Back in 1997, I was working at a company named Encore creating a new hotel reservation system based on a referral from my friend – Ron Ostreim – not long after Mirage Hotels in Las Vegas.
One day, Bob, the manager, an extraordinarily high blood pressured man who’s technical savvy was on par with a neanderthal, had a penchant for taking things far too seriously.
One day, I was feeling particularly feisty, after he berated me for some reason, ending his insult with ‘Can’t you put 1 and 1 together’?’
“:You mean two and two,” I said, referring to the saying I had thought he intended to say.
“No I mean what I said I mean, 1 and fucking 1, can you put those together?,” he yelled.
Nonplussed, I looked at him with a completely straight face and said “OF course I can, it’s 11”.
His lid just about popped off at that point.
“WHAT THE FUCK ARE YOU TALKING ABOUT?” he yelled.
“You asked what 1 plus 1 was, I said 11?,” I replied nonchalantly, without so much as a smile.
I had an angry father growing up, and had grown some pretty thick skin reacting to negativity in the course of my life, and this was my way of dealing with it – simple annoying obstinance.
Meanwhile, Ron was over n the corner cube cracking up.
In that moment – Bob went from 10 to furious with me in no time, his face beet red, as he walked outside to have a cigarette.
When he came back inside, he continued his yelling “I hope you’re not being fucking serious,” he said, “1 and 1 is 2.”
“Oh now that you stated it like that. It’s actually 0”.
I saw a blood vein bulge out of his head.
“Boy. Are you fucking stupid?,” he asked.
I finally cracked a smile.
“Bob, I can prove it if you like,” I said
“I would like to see that,” he replied.
So I walked over to the whiteboard, writing this on the board:
“1” & “1” = “11” 1 and 1 = 0 1 + 1 = 2
Now what Bob wasn’t getting was this – I – and my goofy sense of humor – was making a joke based on knowledge of something called data types – something he SHOULD have had awareness of given he was spending time coding himself, and this was a geek humor way of poking fun at different ways of storing and retrieving values in Visual Basic programming.
Visual Basic, after all, was the primary language of Encore’s programming efforts.
And a language, quite frankly, Bob was HORRIBLE at.
“Get back to work,” he yelled, as he yanked his chair out form under his desk.
I had another habit of raising the arms on his chair when he left the office, to make it stick under the desk., making it very hard to pull out from under the desk without effort.
“QUIT FUCKING WITH MY CHAIR!” he yelled.
He sat fuming at his desk after that.
Ron and I sat giggling like school children.
Now a data type, is the way in which data is stored (or represented) in computer memory.
A simple analogy is a phone number. Now if you’re from the United States, and from this time era, then it’s going to contain 7 or 10 digits. If you were to have a data type called a phone number, which modern applications tend to create their own version of, you wont be able to place anything but what that data type allows without an error.
Not all languages have them, but they come in absolute handy when trying to ensure that data is stored, displayed, and retrieved in a consistent fashion and error handling occurs at the time of entry.
Now why is this important?
Let’s say you have a program which looks up movies by date range, and you want to find all movies released between January 1st, 1990 and December 31st, 1994.
Now typically, data like this is stored in a database, and hackers know this.
And typically. Companies don’t understand the importance of security around data storage.
And hackers understand this too.
So they do something called a SQL Injection attack, which is nothing more than putting values in data fields that programmers and quality personnel might have missed, which can be used to physically execute code on the database server itself.
Pretty quickly – this lets a hacker gain full control of a pivotal system for any company.
The rest of “The Enterprise” is theirs to do anything they want to with.
This is in actuality the largest vulnerability issue giving hackers access to credit cards and customer data around the world today.
And believe it or not, it’s actually NOT hackers causing the majority of issues with problems like this. It’s poorly designed applications with no data validation, it’s users not speaking your language and understanding what you’re asking for on your forms, it’s noise in lines, glitchy networks, slow and glitchy communication.
The hackers merely shone a light on the problem that has long been occurring on a massive scale.
Now programmers try to mitigate this issue by checking for conditions and testing their code, but as I learned in the past – this is like playing whack a mole, where no amount of quality control staff will prevent a hacker from figuring out ‘the perfect combination’ to break through.
The purpose of strong data – that is – KNOWING what can be stored in memory for your data – is to achieve some semblance of predictable consistency when information gets passed around from the point where it enters a system and as it traverses the system.
Why is this important?
- It makes a programmer’s job that much easier when working with predictable information.
- It reduces the amount of error checking necessary when working with predictable data, thus speeding up the responsiveness of computer based systems.
- It provides the programmer and business interests they represent to spend more time on actual functionality and material rather than playing games of whack a mole.
- Put simply: COST EFFICIENCY (Less IT staff needed in general)
With that said, not every programming language stores and maintains the same data types, so when working between programming languages, NEVER assume the types are a one for one translation, because – similar to when you convert between spoken languages – a word spoken in one language may NOT mean the same thing in another.
I will get to specific information about Visual Basic’s data types in a moment
But first – to understand what a data type is – It’s nothing more than a statement to the computer of WHAT is allowed to be placed in a named container.
If you took algebra, which I wouldn’t expect you to have done to understand this – here’s an example:
Take the statement “X + 3 = 4”, now using addition, solve for X
X in this instance is what’s known as a variable in computing terms – meaning it can contain a variable amount of values – in a language such as Visual Basic.
Solving for X, in this case, the solution is clearly the value of 1.
Now to understand what hackers do – they LOOK for areas where you’re doing calculations, or storing information – and then they make assumptions based on what you might have overlooked.
In a case like this, they might try plugging in the values of “FARVIGNUGEN^^RUNTHISCODE” into X, and if this calculation occurred on the server, the ‘^^’ could have been an escape code to run on the server in case of conversion error, causing some random code to be executed after that.
Now with Visual Basic 6.0 and strongly typed languages – they prevent this from happening by catching that error ‘up front’ before it even hits the server.
Here’s the basic data types in Visual Basic 6.0 AND the values they can contain.
|Data type||Storage size||Range|
|Byte||1 byte||0 to 255|
|Boolean||2 bytes||True or False|
|Integer||2 bytes||-32,768 to 32,767|
|Long (long integer)||4 bytes||-2,147,483,648 to 2,147,483,647|
|Single (single-precision floating-point)||4 bytes||-3.402823E38 to -1.401298E-45 for negative values; 1.401298E-45 to 3.402823E38 for positive values|
|Double (double-precision floating-point)||8 bytes||-1.79769313486232E308 to -4.94065645841247E-324 for negative values; 4.94065645841247E-324 to 1.79769313486232E308 for positive values|
|Currency (scaled integer)||8 bytes||-922,337,203,685,477.5808 to 922,337,203,685,477.5807|
|Decimal||14 bytes||+/-79,228,162,514,264,337,593,543,950,335 with no decimal point; +/-7.9228162514264337593543950335 with 28 places to the right of the decimal; smallest non-zero number is +/-0.0000000000000000000000000001|
|Date||8 bytes||January 1, 100 to December 31, 9999|
|Object||4 bytes||Any Object reference|
|String (variable-length)||10 bytes + string length||0 to approximately 2 billion|
|String (fixed-length)||Length of string||1 to approximately 65,400|
|Variant (with numbers)||16 bytes||Any numeric value up to the range of a Double|
|Variant (with characters)||22 bytes + string length||Same range as for variable-length String|
In any case, the ‘joke’ I played on Bob was simple:
If you have a string data type, and store the value of 1 in there, you wind up with the value of “1”. If you add “1” as a string with “1” as a string – that’s something known as string concatenation – you wind up with the value of “11”.
Now if you store the value in an integer type, and take 1 as an integer and add it to 1, that’s equivalent to saying 1 + 1 = 2..
And finally, a concept I will get into later – if you have 1 and you do a bitwise operation called an AND with1 AND 1 = 0.
So my joke was nothing more than a joke based on data types, a pretty boring and lame concept if you’re not a geek, and in hindsight, it was MUCH funnier then that it is now.
This is not to say that data types do not introduce problems of their own, some problems can be quite obscure in fact – including problems such as understanding rollover, rollunder and overflow.
When you reach the capacity limits of strong numeric real number based types, the next value in that sequence will cause an overflow condition.
For example – if you have an integer which ‘contains’ the value 32767 in it, and you add 1, Visual Basic will quite literally tell you that you have an error yin your code.
This is nothing more than saying that you have reached capacity for that type.
Some programming languages – for instance older versions of “C” do something entirely different if using the same storage space – it will quite literally ‘rollunder’.
So the NEXT valid AFTER 32767 BECOMES NEGATIVE 32768.
You heard right.
Adding ‘1’ to ‘32767 to something called a signed integer in the ‘c’ language will result in -32768!
If you were a hacker – you generally speaking can search a company’s ‘now hiring’ sections online and off to learn what languages they use.
You then use this information to determine what vulnerabilities to target with poorly implemented code.Are they looking for “C” programmers, “Python” programmers, or “Visual Basic” programmers?
Knowing what they hire for makes it easier to ascertain vulnerabilities, which is why most intelligence agencies around the world do not post real hiring requirements.
Put simply, they don’t want to advertise what they need.
There are NUMEROUS other problems strong data types present.
And simple problems such as rounding problems has actually made for awesome movies such as Office Space – as humans continue diving into the quantum world, and adventuring into space and considering the effects of relativity with time calculations, we’re going to be experiencing a plethora of problems presented by the simple floating point calculations involved with impossibly small and huge numbers, and our concept of zero.
Having a strong knowledge of data types is crucial to understanding, scientifically, when and where these problems manifest themselves, which can often times mislead the analyzer of what may otherwise seem like perfectly valid data results.
Understanding data types AND their limitations, in my opinion, is critical to understanding problems with numbers in a variety of statistical and mathematical methods, and important whether you’re in marketing doing demographic analysis, construction leveraging computer aided drawing, aeronautical engineering and propulsion systems, procurement and and dealing with cost analysis, and more.
Case in point: CERN scientists to this day cannot seem to agree on whether a particle traveled faster than light. in the first experiment in 2008.
Why? Floating point operations with very small AND very large numbers become imprecise the larger or smaller the number. So as the speed of a particle in an experiment approaches the absolute computerized limits of the observational equipment, well guess what happens when trying to review data that exceeds or is constrained by computing?
I am personally surprised they continue struggling with this.
It seems so perfectly.. obvious…
More interesting than that. As numbers approach infinity,, positive negative, or 1/infinity, positive or negative, a BUNCH of whacky things can happen.
Ever wonder why crazy shit happens in simulated event horizons f black holes? Do ya REALLY think that’s what happens in reality? Wink winkl ‘;-)
In any case, the benefit (and sometimes frustration) of data types is simple:
You’re working with known and predictable values, which reduces the error (and error logic ) – which typically increases application reliability, and you’re potentially reducing the risk to your business servers.
The drawbacks are numerous – You’re constraining values to predictable types and behind the scenes storage patterns.Which is critical to understand with highly important calculations.
Not always a good thing.
For instance, old programs used to rely on data types never exceeding 8 bits until it did and reached 16, then 32, now 64, – so what if you move to a computer system where data is stored in larger types (such as 128 bit computing or more) or there are different sizes of bytes (ie: 2^10 or 2^13).
Or better – imagine working with computers based on the benign intelligent lifeforms from Lognar – mathematically oriented beings who represent data on their computers in forms of logarithms (e^8)?
Technological shifts are frequently unpredictable, which – fortunately – creates business opportunities for those who didn’t plan ahead.
But for predictability on the backend servers, fuggedaboutit.
Until next time.