There is a long history of identifiers being reused in world shipping.
One of the staples of contracts class in the first year at many law schools is Raffles v Wichelhaus, an English contract case from 1864.
There was a contract for someone to sell a bunch of bales of cotton from India to a buyer in England. The contract called for the cotton to be sent on a ship called the Peerless to Liverpool from Bombay.
Unknown to both the buyer and the seller there were actually two different ships called Peerless both sailing from Bombay to Liverpool, one arriving in October and one in December.
They seller was thinking of the December one when signing the contract, and the buyer was thinking of the October one.
The buyer needed the cotton in October and when it did not arrive on the Peerless in October the buyer considered the contract broken and refused to accept the cotton that came on the December Peerless.
We encounter this all the time at work. New customer, so new integration. What's your unique shipment reference? This one? Ok fine. Go into production, and after a few months we get missing shipments. Support check, missing shipments have same reference as old shipments. "Oh, yeah we reuse the references after about 90 days... And, no, we don't have any globally unique references."
This is fun when so much of the flow is based on these references, think goods arrival scanning, and sometimes shipping does take a long time so 90 days or whatever is cutting it close.
> Consequently, as there was no consensus ad idem ("meeting of the minds"), the two parties did not agree to the same thing and there was no binding contract ... therefore, the [buyer] did not have to pay.
Reading this case, I'm surprised at the outcome. The seller fulfilled on the terms of the contract.
The contract also didn't specify the precise color or weight of the cotton, the exact destination, etc etc etc so the defendant could make similar claims to renege on the contract.
Granted, time is arguably special inasmuch as it allows the seller to construct a scenario for fulfillment, e.g. the seller could've delivered 100 years later on a new boat that happened to be named Peerless. That's clearly not the intent.
In that sense, a contract can be considered void if it doesn't reasonably specify time.
You’d think serious contracts would normally have provisions that would require mentioning expected dates, since late shipments would presumably be a common occurrence you’d want all parties to consider explicitly.
This is legit one of the things I love most about HN, articles might be 80% about tech, but the content in the remaining 20% can be about pretty much anything, and it's always fascinating to get insight into other domains. Never considered that containers were numbered, let alone that a number clash is a significant incident, but thinking about it, yeah it makes sense.
It sounds like the actual unique number is only 6 digits long and chosen by the manufacturer, so it could either be a mistake or identical randomly generated numbers. My math is a bit rusty - how you you solve the birthday problem for 1mil instead of 365?
Worked for a small ISP in early 2000s. Not every new customer had an ethernet card in their PC and we had problems like installation crews calling the office that there is no port to stick the cable in.
The company obtained 300 cheap Intel PRO/100 Fast Ethernet NICs from China. The idea was that the crews would have a bunch of those cards to be able to install them in customers' computers.
Everything was dandy until second installation in the same building. For a little more backstory - it was a kind of shitshow infra with dumb switches and all customers in a building being in the same LAN.
So... the second installation in the same building rendered the former newest customer's link inoperable. Or wouldn't work, then suddenly there was connectivity, then there was no ping to the gateway but some other devices were pingable etc etc. The crew replaced the card with another one (from the same shipping), re-crimped RJ45s on both ends, changed switch port and nothing - same shit with random internet connectivity losses. Weird situation with seemingly no reason for what was happening.
It later turned out that the reason was that all 300 NICs had the same MAC address. All of them.
20-odd years ago, the college I attended (and worked for) was outfitting one of the computer labs with new network cards; migrating from Token Ring to Ethernet as I recall. To do this, 3COM cards had been bought by the boxful.
We replaced all of the cards, and booted the lab. 1 machine got an IP and then it all went to hell. Every single machine showed up with the same MAC. Think we had to rip and replace to fix it.
I used to work for a company that sold labels for various third party printer manufacturers, and let me tell you, some of them were VERY lazy when it came to assigning MAC addresses.
I worked for a company that made a networking product and we managed to build 1,000 units with the same MAC address (we had a big block of assigned addresses) because of a miscommunication with the vendor who provided the preprogrammed microcontrollers..
Luckily the MAC was in a rewritable location so it was possible, if a royal pain in the ass, to reprogram them all.
I'm having trouble finding a reference just now, but the MAC address for a modem-based link on Windows had "DESK" until it started causing real trouble. And one of those problems was that GUIDs were obtained by using "the MAC address" of the PC as an input to a DEC-Intel-Xerox-Microsoft algorithm. Around the time of this coming to a head, it came up that some manufacturers were out of MAC addresses for whatever reason, and also that some manufacturers were assuming that two random NICs on an Ethernet would not both be one of $MANUFACTURER's cards, so care was not necessary.
The container in question is SLHU4500470. The first four characters are the owner, the next 6 digits are the unique (per owner) number, and the last digit is a check digit.
Somehow I always assumed there'd be more than 6 digit IDs for these things. I'd guess collisions have happened, but never been caught in the same port before.
> “I have never seen two containers carrying the same number in my 27 years of career in the shipping sector,” pointed out Mohammed Abdullah Jahir, chief operating officer of Saif Maritime Ltd, adding that such an incident cannot be detected unless the boxes arrive at the same port at the same time.
If the port authority conducting the inspection are not diligent, it's easy to miss this.
I always wondered if this was designed to integrate into the existing railway numbering system. In the US, at least, owner identifiers are pretty consistently 4 characters or less, and individual unit numbers are 6 digits or less (i. e. BNSF 123456).
I worked at a small "automall" of several dealerships. Our system operated inventory numbers based on the last 6 digits of the vin#.
Sounds like with 1 million options, you'd be fine.
It didn't take long for duplicates to start coming up when you have hundreds of cars in stock, and sell hundreds a month.
Let alone the problem with a car being sold new, and then being traded back in. That was fine, because we had a different leading digit for new vs used. But you'd be surprised how often a used car gets sold, and then traded in again at the same place. Now what number does it get? The same one. Fine, atleast they're not both in stock at the same time. Great. Sell it again. Then when a customer calls six months later, try and lookup the deal your most common way... Oh ya.. now I've got 4 possible deals for this car.
I wonder how common actually duplicated serial numbers are in various things. In some cases they do matter, but in many others not really. Think of the non-smart devices.
And it can often be simple human error. Some fat fingers the wrong range in morning, forgets to list the used codes, reads the wrong line, some glitch preventing machine from saving the last used code...
Just remember how much stuff is made by cheapest possible bidders, who might not be so much interested to deliver best work always.
Somewhere I worked used the wrong serial numbers of postal delivery. We had an overflow which no one noticed for about a year and we ended up using the same range as another customer of the postal company. There were thousands of parcels with duplicated serials, everything arrived fine and as far as I know there's been no real admin issues either. So in this case it didn't matter.
In this case, it appears to be a mistake. That a number was accidentally reused.
But a concern could also be fraud, theft, smuggling, etc. A “bad” container that was supposed to fly under radar mocked up to look legit if anyone checked.
This seems indicative of a security concern. When this happens it could indicate someone is trying to get a container full of e.g. explosives or chemical weapons to be shipped to a target city without a paper trail. Imagine if the malicious container had e-ink screens on the outside that allowed the numbers to be changed on the fly to route the container through multiple untraceable steps. :(
Several years ago I worked for a company that made a usb+network and usb-only skew of their product. The usb-only boards were the same as the usb+network boards with a few parts not populated.
We started getting tech support complaints when we sold the product into China. Turns out, an enterprising vendor bought a single usb+network printer, desoldered the EEPROM (containing the ethernet mac address). Then that vendor bought usb-only (cheaper) products, added the additional parts and bulk copied the single eeprom image (with the mac address) onto the new products, selling them as the more expensive usb+network sku. Result: a dozen+ of our product running on the LAN with the same mac address.
Many years ago I encountered cheap knock-off network cards¹ that had default MACs in the range of a big known name brand, and as far as I know it wasn't some cross-branding/affiliate/other deal. So yes, there has been and no doubt still is.
[1] in fact, back in my student days most NICs I had were cheap knock-off versions, the "real" things were not the inexpensive items they are today. This predates it being common to have one built into your motherboard, even more expensive ones, by some time.
Many years ago I worked for a major cellphone service provider in Europe - cellphones with duplicate IMEI numbers were an issue (the IMEI number was meant to be unique per cellular device much like a MAC address). This occasionally prevented an IMEI block on a stolen phone.
IIRC that's what some manufacturers did. However, rather than squatting in someone's existing range, they ended up squatting in unused ranges that were unlikely to be assigned anytime soon (back in those days the assignments were sequential). IEEE ended up cracking down on this by randomizing OUI assignments.
[+] [-] tzs|3 years ago|reply
One of the staples of contracts class in the first year at many law schools is Raffles v Wichelhaus, an English contract case from 1864.
There was a contract for someone to sell a bunch of bales of cotton from India to a buyer in England. The contract called for the cotton to be sent on a ship called the Peerless to Liverpool from Bombay.
Unknown to both the buyer and the seller there were actually two different ships called Peerless both sailing from Bombay to Liverpool, one arriving in October and one in December.
They seller was thinking of the December one when signing the contract, and the buyer was thinking of the October one.
The buyer needed the cotton in October and when it did not arrive on the Peerless in October the buyer considered the contract broken and refused to accept the cotton that came on the December Peerless.
[+] [-] magicalhippo|3 years ago|reply
This is fun when so much of the flow is based on these references, think goods arrival scanning, and sometimes shipping does take a long time so 90 days or whatever is cutting it close.
[+] [-] yashg|3 years ago|reply
[+] [-] petesergeant|3 years ago|reply
[+] [-] sigstoat|3 years ago|reply
[+] [-] asah|3 years ago|reply
Reading this case, I'm surprised at the outcome. The seller fulfilled on the terms of the contract.
The contract also didn't specify the precise color or weight of the cotton, the exact destination, etc etc etc so the defendant could make similar claims to renege on the contract.
Granted, time is arguably special inasmuch as it allows the seller to construct a scenario for fulfillment, e.g. the seller could've delivered 100 years later on a new boat that happened to be named Peerless. That's clearly not the intent.
In that sense, a contract can be considered void if it doesn't reasonably specify time.
[+] [-] tshaddox|3 years ago|reply
[+] [-] arecurrence|3 years ago|reply
Edit: Source https://www.thedailystar.net/business/news/two-containers-sa...
"Five containers of the second batch have numbers akin to another five belonging to the previous batch, according to Borhan."
[+] [-] Pxtl|3 years ago|reply
[+] [-] bluehorseray|3 years ago|reply
[+] [-] SturgeonsLaw|3 years ago|reply
[+] [-] Barrin92|3 years ago|reply
https://press.princeton.edu/books/paperback/9780691170817/th...
[+] [-] smarx007|3 years ago|reply
[+] [-] shreyshnaccount|3 years ago|reply
[+] [-] ortusdux|3 years ago|reply
https://containertech.com/articles/shipping-container-number...
https://en.wikipedia.org/wiki/Birthday_problem
[+] [-] lamontcg|3 years ago|reply
And that was a long time ago with a comparatively very small server count compared to today.
Someone's manufacturing database probably had a tiny race condition.
[+] [-] hericium|3 years ago|reply
The company obtained 300 cheap Intel PRO/100 Fast Ethernet NICs from China. The idea was that the crews would have a bunch of those cards to be able to install them in customers' computers.
Everything was dandy until second installation in the same building. For a little more backstory - it was a kind of shitshow infra with dumb switches and all customers in a building being in the same LAN.
So... the second installation in the same building rendered the former newest customer's link inoperable. Or wouldn't work, then suddenly there was connectivity, then there was no ping to the gateway but some other devices were pingable etc etc. The crew replaced the card with another one (from the same shipping), re-crimped RJ45s on both ends, changed switch port and nothing - same shit with random internet connectivity losses. Weird situation with seemingly no reason for what was happening.
It later turned out that the reason was that all 300 NICs had the same MAC address. All of them.
[+] [-] cricalix|3 years ago|reply
We replaced all of the cards, and booted the lab. 1 machine got an IP and then it all went to hell. Every single machine showed up with the same MAC. Think we had to rip and replace to fix it.
[+] [-] halestock|3 years ago|reply
[+] [-] HeyLaughingBoy|3 years ago|reply
Luckily the MAC was in a rewritable location so it was possible, if a royal pain in the ass, to reprogram them all.
[+] [-] cardiffspaceman|3 years ago|reply
[+] [-] banana_giraffe|3 years ago|reply
Somehow I always assumed there'd be more than 6 digit IDs for these things. I'd guess collisions have happened, but never been caught in the same port before.
[+] [-] watchdogtimer|3 years ago|reply
[+] [-] Denvercoder9|3 years ago|reply
[+] [-] webmobdev|3 years ago|reply
If the port authority conducting the inspection are not diligent, it's easy to miss this.
[+] [-] hakfoo|3 years ago|reply
[+] [-] namecheapTA|3 years ago|reply
[+] [-] swamp_thing|3 years ago|reply
[+] [-] Ekaros|3 years ago|reply
And it can often be simple human error. Some fat fingers the wrong range in morning, forgets to list the used codes, reads the wrong line, some glitch preventing machine from saving the last used code...
Just remember how much stuff is made by cheapest possible bidders, who might not be so much interested to deliver best work always.
[+] [-] rwky|3 years ago|reply
[+] [-] UberFly|3 years ago|reply
[+] [-] remflight|3 years ago|reply
[+] [-] SV_BubbleTime|3 years ago|reply
In this case, it appears to be a mistake. That a number was accidentally reused.
But a concern could also be fraud, theft, smuggling, etc. A “bad” container that was supposed to fly under radar mocked up to look legit if anyone checked.
[+] [-] aasasd|3 years ago|reply
[+] [-] upwardbound|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] vivegi|3 years ago|reply
The manufacturer's new container-id generation logic probably has/had this category of issue (i.e., TOCTOU).
[+] [-] wheybags|3 years ago|reply
[+] [-] linuxlizard|3 years ago|reply
We started getting tech support complaints when we sold the product into China. Turns out, an enterprising vendor bought a single usb+network printer, desoldered the EEPROM (containing the ethernet mac address). Then that vendor bought usb-only (cheaper) products, added the additional parts and bulk copied the single eeprom image (with the mac address) onto the new products, selling them as the more expensive usb+network sku. Result: a dozen+ of our product running on the LAN with the same mac address.
[+] [-] dspillett|3 years ago|reply
[1] in fact, back in my student days most NICs I had were cheap knock-off versions, the "real" things were not the inexpensive items they are today. This predates it being common to have one built into your motherboard, even more expensive ones, by some time.
[+] [-] giobox|3 years ago|reply
[+] [-] gruez|3 years ago|reply
[+] [-] randomfool|3 years ago|reply
[+] [-] kube-system|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] sabas_ge|3 years ago|reply
[+] [-] kurofune|3 years ago|reply
[+] [-] karaterobot|3 years ago|reply
[+] [-] unknownaccount|3 years ago|reply
[+] [-] WebbWeaver|3 years ago|reply
Sounds troubling.