Many software bugs
are merely annoying or inconvenient but some can have extremely serious consequences - either financially or as a threat to human well-being. This is a list of the software bugs with the most notable consequences:
- NASA Mariner 1 went off-course during launch, due to a missing overbar in the specifications for its FORTRAN software (July 22, 1962). Note that the initial reporting of this software bug was incorrect (another bug).
- NASA Apollo 11 a software error during the final approach to land on the moon came close to crashing the Lunar Module (July 20, 1969).
- Russian Space Research Institute's Phobos 1 deactivated its attitude thrusters and could no longer properly orient its solar arrays or communicate with Earth, eventually depleting its batteries. (September 10, 1988).
- The European Space Agency's Ariane 5 Flight 501 was destroyed 40 seconds after takeoff (June 4, 1996). The US$1 billion prototype rocket self-destructed due to a bug in the on-board guidance software.
- NASA Mars Polar Lander destroyed because its flight software mistook vibrations due to atmospheric turbulance for evidence that the vehicle had landed and shut off the engines 40 meters from the Martian surface (December 3, 1999).
- NASA Mars Global Surveyor a mis-sent command from Earth caused the software to incorrectly assume that a motor had failed, causing it to point one of its batteries at the sun - subsequently overheating it. (November 2, 2006).
- A bug in the code controlling the Therac-25 radiation therapy machine was directly responsible for at least five patient deaths in the 1980s when it administered excessive quantities of X-rays.
- A Medtronic heart device was found vulnerable to remote attacks in March 2008.
- The year 2000 problem, popularly known as the "Y2K bug", spawned fears of worldwide economic collapse and an industry of consultants providing last-minute fixes. In addition, it is possible the problem could recur in 2038 (the year 2038 problem), as many Unix systems calculate the time in seconds since 1 January 1970, and store this figure as a 32-bit signed integer, for which the maximum possible value is 231 (2,147,483,648).
- The Pentium FDIV bug in which certain Intel processor chips would produce incorrect results for certain floating point division operations.
Electric power transmission
- AT&T long distance network crash (January 15, 1990), in which the failure of one switching system would cause a message to be sent to nearby switching units to tell them that there was a problem. Unfortunately, the arrival of that message would cause those other systems to fail too - resulting in a 'wave' of failure that rapidly spread across the entire AT&T long distance network.
- Eve Online's deployment of the Trinity patch, which erased the boot.ini file off of several thousand users' computers. This was due to the usage of a legacy system within the game that was also named boot.ini. As such, the deletion had targeted the wrong directory instead of the /eve directory.
- In the Sony BMG CD copy prevention scandal (October 2005), Sony BMG produced a Van Zant music CD that employed a copy protection scheme that covertly installed a "rootkit" on any Windows PC that was used to play it. Their intent was to hide the copy protection mechanism to make it harder to circumvent. Unfortunately, the rootkit inadvertently opened a security hole resulting in a wave of successful trojan horse attacks on the computers of those who had innocently played the CD. Sony's subsequent efforts to provide a utility to fix the problem actually exacerbated it.
- In order to fix a warning issued by Valgrind, a maintainer of Debian patched OpenSSL and broke the random number generator in the process. The patch was uploaded in September 2006 and made its way into the official release; it was not reported until April 2008. Every key generated with the broken version is compromised, as is all data encrypted with it, threatening many applications that rely on encryption such as S/MIME, TOR, SSL or TLS protected connections and SSH.