QA Hates You

Uber glitch overcharges customers 100 times their fares:

An apparent Uber glitch resulted in some customers of the ridesharing company being charged 100 times their advertised fares on Wednesday.

One customer wrote on Twitter that she was charged $1,308 for her Uber ride — sparking a fraud alert from her credit card company — instead of the advertised fare of $13.08. Others reported similar overcharging, including one person who expected an $8.79 fee for her ride but instead was charged $879.

The cynic in me says that bugs that cost the company money get hotfixed faster than the ones that lend the company extra money.

Yabba-dabba-darn: Flintstones block sale of Ont. woman’s van:

Documents show fictional characters Fred Flintstone and his daughter, Pebbles, have taken out very real liens against a Perth, Ont. woman’s van.

. . . .

Documents obtained by CTV Toronto show Fred and Pebbles Flintstone listed as debtors claiming liens against Maureen’s vehicle. Their address is listed a 9 Yellow Brick Road, Markham, Ont.
The registering agent is listed as “PPSR Test Data1,” which suggests the lien may have been created as part of a Service Ontario system test. The documents also show other vehicle numbers under liens from the Flintstones, which could trigger more stone-age issues for other motorists.

On the other hand, the software was probably only wildly and not cancellingly over budget and just a couple years late. Incorrect data and legal battles of unknowing users of the software is a small price to pay!

(Source: Someone who reads Fark so I don’t have to.)

There’s a right way and a wrong way to keep test data out of production. Citigroup chose the wrong way:

It turned out that the error was a result of how the company introduced new alphanumeric branch codes.

When the system was introduced in the mid-1990s, the program code filtered out any transactions that were given three-digit branch codes from 089 to 100 and used those prefixes for testing purposes.

But in 1998, the company started using alphanumeric branch codes as it expanded its business. Among them were the codes 10B, 10C and so on, which the system treated as being within the excluded range, and so their transactions were removed from any reports sent to the SEC.

The SEC routinely sends requests to financial institutions asking them to send all details on transactions between specific dates as a way of checking that nothing untoward is going on. The coding error had resulted in Citigroup failing to send information on 26,810 transactions in over 2,300 such requests.

Citigroup was fined $7,000,000 for the problem which probably stemmed from a lack of communication.

My first ticket logged in Jira, and my first bug found in Jira.

Fortunately, I have an undefined key on my special QA-language keyboard.

Apparently, the Twitter Promoted Tweet on mobile devices now features Fact Checking:

Otherwise, there’s some sort of bug displaying variable values in the tweet, and that would be impossible for a bug to make it to production like that.

Back in 2007, a developer caused a delay in a very large software launch for an Easter egg or a prank:

Microsoft reps have told Next-Gen the real reason for the Halo 2 Vista delay: partial nudity–specifically someone’s backside in the game’s map editor, the Entertainment Software Rating Board added today.

. . . .

Friday morning, however, the ESRB e-mailed Next-Gen a statement that said a “photograph of an individual showing his bare backside” is accessible within Halo 2 Vista’s exclusive map editor tool. Apparently, it pops up when an “.ass” error occurs….

Hijinks that cost the company millions.

Moral of the story: Always check your software for .ass errors.

2005-’07 BMW 7 Series Recalled Because Doors May Inadvertently Open:

BMW is recalling 7,485 2005-’07 BMW 7 Series cars because a software problem may cause the doors to inadvertently open, according to the National Highway Traffic Safety Administration.

“Due to a software problem, the doors may appear to be closed and latched, but, in fact, may inadvertently open,” said NHTSA in its summary of the problem. “The door may unexpectedly open due to road or driving conditions or occupant contact with the door. The sudden opening may result in occupant ejection or increase the risk of injury in the event of a crash.”

You know, I still have a vehicle whose key makes moving parts move and whose (albeit plastic) door handle makes other physical things move.

Know why?

Because I work in QA.

Also, I’m to cheap to buy a new vehicle every decade.

(Link courtesy of Gimlet again, who I should consider giving the keys to the blog except he works in ops and therefore only disdains you.)

The rules of copyright citation are simple, and they have not changed significantly in decades. But companies continue to get them wrong, especially in software applications.

Whenever I see them wrong in an application, I can’t help but wonder What else have they done wrong?

Of course, I think that when I see any application at the outset. But I digress.

This makes copyright dates sort of like brown M&Ms:

In case you weren’t around during the 80s, the rock supergroup Van Halen had a clause in their concert contracts that stipulated that the band would “be provided with one large bowl of M&M candies, with all brown candies removed”. Once the “M&Ms” story leaked to the press, social commentators jumped all over it as an egregious example of the pampered and spoiled behavior that rock artists demanded.

. . . .

Van Halen was one of the first rock bands to bring truly massive concerts to mid-size cities like Macon, Georgia. The staff that worked at concert arenas in these smallish cities were used to bands coming to town with, at most, three tractor-trailers full of equipment. Van Halen’s equipment took up 9 tractor-trailers. It was a lot of stuff, and the staff at these venues were frequently overwhelmed. And when people are overwhelmed, they make mistakes. At a rock concert, “making a mistake” during setup has a large number of possible outcomes. Some mistakes don’t have any effect at all. Other mistakes can make the band sound awful, which hurts nothing but the band’s image. Other mistakes can cause stage lights to fall from the ceiling and kill people… which is exactly what the band was afraid of.

At the heart of any major concert is the contract. Much of the text of these contracts is standard legal boilerplate, but each band may attach specific demands via something called a “rider”. Most of the contracts involving concerts at large venues are jam-packed with riders, most of which involve technical details specific to the band’s stage design. For instance, a rider might say “Article 148: There will be fifteen amperage voltage sockets at twenty-foot spaces, spaced evenly, providing nineteen amperes total, on beams suspended from the ceiling of the venue, which shall be able to support a total gross weight of 5,600 pounds each, and be suspended no less than 30 feet, but no more than 37.5 feet, above the stage surface”. Van Halen’s concert contracts would have several hundred such demands, and their contracts ended up (in lead singer David Lee Roth’s words) looking “like a Chinese Yellow Pages”.

The staff at venues in large cities were used to technically-complex shows like Van Halen’s. The band played in venues like New York’s Madison Square Garden or Atlanta’s The Omni without incident. But the band kept noticing errors (sometimes significant errors) in the stage setup in smaller cities. The band needed a way to know that their contract had been read fully. And this is where the “no brown M&Ms” came in. The band put a clause smack dab in the middle of the technical jargon of other riders: “Article 126: There will be no brown M&M’s in the backstage area, upon pain of forfeiture of the show, with full compensation”. That way, the band could simply enter the arena and look for a bowl of M&Ms in the backstage area. No brown M&Ms? Someone read the contract fully, so there were probably no major mistakes with the equipment. A bowl of M&Ms with the brown candies? No bowl of M&Ms at all? Stop everyone and check every single thing, because someone didn’t bother to read the contract.

This captcha will protect against bots particularly well.

Also, users who don’t have an e with an acute accent on their keyboards.

I guess it’s to test how bad you really, really want to create a new account.

Hey, let me digress here: Why doesn’t the Elder Sign actually have a Unicode symbol or character for it?

Aren’t geeks in charge of the official Unicode spec, or what?

A quick review of leap day issues from this week:

• Leap day scuttles Eftpos
  

  February’s extra day has been causing problems with computer systems here and in Australia.

  Foodstuffs said an eftpos outage at lower North Island New World, Pak n’ Save and Four Square stores this morning occurred after its systems were unable to cope with today’s leap day date.

  The outage, which has now been resolved, affected many stores across the lower North Island from early this morning.

  (Source: A tweet from someone on the other side of the Pacific Rim whom I follow.) 
   

• Windows Azure Leap-Year Glitch Takes Down G-Cloud:
  

  Microsoft has confirmed that a service outage that affected its cloud computing service Microsoft Azure, appears to be caused by a leap year bug.

  The Government’s G-Cloud CloudStore was among the sites affected by the outage, which Microsoft says has mostly been rectified.

  (Source: Reader Isarian.)

Is that it?

That’s all we know about.

Sleep tight, and remember that December 31 is Day 366, as Microsoft knows. Or should know. But given this is the second Microsoft product leap year crash in as many leap years, who knows what Microsoft knows.

Error #2048 implies there are 2047 other errors, doesn’t it?

Well, unless they’re doing some strange counting in binary, which they well may be.

I’ve said it before, I’ll say it now, and I’ll say it again: Error messages are not debugging tools.

Error messages need to convey something useful to the user. This error message does not. A good error message should not only tell a developer what’s wrong, but it should also help a user determine what to do next to fix the error.

Apparently, Ally Bank software failed to pay interest to CD holders:

We goofed.

That is the message Ally Financial is delivering to some of its customers.

The online lender mistakenly failed in December to credit year-end interest earned by some savers who hold its certificates of deposit. The company also provided these customers with incorrect tax information that didn’t reflect the interest they should have earned.

Uh, oops. This might be the first case of a bank itself doing a Salami attack.

On the other hand, no doubt they made the launch date.

Reader Rich M. sends along another possible outcome this February 29:

I guess that’s one work around.

The people behind the New York Giants’ Web site were ready. Too ready.

The New York Giants web staff committed a major gaffe on Saturday and may have given the Patriots some bulletin board material for the Super Bowl.

On Saturday, NYGiants.com posted an ad on their website declaring the Giants Super Bowl Champions.

The ad also contained a link to buy championship merchandise.

Someone eventually noticed the error and took down the ad.

Unfortunately, it was a prophetic defect.

So I installed the new full CD version of Intuit QuickBooks, which is adware designed to get you to buy a lot of Intuit additional services disguised as accounting software. Now, if you’re like me, you’re not into the intricacies of actual accounting nor the myriad business rules that the various state and Federal governments change upon a whim, but you rely on software and a good accountant (or, sometimes, an accountant, although I’d like to add my current accountant is a good accountant unlike previous engagements who continue to bill me a small amount every year for simply having my address in their files).

Where was I? Oh, yes. I was talking about trusting your application, particularly one with complicated rules whose violation might result in a prison sentence. You want to trust that application, don’t you? So do I.

But I get the software installed and get into the mandatory registration (that is, give us personal information so we can target more in-application advertising pop-ups to you), and I get confronted with obvious slops on the design.

To whit:

A couple missing lines and slurred text, probably caused by poor compression or sizing.

Next up:

A stray bracket in the corner.

Man, oh man, I can’t wait to find out what strange punctuation marks it leaves in my figures.

Do I trust the application? Not so much. Which is why I don’t use it for much more than a glorified check register. And if it continues with its unrepentant, unrelenting barrage of “Collect credit cards with Intuit!”, “Print checks with Intuit!”, “Let Intuit have access to all your financial accounts!” banners popping up before I can pay my bills, I won’t have to trust it in the future, as I move to Microsoft Excel where it’s nice and quiet.

You know, when this blog first started, I used to noodle around existing Web sites, find errors on their Web forms, and do some commentary on them. I haven’t been in that habit for a while, so you might think the quality of applications in the wild has improved. Oh, but no.

Take the Progressive Insurance contact us form:

Now, if you don’t select a topic before you click Submit, it asks for a topic. But only a topic

When you select a topic, it changes the fields on the form to reflect what they want for that kind of inquiry (enquiry for our R.P. friends). If you click Submit then, it shows you a list of the fields you need to fill out:

But if you click the Reset button to reset the form, well, that’s not cricket (cricket for our R.P. friends):

You know, any time your form changes the controls on the screen due to AJAX or other techniques, it’s a different form. And it never hurts to check your reset button in various forms of filling out the form, especially if there are look-ups or state changes as you fill out the form.

UPDATE: Welcome, Progressive Insurance readers!

You might know, if you’re in the United States, have health insurance, and have an insurer that uses Express Scripts for its prescription benefits management, that as of January 1, 2012, the Walgreens pharmacy chain and Express Scripts contract ended. Which means that your insurance card does not work at Walgreens, and if you want our pharmaceuticals at reduced rates, you have to transfer your prescriptions to other pharmacies.

How many prescriptions are affected?

90,000,000:

An Express Scripts spokesman say their customers previously filled 90 million prescriptions at Walgreens. Now they’re taking them elsewhere.

It’s my understanding that the Express Scripts processing system was down all day on January 11. Is it related? I don’t know.

But I do wonder whether Express Scripts load tested its system to handle 90,000,000 change orders in a matter of days while handling its normal processing for all other normal maintenance.

It could be a valuable lesson anyway: Even after you’ve load tested your application to the limits of your budget for virtual users or to a level where the stakeholders are comfortable with very gradual ramp up times, sometimes events out of IT’s control could lead to a catastrophic meltdown.

So I was playing Rampage World Tour on the PlayStation 2 because I am 15 years behind in my gaming.

After destroying 99% of the first city (what, I missed some part up to 1%?), I got an error:

What? There are other lockup errors one can find? I’ll have to try them to collect them all!

While I do that, join me in recasting the lyrics to this song to fit the occasion. Consider it your Friday software testing exercise:

A Cracked list: The 8 Creepiest Glitches Hidden In Popular Video Games.

An element of the recent high-profile American trial of Casey Anthony that should be of interest to us:

Assertions by the prosecution that Casey Anthony conducted extensive computer searches on the word “chloroform” were based on inaccurate data, a software designer who testified at the trial said Monday.

The designer, John Bradley, said Ms. Anthony had visited what the prosecution said was a crucial Web site only once, not 84 times, as prosecutors had asserted. He came to that conclusion after redesigning his software, and immediately alerted prosecutors and the police about the mistake, he said.

…

Concerned that the analysis using CacheBack could be wrong and that a woman’s life might be at stake, Mr. Bradley went back to the drawing board and redesigned a portion of his software to get a more accurate picture.

He found both reports were inaccurate (although NetAnalysis came up with the correct result), in part because it appears both types of software had failed to fully decode the entire file, due to its complexity. His more thorough analysis showed that the Web site sci-spot.com was visited only once — not 84 times.

Remember, those defects your developers mark as “Known Issue” or reject still can have real-world effects.