The Digital Detective, Pay the Piper I

Pawnee ©
Encyclopedia of Aircraft

One day, I faced company arrest, a kind of corporate detainment. Company arrest combines citizens’ arrest and house arrest. Worse, the detainment came with a threat of physical harm. I’m not sure I should name the enterprise involved, but their initials are Piper Aircraft. They are known for fine low-wing light aircraft ranging from the homely but hardy Pawnee to the gorgeous Fury.

Piper contacted me about the time I went solo in my career. I had become an accidental expert in teleprocessing, the transmission of data. Operating systems have clean well-defined edges, where every tiny piece has a distinct, often powerful purpose. Contrarily, telecommunications is fraught with errors and omissions. An OS has to maintain a semblance of recovery and control despite fried fibre optics, iced-over microwave towers, or Russian-severed Atlantic cables. Trapping entangled signals, simultaneously there and not there, is trickier than bathing Schrödinger's cat.

Fury © Piper Aircraft

The introduction began a year earlier when a phone call came in, Director of Programming Services for Piper Aircraft in Lock Haven, Pennsylvania. Introducing himself as Willy, explained they were using software from my old boss Rich, as described last time. They were experiencing problems but didn’t know how to diagnose the source.

Willy explained Lock Haven was two hundred miles from nowhere and not easy to get to. A trip required a full day’s drive from my home, a seven hour drive without traffic, and oddly about the same via a chain of commercial commuter flights. Thus Piper Aircraft commuted by… Piper aircraft. Willy would instruct one of their pilots to pick me up and afterwards return me home. On my end, I chose Plymouth, Massachusetts not because I lived there but because my girlfriend did, and a small airport might be easier to navigate.

© Piper Aircraft

As a newly baptized student pilot, I enjoyed the ride. The pilot wasn’t a natural teacher, but he handed me right-seat controls while nothing demanding was happening, adding a few hours to my logbook. A side trip to LaGuardia found us sandwiched between two giant jets. Small planes have to be cautious about wingtip vortices, invisible whirlwinds that can capsize the inattentive.

As we flew into central Pennsylvania, eagles glided along side us rising on thermals from the spread of forests below. No pun intended, but this commute was becoming the high point of my day.

© Piper Aircraft

Loch Haven’s municipal airport was Piper’s for all practical purposes. It adjoined the company’s plant and offices. Nearby buildings housed machine shops, assembly operations, and a paint facility. Piper situated me in sort of a company residence for visitors and commuting executives. The company was relocating their headquarters to Vero Beach, Florida, so short-term housing had become important.

That set the pattern for another three visits. Willy was revealed as a bombastic fellow, lots of bark but no bite. He’d grouch, gruff, and growl, but didn’t mean it. He would help anyone who’d need it and undoubtedly made a fine father.

© Wikipedia

All but one of his programming staff were married and weren’t interested in hosting a codeslinger after hours. Jennifer was the opposite, a girl with an interesting history and no one to hang out with. We shared dinner and dialogue a couple of evenings.

Originally from the area, she’d moved east, but hadn’t drained the avgas from her arteries. Exposed to new opportunities, she’d learned to skydive, where she’d become proficient.

She related a number of high-flying tales. Once she initiated a naked jump with her skyteam, exactly what it sounds like: shed clothes and bail out nude. I guess you had to be there. The mothers of most of us, if we’re gonna die, simply hope we remember clean underwear.

© Wikipedia

Then came her moment of disaster. Unexpected winds tossed her parachute in uncontrollable arcs that caused her to crash into the ground, breaking her back. Jennifer returned to hearth and home to heal, staying with her mother and father, and working at Piper to pay the bills. She planned to resume jumping, but that was probably a year off. In the meantime, she helped form a local jump club.

Shop Talk

This turned out the first and only time I worked in a union shop. Management explained they had to get permission for me to take charge of their machines.

The union was gracious about it. At first, they kept an eye on me, but once they realized I knew what I was doing and was willing to share my knowledge, they made me welcome.

It transpired their problems weren’t serious. They simply needed a helping hand marrying equipment and software from multiple vendors. I enjoyed working with Willy and the staff, which resulted in additional visits.

Where’s Willy?

I previous mentioned my charming boss. Inevitably, I struck off on my own, not getting wealthy, but living by my own lights. To my pleasant surprise, I saw Piper’s number on my telephone. Only this time, the caller wasn’t my friend Willy.

My imagination suggested the name sounded like Manny O’Dious, the new Number 2. This was Piper’s new Director of Programming Services, but what a gutter mouth… and gutter mind.

“That stupid ƒ-er Willy managed to piss off a vice president and got his ass fired. ‘Willy.’ Can you think of a more stupid name? Anyway, you left your job undone. Get your ass down here and fix the problem now.”

Taking orders from a person I respect is remotely tolerable, but as you might have guessed, being bossed around is not  my thing. Still, I needed to make a living.

“When can your pilot be here?”

“Oh no, no. Things are different now. I’m not providing or paying for transportation. It’s not in my budget.”

Lock Haven, Pennsylvania

Lock Haven was landlocked in the remote wilds of Pennsylvania, so making the trip by commercial and commuter hops to ever smaller airports required as much as five or six hours of flight time and additional hours of rental car driving. One way required an exhausting full day of traveling, time I would have to bill for. More to the point, the client was always billed for transportation. This guy couldn’t grasp I was trying to save him money and me time.

It also rankled me that while the recent problem was unclear, I’d left no work undone.

“Sorry, have you tried to book travel between Plymouth and Lock Haven? Minimum seven hours by car, seven hours by air, and I do invoice for travel. Always. You can save two days of billed consulting with a pickup.”

“Hell no. Get your ass on a plane or a mule or whatever and get yourself here you….”

“Good bye.”

I was almost shaking with tension as I slammed down the receiver.

Who put the BOMP in the Bomp Bah Bomp Bah Bomp?

A half hour later, the phone rang, same area code 570, but different number.

“Hey, it’s Jennifer. How ya doing? I’ve been tasked with, well, persuading you to drop in. He has the budget, but see, he gets kickbacks for every budget dollar he doesn’t spend. Let me tell you what we’re dealing with…”

She went on to explain. “Shortly after he arrived, he treated himself in town to a steak dinner. Two bites from finishing, he informed the waiter the steak was tough and he would not pay for it. Nor the soup or the salad or the wine. Restaurants run on thin margins, and they swallowed hard to absorb a loss like that. He is one cheap bastard and now you’re the steak. He sees you as a burdensome expense but he needs you.”

“What happened to Willy?”

“You know Willy, he finds it fun to bluster, but one of the VPs didn’t understand him and summarily fired him without considering how to replace him. Nobody wants a career move to the wilds of Nowhere, Pennsylvania and they were lucky to land Willy. Now everybody’s bleeding.”

“How did they recruit Manny? I never heard the name before.”

“Ah. He has no computing or management experience. He was actually a BOMP salesman.”

“Bomp?”

“Bill of materials processor, like a parts list for a huge project. It’s a pretty good program despite the fact he’s a terrible salesman. I don’t know the circumstances, but he must have been in dire straits. As soon as he heard Willy had been fired, he applied and, being the only candidate, he got the job. Upper executives haven’t figured out what a bad decision that was. He thinks we’re all trying to sabotage him. Believe me, I’m getting out of here soonest.”

I laughed. “While suckering me in, huh?”

“Damsel in distress and all that. We’ll get you here, try to keep everything per usual.”

Arrested Developer

© Piper Aircraft

We planned for an upcoming holiday weekend to maximize my time on the machine. I packed my suitcase and stuffed computer gear in my flight case. As agreed, their plane arrived on time for the pickup. On my arrival, the union rep said cool beans. I never understood that expression, but someone explained I was ‘golden’.

Except with the director. He didn’t hover over me– I give him that– but asked one of the programmers to monitor me.

Within a couple of hours, I had a good idea where the problem lay. By late afternoon, I nailed it, no long weekend required.

A half dozen vendors were waiting to hear who was at fault. I entered the director’s office to spill the results.

“Well?” Manny asked. “Whose problem is it?”

“Piper’s. The issue manifests in IBM’s controller, but you didn’t follow configuration instructions. You plugged it in while ignoring the ‘Some assembly required’ notice.”

“Not my fault. My staff keeps undercutting me. Look, here’s what you will do. I’m going to give you an extra fifty bucks, no, say hundred bucks and you say you traced the fault to the DUCS package. You can convince them.”

I blinked. It was hardly worth mentioning $50 covered ten minutes on the time sheet. My old boss’s software had nothing to do with the problem, but they were the smallest and most vulnerable supplier.

“No, I want no part of that. No vendor is at fault. It’s a user error.”

“It’s a virus.”

“No, it’s not a virus.”

“You sure you won’t take a hundred bucks and let this go?”

© Piper Aircraft

“No, I can’t do that.”

“Then find your own way back.”

“What?” I didn’t think I’d heard him.

“Find… your own… fucking… way… home. I won’t provide transportation.”

“You can’t do that. There’s no way out of here, not even a rental car.”

“Tough luck. I gave you a chance.” He templed his fingers and stared musingly at the ceiling, fully in control. “Factory like ours is a dangerous place. All kinds of accidents could happen, especially after dark on a long weekend.”

That made no sense. “Don’t act ridiculous. You are threatening me over a few thousand dollars?”

“Not ridiculous to me, more like an object lesson you’re going to lose. If I was going to threaten, I’d point out the surrounding deep woods,” he interrupted his TV-speak to wave his hand toward his window, “and how dangerous forests are, hunting season or not.”

To be continued…

The Digital Detective, Karma

I. inspired by Hiëronymus Bosch

Sharp Dresser, Sharp Tongue, Sharp Practices

This heading perfectly encapsulates a once and former boss. Clues were apparent from the beginning, but the worst characteristics emerged over time. His name could also be described as an insulting slur, a diminutive of Richard rhymed with Rick, and no, it wasn’t Mick, Nick, or Vic. I’ll simply refer to him as ‘Rich’ for now.

Moderately wealthy, he moved easily in the business world. ‘Rich’ kept useful contacts on a private payola payroll. Kindnesses were transactional. Favors to others he considered IOUs.

How did I become his most trusted employee? I was in grad school, struggling to meet rent and tuition. A full-time student, I also worked forty hours on Wall Street as documented elsewhere. I found myself in demand but was surprised when I received a call from Boston. The caller asked what might induce me to leave school and move to a state I’d yet to visit.

For a financially strapped student, salary talked, not to mention it represented an opportunity to continue designing professional software. He dangled the opportunity for a partnership. I accepted the offer and moved south of Boston’s 128 with little more than clothes and a record collection.

The Mask Slips

Gradually, he revealed more and more about his circumstances. He liked owning things other people didn’t. His Cadillacs, his Brookline house, his country club membership, and his many, many toys represented assets most people couldn’t afford. He’d make hamburger with $20 per pound filet mignon. Sometimes I’d drive him crazy. When his wife discovered I’d obtained designer towels identical to hers from a Ross discount store, she gave hers to the maid.

He subscribed to a shopping service that shipped exotic foods to the US. One day he bragged about a fancy green fruit from New Zealand. “Kiwi?” I innocently asked. “The local grocery store carries it.” He dropped that service the same day.

As other companies have noted, I tend to keep my mouth shut. If I have a problem, I’m more likely to confront– usually politely and perhaps unwisely– but have my say. Although he looked upon people with contempt, Rich valued my talents and quirky sense of humor. But me as a person? Unlikely, based upon how he scorned others.

II. inspired by Hiëronymus Bosch

Swing, Swap, Swag and Swagger

Rich’s personal excesses typically overshadowed his professional quirks. His life orbited a world of strippers, porn stars, and gambling. He and his wife often made their private life public, once discussing their peccadillos on a popular television talk show. And yet, he and his wife harbored social pretensions. Never knowing what would come next, it was like watching a circus on fire, but those escapades do little to further this article.

Except…

Initial Concerns

Rich’s disdain extended into the corporate realm. His father had started a company selling overpriced ‘collector’ coins, and named the enterprise CFS, Inc, which originally stood for ‘Coins for Suckers’. Naturally, customers weren’t privy to the insult. Those few who asked were given a nonsensical backronym such as, ‘Come find a Steal’. Rich took over the company name but not the business, and the initials now stood for ‘Consulting for Schmucks’.

Take taxes. That’s what CFS did, take taxes. The company was authorized to collect sales tax only in its home state, but Rich also charged out-of-state customers sales tax, which he treated as unearned income, a nifty little bonus every month, every year. Say CFS reaped monthly revenues of $100,000, then phony sales tax brought in an additional $5000 to $10,000 every thirty days.

Grift, Graft, and Grease

Rich was fascinated with mafia and police. Those who knew his parents claimed mafia members encouraged his father to leave town, prompting a move to Miami, never to return. He was highly motivated by a neighbor shot and killed through his basement window.

Brookline and Chestnut Hill are old but expensive neighborhoods with large houses and narrow, winding streets. Authorities ban overnight street parking but that didn’t bother Rich. He bribed cops not to ticket his cars. Parking problem solved.

At one time, Rich joined as a police reserve deputy. Reservists were supposed to be unarmed, but once again, he flouted rules, carrying a concealed snubnose revolver. He often spoke of the satisfaction of clubbing protestors offset with the regret of breaking his five-cell flashlight over students’ heads.

By now, you’re probably thinking Rich was not a nice man. As I write this, I wonder how a professional like R.T. Lawton might view him. A petty perpetrator or a wannabe criminal who sidled so close to the line he could topple at any moment?

And yet, the man occasionally listened to me. For some reason, Larry, one of our data center operators, aroused Rich’s ire. If Larry made even a small slip, Rich would explode, showering the place in fire and brimstone. Shouting made Larry more nervous, which precipitated further errors, more screaming and threats, and the end of a civilized world as we knew it.

I took Rich aside and said, “Larry has brought mistakes to our attention. If he hadn’t been honest, we would have considerably more grief figuring out where the fault lies. Ease up a little. By the way, did you know Larry is teaching himself programming?”

Rich listened. He even critiqued one of Larry’s student programs, making suggestions for improving the app. Larry became a valuable part of the team.

I emphasize our company’s apps, development software, and consulting were first class. The CEO’s problems did not bleed into the quality of the products. Consider John McAfee, first maker of antivirus programs. He had a very erratic short life, yet the reputation of his software sold millions of copies.

Meanwhile, where was my partnership? By then, I had developed products, but I hadn’t seen sales figures and Rich wasn’t about to allow an inspection of his books.

Shooting Blanks

An Australian-American company I’d worked for in my early days asked for a copy of our software with an eye toward selling our products together. We sent a copy on magnetic media. Oddly, SDI shipped it back a few weeks later without comment or communication of any kind.

A couple of months later, we found out why. SDI introduced an add-on for their product called F0, a clone of my package Fx, which I solely developed. SDI’s Boyd Munro was a brilliant software writer but he had tried and failed to implement his version of Fx until he reversed engineered my program. It turned out Rich had not demanded a non-disclosure agreement.

But all was not lost. In Virginia, another software company, TCSC, proposed joining forces to release a joint combination of our products. TCSC’s owners bore the unlikely names of Tom and Jerry, but their business included a wealth of customers.

Usually, I did the traveling, but Rich felt the importance of negotiations required the presence of the CEO. He was right, but oh, so wrong.

Rich had expected to spend a few days, but he returned after one. What happened, I asked? He put me off and said he didn’t want to talk about it.

Okay, but where do we stand? What are the plans?

He waved off my questions, refusing to answer. What the hell? I had a stake in this.

Not long after, I resigned and struck off on my own consulting and designing software. Rich badly needed technical assistance and I greatly needed corporate customers, so I accepted him as a client.

But Rich, being Rich, couldn’t do things honestly. He wouldn’t pay until the next job came up. His account was the largest on the books, aging three, four, sometimes five or six months. Then came an incident that brought an end to our agreement, an eruption that stranded me ’two hundred miles from nowhere,’ according to one observer. I’ll write about it next time.

I ghosted Rich after that. When he phoned, I refused his calls. Although he occasionally called as the years passed, I never spoke with him again.

Karma Bytes

Some time later, I found myself in DC chatting over dinner with Tom, a principle in TCSC mentioned above.

“You recall Rich visited our office to seal a joint marketing deal? Do you know what happened?”

“I remember, but Rich flatly refused to discuss it.”

“Little wonder. He arrived that day and strode directly to Jerry’s office, demanding to see the boss. His secretary explained he was on a delicate overseas call, which was expected to take quite some time.

“He said, ‘I don’t intend to wait. I’ve come a long way and insist you usher me in now.’ The secretary politely but firmly asked him to take a seat, but he became more belligerent, his voice loud and his vocabulary abusive.

“Rich stormed into Jerry’s office, shouting he should fire his ƒ-ing **** of a receptionist, calling her numerous obscenities. ‘Fire the bitch,’ he concluded.

“Jerry, a big man, listened quietly. Then he said,

“That ‘bitch’ is my wife.”

III. inspired by Hiëronymus Bosch

Just Deserts, Unjust Desert

At the level we were at, software developers knew one another by name and reputation if nothing else. I learned Rich, after making a small fortune out of our company, moved to Vegas. His deep voice was used in radio broadcasts, but not all went well.

Years later, I chatted with his daughter. She indicated he’d become embroiled in yet another scam and this time lost his money. He died a broken man.

How I felt about that was unexpected. He was a Brunswick stew of dishonesty, turpitude, swindling, cheating, greed, selfishness, and petty crimes. And yet, I felt badly. As awful as he was, no one deserves to die a broken shell. Given a vote, I’d rather imagine him alive, playing his little cons, not paying bills, and cheating on his taxes than rotting a fractured husk in a Las Vegas grave.

How confusing is that?

The Digital Detective, Banco and Bunco, Part 2

Resuming from last week…

Money Laundering

Checks (‘cheques’ in other English-speaking countries) are becoming less common in our digital society, but they still have their uses: Investors often receive dividend checks, some companies send refund checks, and many of us write checks to our lawn guy and housekeeper. Check handling still holds a place in our economy and so does a scheme called ‘check washing’.

Crime segments on programs like Dateline and 20/20 have warned us against the practice of bad guys plucking checks out of mailboxes and ‘washing’ them in a ‘household chemical’ bath. Then with a blank check in hand with the original signature, they fill in a new payee and amount. The scheme can work with bonds, wills, and other instruments, anything with a dye-based ink written with ordinary pens. Very old inks comprised of iron compounds remain unaffected.

Wait. Are you going to share with us?

What is the household chemical? Enquiring crime writers want to know.

The answer is ink-dependent and I’m aware of two compounds. Women baddies may have an advantage: The primary go-to chemical, acetone, is the principle ingredient in fingernail polish remover. Other dye-based inks may better respond when treated with ordinary bleach.

Here’s a how-to video by Dr Uniball… (Shh. I know, I know, the poor man. I’m afraid Dr Uniball suffered an unfortunate lab accident.) That aside, here is one of his experiments:

Note: Although not mentioned in the video, fraudsters can preserve the signature by covering it with transparent tape. Ink not so protected washes away.

So how can you shield yourself against lawnmower man bleaching your check or your nifty cleaning lady rewriting the palty cheap-ass amount after an acetone bath? You can purchase speciality India ink pens costing in the hundreds of dollars. Or, as I recently learned, you can buy a less than two dollar Uniball at your local Dollar Store. This pigment-based pen is made by Mitsubishi Pencil Company, yes, a sister company of the car manufacturer. Look for Uniball 207, pictured here:

But wait. If you’re a fraudster and your victim banks with Chase or certain other banks, you don't have to bother erasing and filling in checks. Crooks have discovered Chase’s sloppy remote banking by smartphone looks only at the numeric dollar amount and routing number. Bad guys can add in an extra digit to the dollar amount, changing it from hundreds to thousands. Chase doesn’t trouble themselves to validate the written amount or check the written payee matches the conman’s name on the account. They even allow the same check to be deposited more than once.

Signs of Fraud from Bank of America

A casual survey suggests Chase Banks may figure in more frauds than all other banking institutions combined.Worse yet, Chase battles customer victims who try to get their money back. Lily, our Chase target in a previous article did everything right, trying to get an oblivious and lackadaisical Chase to take action. And they die– they blamed her.

No place in the world is safe from fraud, but if YouTube is to believed, Arizona suffers an outsized number of attacks. And naturally, Chase customer service isn't there when needed.

From A to Z, ATM to Zelle

Zelle is German for jail, literally, a prison cell. I’m frankly surprised it doesn’t mean Sucker!

I can’t trust Zelle. If accounts of a money app can’t be viewed and studied on the web, the customer/victim is at a disadvantage when attempting to reconcile transactions. Unfortunately banks and society at large push us in that direction.

Former business partners owed me money and had been steadily paying me through Sun Bank. Abruptly payments stopped. I notified them. It turned out Sun wanted to cease sending direct, electronic payments to my bank (and others) and insisted its ‘partners’ use Zelle. The problem was that Sun submitted payments into the black hole of Zelle, but my bank didn’t see them.

“Not our problem,” said Sun. “Call Zelle.”
“Not our problem,” said my bank. “Call Zelle.”
“Not our problem,” said Zelle. “Call your bank.”

This occurred after repeated and futile attempts to get a phone number for Zelle, who declined to help because they were ‘too far removed from the situation’, claiming they were outside the transfer rather than being the conduit. It took four months of repeated complaints to resolve the issue.

☚☛

As you might imagine, Zelle is a convenient tool for fraud. In one particular scam, you receive an SMS text that your bank account has been put on hold, pending unusual activity. You phone the conveniently provided phone number, and a polite professional asks how she can help you.

She ‘checks’ your account, saying it appears nefarious forces are attempting to penetrate your security. The solution is to safely move your money into a bank-approved Zelle account. If you’ve not heard of Zelle, she provides you a web link showing your bank works with Zelle, and she’ll help you set up a new free account, which will make bill paying so much easier.

Ten minutes later, your new Zelle account is all set up and your money moved into it. “Thank you, thank you,” you say before hanging up, upon which the scammer sets to work. You receive another text message, this time from your real bank. Your accounts have been emptied.

“Not our problem,” says Zelle. “Call your bank.”
“Not our problem,” says your bank. “Call Zelle.”

The Digital Detective, Banco and Bunco, Part 1

One upon a time I was scammed, or rather American Express was. In my consulting days, a pair of cancelled flights kept me hostage at Chicago Airport for ten hours, which covered a couple of mealtimes. For one of those, I plunked down in their sit-down restaurant and partook. And was partaken without my knowledge.

The end-of-month credit card statement showed a charge that could have fed a family of twelve instead of not-so-little ol’ me. AmEx explained this was called a ‘waiter’s charge,’ literally so in my case. A waiter hands you a bill in a black leather folder. The diner casually tucks a credit card in the folder and the waiter carries it away. At this juncture, the fraud happens.

If the restaurant keeps a computerized tally, the waiter adds on an additional lobster and a hell of a tip. Without an ongoing account, a waiter simply adds in a dollar figure. In olden days, waiters might run two or three blank slips through the imprinter for later use. These days thanks to skimming devices, a waiter can mint a new card before you leave the premises.

Once a card is out-of-sight, waiters can do anything they wish.

As did a waitress in Minneapolis’ beloved Pannekoeken Huis. Two things had come together to draw my attention to a minor racket. Unlike my girlfriend whose sharp eye for cash register fiddles caught one in the middle of a famous theme park, I don’t have specialized training in these things. However, a conversation with a vice president of finance at the company I consulted for raised my awareness. After meals, he carefully perused the bill and credit card slip, commenting he’d find mistakes nearly half the time and went on to prove it.

Bad Taste

And so I found myself in the very restaurant where he’d enlightened me. Frankly, the waitress did little to avert attention to herself. In a Midwestern city where everyone is friendly, she was unusually hostile. Perhaps it was the result of a bad morning, but she acted distinctly sour. Thus when the check came and bearing in mind the VP’s admonition, I looked over the register’s paper tape and there it was… or in this case wasn’t. The line items didn’t match the inflated total.

Her scam took but a moment to unravel. The register tape provided the clue– the restaurant’s logo was missing at the top of the tape. She’d rung in a false item, rolled the register’s tape forward several inches and tore it off, and then rang in the real breakfast tab.

I brought it to the attention of the front-of-house manager. That trusting soul cheerfully waved off the discrepancy as a register glitch. Fine, not my problem, but the practiced moves of the waitress announced she’d done this many times. I did not encourage her by leaving a tip.

That wasn’t why he glanced at your derrière

Does your credit card have a tap ’n’ go icon? If so, it has a built-in bit of electronics called passive NFC… near field communications, a cousin of RFID. Your cell phone may have something similar, but is active NFC because it’s battery powered. They work on the same principal as store exit scanners that sense security tags still attached to the jacket you just bought.

Besides the likelihood of your butt mashing your phone, NFC is a major reason you shouldn’t carry your phone in your hip pocket. A passerby brushes her phone past your pocket and *snap* — she’s captured your information.

Sleight-of-Hand

Scams can happen other ways. You check out of your doctor’s office, or you pay at the window of that overpriced restaurant, or you’re enqueued at Wendy’s drive-thru window and your fuel gauge is running low as is the patience of the guy behind you who taps his horn for the third time but it’s not your fault because your salad isn’t ready and finally the server comes to the window and hands you a bag with a freckled girl’s face on it and says, “That will be $36.80,” and you realize for that kind of money you could have dined at Pannekoeken Huis with money left over but you dig through your purse and there’s your MasterCard that you hand over and a second later he hands it back followed by a receipt that you stuff in your purse and before the guy behind you can blast his horn again you pull forward and out of his way, yet when you get home you receive a text message that your credit card has hit its limit. What? How can that be? You should have at least fifty dollars to spare.

And there it is: Instead of $36.80, you were charged $96.80. Maybe the guy’s finger slipped ringing it up. But wait, there’s another $23 charge from the same place at the same time. That shouldn’t be possible. What happened?

When you handed over your card, you lost sight of it for an instant only. But it was enough time for the window guy to pass the card over a pocket skimmer or even a second NFC machine, a modern analogue of imprinting an extra credit card slip.

Universal Contactless Cards (NFC, RFID)

ATM : Access Thy Money

You may seen recent warnings about ATMs with inoperable card slots, glued shut according to articles. Nearby, a helpful guy who’s standing a respectable, unobtrusive distance behind you offers a suggestion. “You can tap your card.”

But of course you can. You thank the guy, boink the card over the symbol, stuff $200 in your purse, and nervously flee the scene to safety. Or so you think. The helpful guy, he moves in and empties your account.

When an ATM’s mechanical reader returns your card, it automatically logs you out of the system. Likewise in store transactions, once the clerk rings you out and you see the Thank You message on the screen, you’re once again disconnected from your account.

Surveys show at ATMs, tap ’n’ go customers often don’t manually log out of their accounts. Without a mechanism holding their card and releasing it as they sign out, clients fail to realize the connection to their account remains active and vulnerable. Please, log out.

Next Week: Money Laundering

The Digital Detective, Wall Street part 4

When corporations upgrade large computer systems, they typically run the old and the new in parallel a few weeks or months until the bugs are shaken out. Occasionally events take a turn as discussed last week.

Mutual Admiration Society

Back in New York, our mutual funds firm (not so fondly referred to as MuFu) faced a different problem. They had completely rewritten the primary application, changing over from Cobol to C, and it hadn’t gone well. Four months after parallel commenced, they were experiencing glitches and crashes.

The sizeOf problem I’d caught wasn’t a contributing cause. An unidentified problem was triggering errors, an oversight so simple it would boggle the mind.

Robert, their very defensive senior C expert, hadn’t told me about a front-end program written by yet another programmer. I had to figure that out for myself. The bug wasn’t in the program they’d assigned me; it was introduced by what came before.

Front end and Back end Processing

As previously mentioned, Cobol reads like English and C… well, C is sometimes great and often horrible. C had become the most recent fad and application programmers were feeling the bite of its double edge sword.

The staff was comprised of university C students and the last Cobol member on her way out. Machine language (and assembler) weren’t in their purview and when they dismissed John, ‘the old guy’, they'd rid themselves of their only person who could poke around in memory (RAM) to determine what went wrong.

And memory was a problem. The program used customer numbers to index into a table and reference records in storage… in theory. In practice, I soon learned the customer was occasionally wrong, wildly wrong, trying to access a memory location off in the wilds of Kansas.

Cobol could detect out-of-bounds matrix subscripts; C could not. Thus it took me a little while to figure out the bogus account code was coming from a front end program. That preprocessor queued submitted entries, performed minor verification with a check digit, converted the input to binary, and passed the record on to the back-end program I first investigated.

In short, sometimes the data entry folks included dashes in the account number (e.g, 7654321-1) and sometimes they didn't. The Cobol app extracted only the digits; the C program didn’t. Both programs tentatively vouched for the account number (7654321) using the check digit (1), indicating it resided in the realm of possible valid numbers. Unfortunately, the newly written C routine included the hyphen when attempting to convert the number to binary. Both versions then ‘piped’ (passed along) the massaged data to the back-end program where hell and fury would erupt when a bad number with the mashed-up hyphen was passed along.

For all the grief it caused, correcting the C front end was trivial. Worryingly, the front-end program, instead of creating the transaction serial number, left that task for the back-end program. Bad, bad, error-prone design. And, as I would discover, prone to manipulation.

I returned the program to service and turned my attention back to the mysterious ‘sizeOf’ conundrum.

Faith, Hope, and Charity

Many organizations buy into mutual funds for long term storage of their money. City, county, and state governments store tax revenues, fines and fees there. Churches and charities divide money between money market and mutual funds.

In the mutual funds program, a template field labeled IRS501C was data-typed binary in the old Cobol Record data division and as boolean in the matching C Struct.

When I returned to the section with the anomalous ‘sizeOf’ routine, I could see this field being referenced, but I didn’t know why. A library search for original source code for sizeOf and the parent routines turned up nothing.

Growing more suspicious, I asked operations to dig through their archives and find the code. “Don't hold your breath,” they said.

Next day, the IT director gave me the conference room to spread out my work. I mapped binary instruction after instruction, recreating an assembler code version of the program. C could fool the eye, but machine code, even in the absence of context, revealed details of what was going on– if I could figure it out.

I constructed charts of data structures, trying to figure out what was taking place. At last when I spotted buried instructions trimming fractions of a cent from daily interests earned, I knew I’d stumbled upon skulduggery.

Figuring out the sleight-of-hand was mind-bending, but I got a break. Like so many magic tricks, the chicanery was breathtakingly simple. Only the surface artifice was complex.

I had accumulated a suite of experimental data to test extremes of the system. It contained only a dozen records but I noticed the audit log reported thirteen. What? A record with a proper transaction serial number had materialized like a magic trick.

As mentioned previously, the front-end processor should have been creating the transaction serial number, not the back end, but apparently no one here knew better. That oversight facilitated the deception, allowing crooked code to create records undetected.

Computer hours were reduced that day. Being the first of the quarter, month-end and quarter-end reports took priority. Idling, I suddenly wondered if month-end had anything to do with the mysterious symptoms I was witnessing. Once again I nagged operations about searching archives for source code.

An hour later found me wrestling with that data cleverly hidden beyond the end-of-data marker. An impatient operator slapped a cartridge on my work table. "Try this," he said.

Former employee John had made a rare oversight. He’d deleted the source files, but… Each evening, operations backed up everything, and that included John’s source code. It filled in gaps.

No comments, of course, but lo, I beheld the twisted mind of a criminal genius. The routines were rife with indirection and misdirection. The ‘sizeOf’ trick merely hinted at the scam iceberg. While the obfuscated C code suggested one thing, the meticulous machine instructions I’d decoded step by step helped me understand what was really happening.

The scheme launched from a database record under MuFu’s own name and address, 100 Maiden Lane. The registered agent was listed as K. King, address 103^rd floor, 350 Fifth Avenue, Manhattan, New York 10118. Midtown… I looked it up… Empire State Building. The street address was legitimate, but 103^rd floor?

Greed Kills

The charlatan routine skimmed thousandths of a cent or so following rounding errors– interest and binary-to-decimal trailing digits after rounding high. On average, the algorithm could have siphoned a quarter of a cent per transaction without setting off alarms, but our sneaky programmer apparently wanted to stay well below nets cast by auditors. Those fractions of a penny accumulated in the bogus MuFu self-owned bucket until the end of the month. Dollars– thousands of them– and been created out of thin air.

I fully expected John’s wife or a friend had opened another account to receive the transfers, but as I traced the code, it invoked a random number generator to index into an entry in the hidden part of the file, just one binary field,  which turned out to be an account number. At month end, the subversive routine transferred out between $1200 to $5000 a month from the bogus MuFu in-house account to the account selected by the random number generator. But why only certain accounts? What was special about them? How was John profiting?

As always, I sat outside on the ferry shielded by a bulkhead. As I started at the lights of Brooklyn, the answer hit me, knocking sleep out of the equation. I rode the ferry back.

With suppressed excitement, I extracted the account numbers and checked the first indicated record. Bingo. And the next one. And the next. And then the 20^th and the 100^th. Bingo, bingo. Every case showed the IRS501C non-profit tag.

Damnation. I’d unmasked a freaking Robin Hood. John– or should one say Little John– was stochastically selecting non-profit accounts to donate to. That generated the thirteenth record.

Fascinatingly, the audit trail reinforced the fraud’s legitimacy rather than exposed it. Only a paper trail might suggest a missing document, but who was going to dig through reams of flattened dead trees?

If United Way or Scouting USA or Bethune Cookman read their statements at the end of the month, they might have scratched their heads but concluded they surely made a deposit and misplaced their record of it.

I made copious notes and documented everything. When presented to the firm’s CIO, she looked disbelieving, then doubtful, and finally bewildered.

“I know your reputation,” Loretta said, “but this can’t be possible. Besides, IT claims John had aged beyond usefulness. He couldn’t keep up. He barely finished this, his last project, before we let him go.”

“If so, he put effort into making a final masterpiece.”

“Leigh, darling, can you fix it?”

Call me darling and I can fix anything. I yanked the too-clever code out by its roots and their senior programmer, Robert, fixed the hole and, upon my recommendation, moved the transaction serializer to the front-end.

“What will you do about the spurious deposits?” I asked.

“They go back months. We wouldn’t look good demanding hospitals and heart foundations return money deliberately deposited into their accounts. John gave away money we couldn’t detect was missing. We’ll leave it that way.”

“What about John?”

Loretta sighed. “Same reasoning. Arresting him will bring nothing but bad publicity. Can you imagine the Times or the Journal with headlines about a Wall Street Robin Hood? That’s bad enough, but a sympathetic soul would raise issues about ageism. No, we can’t win there. Thank God we discovered it.”

“Can you get me John’s contact info?”

“What? No, maybe, yes, why not. I’ll discreetly ask HR for it.”

Robbin’ Robin

I phoned ‘John’ and invited him to lunch.

“I don’t think so,” he said. “Who is this again?”

“Leigh Lundin.”

“Oh shit, you? What do you want?”

“Just a chat. Really.”

“You’re working for MuFu?”

“Yes, today I am; tomorrow, no. I’m wrapping up.”

“So you know…?”

“Lunch,” I said. “Let’s not do this on the phone.”

“Fraunces Tavern?”

“Whew! If you pay.”

He laughed. “Okay. If you accept that, you aren’t out to nail me.”

“I’m not. John, can you afford it?”

“I landed on my feet. Arthur Lipper knows me and his son hired me.”

I respected Lipper Inc. He chose well.

The Wolf Pup of Wall Street

We met in the pub where George Washington bade farewell to his troops. John looked like a mad Santa with puppy dog eyes and an Albert Einstein hairdo. I’d bet a dozen grandkids employed him as a stage for hundreds of adventures.

He said, “You’re not recording this?”

“No.” I kept my smile easy and relaxed my body language.

“I’m not admitting anything including this statement.”

“Hmm. Let’s talk hypothetically, this entire conversation, okay?”

“Sounds fair. What have you figured out?”

“Most of it, I imagine. Cancer research received a couple of grand on the first before I could stop it. That will be the last payment.”

“Good,” he said. “I mean, embezzling’s awful.”

I snorted. “SizeOf.”

He laughed. “I thought that was clever hiding in plain sight, but apparently not clever enough.”

“I overlooked it at first. John, what was going on? Why did our suppositional programmer take such a risk?”

He dropped the hypotheticals.

“They dismissed anyone approaching retirement, figuring to save paying pensions, I suppose. You heard about Walston?”

“I was there, John.”

“The MuFu bastards had a definite preference for young faces. I knew for months they were going to fire me, I could smell it in the air.”

“I know that feeling, John.”

“The staff treated me like crap, acting like I was in my dotage. They figured my brain had rotted along with Cobol, but they needed me to effect the conversion. I learned C until I knew it better than they did and then studied it more. Their superstars couldn’t read a dump or comprehend machine instructions during debugging. I turned the joke on their little experts.”

“Sheesh. I’m sorry you went through that, John.”

He shrugged. “What will happen to me now?”

“Far as I know, nothing. I think they’re too embarrassed. One or two, the CIO and the VP maybe, have shown a touch of grudging respect. They’re coming to grips with the senile grey-beard who fooled them.”

“Good, because I’m a coward. I’m not looking for fame and misfortune.”

“Don’t worry, John. Everyone but the sheriff loves a Robin Hood.”

Final Thoughts

And that is my favorite Wall Street crime case. I’m called when matters go mysteriously wrong, so Miss Marple-like, I occasionally stumble upon another puzzle and test of wits.

In this case, charities profited and the bad guy turned out a good guy. Some may object that a criminal avoided prosecution, but personally, I couldn’t imagine a better outcome.

---

Following are a few more tech notes.

The Digital Detective, Wall Street part 3

I’m still astounded Fortune 500 companies and government facilities not merely allowed, but invited me, a 19-to-20-something freelance me to play with their very expensive computers. I mean work, not play, yeah, work is definitely the word. Reputation is everything. And okay, I have authority issues. So I’m told.

Striking off on my own meant no security blanket, no 401K, no pension, no profit-sharing. It meant scary months when I wondered if the phone would ring with a client and months when I wondered if the previous client was going to pay or not. That’s a concern– some companies withheld payment until they once again needed help. Sometimes managers wouldn’t like what I reported. My type of work– designing systems software– was specialized, so occasionally famine struck.

During one drought, camels were toppling over, birds fell from the sky, and my bank account appeared a distant mirage. Finally a call came in before the telephone company could cut me off. It was Wall Street again, a mutual funds house we’ll call MuFu. Loretta was their CIO, Chief Information Officer.

100 Maiden Lane
NYC © Emporis

“Darling, are you available?”

“Personal or pleasure?”

“Are you saying personal isn’t pleasure?”

“You’re married.”

“Was, Darling, was.”

“Loretta, I’m sorry.”

“Don’t be, I’m not.”

She lied. I could almost hear the sounds of tears leaking from her eyes. She was a nice lady who’d come up through the ranks.

“Loretta, what’s happening?”

“If you’re available, I need help.”

“Please don’t let it be application programming.” Even if it was, I desperately needed the work.

“Well… Did you hear we’re undergoing a conversion from Cobol to C?”

“You and every other firm with fresh university graduates.”

My professors, Paul Abrahams and Malcolm Harrison, were language experts. Abrahams was chairman of ACM’s SIGPlan and would eventually be elected president of the US’s professional organization, the Association for Computing Machinery. They received early releases of Unix and with it the C language. For my part, C was co-respondent in a love-hate relationship. It constituted a step up from assembler language, but I wanted more.

She said, “I know you’ll be simply shocked, but we’re experiencing crashes. We can’t cut over until we nail the problem. Nobody around here can read machine code. I know it’s not your thing, but nobody knows Cobol either.”

In the following, I’ve tried to trim back technical detail to make it more accessible and I apologize where I failed to restrain it. The gist should suffice.

---

Next day I took the Staten Island Ferry to lower Manhattan, where I strolled up Pearl Street and turned onto Maiden Lane. The mutual funds house took up a few floors of an older building, although the interior was done in chrome movie set futurism.

The glass room remained there running their big iron computer. Off to one side was a new server chamber covered in curved, blue plexiglass. Very spaceshipish.

Loretta blended 10% boss and 90% Cub Scout Den Mother, which made her a popular manager among the guys. She called in her lead analyst and chief programmer, Richard and Robert. The latter radiated lethal hostility.

“Leigh’s here to shoot that bug that’s killing us.”

“We don’t need help,” Robert said. “He’ll just waste our time.”

Loretta said evenly, “You’ve had months and it’s still not identified. Please give Leigh all the help he needs. He’ll likely work after hours to have the computer to himself.”

After Loretta departed, Robert said, “I know who you are. You used to be hot shit.”

“I’ve never heard it put so charmingly. Listen, I’m not here to take your job. I’m not here to threaten you. I’d like to get the job done and move on. Show me what’s going on.”

As predicted, the program started and died with an out-of-address exception– the program was trying to access memory that wasn’t there.

I asked for listings and a ‘dump’, formerly called a core dump, a snapshot of memory when the system died. The address of the failing instruction allowed me to identify the location of the link map, an org chart of routines that made up the program. Sure enough, the instruction was trying to reference a location out of bounds of its memory.

I took the program source listing home with me and spent a couple of days studying it. It was ghastly, a compilation of everything wrong with bad programming and especially in C. It contained few meaningful variable names and relied on tricks found in the back of magazines. Once in a while I’d see variables like Principle or Interest, but for the most part, the program was labeled with terse IDs such as LB, X1 and X2. This was going to take a while.

The company had no documentation other than a few layouts from the analyst. When I called in to ask a question, Robert stiff-armed me. I arranged my first slot for Friday evening with time over the weekend.

I began with small cleanup and immediately hit snags. I’d noticed a widely separated pair of instructions that read something like:

hash_cnt = sizeOf(Clientable);
      :
cust_cnt = abs(hash_cnt);

Wait. What was the point of the absolute value? C’s sizeof() returned the number of items in an array. It should never be negative. You could have five apples on a shelf or none, but you couldn’t have minus five.

As part of the cleanup, I commented out (disabled) the superfluous absolute value function. Robert dropped down as I compiled and prepared to test. I typed RUN and the program blew up. What the hell? Robert appeared to sneer, looking all too pleased.

He said, “That section was written by that old guy, John. We fired him because didn’t know crap, so no surprise it’s hosed up.”

I knew who he was talking about, a short, pudgy bear in his late 40s with Einstein hair. I’d never been introduced, but I’d heard him on a conference panel. John was no dummy, no matter what Robert said.

Robert smugly departed. I stepped through the instructions, one by one, studying the gestalt, the large and small. My head-smack arrived on Sunday. Curious why sizeof() would return a negative value, I traced how hash_cnt was used. As I stepped through the instructions, I saw it descend into a function called MFburnish().

I couldn’t find source code for MFburnish(). No one could. Without source, it would be very difficult to determine what happened inside it.

I went back to the variable Clientable passed to sizeof(). The array was loaded from a file, Clientable. Both consisted of binary customer numbers. I spotted something odd.

C is peculiar in that it uses null (binary zero) to mark the end of arrays and ordinary file streams. This file had two nulls, one about the seven-eights mark and another at the absolute end.

At first, I thought the file had shrunk and the marker moved down while remaining in the same space. But when I looked at the file, it had the same defect… or feature.

As some point, I looked at the link map to check upon another routine and for the first time noticed what I should have spotted earlier. There amid C Library functions of isalpha(), isdigit(), islower(), isupper(); was sizeOf().

Double head-smack. First, C’s authors claim sizeof() is a unary operator like +n and -n. To me, sizeof() looks and acts like a function and nothing like a unary operator. But by their definition, it shouldn’t show up in a link map with real functions. On closer inspection, the program read not sizeof() but sizeOf(). Another annoyance of C is that it’s case sensitive, meaning sizeof and sizeOf and SizeOf and even SIZEOF are not the same thing. This kind of nonsense wouldn’t have been possible with their old Cobol system.

The deception seemed awfully abstruse, even by C standards.

The Clientable contained account numbers of a sizeable fraction of clients. Why some customers and not others would take me a while to discover. Unlike sizeof(), the ginned-up sizeOf() showed the actual record position within the full file expressed as a negative number, hence the abs() function.

Someone had written deliberately misleading code. But why?

Money, of course. Moving backwards, I began to look at the code with a different eye. And there it was… not merely the expected interest calculation, but the conversion from binary to decimal, another Cobol to C difference. I suspected one of the company’s programmers had pulled off the oldest thefts in computerdom– siphoning off money by shaving points when rounding numbers.

This wasn't the problem Loretta had asked me to solve. Robert had directed me to the wrong program, which turned out to be a stroke of luck. Loretta had invited me to track down a program bug, but I suspected I had unearthed traces of virtual villainy.

Next week: The Confrontation

Following are Cobol versus C notes for the technical minded. Feel free to skip to next week.

The Skating Mistress Affair, Part IIII

Parts I-III provide the background of a unique bank fraud investigation.

In Part II, negotiations soured and in Part III, legal action failed miserably. The bank thought they were done for, but I wasn’t.

---

The Commentator

To continue developing and enhancing the software, I needed to understand it at least as well as the author. Nothing would do that like immersion in it, and nothing would aid in immersion like having to document the programs line by line, block by block, section by section.

Tedious. Refill the Ritalin, oil the exercise bike, and absorb.

Data Corp set up a pair of desks for me, not with their programming group but in a large room staffed with accountants, bookkeepers, and clerks. That made me the only guy amid thirty-some women.

 

Princess phone

 

a slightly less risqué model

 

latex fingertips

Flirtatious and fun, the data center girls delighted in playing pranks on me. Some tricks were small, such as when they glued a dozen water-cooler cups together and hid the rest. Others were more ornate. They ordered a pink and gold chair for my desk, and installed a Playmate screen saver. My black office phone found itself replaced with a princess phone also in pink. A welcome gift box on my desk contained a coffee cup shaped like breasts.

My office mates flattered and flirted. Once, I asked a supervisor why the girls believed they could get away with such outrageous behavior. “You look easy to tease,” Shelly said. They read me like a Power Point slide.

They were also kind, sharing lunch with me. I never knew who installed a bud vase on my desk and kept its rose and water fresh.

One afternoon, the VP stopped by to pick up a couple of data cartridges. I opened my desk drawer… and immediately slammed it shut. I’d caught a glimpse of something lavender and lacy. Every eye was riveted upon me, watching what I’d do next.

“Er, maybe this drawer,” I muttered, only to spot another item, pink and frilly. The women had filled my drawers with, well, drawers, lingerie at least. I could feel the back of my neck burning.

“Er, I have to dash down to the computer room,” I said. “I’ll drop them off at your desk.”

“But…”

He peered after me suspiciously, knowing something was up. As I took off, he glanced around at the women who were all staring at him.

One morning I arrived to find a fat pink envelope on my desk decorated with hearts and cupids. Inside was tucked another plump envelope with a calligraphic message on it: “Shelly, Julie, DiDi, and Roxy invite you for the weekend. Necessities enclosed.” Heads craned my way as I slipped my thumbnail through the seal.

Out fell a dozen of the tiniest condoms. They’d filled the envelope with the thin latex fingertips clerks slip on when flipping through sheaves of checks and currency. Their cleverness cracked me up. When I stopped laughing, I took out a ruler and carefully measured one of the latex rings. Nodding judiciously, I placed one in my wallet. The lasses laughed, hooted, and jeered and cheered.

We Leave Our Light Off For You

At night, I pretty much lived at the data center, starting on the computers as soon as one was freed up from the work day. To snatch a few hours’ sleep, I holed up in a small motel near the bank’s Data Corp office.

During my extended stays, hotels generally grew used to me, A low-key and seldom demanding demeanor made the maids happy and sometimes pampering. Managers were pleased to X-out a room from their unrented list for a month or six, sometimes more. Across many states and a few countries, hotel life worked efficiently for me.

But deep in the Shenandoah Valley…

This local motel operator wasn’t used to a nomad like me, out all night, sleeping during the day. He glowered at my arrival each morning, frowned as I departed in the evening. Chambermaids reported reams of secret code documents in my room. Learning I skulked down to the bank building each night convinced him I was up to no good. He grew suspicious nefarious activities were afoot.

He telephoned the bank. They routed him to the Data Corp center and wound up with an operator who told him, “Oh, that’s the guy involved in the computer fraud.”

He’d heard enough.

Next morning, exhausted from a long and grueling bout of decoding and debugging, I arrived to find the motel manager in the lobby, arms folded, glaring at me. My haphazardly packed suitcases stood by the door.

Stiff-lipped and obviously fearful of a disheveled guy my size, he said, “Pay your bill and leave. I’ve called the police.” Activity in the motel stopped as a gallery of employees gathered at the balcony rails to witness their innkeeper deal with his dastardly guest. I disappointed them by producing my American Express.

With no internet at the inn, he refused to lend me a phone book to look up alternative hotels. The manager got his final satisfaction by ordering his bellboy to toss my bags outside.

Theirs was an independently owned franchise of something like Motel 7. An hour later, cheek buried in a Howard Johnson’s pillow, I sleepily fantasized complaining to Motel 7’s corporate office… and drifted off to sleep. Just another hazard of the road.

Reanimation

Here I delve into technical details of Sandman’s cryptography and computing. Feel free to skip ahead to The Flash Gorden Super Decoder Ring.

The first hurdle required overcoming a lack of tools, even a lack of tools to build tools. I needed to develop solutions on the bank’s computers, and they weren’t geared for deep-level development. The answer was to invent parsers in assembly language, the language of the machine itself, not meant for the type of character analysis and manipulation I needed. That filled the early days and then came the heavy lifting.

David Edgerley Gates previously brought to our attention substitution cyphers called cryptogramsfound in Sunday newspaper puzzles. Each encrypted letter translates or maps to a plain text letter. For example,

CryptoQuote Encryption Table

↪︎ ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ↪︎ JXOHY28RGUPB1WA736SLZQF5MD40CN9VTKIE

In the ‘Adventure of the Dancing Men’, Sherlock Holmes took on a secret society’s messages that differed from cryptograms only in the ‘letters’ represented as pictographs. The Dancing Men glyphs corresponded one-to-one with letters of the alphabet.

Sandman didn’t resort to half measures. I realized he’d built multiple tables that made decoding a multiple more complex. I had to figure out the mirror image of what he’d devised. The American Civil War saw the use of hair-yanking two-dimensional cyphers. Sandman hadn’t made decryption impossible, merely difficult.

Toward that end, I built a translator to fill holes in the reconstituted tables, gaps where uncertainty failed to reveal which letter represented what. The translator checked for errors, refined and reran the process repeatedly until the blanks filled in.

The process was a variation of stepwise refinement: shampoo, rinse, repeat. I’d decrypted so much, I no longer doubted the plan’s viability. The more I decoded, the smaller shrank the unknowns list.

As Sir Conan Doyle pointed out, the frequency of letters we use in writing varies considerably, useful to know when solving puzzles and Wheel of Fortune. In many examples, ETAOIN occur most frequently in ordinary writing and KXQJZ appear least often. In my code tables, I’d cracked the ‘E’s, the ‘S’s, the ‘T’s and most of the other letters. Here and there I might not know the occasional Q or J, but that decreasingly mattered. Over time, I could plug holes as the solution became clear. I was going to whip this thing.

Ironically, if Sandman had simply treated labels as serial numbers, e.g, No52000, No52010, No52020, etc, he would have robbed them entirely of meaning, making decoding moot. He probably avoided that path, thinking it went too far and might set off alarms within Data Corp’s programming staff.

In the days before I’d realized the labels were encrypted, I wrote a program to extract a sampling from 25,000 lines of code, sort them, hoping they’d point a way to patterns. The harvest yielded 3600 unique names, not one of them a recognizable word or abbreviation. That clue alone suggested something bogus. Programmers might omit vowels, might use peculiar abbreviations, or sometimes use slang drawn from popular fiction like grok and borg, foo and plugh. In 3600 labels, I found not one meaningful word. Patterns, yes, but nothing recognizable surfaced.

I built frequency counters, applets to show how often characters appeared. I had to be wary of vowels since labels were limited in length and the first thing people jettison when abbreviating are vowels. The tables from the frequency counters not only revealed which letters were the most crucial, but also helped zero in on likely character replacements.

The first pass turned out better than expected. A thousand labels suddenly appeared readable. A few unknowns became obvious, but in one table I inadvertently mixed M with N. Correct and rerun. Rinse and repeat. Letter by letter, the coded alphabets unmasked.

Discovering how Sandman selected which table to use helped narrow the focus. The first character of a label served as a table selector. If that letter fell within the first third of our thirty-six alphanumeric characters, he used table 1, or within the second third, table 2, and so on. That mapping didn’t immediately jump out from the encryption, but it could be deduced as labels revealed themselves.

Sandman’s Encryption Table

ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 selector ↪︎ JXOHY28RGUPB1WA736SLZQF5MD40CN9VTKIE ↪︎ 5FXABTS2V71K9Y6G048HUOLEIPQJNZCDMWR3 ↪ V52KGBXSLOM7TIWH6P18Q03NYDJZCEUFR94A

7-of-9 and Other Figures

An important issue I had to deal with was context. If you’ve ever glanced at raw HTML, you saw that formatting tags were mixed in with common text. You might see something like:

<html><head><title>Student Body</title></head><body>

This page discusses who shall head the student body.

</body></html>

Imagine searching and replacing the keywords ‘head’ and ‘body’ without affecting the HTML tags in a hundred-thousand lines and upwards of a million words without making a mistake. The solution is to comprehend meaning, to grasp when head is part of a formatting tag and when it isn’t.

Much like a human reader, the translation program needed to comprehend context. It parsed the text, distinguished actual programming statements, formatting commands, comments, and assorted runes in what technical people call a non-trivial exercise.

The smart enough parser had to recognize if “7,9” referred to two registers, two memory locations, a mix of the two, coordinates, formatting, a decimal number, part of a comment, or an actress in a television show.

To minimize errors as I restored the code, I borrowed a programmer to help check expansions. Late into the night, our flat conversations sounded like alien air traffic controllers:

“… Hex two-five-five, nought, bang paren dog-easy minus splat…”

“… Xor var fox fox, double word, two-seven baker niner able, no deltas.”

A splat meant an asterisk, bang an exclamation point, a delta implied a difference, and much of the rest was hexadecimal. You’re following this, right?

Deltas had to be identified and dealt with. A final pass matched the assembled output of the original and my newly created decrypted version.

---

The Flash Gordon Super Decoder Ring

It took a shade over two months, but finally I could inform the vice president he had viable source code, better documented than the original. Since most people couldn’t tell assembler code from alphabet soup, he awarded me congratulations with a vague smile. After all, he had to trust what I said it was.

More satisfying was a phone call I made, one to Sandman.

He said, “I don’t believe it. Impossible. You could not have done it. I couldn’t have done it.”

“It’s true. Got a fax number? I’ll send you a couple of pages plus a cross-reference list of labels.”

“Wow, that’s stupendous. Awesome. I didn’t think it could be done. I respect you, you know. This has been extremely satisfying in a way, a battle of brains. Thrust and parry. Check and mate. You’re as good as they say.”

“You could be a contender, Dan. Do the right thing, join the universe on the side of the angels.”

I thought it was end game, but it wasn’t over yet. When no one was looking, perhaps influenced by his corrupt skating Queen, Sandman slipped another rook onto the board.

Computer Associates

I continued development, expanding the product’s capabilities. Some time earlier I had invented Fx, a technique to carve out an independent partition tailor made for such a product to run in. I refined it for Data Corp, which pleased the customers.

On the sales side, matters were not going well. Sandman was right about one aspect. The business model Chase maintained in his head did not match the reality of the market. Australian Boyd Munro had managed to support a high-flying international sales organization– literally high flying– Boyd and the top officers flew their own private planes. Their salesmen personally visited companies to sell a product that leased for a thousand dollars and upwards a month.

Chase owned a Cessna, but with a product that sold for a fraction of Munro’s in an increasingly competitive and changing market, flying half way across the country to make a sales pitch wasn’t feasible. Although we’d solved the technical and legal catastrophes, the board eyed the bottom line, and S&M– sales and marketing– loomed in their gunsights.

During my break in Boston, the vice president phoned. Another situation. Couldn’t he time dramas to occur when I was in Virginia?

“Leigh, what is your opinion of Computer Associates?”

“My opinion? They have staying power, can’t argue that. They change with the times. The company has a chequered reputation, though, considered shady. Rumors persist about a clash with Tower Systems out in California and that the D-fast and T-fast products were cloned. Supposedly the president’s brother is the corporate attorney, so one story says they bully smaller companies in court, grind them down with legal fees, Software Darwinism, the beast with the biggest claws.”

“Computer Associates expresses an interest in buying the rights to our product. They want to send a software specialist to look over the programs. Can you fly here to show it to him?”

“You want to show a competitor our source code? In light of what I just explained, if only a small part is true, does this make sense?”

“Did I mention they are talking a five with a lot of zeros after it?”

“Five hundred thousand dollars? You are joking.”

“I do not joke.”

“Have them sign a non-disclosure agreement, maybe an MOU. Protect yourself.” I could tell from his reaction he wasn’t listening to anything but a five followed by five zeroes.

Bankers, hard-nosed but so naïve.

CA’s software guru turned out to be a Jersey guy with an enviable excess of kinetic energy. The bank’s coffee klatch girls studied Matt, sizing him up.

“He looks like the Leverage TV actor, you know, Christian Kane without the smile, don’cha think?”

“I picture that bad boy flying down the road on a motorcycle, long hair flattened back by the wind.”

“You hear how he talked to the receptionist? He gives me the creeps. You ever see Andrew Dice Clay?”

“Girlie, we got a male who fogs a mirror. What more do we need in a testosterone drought?”

Matt communicated mostly in monosyllabic grunts and nods, then dove head-first into the programs. The vice president hung about, all but wringing his hands before deciding his presence wasn’t contributing. Chase on the other hand, sat down prepared to answer questions. When Matt opened his notebook and began to make copious notes, I shot a questioning look at Chase. He merely shrugged and motioned me outside the room.

“The VP said anything goes. They want to sell it and don’t want us to throw up barriers.”

“What about the non-disclosure? Your bank had me sign one.”

“You are a consultant. This is an established company.”

“I don’t believe it. You wouldn’t give me a hint about the program until I signed sixteen documents. This guy waltzes in, they open the vault?”

“Pretty much. Look, they know your feelings; they just don’t see it your way.”

The VP returned and offered lunch, a largess almost unheard of. Barbecue, Southern buffet, Chinese… Matt waved them all away. “Cold pizza will do.”

Folks in the Shenandoah Valley like to get to know people they do business with. Matt did his best to keep a distance. Chase was clearly uncomfortable with this, but the vice president took it to mean Matt was all business and above frivolity while the rest of us worried about job security. The fact Matt saved the vice president forty bucks for lunch didn’t hurt either.

The afternoon turned into more of the same. Matt pored over the programs, taking extensive notes, filling page after page. From time to time he stepped out of the room to make private phone calls. About 5:30, we shut down for the evening, unusual for us. We invited Matt out to dinner. Chase suggested bluegrass, but Matt declined both.

We met again at nine the next day. Mid-morning Matt turned his attention to my Fx routine and his interest picked up, so much so that he was copying actual bits of code. How did this advance negotiations, I wondered. I closed the binder cover and excused myself, taking it with me.

I stopped in the VP’s office, and reported I didn’t like the way this was going. I’d developed this routine on my own, already had it purloined once, and I didn’t want it stolen again. Because I benefited from royalties, I allowed the bank to use it but they didn’t own it– I did. My holding out for a signed agreement did not make the vice president happy.

Lunch saw subs delivered. By mid-afternoon Matt said he was ready for a meeting. Even I wasn’t prepared for the audacity of his announcement.

“You know a guy named Daniel Sandman? We bought rights and title to the package from him. After minor changes, we shall bring it to market. We’re willing to pay you $10,000 for whatever rights you think you have and you turn your source code over to us.”

The blatant gall stunned us. Finally, Chase said, “The offer of a half million plus was just bullshit?”

The vice president, never one to forget proprieties, frowned at Chase but said to Matt. “You viewed our source under false pretenses?”

Matt shrugged. “You were under no obligation to show me a fucking thing. I suggest you consider this proposal quickly and unemotionally. I have no idea how long my bosses will keep the offer open. With or without you, we’ll bring the product to market within months.”

“What offer?” said Chase. “This is blackmail.”

“It’s actually extortion,” said the vice president. “It won’t fly here. We own the product. We have taken steps more than once to defend it. I cannot imagine what Sandman led you to believe, but the product is not yours. Now I’d appreciate it if you return the notes.”

“Forget about it. The notes are mine, freely allowed by you. You know Charlie Wong, the guy I work for? And his brother, their lawyer? Believe me, before this is over, we’ll own it, Fx and all, and you’ll be wishing you had the $10,000 to cover your first week of legal fees.”

“Fx is not for sale,” I said flatly.

“You think you can stop us?”

The vice president leaned in. “Our customer base monthly revenue is worth more than you’re offering. I suggest you leave, before Southern hospitality comes to an end.”

Matt tapped his fingers a moment and said, “You’ll regret it. Call me a fucking cab.”

---

The after-conference turned dismal. We had been humbled, deceived, threatened, misled and misused. Only our refusal to be bullied gave us the least comfort.

Matt’s feint and his company’s bluff corroded the bank’s confidence. Computer Associates’ audacity must surely have some credence, mustn’t it? The vice president sent out a tendril of query, tried a civilized probe into Computer Associates, which was met with stony implacability. Gradually, the cold acidic silence ate through the bank’s certainty and sense of justice. They decided to invest no more in the product.

I was retained for the time being because Data Corp still had customers who depended on the software and they would not abandon them. As manufacturers introduced new devices and operating system changes, our package continued to adjust and adapt.

Loose Ends

Chase departed, moving on to sell elsewhere. He reported an industry insider rumor that Computer Associates concluded Sandman either screwed them or they found him too volatile to work with. Either way, they killed off their project. But sadly, they’d also killed ours.

CA’s retreat came too late for us. With sales and marketing shut down, the die had been cast. Within a year or two, requests for updates to the software slowed and then tapered off altogether. The bank ceased billing the last few customers, letting them continue to use the product if they chose or migrate to a competitor’s offering.

Sand Castles

Sandman induced mixed feelings. He possessed a brilliant, if sadly injudicious mind. Like a Greek drama or a Russian novel, the characters and the outcome were doomed from the start. I thought of Sandman less a bad guy and more a pathetic protagonist hemmed in by a distorted perception of the world.

As a result, he acted vengefully and criminally. He’d defrauded a bank and its most important business clients. Goaded by his lover, he blew every chance, every opportunity to get it right. When the blunders of a cigar-chompin’ deputy gave him a get-out-of-jail card, he attempted one more dishonest end-run, reselling a product he no longer owned. It shouldn’t have turned out a tragedy, but characters seldom get to decide the plot.

I confess I relished the contest. Like a novel’s protagonist, I had to see it through until its end. A friend noted I would have fought the battle even if I hadn’t been paid.

As a freelancer, jokes surrounded me about riding into town, smiting a problem, and riding out again as winsome daughters clasped their hands to heaving bosoms and cried out, “Who was that masked man?” Even the industry slang of a hired ‘code-slinger’ evoked the image of a geekish gunfighter. We each enjoy our illusions, but the challenge felt exciting.

Although a resoundingly happy ending didn’t materialize, the case looms in my past with a sense of satisfaction, of skirmishes won and a job completed. One could argue otherwise, but I like to think it a shadow victory for the good guys who prevented the bad guys from winning.

As much as I enjoyed the battle of wits, the world would have been a happier place if Sandman had executed an ethical U-turn into the righteous lane. But if the ungodly, as The Saint was wont to say, always did the right thing, we’d have no story.