| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by dossy 1160 days ago

It's hard to know if "their code was horribly written" without privileged knowledge about their code, but we can infer some things or at least formulate some reasonable assumptions based on what factual information is publicly available:

https://www.sec.gov/litigation/admin/2013/34-70694.pdf

> On August 1, 2012, Knight Capital Americas LLC (“Knight”) experienced a significant error in the operation of its automated routing system for equity orders, known as SMARS. [...]

> Upon deployment, the new RLP code in SMARS was intended to replace unused code in the relevant portion of the order router. This unused code previously had been used for functionality called “Power Peg,” which Knight had discontinued using many years earlier. Despite the lack of use, the Power Peg functionality remained present and callable at the time of the RLP deployment. The new RLP code also repurposed a flag that was formerly used to activate the Power Peg code. Knight intended to delete the Power Peg code so that when this flag was set to “yes,” the new RLP functionality—rather than Power Peg—would be engaged."

> [...] In 2003, Knight ceased using the Power Peg functionality. In 2005, Knight moved the tracking of cumulative shares function in the Power Peg code to an earlier point in the SMARS code sequence. Knight did not retest the Power Peg code after moving the cumulative quantity function to determine whether Power Peg would still function correctly if called.

A system that can, in a catastrophic failure, single-handedly put your entire company out of business, is what I'd consider mission-critical.

Mission-critical systems should, by definition, be held to a higher standard of quality than non-critical systems.

A mission-critical system that has dead code still in production for 9 years, untested, and allowing the "repurpos[ing of] a flag," suggests the level of quality that may be at play.

Your guess is as good as mine, but this smells like a pretty grievous coding error, lack of quality around deployment processes, and insufficient testing and validation.

For a system that is so mission-critical, that a simple "mistake" put the entire company out of business in one single event, this seems pretty "horrible" to me.

YMMV.