Posted by: Michael Morisy
AS/400, Bernie Madoff, Scam, Security
When an Investment Dealer’s Digest article lumped some of the blame for Bernie Madoff’s scam onto the AS/400 (“The Technology Behind the Scam”) and Madoff’s “antiquated systems,” IBM’s venerable business system, the iSeries developer community was quick to defend its fabled friend. After all, technologies don’t scam people, people scam people.
John Dodge does dig up some juicy details on the Ponzi scheme’s execution based on forensic reports:
“[House 17] was a closed system, separate and distinct from any computer system utilized by the other BLMIS business units; consistent with one designed to mass produce fictitious customer statements,” according to Looby’s declaration. House 17′s expressed purpose was to maintain phony records and crank out millions of phony IRS 1099s on capital gains and dividends, trade confirmations, management reports and customer statements.
The AS/400 was like a giant Selectric — indeed, the Application System/400 is a multipurpose server that’s very good at printing. IBM publishes several technical overviews for IT professionals known as “RedBooks” on the AS/400′s extensive printing capabilities and also offers printing and forms design software for it.
But does the AS/400 actually make it any easier to perpetrate an $18 billion scam? Or is it simply a reliable Wall Street standard, a poor technology caught up in the wrong place at the wrong time with the wrong crowd? Vernon Hamberg, a software architect and regular on the Midrange technical dicussion list, wrote a spirited defense of the platform, which he kindly offered to let me publish here:
I read with interest the article by John Dodge about technology behind the Madoff scam. It appears, from a quick read, to put much of the blame squarely on the AS/400 – the technology in question. I strongly object to this – it is, in my opinion, completely wrong-headed. I learned long ago that computers are stupid – they do exactly what you tell them, not what you want. If things were done on these systems that allowed Madoff to carry out his Ponzi scheme, it is not the system’s fault. It is some programmer, some auditor, some whatever human being behind it all.
I am a computer professional who works on these so-called legacy systems – a false categorization, unless you lump Unix systems in along with it. (Unix came out over 40 years ago – shall we talk legacy?) The IBM midrange systems have a tremendous feature, backward-compatibility – anything you wrote 20 years ago can be compiled on current systems without any change in source code. Talk to us about VB.net – about API calls in Windows that don’t work in the next release.
This strength of the system was exploited by a human – the extreme segregation of computing resources that let Madoff get away with his scheme. Mr Dodge’s report of the printing characteristics – well, it is a very narrow presentation of the system’s capabilities. That seems completely beside the point. And this is not unique to these systems. At all!! A distinction without a difference.
I appreciate you taking the time to read this. I ask you to publish a retraction or clarification – e.g., that the technology behind it was NOT to blame. Perhaps something about the true strengths of the platform and how human beings were able to take those strengths and fleece other people in such a way. THAT would be an interesting study in human nature – not the veiled suggestion of culpability of any technology as against that of those who use it.
Vernon M. Hamberg
RJS Software Systems
What are your thoughts? Does complex, custom legacy software make it easier to quietly caper, or are villains just villains, no matter how shiny the software and technology? I’d love to hear your thoughts in the comments or at Michael@ITKnowledgeExchange.com.
More on the Bernie Madoff scam: