Thursday, May 17, 2001

Our software is *never* wrong The other day I got an e-mail from my on-line credit-card company telling me that my e-mail preferences had been updated. Trouble is, I hadn't logged in to my account for weeks, and I could not remember ever setting any e-mail preferences. So my risk radar said, "Hack!" and I called the company. The rep assured me that my account had not been broken into. How did they know, I asked. "I've got your account right here and I can tell that no one has tried to break in." Yes, but *how* can you tell that? Well, because if someone had tried to break in it would have said so, and it didn't, so no one has. I explained to the rep about the e-mail that I got which could only be explained by either someone breaking in or a bug in their software. And if there was a bug in their e-mail software there might also be a bug in their hack-detection software. It should come as no surprise that this made little impression on the rep. [Erann Gat via risks-digest Volume 21, Issue 41] 0:00 # G!