15 - IDIOT SYSTEMS

Biographical notes
by BERNARD A HODSON

Throughout my career I have been very concerned at the poor image of my profession that has been created by sloppy individuals and their companies. In 1967 I wrote an article for Canada's Financial Post called "The Systems Tragedy", which outlined some of the ridiculous things which had happened to me personally in dealing with several North American companies who had implemented computer based information processing systems. Today the situation is even worse, and the Canadian government has wasted billions of dollars in asking major companies such as Systemhouse, EDS, Hughes and other companies of that calibre, to develop systems for them, who have produced sheer garbage. I devote a later chapter to some of these fiascos, but such are not limited to government.

The world's financial systems are expecting a major financial disaster from the software used for electronic funds transfer (as told to me by a banking consultant in Basel, Switzerland), as are companies involved with network control software (as told to me by a senior engineer at Nortel). And already we have seen significant evidence that this is happening. The on-line systems company AOL has suffered more than one major breakdown, the utility company's in the North West of the United States suffered several hours of blackout, hackers roam at will through poorly designed systems (even critical defence and security systems) and spread viruses in a similar manner to the flu epidemic of the late 1910s. The major banks also have some real computer system problems and I have seriously thought of writing an article entitled "Unsafe in any bank", along the lines of Ralph Nader's "Unsafe at any speed" (in fact I already have a draft). This is one reason why there is real interest building for the Hodson-Turing concept, which promises to address the issue to a great extent. What I want to emphasise, however, is that the typical response to the problems is to blame it on the computer. What utter rubbish. The blame lies with the people who design the systems, and their companies, whose education has been limited to professors and teachers who haven't the foggiest notion of how to design a business system.

In this chapter I am re-telling my own experiences and those of others. Having written the article "The Systems Tragedy" I sent it to the prestigous Guardian newspaper in the UK, who expressed interest in publishing the article (with a few changes), provided that I rewrote it in English (the English used by Canadian newspapers is not acceptable to such as the Guardian). I rewrote it in English, with some changes, and it was published under the title "Idiot Systems", receiving world-wide interest, as it was published also in the International Guardian Weekly, in response to which I received scores of letters giving me additional information on other "Idiot Systems". The article was also reprinted in the Journal of the Mensa Society and as a Chapter in a book called Humour in Science.

The events I describe happened mainly to me personally, with a few more relayed to me, As none of us are likely unique you can multiply these experiences by a large factor and you will see that the issue is widespread. While many of the incidents refer to some time ago (other than the ones on the banking industry, which are recent), many of the same situations occur today, phenomena similar to that which I had experienced still existing throughout North America. In fact recent discussions with colleagues confirm that the situation is still as bad today as it was then, except that the consequences today can be far worse than they were then. I should explain that I made my living at that time by designing computer based information systems and was regarded as part of the Canadian computer establishment. It was of concern to me then, and still is, that my profession is being undermined by the proliferation of ill-conceived information systems which interact with the public, creating an extremely poor image and bringing the systems profession into public ridicule. Microsoft boasts that it is hiring the best and brightest but these people have no experience of life or business, as can be seen with some of the garbage they produce.

Publishing companies were and still are very prone to develop "idiot systems" and I have heard of no evidence to suggest any improvement since my own experiences with them. One Christmas time, succumbing to the advertising of an "easy" Christmas gift I decided to subscribe to a children's magazine with a Philadelphia publishing company (I forget which one it was now). The order was placed for my own children and in a fit of generosity I solved my Christmas gift problems for three other families with whom we exchanged gifts. Little did I realise what that simple act would generate. Being in the systems profession I can sometimes see how the situation I shall describe can develop but they can all be avoided by careful systems design. It is just as easy to design a personalised information system as to design one that is impersonal and deficient.

In July of the following year I received a suggestion that I do my Christmas shopping early and renew my several subscriptions. In the meantime I had changed my address by moving from one city to another. I renewed my own children's subscription but not those of the friends for whom I had previously ordered. For this system it constituted an impossible situation, several transactions all occurring in the same month. Such a sequence occurring simultaneously was beyond the systems capabilities. In August, September, October and November I received further requests for renewal. I received another request in December and my boys received a Christmas card saying they were receiving a gift subscription from their dad. In January I received a bill, which I paid, along with a request for renewal. February produced a notice saying that unless I renewed my subscription, future copies of the magazine would not be delivered. In such circumstances it is my custom to write to the president of the company, offering my consulting services at very reasonable rates. This generated a reply that they had no record of me on their files. Magazines continued to flow, in spite of my not being on record, and their systems analyst wrote to me and indicated I would not believe the statistics regarding the probability of this occurrence being unique, I didn't. Although I terminated the subscription at the end of that year, I still received periodic renewal requests.

Not all poor systems are designed by employees of publishing companies. I used to have frequent occasion to deal with IBM, at the time North America's major computer manufacturer, due to my having responsibilities for a major computing installation. This created a continuing and hilarious situation. When discussing these experiences with a national newspaper some time ago I received the Biblical comment "who then can be saved".

My initial experiences go back to the time the company had its accounting system so fouled up that it was billing me for machines I did not have, not billing me for machines I had, billing me rental costs for machines I had purchased and billing me for items ordered but not received. It was further aggravated by the fact that their billing system was based on the anniversary of the day you bought something, so that bills could come in almost every day of the week, for something or other. This was remedied by my advising the company comptroller that I would authorise no further payments until their accounting mess was cleared up. At that point the company completely revised its accounting systems, and also changed their anniversary billing so that everything was consolidated.

That same company's marketing and production departments were also in disarray. I had ordered some equipment and the first indication that their marketing group had of a 6-l2 week delay in delivery of that piece of equipment was when I telephoned to ask why delivery had not been made on the agreed to date. On two occasions I had to write to the company's Canadian president even to find out when I might expect delivery of some items, the production department having no idea. During that same year several pieces of communications equipment were delivered for attachment to our main computer. Equipment arrived with wrong voltage settings, it arrived with missing cables and missing parts, equipment was delivered with the wrong specification. Nobody seemed able to resolve the situation and week followed week. As a critical deadline approached, I finally sent a long, pleading telegram to the company's United States president. If ever you want action I can advise writing to the top, or send a telegram (of course these are now obsolete). Vice-presidents arrived by plane, vice-presidents and presidents phoned, computer parts arrived by train, bus and plane, and lots of technicians arrived. I understand that reverberations throughout the company lasted some time but I made my deadlines.

Perhaps the most hilarious episode with IBM was with some equipment I received. The order had been for a monitor attached to a control unit via a cable. The control unit also required a cable to attach it to the computer. The shipping advice indicated one control unit, one monitor and two cables had been shipped. But three large boxes and one small box arrived and heads were shaken at the size of the boxes reputedly holding the cables. One of the boxes was opened and found to contain the monitor, one of the large boxes was opened and found to contain the control unit. The two remaining boxes contained a $300,000.00 computer instead of the two cables. I contemplated keeping the computer, thinking it would be a reasonable trade for my one hundred dollar cables. It was discovered that the expensive computer equipment should have been delivered 1200 miles from my location, but instead that had received my cables.

Another incident involved a piece of equipment that was found to be still not working, after many attempts at solving the problem. Finally the manufacturers' "software" designers and engineers were brought together to discuss the problem. It was found that the "software" had been developed as the equipment manual indicated it worked but that the design engineers had designed the equipment somewhat differently. After the two departments had been reconciled to how in fact the equipment did work, we had no problems. Quality control on software and on manual preparation would appear to have been lacking.

One retailer called Eaton's changed over to a computer system and a woman customer was distinctly puzzled to have on her monthly bill an item for building materials. Not having purchased any such items she questioned the bill and was advised that the "foundation garment" she had purchased some time ago had been incorrectly coded. Incorrect coding is a constant problem with computer systems. In respect to coding one retailer used to send out bills to its customers in which goods sold were listed under a few simple headings, code one for toys, two for clothing, etc. When a customer received his bill, usually several weeks after purchase, the customer was supposed to think back and guess at what he bought. To help out, although the customer was not advised how the system code operated, the customer was given at least three possible category headings on each bill. In fact in this year 2000 a Canadian company called Zeller's is even worse, categorising each statement entry as "general merchandise", whatever that may mean to a customer.

Of course it is not always possible to think of every possibility in systems design. In some early runs on a school division educational system which produced an attendance register, it was found that under some specific conditions a child who changed classes would sometimes disappear from the system in so far as the register was concerned. This type of transient problem could usually be fixed, but modern software is so complex that fixing one problem may introduce a dozen others. With today's tax authority in Canada several people have been declared dead who are still alive, and their system seems incapable of resurrecting someone who is still alive but declared dead by the system.

It was not unknown in early systems that during a long computer-to-computer transmission between two cities, a long distance operator, thinking the circuit had gone dead, would interrupt the computer conversation. Today's equivalent is just as bad, as the controlling software from Microsoft crashes more frequently than were interruptions by the telephone operators (in my case sometimes two or three times a day).

Let me stress that these poor systems designs are costing you money, as I will illustrate with some current experiences with a major bank.

In previous paragraphs I have expressed considerable concern over the poorly designed computer systems that have been thrust upon a long suffering public. From the raft of current news articles it now appears that we are shortly to be burdened with a system whose installation will likely make the sum total of computer booboos made to date look like small potatoes. The software technology of today is not capable of handling the chequeless society. Rumour in the industry bas it that over $l,OOO,OOO disappeared in one major bank's system. I know of another financial group where $200,OOO went astray. The fact is that existing systems technology is not able to provide the control required for such an extensive system and that banks, and their potential major clients, should question their action once, twice, three, four, five and six times before rushing headlong into the chequeless morass that would result. If they don't heed this advice then one or more of them will suffer severe financial losses, through fraud or computer error.

I have worked for many years on data bank development, and on the needs for control and safeguards for access to such data banks from multiple terminals, more so now with Internet access. The more terminals we add, the more widespread the distribution of code numbers becomes, and the possibilities of fraud and erroneous entry increase (this is already in evidence unfortunately). But any computer system must be supported by a people system, and the supporting structure presently employed by the banks is woefully inadequate, leaving them wide open to fraud and embezzlement. The inadequacy of their people support system first came to my notice when I changed cities, leading me into one ludicrous situation after another with the Canadian Imperial Bank of Commerce. While the incidents I relate are specific to one particular bank my inquiries to colleagues elicited the information that my situation was not unique.

The start of my concern began in the simple transfer of an account. A well designed system should be able to handle this situation with ease but not this one. To move from the West of the country to the East, and presumably vice verse involved getting a new record for the client and in my case it took about 2 months to effect the transfer. This lends itself to all kinds of error situations developing, and also to abuse of the system. In the long run it is my banking dollars which pay for these poor systems. At the time of the transfer new forms were completed and sent in by the branch to the head office. Imagine my surprise when the local head office phoned to ask me which branch had sent in the forms, where was their system design, where was their control?

Doing much of my banking by mail at the time I sought assurances that all deposits would be acknowledged and was given this assurance. After more than 2 months I had received neither a statement, nor an acknowledgement of any mail deposit, although several had been made. An inquiry elicited the information that 2 of my cheques had been lost and they had not sent out statements pending their return from whichever customer had received them in error (cheques containing my signature and account number) The opportunities for fraud were enormous. A reasonable letter to the manager of the branch advlsing him that my mail deposits were not being acknowledged, elicited no response. At this I felt a letter to the bank's president was in order, advising him of the systems flaws, and offering consulting services. This resulted in an official inquiry and a letter from the head office that all deposits would be acknowledged.

Another more recent incident involved a Master card, with the Bank of Montreal. Being a long standing and creditworthy customer I received a letter indicating that I should have received a Master Charge card and would I check that it was in order. Not having received it, and being concerned that it might have gone astray, I phoned the bank and was transferred to their security department. I was advised that there had been a computer error in the production of several batches and that I should be receiving my card soon, when the system flaw had been corrected. After a reasonable period I contacted them again and this time was advised that somehow the system had lost my record, could I resubmit my application. As no application had been made in the first place, the bank having selected me as one of the recipients of their new system there was obviously something wrong with the system. Notwithstanding I completed a new application, only to have that disappear in the system also. A third try likewise. I surmise that somehow, somewhere, in whatever system they have designed, there existed a bug which prohibited the acceptance of my combination of inputs. It is certainly nothing to do with credit ratings as I have had and continue to have, excellent dealings with this and other banks, unless a stray bit has wandered through a poor quality control procedure on data entry. I really didn't need the card.

Each bank president should ask (particularly in this day of networks) their systems and procedures people a few pertinent questions and should be satisfied that the answers they receive represent the truth, before they authorise use of any new system. If they don't, and they suffer serious financial losses, then they have only themselves to blame. Unfortunately their customers will suffer along with them. As one example one of the questions they should ask is what is the probability of a valid but unauthorised account number entering the system?, what are the chances of an entry being diverted into the wrong account?, What controls exist at the branches to prevent employees manipulating the system on a short term basis to their own advantage?. What safeguards exist to prevent an unauthorised terminal being hooked into the system from a crook's, employee's or customer's house or office? Are these safeguards adequate?. Are the operating system programs if supplied by a manufacturer, sufficiently stable for such a sensitive system? I could cite many more questions.

But knowing the inadequate computer oriented training in this area (and in other buslness areas) that many of our graduates get, from Faculty who are incapable of designing a secure system, the answers to almost all the questions posed and not posed, would be disturbing, if they were told the truth. A good systems analyst, given the opportunity to study the bank's system for a few days, could probably identify the potential sources of error. From my own experience with the external part of their present system it indicates many faults, even without considering the internals. The banks' customers should also question the security of their deposits. Are they satisfied that the systems controls are such as to prevent an error?

Today's systems seem to operate on the principle that the customer is always wrong and the computer system always right. Banks are not without personnel problems. Presidents should question, question and question again their systems analysts and get the systems thoroughly audited before thrusting them on the public. Our software technology of today, based on old fashioned concepts from 20 years ago, is not adequate to the current tasks it is being asked to do.

Computers may be impersonal but the systems are designed by humans and are only impersonal if they are made impersonal. It is perfectly possible to personalise a computer system, as I used to emphasise over and over again to my graduate students. I lectured on occasion to senior executives of Canadian and American companies, on the subject of information systems I emphasised to these executives the disservice they are doing to their own companies and the systems profession by tolerating the nonsense just described.

There should also be other checks. While in London, England I made a withdrawal at an ATM at exactly the same time I was supposed to be making a withdrawal at an ATM in Los Angeles. If a transaction is made in Toronto and Vancouver on the same day how are they validated?

Our software technology of today, based on old fashioned concepts from 30 and 40 years ago, is just not adequate to the tasks of today. We need a completely new approach, such as the the one that the Hodson-Turing GENETIX is attempting to make.