- BlogInfoSec.com - https://www.bloginfosec.com -

When is a Glitch Not a Glitch?

… When it’s not a “minor malfunction” or “a minor problem that causes a temporary setback.” (per Webster’s dictionary). There was nothing minor about the four hours of downtime of an air traffic control system that caused a “major” disruption of military and civilian air traffic in the Washington-Baltimore area on Saturday, August 15, 2015. A “… technical glitch at an air traffic control center in Northern Virginia disrupted flights along the East Coast…” reported Ashley Southall in the The New York Times of August 16, 2015. In her article “Computer Glitch Suspends Flight Along East Coast,” she reported that F.A.A. officials did not think that the “glitch” was “the result of an accident or a hacking.”

It is particularly misleading when significant computer system malfunctions or failures are called glitches. Everyone is supposed to nod knowingly and say “Ah, yes, another one of those doggone computer glitches.” And they’re supposed to feel comfort in that it was minimal and seemingly not due to a hacker. But if it is also not an “accident,” then what is it? Not being an accident translates into intentional malevolent activities in my book. But we can presume from the context that it was supposedly not an intentional act.

I expect that we will get an explanation soon enough. Likely the root cause will be programmer error or problems with an upgrade … but those are both accidental, aren’t they? To think that they might be intentional would be especially disturbing … a malicious insider job, no less.

(Author’s note: Sure enough. Subsequent to writing this piece, it was announced that an upgrade was indeed the culprit, as in Joseph Garcia’s report “Delay of hundreds of flights: FAA blames software upgrade” at http://northerncalifornian.com/content/51846-delay-hundreds-flights-faa-blames-software-upgrade [1]. No joke. But was that really the cause? I remember, when working at a brokerage firm many years ago, seeing a problem with customer statements due to human error. However, management announced that the cause was a due to the printers … however far-fetched that might seem … so as not to upset customers unduly. It was felt that customers could accept a hardware malfunction more readily than something being wrong with the application or its operators.)

The bottom line is that there really is no such animal as a glitch, or if there is, it is minimal and not even noticed. The term glitch, however, is commonly used when either you don’t know the reason for the malfunction and/or failure, or you do know the cause but are not about to disclose it. In either case, you could just say … “We’re researching the problem” or “We’ve fixed the problem and will provide additional information at a later date.” But don’t tell us that it wasn’t accidental and then leave us hanging.