The following is from Federal Computer Week> I can't even believe it. the blame game has begun. Even though y2k has not even occured yet.

DECEMBER 20, 1999 -

OP-ED

Blame for Year 2000 hysteria starts at GAO

By Tom Giammo

Perhaps it is not too early to begin the finger-pointing over the real Year 2000 catastrophe. When the grand anti-climax to the Year 2000 problem occurs Jan. 1, the media likely will be full of "experts" who knew all along that the dire predictions were gross exaggerations and that the supposed cure was many times worse than the disease. If anyone is to be heard above that coming din, it is best to speak up now.

An insightful opinion piece by professor Paul Kedrosky in the Dec. 8 issue of The Wall Street Journal has pointed the first finger: "While there was a date-related problem in many computer programs, the panic outdistanced the likelihood of calamity so much that we reached absurdity in record time." As he points out, very few of the trillions of dollars attributed to Year 2000 remediation is related to any actual technical fixes of the problem. The Gartner Group Inc., for example, is cited as estimating that 80 percent of the total Year 2000 cost is related to public relations. Kedrosky blames the media and economists such as Edward Yardeni, Ed Yourdon and Peter de Jaeger for creating Year 2000 alarmism.

I believe that Kedrosky is a bit off in his assessment of underlying responsibility. By and large, the media and the economists he cited have nontechnical backgrounds and were not capable of making any personal assessments of the risk. In general, they served merely to transmit what they were told by people with more technical expertise. The same is true of members of Congress, the Clinton administration, the legal profession, corporate boards, regulatory agencies and others who took up the cry, motivated either by genuine concern or by vested interest.

Ultimately, I believe the technical community must shoulder the major blame for originating and stoking the panic. They should have known better. Elements within the technical community benefited directly from the alarm. The prestige and influence in of techies were enhanced. Money became freely available for any long-desired project that could be even remotely tied to the Year 2000 issue.

The real question here is: Is there a small number of people who could reasonably have been expected to behave in a way and to a degree that would have made a significant difference? I believe that the answer is yes, and the responsible organization is one of my alma maters: the General Accounting Office.

It is my view that the key abdication of responsibility in the Year 2000 issue was GAO's uncritical adoption of its "triple negative" standard that held that if an agency could not provide positive and convincing evidence that none of the functions of an information system would be affected by Year 2000, that system would thereby be rendered "noncompliant."

Let me trace my "for the want of a nail" reasoning that caused me to settle on this particular element. It should be obvious that this standard is difficult -- and expensive -- to meet, even for those systems without the remotest connection to critical data functions. For the most part, exhaustive code searches and/or elaborate detailed emulations would be required to meet the defined standard.

GAO's adoption of this stringent standard as federal "good practice" regarding Year 2000 lit the oversight fires in Congress. Congressional opportunism, supported by repeated testimony and reports from a group of "experts" in GAO, turned the GAO standard into a mandated requirement, which triggered several hundred billion dollars of federal expenditures. The federal regulatory agencies fell in line and in turn imposed this requirement on their corporate constituents such as banks, brokerage firms and power companies.

The legal profession mobilized for Year 2000 lawsuits. The media was stirred into action and flooded households with assurances that assumed catastrophe was likely unless heroic measures were undertaken. From that point on, the fear fed on itself.

Let me suggest that in each of the steps outlined above, the negative effect would have been dampened considerably had the underlying GAO standard been defined more reasonably. One also should note that in the rest of the developed world, absent the initial prod of something like this GAO standard, the Year 2000 concern was far more restrained -- at least until the concern of the United States and its associated triple-negative standard propagated there through the ties of international commerce.

Was the GAO's standard responsible? Even given what was known about the Year 2000 problem at the time the standard was first promulgated, the answer is "no." GAO's own risk analysis and mitigation guidance requires a thorough study of the likelihood of the potential risks and the magnitude of the consequences vs. the costs of various mitigation strategies. Given the extreme stringency of its resulting standard, one should expect the evidence to be overwhelming that GAO expected risks that were high and significant and that it had convincing proof that the triple-negative standard was the most cost-effective approach. GAO has never published such a study, and one must doubt that it ever was made.

Even if GAO had somehow decided that its ignorance of the problem at the time justified a triple-negative standard as an interim measure, it had ample time and evidence to reverse that decision. One would think that the multitude of Year 2000 assessments would furnish sufficient data for a realistic GAO analysis of the probable risks and consequences. Regardless of any bias GAO may have held, they should have been alerted by the scarcity of even anecdotal negative results on the scale that might have justified the standard.

-- Giammo retired from government service in 1993 when he was assistant commissioner of the Patent and Trademark Office. Prior to that, he had been an associate dir

-- 8 (8@8.com), December 20, 1999

Answers

Another thread on this same FCW article is at:

http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id=0023aQ

"Blame For Year 2000 Hysteria Starts At GAO"

-- Linkmeister (link@librarian.edu), December 20, 1999.

ROFLMAO,

Panic? PANIC? What panic? We don't have any 'stinking' panic? (shades of movie: Treasure of the Sierra Madre--"we don't need no stinking badges")

Panic? Stop it, I can't take anymore laughing...I've got to stop and catch my breath.

Last I saw the stores were all stocked. I've not heard of a Y2K riot, and the opinion polls certainly don't reflect a panic. So who are these people trying to kid??? Themselves???

What Morons!

-- R.C. (racambab@mailcity.com), December 20, 1999.

This German site (in English) reviews the developmental histories of various computer operating systems and languages, in regard to representation of dates. For each it offers an assessment of responsibility for consequent Y2K difficulties: The Year 2000 Problem

On the VAX/VMS operating system:

[It] "offers library calls, which convert the 64 bit number into a ready to use calendar date (according to a format specified in the call). Due to the 64 bit width this calendar does not overflow before the year 60352!"

and

"The presence of the VAX in the market and the fact that Digital Equipment Corporation published this way of maintaining a calendar is sufficient cause to state:

"Since 1978 it is state of the art in operating systems to maintain a 64-bit number, which can be used to derive the 'date' according to the calendar of any culture. The point in time where this location overflows is sufficiently far in the future ... Even astronomers and other scientists calculating far into the future were satisfied with this solution.

"If an operating system, whose last version has been developed after 1978 (i.e. less than 22 years before millenium end), has a year 2000 problem, this can be judged in court as substantial defect or even grossly negligent design flaw."

FORTRAN, PASCAL, MODULA-2 are presented as examples of languages whose creators

"did not address the issue of time and date within the language and left it to [the] operating system to provide a way for programmers to access the 'system time' via system calls or language support libraries..."

As for hardware, the paper concludes

If a PC was produced after 1986 (i.e. less than 14 years before millenium end), and it has a year 2000 problem, this can be judged in court as grossly negligent design flaw and substantial defect.

and as for software:

Software, which has been written or updated after 1986 has the possibilty to check, which PC type it is running on, it has no excuse in pointing to the hardware (e.g. arguing about compatibilities with older PCs). This is not only true for applications and tools, but for operatings sytems as well. This has a significant consequence for application vendors. If an application vendor recommends or even instructs [users] to use an operating system with substantial defects or grossly negligent design flaws, it can be judged as improper or faulty expert advice.

-- Tom Carey (tomcarey@mindspring.com), December 20, 1999.

Right...blame the teckies... (WRONG!)

Consider the system that rewards short term results and ignores long term preparedness...both in industry and government.

-- Mad Monk (madmonk@hawaiian.net), December 20, 1999.

Agreed, the majority of informed and responsible techies would have taken the initiative to fix the problem (at least the parts within their purview) long before now were they allowed to. JIT and FOF software repair tends to be the hallmark of the MBA and CPA types. Of course, it would take the journalism profession to blame it all on (who else?) preparedness-minded techies... which reminds me of the Dilbert cartoon in which another journalism major enters the work force...

-- Zygote (zygote1@zygote1.zygote1), December 21, 1999.