Friday, March 25, 2016

Names That Break Computers

Chris Baraniuk (via Rosyna Keller, comments):

“We moved almost immediately after we got married so it came up practically as soon as I changed my name, buying plane tickets,” she says. When Jennifer Null tries to buy a plane ticket, she gets an error message on most websites. The site will say she has left the surname field blank and ask her to try again.

[…]

Some individuals only have a single name, not a forename and surname. Others have surnames that are just one letter. Problems with such names have been reported before. Consider also the experiences of Janice Keihanaikukauakahihulihe'ekahaunaele, a Hawaiian woman who complained that state ID cards should allow citizens to display surnames even as long as hers – which is 36 characters in total.

[…]

But McKenzie is living proof of the fact that name headaches are a relativistic problem. To many English-speaking westerners, the name “Patrick McKenzie” might not seem primed to cause errors, but where McKenzie lives – Japan – it has created all kinds of issues for him.

See also: xkcd and Explain xkcd.

Previously: Falsehoods Programmers Believe.

6 Comments RSS · Twitter

From XCKD, we also have http://xkcd.com/859/ - proud to say my XKCD import script (using the API - yes, there is an XKCD API) processed it without issue.

Gosh, what websites and what horrible programmers? I mean, even if you're a two equals coder (you should use three, natch) in JavaScript, the weakest place I could think of off-hand, `null != "null`.

INSERT INTO Users (Name) VALUES ('Null') -- (as the result of a parameterized query) screwed up nobody ever.

This is not Little Bobby Tables. This is stoopid. We're all stoopid sometimes, but that's what this is.

???

Later...

Seems I ran through the same steps in my head as the SO post the BBC includes, but the answer seemed obvious; this is the "worst case" I could think of going in...

The only reasonable workaround I can think of, short of fixing this bug in every damn version of ActionScript, is to test fields for "null" and escape them as CDATA values.

Well, duh. Though my sympathy for those who have a legacy system that still uses XML, not JSON. ;^)

What this really shows is that there's waaaaaaay too much NIH syndrome in the enterprise, that we're exceptionally bad at creating test cases, and that we need more imaginative coders. If "Null" is still an issue three to six months from now, shame indeed.

Wow. Seriously, I'm embarrassed for the profession. At worst, you needed to see why your client-side was "letting through" names that were empty so far that they got serialized to XML. Does nobody check the logs? Or are your logs so chatty you wouldn't see this error?

/facepalm

Ruffin: "I'm embarrassed for the profession."

Frankly, calling it a "profession" is a massive insult to actual professions. I'm a regular reader medical skeptic blogs like Respectful Insolence, and I see more parallels between modern mainstream programming "profession" and so-called chiro-homeo-naturo-quackery "professions" than with any sort of science, mathematics, law, or other genuinely professional discipline. Quasi-religious doctrine masquerading as "education" and "evidence"; Dunning-Kruger arrogance of ignorance as SOP; pathological inability to admit or accept mistakes; always blame the patient, never the practice (or practitioner); and so on.

My own software is generally good quality and does the job, not because I'm a great programmer but because I'm a not a great programmer and know it so work very hard to compensate for that. This means I'm slow, but even when pressed by deadlines I still know the difference between a quick-n-dirty kludge and incompetent bullshit. Occasionally I worry I'm disadvantaged being self-taught rather than formally educated, but then I look at the unspeakable rot put out by highly-educated, highly-paid Real Professional Programmers, and reckon it's probably just as well I'm not because at this point the failure is clearly multi-generational and already gone recursive.

Honestly, the only way to make programming a genuine profession at this point would be to take the bottom 90% out behind the woodshed and bloody well just shoot it. The remaining 10% will get just as much work done in the long haul, but the quality of that work should be something else entirely.

Yeah, I think you could fill a whole book about logical fallacies just with the stuff your average programmer does or says in an average week, even if you ignore the actual writing of code and just focus on stuff like project management or development processes. It's easy to see the problem, but it's difficult to figure out how to solve it, because the scientific process is very difficult to apply to software development. Population studies are extremely hard, and good, properly controlled experimental studies are basically impossible, so we're left with making stuff up, trusting our intuition, and hoping that we don't end up with the software development equivalent of homeopathy, knowing full well that we probably do.

Any ideas on how to fix this?

Leave a Comment