The Y2K crisis revisited
How it happened and why it will happen again, and soon.
Where it all began
First, Oppa Gangnam Style! The Korean pop hit that taste forgot thrust its way manfully through the eardrums of the world and racked up 2,147,483,647 views on YouTube in 2014. This particular figure was the largest number of views YouTube’s backend could support back then, as the site was written with 32-bit integers in mind. A quick upgrade to 64-bit integers later, and Psy’s terrifying total could continue its unstoppable upsurge toward the new ceiling of over nine quintillion views. The basic problem here, an integer overflow, is essentially the same as the Y2K problem.
It all boils down to programmers taking a shortcut, and representing a year with two digits instead of four. This happens absolutely everywhere, despite International Standard ISO 8601 specifying that dates should be written as YYYY-MM-DD. Had computers, particularly embedded systems, used this standardised date format, there wouldn’t have been a problem, but computer storage space was once very expensive, and every byte counted, so many programmers used YY-MM-DD, or MM-DD-YY, or DD-MM-YY to save both space and processing time. This all worked fine for a long time, but eventually, due to the way two-digit dates were interpreted, it meant that as 1999 turned to 2000 those systems found themselves in 1900 and, unaccustomed to this time period, either failed or displayed an error.
Another way to think of it is in terms of the odometer in your car. As it passes 99999.9 kilometers, the final digit clicks around and returns to 0. This causes a cascade reaction through every other digit, returning them all to the same state. It can’t generate an extra decimal place, so instead of 100000.0 you get 00000.0. Your car isn’t, sadly, returned to factory-fresh condition, but this mechanical wrapping-around of the numbers mirrors what happens in a computer.
Peter de Jager, host of the Y2K: An Autobiography podcast and a prolific public speaker on the subject, is often credited with bringing the Y2K problem to widespread attention through a 1993 article in Computerworld magazine, but awareness of the problem goes back further than that. IBM computer scientist Bob Bemer noticed it in 1958 while working on family tree software. In the 1970s, banks offering 30-year mortgages bumped into the problem, while in the 1980s the financial industry was forced to take notice, as bonds with expiry dates beyond the year 2000 were issued. By 1987 the New York Stock Exchange had 100 programmers working on the problem, and had spent US$25 million on it. The federal government would go on to spend US$11 billion.
De Jager’s article came about as a result of some persuasive tactics with an editor: “I was at an Association for Systems Management meeting, I think in San Francisco,” he tells us. “And I’m giving a talk on something very mundane, the PC productivity paradox.” This is the slowdown in productivity in the US in the 1970s and 1980s despite rapid development in IT at the time. “There were 300 or 400 people in the room, including this Computerworld editor. When I got home, she called me, said she liked the presentation, and asked me to do an article on it. This is back in
the day when print media was much larger than it is today.
The old Computerworld magazines were like an inch thick, and would drop on your desk every week, the Bible of the IT industry. And I said, ‘You have to be kidding. You want me to write about a stupid topic like PC productivity? How about I write about the biggest problem in the IT industry that we’re going to face? The fact that we store the year in two digits, and seven years from now this thing is going to go belly-up.’ She says, ‘Well, OK, you can do that’. It was a little bit of serendipity.”
De Jager’s article, titled “Doomsday 2000,” was called “the information-age equivalent of the midnight ride of Paul Revere” by The New York Times.
The Y2K name would come two years later, in an email sent by Massachusetts programmer David Eddy in 1995: “People were calling it CDC (Century Date Change), FADL (Faulty Date Logic). There were other contenders. Y2K just came off my fingertips,” Eddy told
The Baltimore Sun.
Public perception
There is, as we’ve hinted, something of a PR problem for Y2K. 20 years on, it’s viewed by some as a joke, public hysteria, or a problem conjured up by those keen to sell us new computers and never a real threat. The reality is different: “I don’t know of a single person working on Y2K who thinks that they did not confront and avoid a major risk of systemic failure,” said John Koskinen, chairman of President Bill Clinton’s Council on Y2K, in early 2000. The then-British prime minister, Tony Blair, called it “one of the most serious problems facing not only British business but the global economy today.” John Hamre, United States deputy secretary of defense, called it “the electronic equivalent of the El Niño, and there will be nasty surprises around the globe.”
Others disagreed. In their book Running Office 2000 Professional, published in May 1999, authors Michael Halvorson and Michael Young predicted that most PC hardware and software would be unaffected. “As you learn about the year 2000 problem, and prepare for its consequences, there are a number of points we’d like you to consider,” they wrote. “First, despite dire predictions, there is probably no good reason to prepare for the new millennium by holing yourself up in a mine shaft with sizable stocks of water, grain, barter goods, and ammunition. The year 2000 will not disable most computer systems, and if your personal computer was manufactured after 1996, it’s likely that your hardware and systems software will require little updating or customising.”
A British startup company, Greenwich Mean Time, took a different view. In 1997 it began selling a software package for £20 (equivalent to $97 today) called Check 2000, which promised to “Check 2000 flags and fix year 2000 PC problems” in “less than the time it takes to drink your coffee.” It sold over 4 million copies around the world, and the company’s founder, Karl Fielder, was so confident in the patch that he gave his entire staff 10 days’ vacation over the millennium turnover, diverting all calls to his cell phone. He got 15.
Estimates of what the world spent on Y2K preparations vary wildly. Whole government agencies were set up, large salaries paid – you can draw parallels with many large human endeavors. And like the Moon landings or the current pandemic, it’s a breeding ground for conspiracy theories.
So what did happen?
The US Naval Observatory briefly recorded the year as 19100; 150 slot machines at racetracks in Delaware failed; credit cards with expiry dates in 2000 were rejected because they’d expired in 1900; Telecom Italia sent out bills dated 1900 for the first two months of the year; a radiation alarm system was shut down at a Japanese nuclear power station, and 15 other nuclear reactors around the world had to be shut down (not bad, considering there were 432 in operation worldwide at the time). Planes did not drop from the sky (indeed, Koskinen made sure he was flying at millennium midnight to show his confidence in the measures the US had taken), and military facilities did not burn as a result of the date change. However, the effects were still wide-ranging, despite the amount of work put in.
“The notion that there were no problems is absolutely ridiculous, says de Jager. “We had problems prior to the year 2000, and we identified problems that would have happened if we didn’t take care of other problems. There’s no debate about it except for people who don’t understand.” One point of confusion is that some, like Check 2000’s customers and those who read the Office 2000 Professional book, were using PCs. Windows 98, NT4, and 2000 were robust operating systems that could be patched, and suffered minor Y2K effects involving the display of dates on screen, but little else. “Microsoft understands the critical nature of the Year 2000 issue and is committed to diligently testing its products and promptly providing information and solutions to its customers if issues arise,” Rich Kaplan, director of the Platforms Infrastructure Group at Microsoft, said in a statement reported by CNET. “In the course of testing efforts with Windows 98, we have identified and fixed these minor Year 2000 issues.” The bigger problems came from applications, specialist add-on hardware, and embedded systems that were not so easily updated.
The idea that there were no issues comes, de Jager believes, from “unjustified confidence in computer systems.” Y2K, in his view, brought to the fore how reliant society had become on computers. “They sort of snuck into the systems, into organisations. And while IT people knew what they were doing, the C-level executives were sort of saying, ‘Yeah, there’s that department down there, they’re doing something with computers, they seem to be doing it okay, but it’s no big deal. And they didn’t really
realise how much their organisations were depending upon those computers.
“We had to come to them and say, ‘Oh, by the way, that stuff that you’re depending upon that you don’t really understand how much you depend upon? It’s all going to go belly-up real soon, and we need to fix it. Could we have US$20 million please?’ We have an unjustified confidence in our computer systems. Our computer systems are incredibly vulnerable. IT people know this is no secret, but the people who pay for the IT and depend upon it weren’t really aware of this until Y2K made people aware.”
De Jager saw his goal, at the time, as not being to fix the problem, but to get people to accept the problem existed. “If I’m speaking to an audience, and the overwhelming response is ‘He’s a nutter, he’s absolutely off his head, and I’m going to go back and test our systems and I’m going to prove that he’s a charlatan,’ then my work has been done. Organisations did go back. They went to their banking systems and they advanced the date on a couple of files, and then they ran their system and the whole thing crashed. Boom. And they went, ‘Crap, he’s right.’”
Another issue was the assumption that older systems, running older code written in older programming languages whose programmers were, alas, getting older, would be replaced long before the integer overflow became a problem. We’ve all heard rumors of financial institutions that have built their IT systems on creaking foundations laid down in the 1980s, but could it be more than rumor? “I absolutely guarantee it,” says de Jager. “In the US government in many of the states, their payroll systems and their unemployment systems are in COBOL.”
COBOL is a programming language that first appeared in 1959, but has been thoroughly and regularly updated through 2014. “There’s nothing fundamentally wrong with COBOL, there really isn’t,” says de Jager. “It’s a good product, but it wasn’t designed to handle, you know, 20 million people seeking unemployment. These systems are just dying, and dying because they weren’t designed to handle that many records. They can make changes to it, but you’re just perpetuating the problem. What you really need to do is to go through the old COBOL systems and rewrite and redesign the systems.
“There are Fortran (from 1957, last stable release 2018) programs out there too, I guarantee it. These languages don’t die. They sort of continue on in the background. They are immortal.”
Finding people who still speak these languages to maintain the systems isn’t the way forward, he says. “The real way to solve it is to bite the bullet. Recognise that these things have expiry dates, not because they get bad, but because better solutions come along.”
This solution isn’t always popular, because of its cost and the length of time it takes to implement. Of course, de Jager has an opinion about this: ”People don’t realise how expensive this stuff is,” he says. “Especially when everything depends upon it. When your entire organisation is depending upon 50,000 programs written in an arcane language, replacing it is not an overnight task. It takes four or five years. We have examples of payroll systems that need to be replaced all over the world. In New Zealand, they tried to replace the teachers’ payroll system, and teachers didn’t get paid for a year. In Canada we have something called the Phoenix system, which is supposed to replace all the huge payroll systems for the government, and we’re still having trouble with that.” Indeed, Canada’s Standing Senate Committee on National Finance
called Phoenix an “international embarrassment” in a 2018 report.
“We don’t really appreciate how complicated this stuff is,” de Jager says. “We think we’ll just do it. You know, here’s a couple of million dollars, just take care of it. It’s not that easy.”
It’s not over yet
And the way Y2K was fixed may come back to haunt us in the future. A technique called “windowing” was often used, where instead of rewriting computer code to allow for four-digit years, it was instead modified so that dates within a specific window – for example 00-20 – were recognised as beginning with 20, and all others with 19. This method kicked the can down the road, setting another hard deadline by which time it was assumed that the devices would have been replaced. Guess what?
“We saw Y2K problems occur in 2020, and we could make that prediction because we knew that the problem wasn’t fixed,” says de Jager. “It was pushed to the future instead of expanding to four-digit years. What we did was, we used things like windowing, and one of the windows that we used was 20 years. It’ll certainly rear its head again in 2025, again in 2030, and 2050, because those were all the dates used for windowing.”
Known 2020 glitches included WWE 2K20, a bafflingly popular wrestling videogame that became non-functional until a patch was pushed out; cash registers that were manufactured by Novitus stopped being able to print receipts until fixed; and yet more utility companies produced bills dated 1920.
The year 2020 was often picked for windowing for a reason: Unix. The operating system that just won’t die, Unix originated at Bell Labs in 1969. It lurks in things like
Android and macOS, and counts time in a particular way related to seconds since January 1, 1970 (see boxout, p58), and the year 2020 is exactly 50 years after 1970. Again, no “fixed” systems were expected to still be in operation by the time 2020 came around, and the executives who ordered such cost-cutting didn’t expect to still be in their roles when it came back to bite them either.
Our society still hasn’t come to terms with its reliance on computers. We tend to think that, if they all disappeared tomorrow, everything would be okay. The truth is that computer failures kill people – look at Boeing’s 737 Max airliner, grounded worldwide after 346 people died in two crashes caused by automated flight-control malfunctions. If we hadn’t done anything about Y2K, then the consequences could have been disastrous. “There’s no way to know,” he says. “We knew things would go wrong, but there’s no way to predict with any certainty what could go wrong.”
Former CNN science editor Kevin Sanders, writing in The Nation in February 1999 was prepared to go there, however: “The greatest danger comes from Russian and Chinese missiles,” he wrote. “As the Y2K digital tsunami moves west from the international date line in the Pacific, China and Russia will become the first nuclear nations to face possible computer failures – almost half a day earlier than the United States. All contact and communications could be lost or disrupted. Launch-site commanders could be left literally in the dark, trying to read the meaning of silence.”
The article continues: “According to a number of Russian scientists currently working in the United States, the financially starved Russian military and its dilapidated computer systems are even more prone to Y2K failure than those in the United States… Sergei Fradkov, a former Soviet satellite control technician now working for a Wall Street software developer [says], “Russia is extremely vulnerable to the Year 2000 problem… If the date shifts to 0 for a brief moment… that fools the system into thinking there is a high probability of an attack in progress.”
At that time, Russian and Chinese nukes were no longer targeted at US cities, but this didn’t stop the speculation: “[T]hey can be back on target in ten seconds. Whether this could happen as the result of an automatic or accidental computer default is not known.” Everything in the US was A-OK, however; Captain Allan Toole, head of the Pentagon’s Y2K Special Weapons Agency, was quoted in the same article, saying, “I have a good feeling about Y2K in this agency.” So that’s all right then.
In July 1996, Senator Daniel Patrick Moynihan wrote to Pesident Bill Clinton. “The computer has been a blessing,” he wrote. “If we don’t act quickly, however, it could become the curse of the age… each line of computer code needs to be analysed and either passed on or be rewritten.” That effectively did happen, whether it was a long-term fix, an emergency patch after problems developed, or windowing that pushed the problem to the future.
Legions of IT professionals stepped up to squash the bug, millions of home users installed patches, and its worst effects were mitigated. And this is something that rings through to the present day, and transcends the narrow world of computing: when we all work together, we can move mountains.