For the past 20 years UK Post Office employees have been dealing with a piece of software called Horizon, which had a fatal flaw: bugs that made it look like employees stole tens of thousands of British pounds. This led to some local postmasters being convicted of crimes, even being sent to prison, because the Post Office doggedly insisted the software could be trusted. After fighting for decades, 39 people are finally having their convictions overturned, after what is reportedly the largest miscarriage of justice that the UK has ever seen.
The impact on these employees has been vast: according to the BBC, some have lost marriages or time with their children. Talking to the BBC, Janet Skinner said that she was taken away from her two kids for nine months when she was imprisoned, after the software showed a £59,000 shortfall. She also says she lost a job offer because of her criminal conviction. The time she and others like her spent in jail can't be bought back, and it happened because software was taken at its word.
[...] Horizon was made by Japanese company Fujitsu, and information from it was used to prosecute 736 Post Office employees between 2000 and 2014, some of whom ended up going to jail. Bugs in the system would cause it to report that accounts that were under the employees' control were short — the BBC has reported that some employees even tried to close the gap by remortgaging their homes, or using their own money.
It does seem like the nightmare for the employees may be coming to an end. The 39 who had their convictions overturned are following another six who were cleared of wrongdoing back in December. The Post Office has also been working on financially compensating other employees who were caught up by the software.
In 2019 the Post Office settled with 555 claimants and paid damages to them, and it's also set up a system to repay other affected employees. So far, according to the BBC, more than 2,400 claims have been made.
(Score: 1, Insightful) by Anonymous Coward on Saturday April 24, @05:16PM (5 children)
I will never, ever understand the people who blindly accept that just because something came from a computer, it has to be right.
Gee, I wonder if there are any bugs in any of them there cryptocurrency systems. Nah, it'll be fine.
(Score: 2) by ElizabethGreene on Saturday April 24, @05:30PM (1 child)
It's been a thing for a long time. "It came from the computer, and the computer doesn't make mistakes."
The horror stories (and corpses of those destroyed by) gross abuses of that mindset are the the reason the Fair Credit Reporting Act exists. Reading that Senate testimony was awful.
(Score: 0) by Anonymous Coward on Saturday April 24, @06:18PM
It was initiated long before that with general bureaucracy. "Sorry, miss, that's the rules..."
The rules eliminate the moral complicity that a person would experience in giving someone the shaft, and duly justifies their decisions because violations of the rules could lead to compromise of self-preservation. It's sort of a sick catch-22 in a lot of situations, but most people don't experience and even fewer reflect on it. It is, probably, the most vivacious driver of the automation of humanity that there is. We're just streamlining it using machines. Neil Postman covers the conflicts of both situations in Technopoly, and it really does posture an enormous but unasked question.
(Score: 2) by fakefuck39 on Saturday April 24, @06:26PM
It's not people. It's people who don't understand software, making decisions about it. This is a common thread in politics and with regulators, and is not fixable. People who want to go into writing regulation, management, and politics, are not people who want to go into tech. What should be happening, is someone in charge uses the opinions of subject matter experts and makes appropriate decisions based on their input. That's not happening - what we get is a guy in charge who thinks his high position means he knows better.
Here's a good example. I have a NAS array and a bunch of the front-end data ports were detected by Nessus to be running Windows Vista. Infosec reached out to me, I told them the storage array is running FreeBSD. They said "fingerprinting isn't working here, we'll add it to the exception list for these IPs." Case closed.
Here's what happens in government: a guy sees this raw report from Nessus, and issues an order that the storage array be upgraded from FreeBSD to Windows 10, because it's running Windows Vista. End of story - make it happen, that's an order. Then he adds a line to his accomplishments that he's secured the government storage infrastructure.
And there's no way to stop this, because the kind of people that want to go make rules, are all the wrong kinds of people to make the rules. The solution here is complete transparency of the government. Every decision, all text of all bills made public. The issue with the post office here, is this internal use of the bad software was not known to the general public. The army of nerds who have nothing better to do than find flaws and talk about them online wasn't aware of this crap, and until a thousand innocent people got hurt by this and took it to court, nothing was fixed - and not like most of the damage to people's lives here can even be fixed.
>bugs in any of them there cryptocurrency systems
there are. and they're reviewed by people, made public by those people, and that's why they get fixed. in fact, the example you give is the perfect counter example to your point. the code is public, the transaction ledger is public. that's how we need the government to work. because the whole issue here was that the post office used bad software internally, and the millions of bored random strangers didn't know - because the details of the post office capex is private information. there should be no private information for a public agency, because it's owned by the people, to serve the people.
(Score: 2) by krishnoid on Saturday April 24, @06:33PM
There's this clip [youtu.be] for context, but in all honesty, I don't know whether it's farce or representative satire.
(Score: 0) by Anonymous Coward on Saturday April 24, @06:36PM
So I wonder what the juries thought in these cases. And whether the defense could not make a "habeas pecunia" argument.
In the US about 30 years ago, the "Cumberland Farms" convenience store chain was intentionally accusing its employees of embezzling funds to 1) get rid of people and 2) enrich themselves when employees tried to use their own funds to make up for the shortfall. I don't think they pressed criminal charges.
Interestingly, their wikipedia entry has been sanitized of that part of their history.
(Score: 5, Interesting) by Subsentient on Saturday April 24, @05:30PM (4 children)
I've been doing open source work for most of my life, but only in the last 5 years have I stepped into the professional software arena.
I've learned a horrible, depressing lesson:
Code that the company thinks nobody will see will always be awful.
Open source code is objectively higher quality, because you know there are eyeballs who will see what you did and judge you for it.
Closed source code is often abhorrent just because they know they can get away with it.
Every cashier program, every medical database, they all fucking suck. That stuff should not go down nearly as much as it does. If they think some poor employee will be forced to use it, they don't put any thought into reliability or user experience.
In the professional space, I've looked for code with any semblance of quality or thoughtfulness, that showed someone cared just enough about their work to have a working sense of shame. I found it exactly once. Written by a well-paid Indian programmer named Arshak. He has my respect.
It depresses me.
So, I've always taken the time and thought to do things right for my employer, and I'm currently the golden boy as a result. Because, when I fix something, it works. I'm not some fantastic developer or prodigy or anything. I'm just some worthless crusty fatass with exploding cigar hair. I just care enough about my work to try. It saddens me greatly that so many don't seem capable of feeling guilt when checking in a rotten abortion of a commit for their employer.
“Man is not a rational animal; he is a rationalizing animal.” ― Robert A. Heinlein
(Score: 1, Interesting) by Anonymous Coward on Saturday April 24, @05:47PM
I've got mixed experience:
I've worked for a startup company building a large software product. The initial software engineers in the European office had good quality code. Yes, there were issues, even a lot of them. But we put thought into the code, did proper code reviews, were allowed to revisit code and clean up, ... Then we got acquired, an additional group of "software engineers", from another continent got thrown in to ramp up. They didn't have the same mindset and quality took a nosedive.
The big difference I think is that before acquisition, all the code was created by yourself or someone sitting right next to you. If that's not the case, it's no longer "your code", the care you take for it probably disappears as well.
In other companies, it was exactly as you described, often as a result of to many (non software) people having a mindset: "I saw someone build some app in very short time, so all software is like that."
If you come with realistic estimates, those including proper analysis, testing, documentation etc., it's always to expensive. And they need it cheaper because otherwise the competitors will get the contracts or other crap reasons.
(Score: 0) by Anonymous Coward on Saturday April 24, @05:50PM (1 child)
Open source code is crap too.
I don't think open source vs. closed source is the big dividing line: it's more like how much active development a piece of code sees. The odds are better it will get improved if more resources were spent / are being spent on the code.
(Score: 2) by Subsentient on Saturday April 24, @06:40PM
Ehh, depends. Babby's first projekt? Yeah that's going to be shit. A project with more than one developer? Almost always light years ahead. Though of course there's languages like JavaScript and TypeScript that are known for their terrible code, and that's because those languages are usually used by beginner programmers getting a contract for some stupid web app that needed to be ready by yesterday.
I don't use JS at work. When I joined the company, we used a lot of it along with TypeScript for a bug-riddled Electron-based homemade bomb of an app. We got more complaints than I've seen in a long time. It was really depressing. Eventually I threw all that shit out and we're about to launch a far more stable Qt/C++ version.
“Man is not a rational animal; he is a rationalizing animal.” ― Robert A. Heinlein
(Score: 2) by krishnoid on Saturday April 24, @06:36PM
I think this is one of the foundational principles of religion (or theism, at least).
(Score: 4, Insightful) by Anonymous Coward on Saturday April 24, @05:37PM (1 child)
False testimony is a crime, isn't it? Those bureaucrats who "insisted the software could be trusted" in court filings, are guilty of it and should serve the time. Not a slap on the wrist, not a "strong-worded reprimand", not a mere discharge; jail time, the very thing the victims of their crime had to endure.
Impunity of bureaucrats is what breeds things like this and worse.
(Score: 1, Insightful) by Anonymous Coward on Saturday April 24, @05:43PM
exactly. and using closed source software as evidence should be illegal anyways.
(Score: 0) by Anonymous Coward on Saturday April 24, @05:45PM (1 child)
" after what is reportedly the largest miscarriage of justice that the UK has ever seen."
the native uk girls and teens that have been kidnapped, drugged, coerced, and trafficked for years while the pigs ignored it for political reasons might beg to differ.
(Score: 0) by Anonymous Coward on Saturday April 24, @06:41PM
"Twelve men were accidentally hanged at Whitby Assizes this afternoon whilst considering their verdict. This is one of the worst miscarriages of justice in Britain, since Tuesday." - Monty Python.
(Score: 2, Troll) by RamiK on Saturday April 24, @05:57PM (1 child)
Evidence: Flawed.
Confessions: Secured.
Human intervention: Never took place.
Number of cases: Around 1000.
Media coverage: Blames the Japanese software vendor and the post office for withholding reports.
.
.
.
Conclusion: The justice system is a joke and the media is playing their part to hide it.
compiling...
(Score: 0) by Anonymous Coward on Saturday April 24, @06:19PM
The remaining pieces of the former UK computer company ICL have been part of Fujitsu for many years now. The developers and managers responsible for this software are probably nearly all UK citizens, working in the UK.
(Score: 3, Interesting) by SomeGuy on Saturday April 24, @06:05PM
The person who should be put in prison is whatever idiot higherup decided to not keep personnel around to audit/test/fix/maintain/verify code and requirements.
Unfortunately, too many people still trust software to do what someone says it will do. It is basically standard operating practice these days that modern software is implemented to abuse the user in every way that it can. And that is not even getting down to the bug infestation yet.
"oh, but ir uses HTTPS, and is in the cloud, and requires a smart phone app, and all the latest retarded buzzwords, so it must be perfect, right?"
(Score: 2) by looorg on Saturday April 24, @06:29PM
Didn't someone bother to do an actual count or check the till? Was it not strange then if the numbers didnt add up?