On-line payments: Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
On Fri, 02 Apr 2010 13:47:32 +1100 Jake Anderson wrote: > Rick Welykochy wrote: > > Jake Anderson wrote: > > > >> The bank may well be pretty sure that nothing will go wrong but > >> given the cost/benefit ratio its prudent not to take the chance > >> that there is one line of code somewhere or another in the many > >> tens of millions they have that will freak out when the clock goes > >> backwards. > > > > What about ATMs? Will they be down for the count? > > If not, and the main systems are down, they must queue up > > transactions. The timestamps on those transactions will > > have to be handled correctly when the queue is processed. > > Including transactions during the hour the leaps back. > Just spoke to somebody "in the know" > netbank is shut down, all other services are unaffected (well common > services anyway). > > Her explanation is this. > All other transactions are processed in a batch at night, IF you > withdraw money at an ATM your account balance is immediately debited > but the transaction itself is just recorded. > This is presumably also when all the interests are calculated and so > on. Only on business nights are those transactions actually processed > to create a statement. > Netbank transactions however are processed "instantly". > As such it can cause issues when the time roles back. Yes and no. Netbank and similar systems are built on the commercial bulk clearing system. In the original version, the bulk clearing was done by the bilateral exchange of tapes - the CEMTEX system. These days, they bilaterally exchange files several times a day. In the commercial system, a customer with a large number of employees prepares a file with the details of each employees salary and banking arrangements. The customers bank "sorts" the file according to the destination bank and sends the individual files to the appropriate bank. Netbank and similar systems are built on top of this. Very clever in a way, but the commercial system totally ignores the name of the payee. OK in the commercial context, but easy for consumers to make a mistake. The law is clear on who should refund the money when a mistake is made, but because there is no cheap remedy, the banks have simply buggered customers that make a mistake. The Australian Securities and Investments Commission is reviewing the EFT Code of Practice and has said that mistaken payments will be included in the new Code. We'll see. Masochists can read about the legal situation and the bloody mindedness of the banks here: http://www2.austlii.edu.au/~alan/mistaken-epayments.html Cheers, Alan > > It probably also has something to do with the age of netbank, its > very very new as far as bank software goes. > > > Listening to the errors they have with processing and the like, its > enough to make me want to keep my money under the bed. > > > > > The same can be said about bank-to-bank and bank-to-international > > transactions. > > > > It seems like a problem they must already have to deal with. > > Transactions world wide into and out of Australia do not stop > > for an hour at 2:00 AM Easter Sunday, do they? > > > > Anyone working in the banking sector out there? > > > > cheers > > rickw > > > > > > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Alan L Tyreehttp://www2.austlii.edu.au/~alan Tel: 04 2748 6206 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
Rick Welykochy wrote: Jake Anderson wrote: The bank may well be pretty sure that nothing will go wrong but given the cost/benefit ratio its prudent not to take the chance that there is one line of code somewhere or another in the many tens of millions they have that will freak out when the clock goes backwards. What about ATMs? Will they be down for the count? If not, and the main systems are down, they must queue up transactions. The timestamps on those transactions will have to be handled correctly when the queue is processed. Including transactions during the hour the leaps back. Just spoke to somebody "in the know" netbank is shut down, all other services are unaffected (well common services anyway). Her explanation is this. All other transactions are processed in a batch at night, IF you withdraw money at an ATM your account balance is immediately debited but the transaction itself is just recorded. This is presumably also when all the interests are calculated and so on. Only on business nights are those transactions actually processed to create a statement. Netbank transactions however are processed "instantly". As such it can cause issues when the time roles back. It probably also has something to do with the age of netbank, its very very new as far as bank software goes. Listening to the errors they have with processing and the like, its enough to make me want to keep my money under the bed. The same can be said about bank-to-bank and bank-to-international transactions. It seems like a problem they must already have to deal with. Transactions world wide into and out of Australia do not stop for an hour at 2:00 AM Easter Sunday, do they? Anyone working in the banking sector out there? cheers rickw -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
Jake Anderson wrote: The bank may well be pretty sure that nothing will go wrong but given the cost/benefit ratio its prudent not to take the chance that there is one line of code somewhere or another in the many tens of millions they have that will freak out when the clock goes backwards. What about ATMs? Will they be down for the count? If not, and the main systems are down, they must queue up transactions. The timestamps on those transactions will have to be handled correctly when the queue is processed. Including transactions during the hour the leaps back. The same can be said about bank-to-bank and bank-to-international transactions. It seems like a problem they must already have to deal with. Transactions world wide into and out of Australia do not stop for an hour at 2:00 AM Easter Sunday, do they? Anyone working in the banking sector out there? cheers rickw -- _ Rick Welykochy || Praxis Services Hofstadter's Law. "It always takes longer than you expect, even when you take into account Hofstadter's law." -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
Nick Andrew wrote: On Thu, Apr 01, 2010 at 05:47:37PM +1100, Jeff Waugh wrote: On Thu, Apr 01, 2010 at 03:27:23PM +1100, Jeff Waugh wrote: Not sure what Linux has to do with this -- there's far more going on (with dates and times especially) in a complex stack of software than just the OS. Consider the amount of legacy software and multi-system integration involved in a bank's computing environment. I see it more like "software superstition". Bad things might happen - we don't know, we won't (or can't) test it, and we won't (or can't) fix it. Sorry dudes, but this just sounds like Open Source snootiness from the small end of town. I want my bank to run on logic, not voodoo. ... and you say this with broad knowledge of the many and varied systems in place? There may just be an entirely sensible reason why one or more pieces of the system, at this point in its evolution, requires hand-holding or no external access during a DST changeover. The bank either knows that their system won't work during the DST changeover, or they suspect that it won't work. I suspect it's the latter, but either situation is a worry. Its called unknown unknowns. The bank may well be pretty sure that nothing will go wrong but given the cost/benefit ratio its prudent not to take the chance that there is one line of code somewhere or another in the many tens of millions they have that will freak out when the clock goes backwards. If it zeros out everybodys account balances due to an incorrect interest calculation wrapping or something then even if they fix it by 10:00AM they are going to be swamped by a storm of hate the likes of which you can only dream. DST changeover is predictable. Well, it's predictable that it will happen at some time, but the changeover date itself varies according to the whim of politicians. The bank should have expected DST, and built their systems to cope when it changes. I presume they have, they handle it by turning things off for an hour in the middle of the night, no great loss. Also the only information we have is on netbank which is perhaps the crappiest section of the system. Its links to the legacy systems are fragile at best and having people stick transactions in during the time transition could well cause weirdness. On the other hand, if they don't know that something will break and just suspect it, that's a worry because the bank should understand very deeply how their systems work, to achieve maximum reliability. I presume they do, but again its called unknown unknowns. They don't know what they don't know, and given the cost of failure its cheap not to risk it. On the third hand, hearing about how they can't manage a simple DNS change, getting DST right is probably the least of their worries. It wasn't a DNS change, My understanding is coming 3rd hand. A data centre went down. They have some kind of geoIP+ load balancer + user stickyness system in place that is meant to keep users generally accessing sites close to them and also sticking to them. Initially after the failure their own DNS servers were sending users to the dead data centre. Once they had fixed that they had problems with ISP's caching the incorrect DNS and spreading it over the rest of their users or something to that effect. Also they had a problem that the failover systems they had in place sent all the traffic to one other centre and caused it to become overloaded leading to 10 minute pageloads. I understand that the problem was brought about by some contractors cutting cables in a cable duct that was running in a lift shaft or something along those lines. It was a proper cut of a phat cable at that. "Whee, Linux!" is not an answer if it's an application problem - and that's being polite. "Whee, Linux!" might not be a useful answer for plenty of other reasons. Yep, and I never said it was. Nick. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
On Thu, Apr 01, 2010 at 05:47:37PM +1100, Jeff Waugh wrote: > > > > On Thu, Apr 01, 2010 at 03:27:23PM +1100, Jeff Waugh wrote: > > > Not sure what Linux has to do with this -- there's far more going on > > > (with dates and times especially) in a complex stack of software than > > > just the OS. Consider the amount of legacy software and multi-system > > > integration involved in a bank's computing environment. > > > > I see it more like "software superstition". Bad things might happen - we > > don't know, we won't (or can't) test it, and we won't (or can't) fix it. > > > > > Sorry dudes, but this just sounds like Open Source snootiness from the > > > small end of town. > > > > I want my bank to run on logic, not voodoo. > > ... and you say this with broad knowledge of the many and varied systems in > place? There may just be an entirely sensible reason why one or more pieces > of the system, at this point in its evolution, requires hand-holding or no > external access during a DST changeover. The bank either knows that their system won't work during the DST changeover, or they suspect that it won't work. I suspect it's the latter, but either situation is a worry. DST changeover is predictable. Well, it's predictable that it will happen at some time, but the changeover date itself varies according to the whim of politicians. The bank should have expected DST, and built their systems to cope when it changes. On the other hand, if they don't know that something will break and just suspect it, that's a worry because the bank should understand very deeply how their systems work, to achieve maximum reliability. On the third hand, hearing about how they can't manage a simple DNS change, getting DST right is probably the least of their worries. > "Whee, Linux!" is not an answer if > it's an application problem - and that's being polite. "Whee, Linux!" might > not be a useful answer for plenty of other reasons. Yep, and I never said it was. Nick. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
> On Thu, Apr 01, 2010 at 03:27:23PM +1100, Jeff Waugh wrote: > > Not sure what Linux has to do with this -- there's far more going on > > (with dates and times especially) in a complex stack of software than > > just the OS. Consider the amount of legacy software and multi-system > > integration involved in a bank's computing environment. > > I see it more like "software superstition". Bad things might happen - we > don't know, we won't (or can't) test it, and we won't (or can't) fix it. > > > Sorry dudes, but this just sounds like Open Source snootiness from the > > small end of town. > > I want my bank to run on logic, not voodoo. ... and you say this with broad knowledge of the many and varied systems in place? There may just be an entirely sensible reason why one or more pieces of the system, at this point in its evolution, requires hand-holding or no external access during a DST changeover. "Whee, Linux!" is not an answer if it's an application problem - and that's being polite. "Whee, Linux!" might not be a useful answer for plenty of other reasons. - Jeff -- The Great Australian Internet Blackout http://www.internetblackout.com.au/ "Anyway - I need something more James Bond than Banana Man, if you know what I mean..." - Tom Gilbert -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
On Thu, 1 Apr 2010 16:56:41 +1100 Nick Andrew wrote: > On Thu, Apr 01, 2010 at 03:27:23PM +1100, Jeff Waugh wrote: > > Not sure what Linux has to do with this -- there's far more going > > on (with dates and times especially) in a complex stack of software > > than just the OS. Consider the amount of legacy software and > > multi-system integration involved in a bank's computing environment. > > I see it more like "software superstition". Bad things might happen - > we don't know, we won't (or can't) test it, and we won't (or can't) > fix it. > > > Sorry dudes, but this just sounds like Open Source snootiness from > > the small end of town. > > I want my bank to run on logic, not voodoo. Me too. And think of all the **lovely** banking law cases that would come out if the logic is just a ltle bit wrong! I really think the CBA should consider it a public duty to contribute to the Australian jurisprudence on banking law. Cheers, Alan > > Nick. > -- > SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ > Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html > -- Alan L Tyreehttp://www2.austlii.edu.au/~alan Tel: 04 2748 6206 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
On Thu, Apr 01, 2010 at 03:27:23PM +1100, Jeff Waugh wrote: > Not sure what Linux has to do with this -- there's far more going on (with > dates and times especially) in a complex stack of software than just the OS. > Consider the amount of legacy software and multi-system integration involved > in a bank's computing environment. I see it more like "software superstition". Bad things might happen - we don't know, we won't (or can't) test it, and we won't (or can't) fix it. > Sorry dudes, but this just sounds like Open Source snootiness from the small > end of town. I want my bank to run on logic, not voodoo. Nick. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
RE: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
Actually there are reasons why Microsoft systems cannot handle the changeover as well as Linux based systems. The biggest is that the Windows API cannot perform the conversion between local time and UTC as at some other point in time. So, for example, if, come Monday, you look at the date of this email from a Windows system, the email will appear to have been sent 1 hour earlier than it appears to have been sent today. This is because the Windows system will convert the UTC date (or equivalent) stored in the email to AEST. It will not recognise that in fact AEDT applied at the time of the message. This can be an annoying thing to have to explain to a judge, especially when you have an email chain in evidence, and it appears on first glance to be out of order. Linux systems do not suffer from that problem. Moreover, the data format of the time zone information is well published so that applications can be written to deal with other complications that can arise. With Windows the information is super secret. Also, Windows only records time zone changeover information by means of a single rule - it does not record historical changes by year as the TZInfo database used on Linux does. That is why for the year 2000 in Sydney (with the 1-of early change to AEDT for the Olympics) Windows users had to install a new time zone, change their system to that time zone, then change it back for the following year. Another unwanted side effect is that at changeover time, the modification date of every file on the system, when converted to local time, appears to change by an hour. Again Linux will apply the offset applicable at the relevant time, rather than the current offset. This deficiency in Windows is truly painful when writing software that attempts to do things on a timed schedule. There are some problems that simply cannot be worked around. Even installing and using the TZInfo database will not help, since the result will vary from what Windows would have done. Perhaps you could create your own database of Windows time zone changes, and hope and pray that the user updated the time zones and the patches at all the right times, but you would most likely be swapping one error for another. Having had way too much experience writing software for Windows that had to deal with time zones, and also had rather more positive experience writing software for Linux that had to deal with time zones, I can vouch for the fact that Linux does it many, many times better than Windows. If you are using Windows for servers where time ordering is relatively critical, you may well have no real option other than to shut the servers down during the transition. Regards, Troy Rollo Solicitor Parry Carroll Commercial Lawyers Direct: (02) 8257 3177 Fax: (02) 9221 1375 Switch: (02) 9221 3899 E-mail: t...@parrycarroll.com.au Web: www.parrycarroll.com.au <http://www.parrycarroll.com.au> Liability limited by a scheme approved under Professional Standards Legislation This message and any attachments are confidential to Parry Carroll. If you have received it my mistake, please let us know by reply and then delete it from your system. You must not copy the message, alter it or disclose its contents to anyone. Thank you. -Original Message- From: slug-boun...@slug.org.au [mailto:slug-boun...@slug.org.au] On Behalf Of Jeff Waugh Sent: Thursday, 1 April 2010 3:27 PM To: slug@slug.org.au Subject: Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers? > Similar for Westpac: "Online Banking will be unavailable due to > scheduled maintenance from 02:50 to 04:15 AEST on Sunday 4 April 2010." > Another one not using Linux. Not sure what Linux has to do with this -- there's far more going on (with dates and times especially) in a complex stack of software than just the OS. Consider the amount of legacy software and multi-system integration involved in a bank's computing environment. Sorry dudes, but this just sounds like Open Source snootiness from the small end of town. Seriously, just look at half the MySQL-based Open Source applications around you... Example: WordPress only gained automagically updating named timezones (rather than manual offsets) in 2.7 or 2.8. Fat load of good "Linux" [1] did in that case. - Jeff [1] It's not like you're talking about the Linux kernel here, either. -- The Great Australian Internet Blackout http://www.internetblackout.com.au/ I wonder how many bugs have gone unfixed due to misspellings of "FIXME". -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html smime.p7s Description: S/MIME cryptographic signature -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Why so snooty? Re: [SLUG] Which bank doesn't use Linux servers?
> Similar for Westpac: "Online Banking will be unavailable due to scheduled > maintenance from 02:50 to 04:15 AEST on Sunday 4 April 2010." > Another one not using Linux. Not sure what Linux has to do with this -- there's far more going on (with dates and times especially) in a complex stack of software than just the OS. Consider the amount of legacy software and multi-system integration involved in a bank's computing environment. Sorry dudes, but this just sounds like Open Source snootiness from the small end of town. Seriously, just look at half the MySQL-based Open Source applications around you... Example: WordPress only gained automagically updating named timezones (rather than manual offsets) in 2.7 or 2.8. Fat load of good "Linux" [1] did in that case. - Jeff [1] It's not like you're talking about the Linux kernel here, either. -- The Great Australian Internet Blackout http://www.internetblackout.com.au/ I wonder how many bugs have gone unfixed due to misspellings of "FIXME". -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html