipped. Great engineers with shitty management still equals trouble,
Re:Ethics Lectures (Score:2)
No, it isn't. I know what school I'm going to (it's the same as yours), and CMPUT 300 is not a requirement for a CS degree. It is only a requirement of the Specialization - Software Quality option. It is optional for all other programs, include Honours Comp. Sci.
It's only a matter of time... (Score:5, Insightful)
The sad part is that for an error like this, multiple people will have to die or risk death before anyone will clue into what the error could be.
Missing Dive Equipment: A HyperIntelligent Dolphin (Score:5, Funny)
Flipper: Ennnhhhhhh! Ennnhhhhhh! (backs up)
Diver: What's that Flipper? There's a software bug in my wrist diving computer that could lead to my grisly death?
Flipper: Ennnhhhhhh! Ennnhhhhhh! (backs up)
Diver: Well thank God you told me! Otherwise I never would have known!
Flipper: Ennnhhhhhh! Ennnhhhhhh! (back up)
Diver: What? There's a Russian sub off the coast?
In short, never go diving without your near-omniscient dolphin.
Re:Missing Dive Equipment: A HyperIntelligent Dolp (Score:2)
Diving and Corporate Responsibility (Score:4, Insightful)
Corporations, by their very nature, don't care about their customers. All they care about is profits. Granted, some people within coporations may care about customers, but they have to follow the corporate rules.
Leeman and Ruchti (the founders of the company) ought to be thrown in jail for a long time and the company liquidated. All proceeds should be given to those harmed by their actions. I don't care that the current owners "didn't know" about the problems. It should serve as an incentive for future people/corporations that you will be held responsible for what your company does.
Mandatory Open Source for life endangering apps (Score:5, Insightful)
Re:Mandatory Open Source for life endangering apps (Score:2)
Well I think that when the managers first raised the issue that there was a problem with the device it could have been checked and verified by a neutral party. Instead the company just said they were making up stories to drag the company down after they were fired...
If the problem could have been proven to exist then the company may have been forced to recall the p
Re:Mandatory Open Source for life endangering apps (Score:2)
When a lawsuit comes up, I file for the escrowed copy to be given to my lawyer under an NDA where upon they can have it examined by experts in the field of computer science and diving. The first person who figured out that the software might have had a bug, might have figured all this out.
That's a more viable solution
Safety engineering is holistic (Score:2)
Blowing it all out of proportion! (Score:5, Insightful)
Re:Blowing it all out of proportion! (Score:2)
I havent dived in 13 years, and when I was last active Dive computers were just coming into vogue for the well heeled diver. But it was drummed into us over and over again that computers can fail or give inaccurate results. So always plan using a table and stick to it.
A computer might be a nice accesory, but if your life can count on precision, double check everything with a table!
Re:Blowing it all out of proportion! (Score:3, Informative)
When you reach a certain level of saturation, the computer has calculated that if you take any more nitrogen in, you will not be able to outgas it safely in time, if you ascend at a normal speed, hence giving you a decompression stop.
The few computers that do use air consumption in their calculations, only u
extremely wrong (Score:4, Insightful)
The dive computer uses algorithms to calculate the amount of nitrogen going into and out of the tissue compartments. Different pressures affect the rate you on and off gas. If you drop to 100 feet, you are absorbing gas quickly. If you then ascend to 80 feet, you will off-gas some of the absorbed nitrogen at one rate and yet still on-gas nitrogen at a different rate. Ascend again and the same thing occurs, off gas some of the previous nitrogen and still on gas nitrogen at another rate. This is called 'multi-level' diving. Tables assume you are at the deepest depth for the whole dive. If you were to do a square profile (descend, stay at one depth, and then do a straight ascent) then a dive computer has a lesser no-decompression limit than the table would. What you have confused is a dive computer that is air integrated. that may, as a feature, have a different display that calculates your given air consumption and figures out how long you may stay at depth before reaching a reserve point (generally 500 psi). That is simple algebra, but decompression algorithms are a lot more complicated.
I should know, I teach this several times a month as a current and experienced dive instructor (check my profile) and use this information weekly on my technical dives to wrecks where we (my dive group) consider anything above 200 feet to be shallow. I have been on most of the sites that the article mentioned in passing (Florida caves [look at my web site]), the Andrea Doria, U-boats, etc.
Dive computers may be used to help avoid decompression, but not for decompression diving. I generate my own tables for any technical dive. Most people commenting here so far seem just to be newbie divers themselves. It is like someone that just finished a VB class starts spouting off about C++.
Most divers don't know how to properly ascend and decompress as it is. for the laymen, think of it like a soda bottle that is slightly agitated with dissolved gases (CO2). You would slowly open the bottle until there is a slight release in pressure and then close it; allows gasses to equalize, and then open, stop, repeat. You are allowing the gas to escape slowly enough that bubbles do not form. In the case of diving and human bodies, it is to prevent nitrogen from forming bubbles. Most divers just do direct ascents too quickly or a quickly stop at 15 feet before hitting the surface. The best way to ascend is to do a full stop (assuming a deep dive) at 40 feet for 15-20 seconds, stop at 30 feet for 30-60 seconds, stop at 20 60 seconds, and a stop at 10 for 120-180 seconds. this allows the nitrogen time to slowly come out at a slow rate; i.e. like opening the coke bottle slowly so it doesn't spill over.
If you decompress properly, then flying isn't a big deal. The general problem with flying after diving is the reduced pressure. You are going at a reduced pressure (most commercial craft will pressurize to no more than 8000 feet) so the nitrogen currently in the body comes out more quickly.
ABS Breaking Systems (Score:3, Insightful)
Even if you drive an old vehicle that doesn't have these things, the guy next to you, or behind, in that huge SUV you probably does.
Airplanes too, its bad for one to fall out of the sky due to bad code...
Re:ABS Breaking Systems (Score:4, Interesting)
Luckily, the first time this happened I was slowing from about 25mph to turn into a parking lot, with no other traffic around-- otherwise things might have been more, shall we say, interesting.
I was stunned when the service people told me that the failure of the ABS could take out the brakes entirely. One can just imagine the kind of lawsuit that could have been unleashed, had my brakes gone out at a truly inopportune time-- like if a little kid ran out in front of my car, or I were unable to stop at an intersection and ended up getting t-boned by a speeding 18-wheeler as a result.
~Philly
If at all possible don't rely on software... (Score:3, Informative)
I imagine they teach all CS undergraduates about the THERAC-25 [uoguelph.ca], and how simple safety measures like hardware interlocks are much, much more reliable than software...
In this case, couldn't you check dive times against a book or something to make sure you're not completely off the mark?... what about something to measure nitrogen levels? Anything so you're not relying purely on software... (or, as someone has already suggested, you could use two completely different pieces of software).
Looks like the "padi dive tables" are your friend (Score:5, Informative)
"For flying up to 8,000 feet after diving: Less then one hour TBT (Total bottom time) , wait 4 hours; less then 4 hours TBT, wait 12 hours." *PADI tive tables (C) 1983
[where TBT = RNT Residual nitrogen time) + Actual Bottom time ]
I dont have my padi manual onhand to estimate how long the folks were down as my table doesn't cover flight, only covers up to 24hours reccomended desaturation time, and doesn't cover this Nitrox stuff.
http://www.stud.ntnu.no/~playboy/diving/diving.
My old PADI book wouldn't cover Nitrox either, so if I were to use it, I would have no choice but to accept their information as fact, or buy new tables.
Re:Looks like the "padi dive tables" are your frie (Score:2, Informative)
For anyone who doesn't know-- taking the deeper dive second tends to help you get the bends faster (it is similar to the reasons you always start off the night drinking the drink with the highest alcohol content).
There is also some recommendation about not doing more than 3 dives in one day without at least a 1 hour surface interval.
I have been using a Suuanto Stinge
My favourite story about dangerous bugs... (Score:5, Interesting)
Six or seven years ago, I worked with a fellow with the very British
name of Ken Appleby. He had a Spitfire, I had my '74 B, and we used
to motor out to Pickwick's Pub and throw darts after work on occasion.
Ken used to work for Lucas in the UK, specifically for a division
of Lucas that did military electronics. My favorite of his stories
was about the time he had been working on a computer-controlled
torpedo. It used magnetic core memory to store the programs, which
had the advantage of being very non-volatile as well as not susceptible
to EMP discharge.
So Ken got to ride on the boat for the first test of the torpedo that
used the computer with his program in it. Somewhere out in the North
Sea, on an R. N. cutter, Ken and his crew launched the first ever run
of this new weapon, and Ken learned a new respect for debugging...
The program was supposed to make the torpedo shoot off the boat, dive
to a depth at which it couldn't be easily detected, then circle
toward the target, climb to striking depth, and hit the target. There
were on-board sensors to detect sea level, and the torpedo was supposed
to travel at a preset distance below sea level, with constant feedback
keeping it on track.
Somehow, somewhere, Ken had multiplied one of the 3D coordinates by
a negative number, and this error soon propagated through the
transformation matrix (the mathematical construct that models 3D
space), with predictable results.
Within instants of hitting the water, the torpedo -- instead of
sinking out of visible range -- blasted up and out from the water in
a great silver fountain, then continued skipping across the surface of
the blue like some sort of deranged wingless flying fish. Worse yet,
instead of circling toward the target, it circled all right, but began
to return to the ship that launched it. Fortunately it was not armed,
but they still detonated the self-destruct on it rather than let it
slice through their ship at 50 knots or whatever rate it travelled.
Because of the non-volatile core memory, Ken was able to debug the
program from what the Royal Navy frogmen could recover from it, and
he fixed the problem for Rev 2.0.
But I must admit that the image of the torpedo, splashing happily
above the surface of the water like an aroused porpoise, is one that
returns to me in idle moments such this. What else would a Lucas
torpedo do but try to fly?
Re:My favourite story about dangerous bugs... (Score:3, Interesting)
Re:My favourite story about dangerous bugs... (Score:3, Interesting)
It is to prevent exactly this sort of nonsense that every Microwave I've ever seen the inside of (nice to have the schematic glued inside the case) has either three or four (this more on commercial models) redundant 'interlock' switches that prevent the unit from generating radiation with the door open. The first 2/3 switches are 'normally open' but held closed by the spring that engages the door latch. The last switch i
Re:My favourite story about dangerous bugs... (Score:2)
Scuba dive the right way (Score:5, Interesting)
I had a scuba instructor for my first certification, Di Dieter, who had experience diving with Coustou (hope I spelled that right), he also dove the Andrea Doria on several occasions, and basically has been around. I'm sure he's had thousands of dives, perhaps approching or even exceeding the ten thousand mark, under his belt (close to forty years of diving, multiple daily dives, several hundred dives a year, including a grueling dive schedule with Coustou, and he's a dive instructor). He's a no-nonsense guy with a good dose of common sense, and has little patience with screwups.
He did it right. He taught us to dive the navy dive tables, one up, one over, plus a safety margin. This was when the recreational tables had just come out. My friend and I dove for some years after that, and never had a problem. At that time, dive computers were out for a few years, and all the dive shops, through their "train with really expensive gear so you buy it" training programs had all their students diving with computers throughout their training.
Di Dieter did it right. He trained us with the old fashioned, and RELIABLE mechanical guages, waterproof clocks/watches, and tables on waterproof material. No computers.
While computers can extend dive times because you don't spend all your time at maximum depth, you also increase risk in doing so. Whether you decide to use the dive computers or not, you should ALSO have the mechanical pressure and depth guages, and manually calculate your dives.
Solely relying on a computer for diving is sheer stupidity and absolutely reckless. The minimal increase in bottom time is not worth the risk of an embolism, or the bends, which can be a debilitating condition for the rest of your life, or even fatal.
Do it right. Manually calculate your dive, and rely on your brain, not a computer, to stay safe and not risk your life. Bring that fancy computer with you if you want, but don't trust it over basic guages.
And Di, if you're reading this, this is the dude with the 43 lbs of lead on his weight belt! Hope you're still diving. And enjoying life. Peace.
Just for the record (Score:2)
What these divers did was NOT indicative of how diving schools train nowadays by any means.. they pushed it, doing many things that dive schools make a BIG point of discouraging.
RISKS in the modern world (Score:3, Informative)
They take submissions from people about faults and errors in software (and related meatware) that put lives at risk.A weekly digest can be found here [ncl.ac.uk].
It's a good read, especially browsing through the archives. eg:
"A woman drowned during a flood when the elevator she was riding in incorrectly sensed a fire alarm and went to the ground floor which was underwater."
"Three people killed when a computer glitch caused a 16-inch pipeline to rupture, dumping 237,000 gallons of petrol."
and so on. Makes you a little paranoid. Now I know why indemnity insurance is so high these days.
hmmm reminds me of a sun ad (Score:3, Funny)
Responsability (Score:2, Insightful)
Diving is really, really wonderful and very safe if you follow proper security measures. But like in many other activities there are always some risks involved, and it is YOUR responsabiliy to do all you can to minimize this risks.
You never trust your computer alone, you always doble check with the tables, and you memorize the tables, just in case. Ok, calculations with Nitrox are more difficult than with air, but anyway after a while you sh
Say it with me brutha: (Score:2)
asking for trouble (Score:2)
Dive tables and dive comput
Just imagine (Score:2)
Fight Club (Score:3, Interesting)
Take the expected number of products that customers have that will fail and harm/kill someone, then multiply that by the average settlement. You end up with what your company can expect to pay from all the court cases from people dying with whatever product a company sells.
If this is cheaper than doing a recall, the company won't do a recall. Even when the company knows people will die from their shitty products
That's what Fight Club says, though I think most companies these days will do a recall anyway, in an effort to avoid bad PR as well.
Ford/Firestone didn't do too well by not doing a recall for a long time. Yeah, they might have expected to lose less money by not doing a recall, but the massive amout of bad PR that came around (people started noticing they were more likely to die on the things) ended up doing a lot worse damage to the bottom line than a recall.
Another fatality from software/hardware interface (Score:3, Interesting)
A manufacturer of particle accelerators for treating cancers had a unit, that due to a software bug, would occasionally blow a fuse. It wasn't considered important enough to track down, since you could just reset the machine, and it'd be fine.
Until they upgraded the equipment for a higher power unit, with the same software. The radiation dose killed a patient.
This came up originally under the subject of software malpractice.
your thinking of the therac (Score:3, Informative)
heres one link i found super fast
http://courses.cs.vt.edu/~cs3604/lib/Therac
Therac 25 (Score:2)
Therac 25 Investigation [vt.edu]
ToaterBoy
Evil (Score:2)
I guess this gives new meaning to the cliche "How low can they be?"
Dive computers = false sense of security (Score:5, Interesting)
Fully relying on a dive computer is stupid. (Score:2)
Dive computers are a convenience, but they shouldn't be a replacement for using your brain and planning safe dives.
One person in
Okay. (Score:2)
But these divers were being stupid.
I'm a novice diver, but the concepts are not hard to understand:
You don't fucking dive within 24 hours of taking an airplane ride.
You don't push the limits of your gear. Computers ESTIMATE the nitrogen in your blood; every person's metabolism is different, the exact same conditions can kill one person and have no effect on another.
DIVE TABLES. Many divers still use dive tables.. sure, your computer is great.. but you USE your dive
I'm a scuba diver (Score:4, Insightful)
Having worked in software for many years, I have yet to see a perfect program, and I have never wanted to trust my life and/or health to the programming and testing skills of someone else.
Corporate Death Penalty Needed (Score:3, Interesting)
No more company, all assets sold, stockholders get whats left over, after all debts payed (as usual). Corporate officers and board members prohibited from serving in either capacity in any corporation for a period of at least 2 years. Don't worry if they don't actually have enough cash to cover that, they can always get real jobs...
At one point in our history, it actually required an act of Congress to incorporate, it isn't a right its more like a drivers license, the only thing Congress would need to do is care.
They apologize for "any inconvenience" (Score:3, Insightful)
"We apologize for any inconvenience this may have caused you."
Now *that* is an understatement...
Re:The main flaw of modern computer science. (Score:5, Insightful)
That being said: what makes you believe that it was a programming error? If you had bothered to read the article instead of spouting some nonsense about mathematics and the "flaw of modern computer science", you would have seen that it was a design error, meaning the specification itself is in error. You can answer "the equivalence" problem, but if the specification is flawed you're going to get flawed code. Garbage in, garbage out.
Re:The main flaw of modern computer science. (Score:3, Insightful)
Re:The main flaw of modern computer science. (Score:2)
I believe the parent poster was generalizing, and not referring to this one particular incident.
And with that statement, you prove the parent poster correct. A flawed specification is nothing more than a logic problem, which will invariably draw on mathematical methods for its solution.
What is noteworthy is to reali
Re:The main flaw of modern computer science. (Score:3, Informative)
I attend a small state university that is decidedly not renowned for its CS program. I'm coming up on my senior year. In no less than three class (Data Structure, Software Engineering, Algorithms) I have spent at least a week concentrating purely on proof of the correctness of an algorithm by various methods. Software Engineering took over a month on testing, primarily concentrating on mathematically rigorous proofs and automated tests (because a mathematically correct and proven algorithm can easily be
Re:The main flaw of modern computer science. (Score:3, Interesting)
Your nitrogen uptake in diving is a function of the nitrogen partial pressure (79% in air, 60-75% with oxygen enriched air (nitrox). Making a computer calculate based on nitrox rather than air should be as simple as changing the O2 percentage. The problem is that at the surface, this computer still assumed you were still breathing O2 enriched air.
Good diving practices dictate
In case anyone missed it (Score:2)
The feature divers like is the reduced nitrogen, not the increased O2. You don't "breathe slower" or anyhting because of the extra O2.
So when a diver is at the surface, they generally breathe real air, not tank air, (to conserve tank air, and because it's more relaxing/takes less effort). This air counts towards your nitrogen level... if it is assumed you are still breathing nitrox between dives, the numbers will come out wro
Re:The main flaw of modern computer science. (Score:5, Interesting)
You can prove the correctness of a bit of code, but it's very hard, takes a long time and is highly skilled work. It becomes especially hard if you're trying to do it with a grammar for any real-world programming language and the code is anything approaching complex. For most real world cases it's simply imppossible.
Mathematical proof of a program's correctness is simply too hard and costs too much money to be applicable in the real world.
If you did a real CompSci course, such as the one I did at Cambridge University, you'll discover that "CS people" are very very far from being "code nerds". I was supervised by a couple of mathematicians for some courses who could code no Java, C++ or Perl (although one of them knew much ML). Proper Computer Science folk are seriously academic and embrace the mathematical side of the field. You can't write an optimising compiler without doing so, to name but one thing.
People don't "ignore this issue" - it's just virtually inapplicable to real world problems. Exteme programming is not "management rubbish". If you'd ever actually read a book about it and tried some of the methodology you'd appreciate that. You forget that the driving force for commerical products is pretty much how much it costs, against the feature set and speed. Provided it doesn't crash very often, that's Good Enough. Unless you're the sort of type who doesn't pay for Windows, I'd suspect most people would rather have a version for $100 that crashes once a month than a version for $1000 that crashes only once a year.
Get down off your pretentious high horse and get a clue.
Re:The main flaw of modern computer science. (Score:2)
Damn whinging ACs.
Uh, have you ever used Z? (Score:4, Interesting)
I don't know about most other CS students, but the reason I despise mathematical formal proofs in computer is because they are infeasible, and, frankly, you're more likely to make a mistake with the math then you are with the code, once the project gets big enough.
Have you ever used formal methods such as Z to prove your software? Believe me, it's not something you'd do willingly. The only possible uses for mathematically proved software is with simple, but important code, like in an ATM, for example. Anything larger and it all falls apart.
My point is that mathematical methods aren't the answer. Even my lecturer on this subject, who co-wrote the language, would use such techniques on a large software project. You'd have to be insane.
Re:Uh, have you ever used Z? (Score:2)
You might argue that this type of proof is in a different level entirely than using Z, but verification can happen in varying degrees. Even a Z specification might not talk about the hardware used to exe
Re:The main flaw of modern computer science. (Score:2)
It's a business decision.
People understand that mathematically proving a complicated computer program is an unprofitable task. It would be impossible to have software-controlled devices assisting in safety-critical situations if that were the absolute standard.
So those who adhere to standards apply a structured development organization and perform an acceptable level of inspection (i.e., proving), testing and documentation. If they do that correctly, then the governmen
Re:The main flaw of modern computer science. (Score:4, Insightful)
I've never worked in an environment where I was coding on top of something that was already proven correct.
I've never worked in an environment where the specification itself was proven correct. For example, the dive computer problem was that somebody didn't specify that the computer should count time at the surface as 79% nitrogen.
As a security geek, I'd be delighted to see perfectly correct code. There have been plenty of attempts to devise formal models of security, e.g. Bell-LaPadula and Clark-Wilson. Apply those all you want, but in real life zlib will have a buffer overflow, and the minimum-wage operator who needs a new refrigerator will sell information to the nice private detective.
Re:The main flaw of modern computer science. (Score:2)
You apparently aren't just a poor computer scientist, you are also an uneducated mathematician. Mathematicians understand that automated decision making does not reduce to proving the equivalence between a specification and a program. Decision making involves knowledge, uncertainty, validation, and many other factors. The people working on that in CS don't have all the answers, b
And how do you know the specification is corrrect? (Score:2, Insightful)
I think it's very sad when CS people fail to notice this obvious fact.
Re:the BMW on board computer runs windows (Score:3, Interesting)
BTW, moderators who modded down the original post, doesn't this qualify as "When Bad Software Kills"?
Re:the BMW on board computer runs windows (Score:2, Informative)
BMW has told CNETAsia that an electronic fault caused the problem, rather than a system crash of the car's Windows-based central computer, as other reports have speculated.
THE FIRST FUCKING PARAGRAPH!!!