this post was submitted on 18 Dec 2024
1099 points (98.5% liked)

memes

10666 readers
1905 users here now

Community rules

1. Be civilNo trolling, bigotry or other insulting / annoying behaviour

2. No politicsThis is non-politics community. For political memes please go to [email protected]

3. No recent repostsCheck for reposts when posting a meme, you can only repost after 1 month

4. No botsNo bots without the express approval of the mods or the admins

5. No Spam/AdsNo advertisements or spam. This is an instance rule and the only way to live.

Sister communities

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 3 days ago (1 children)

Even if such parsers aren't used directly in critical systems, they'll surely be used in the supply chains of critical systems. Your train won't randomly derail, but disruptions in the supply chain can cause repair parts not to be delivered, that kind of thing.

And you can be certain such parsers are used in almost every application dealing with datetimes that hasn't been specifically audited or secured. 99% of software is held together with duct tape.

[–] [email protected] 1 points 3 days ago (1 children)

True. But I wouldn't see this as extremely more critical than the hundreds of other issues we encounter daily in software. Tbh, I'd be glad if some of the software I have to use daily had more duct tape on it...

[–] [email protected] 4 points 3 days ago

I think you might be underestimating the potential impact.

Remember the Crowdstrike Windows BSOD? It caused billions in damages, and it's the absolute best case scenario for this kind of issue. Our potential Y10K bug has a bunch of additional issues:

  • you don't just have to patch one piece of software, but potentially all software ever written that's still in use, a bunch of which won't have active maintainers
  • hitting the bug won't necessarily cause crashes (which are easy to recognize), it can also lead to wrong behavior, which will take time to identify. Now imagine hundreds of companies hitting the bug in different environments, each with their own wrong behavior. Can you imagine the amount of continuous supply chain disruptions?
  • fixes have to be thought about and implemented per-application. There's no panacea, so it will be an incredible amount of work.

I really don't see how this scenario is comparable to anything we've faced, beyond Y2K.