Tuesday, April 22, 2014

Exploratory and Scripted Software Testing

My response to, The Software Tester’s Easter Egg Hunt
I also whole-heartedly agree with his overall point that skill-based testing is much more valuable than the ability to mindlessly create and run hundreds of scripted tests. The only issue here is that, in order to make Holland’s point a bit more realistic, you really need to add a few layers to this hunt:
  • The eggs aren’t always visible at first glance.
  • Each hunt lasts a finite amount of time.
  • After each hunt, someone else renovates the building and hides new Easter eggs.
When you include these factors in the equation, scripted tests can become an extremely valuable asset.
Also each bug may only appear when certain other conditions are in specific states and when they are not in those states everything works fine (pairwise and combinatorial bugs). Like I can't use your comment system with Chrome ("Disqus seems to be taking longer than usual. Reload?" - just forever, reloading...) but I can with Firefox. The most apparent/predictable pairwise and combinatorial bugs can be caught with exloratory testing. Many may not be though. Scripted testing is good to check specific settings for specific results. Doing a bunch of this programmatically is very useful (especially to catch unexpected bugs from minimal code updates - doing full exploratory testing of an entire application every time any code is updated would take a great deal of resources - and likely slow things down too). Doing some of it with a person looking for issues in specific test cases is wise. Thinking this is all you have to do is very unwise. You need exploratory testing by a knowledgeable software tester (or if this isn't possible then exploratory testing by a user proxy - this is not perfect but is much better than nothing) if you care about the quality of your software. Related: Which is Better, Orthogonal Array or Pairwise Software Testing? - Maximizing Software Tester Value by Letting Them Spend More Time Thinking - Cem Kaner: Testing Checklists = Good / Testing Scripts = Bad?

Tuesday, April 15, 2014

HP Leaders Once Again Caught in Corruption Scandal

Hewlett-Packard seems destine to continue to have extremely bad behavior by those chosen to lead the company. At some point they need to appoint a board with the ethics and moral compass to take the proper actions and the competence to take effective action.

Hewlett-Packard Admits to International Bribery and Money Laundering Schemes
Hewlett-Packard has admitted to creating and using slush funds for bribes, money laundering, and clandestine “bag of cash” handoffs in order to profiteer off of lucrative government contracts in Russia, Poland, and Mexico, according to court documents.

HP’s guilty plea carries with it a $108 million penalty — a combination of SEC penalties, as well as criminal fines and forfeitures paid out to the Department of Justice. Thus far no criminal charges have been brought against American HP executives. The multi-agency investigation, which was conducted by multi-national law enforcement partners, the FBI, IRS, and SEC, has revealed kleptocracies in the three foreign governments and corruption and dishonesty among HP corporate fat cats.
I have written before about the corruption on the HP board and other bad behavior. Such a shame for a company that once was ethical and produced value for society.

Related: Geo-obsolense from anti-global HP (in addition to planned [coded-in] obsolescence HP breaks customers products based on geography - HP Poor Service – Industry Standard? (2006) - $8,000 Per Gallon Ink from HP (2007) - Another Year of CEO’s Taking Hugely Excessive Pay (in 2008 HP CEO took 7.4% of corporate profits personally before being tossed due to ethical failings). - Bad Behavior at HP (2006)

Thursday, April 10, 2014

What I Would Include in a Redesigned Twitter Profile

Twitter has rolled out a new profile design with heavy emphasis on photos. It is being rolled out over the next few weeks, my account doesn't have it yet. Follow me on Twitter: curiouscat_com.

The new large banner image is good and the positioning of the Twitter user's avatar in that is good. The old design had the Twitter user's avatar in the middle of the larger photo which wasn't a great design.

The changes are not that large it doesn't seem to me, just some layout tweaking for more image space and a tiny bit of change (the list of followers is not "card" like instead of old tweet stream like) but still minor.

I would provide more space for the user to explain themselves and link to their other web sites, interests etc. I would have a new profile page (in addition to the current tweet stream page) that let the user write few paragraphs about themselves. I would let them add several web links (maybe force it into specific patterns but probably not). If it was forced into a specific pattern you could say let them add, for example): I would provide interesting view of data that can be gleaned from the Twitter universe on the profile page. I would have a "tag" cloud based on their use of # in their tweet stream (I would also put this tag cloud on their tweet stream page). How about a tag cloud based on those they follow? A tag cloud based on their favorited tweets.

Provide a link to their top 20 retweeted tweets (and such like things top 20 favorites). Provide another view with a decaying over time variable (so new stuff would rise and older stuff drop - like Reddit but much more slowly).

I would let them select tags they are interested in (and based on tags selected suggest other tags and users to follow). I would show links to popular users on specific tags. I would likely and some Klout like ratings (including doing so based on topics).

I would provide interesting data mining information based on users. For example, take the list of people following me, show a list of the top 20 people followed by everyone following me. Show a list like that but tweaked to compensate for overall popularity (so lets say Bill Murray is followed by millions of people and Justin Hunter isn't 5 of my followers following Justin would put Justin ahead of the 15 following Bill). I think there are probably all sorts of cool ways to show interesting stuff based on the data Twitter has.

I would also turn off nofollow on some links (I am not that tied to how this was done, personally I would do it for all links, in tweets, profile etc.) based on algorithms determining the user was popular and should be "trusted" as not spammy. It might make sense to have a couple levels based on how good the algorithm detrained the user to be.

Twitter is stuck in this outdated model based on fear of Google penalizing sites that annoy Google and so Twitter marks all non-Twitter links as "untrusted" (nofollow).

Maybe Twitter is also using nofollow because based on the poor way Google is using nofollow Twitter's pages itself are pushed high by telling Google not to trust any links on Twitter. Google+ started off not telling its Google search people all their links were untrusted. I am not sure, but when I look now it seems like Google+ has started untrusting all links that don't directly aid Google (so internal links to a Google page - like the users Google+ profile are trusted and all other links are said to be untrustworthy). We really need the other search engines to step of their game as Google gets worse and worse about finding good content and instead is focused on finding content that don't run afoul of any Google dictate.

It is this fear of Google that results in sites marking all links not to their sites (or sites with which they have corporate allegiance - so large companies benefit greatly from the aim to provide very few links that are not marked untrusted, as they have large set of corporate sites and large corporate alliances).

There is so much more Twitter could do with profiles and customization they really should be doing much more by now.

Related: Google Falls Victim to Google’s Confusing Dictates, Punishment to Google and Google Users Likely - How Google Could Improve Results (2005, most are still needed) - posts on usability (management blog)

I would also let you delete direct messages. I have idiotic spam DMs and I can't see anyway to delete them.

Tuesday, April 01, 2014

Site Owner Impressed with FBIs Response to The Theft of Their Domain

My Website Was Stolen By A Hacker. And I Got It Back.
The morning after I found out about the unauthorized transfer, I also called the FBI. I felt silly and dramatic making the phone call, but the reality is that this is an international cyber crime issue, and that’s FBI territory. And this is my business. It’s how I support my family, and it may be a “small matter” in the grand scheme of things, but it is not a small matter to me.

And let me tell you: of all the surprises I’ve had over the past week or so, most surprising of all has been the FBI. They responded immediately, with follow-up phone calls and emails, an in-person interview with two special agents at my own home within 24 hours, and a follow-up visit from two agents yesterday. Beyond that, each and every agent I have interacted with over the past week has been, without fail, compassionate, thoughtful, invested, respectful, and committed to action…in addition to treating me not like a case number, but like a human.

What I expected was to leave a message with a general mailbox and at some point receive a form letter; I certainly did not expect to see an active investigation opened immediately. I’m not going to write more about the investigation because it’s still ongoing (although I did ask for and receive permission to write about this), but I think it’s important to say how absolutely blown away I have been by the FBI’s response.
This is great news. The FBI needs to do a better job of stopping online crime. It is a difficult task, but the damage done is great and the criminals don't seem very concerned with the level of law enforcement effort so far. The task is very challenging and requires international cooperation. We should be funding a great deal more of that and a great deal less spying.

The companies she relied on did not do as well in your review of the situation

And once I reached people who could help me – who could literally make a single phone call or push a single button and return my property to me (or simply freeze it so that it could not be sold or destroyed) – they would not. They hid behind their legal departments and refused to do anything, knowing full well that their inaction would force me to either interact with and pay off a criminal, or lose an essential component of my business.

And hackers know that these companies will do this.

They rely on it.

There is a serious problem when a criminal enterprise not only exists “despite” a company’s policies, but actually thrives as a direct result of that company’s prioritization of their own interests over the security of the clients they allegedly “protect”. Do I understand why companies like HostMonster and GoDaddy are focused on protecting themselves against lawsuits? Of course I do. But the fact is that they not only do not “help” their customers, but actively contribute to creating situations that threaten small businesses and the families that they support.
The solution for this is that we need to support companies that prioritize doing right over those that decide to follow lawyers that could care less about illegal activity and the customers of their companies being defrauded. We need to move our sites to those companies with a history of doing what is right. To this we need to learn about what companies do so, which I am not sure of (Gandi might be a good registrar). Also, of course, use strong password, and use 2 factor-authentication if possible (with all your email account and other accounts - such as your registrar). The person that had their domain stolen believes the initial theft occurred due to a stolen email account (without 2 factor authentication).

Related: It is Refreshing to See Our Government Protecting Us - Bad Security on Government Required RFID e-passports - We Should Build Secure Software Systems

Friday, March 07, 2014

Canon PowerShot SX (with release date and feature history)

The Canon PowerShot SX looks like a pretty awesome camera for someone like me. Basically I want something easy and good with the ability to zoom well and take photos well in low light with a nice LCD (viewfinder alternative - this is probably the weakest part of the SX) and . Another thing I don't like about the SX is they have a special battery now instead of just using standard AA which my older version uses.

The killer feature for me is a 50 times optical zoom with 1 lens (4.3-215 mm) which translates to in the old film camera comparison of focal lengths: 24–1200mm.

I think this is not classified a dSLR, for some reason (maybe it doesn't use a mirror?)? For me the dSLR don't come close to meeting the killer feature (or I can't find those that do). I also had trouble finding it because I figured dSLRs were "better" so I thought I wanted a dSLR. The dSLRs costs more and I believe have greater quality when using the large zoom (maybe they auto focus a bit better at large zoom settings too) - but the quality is pretty awesome on this for most everyone as far as I can tell - not if you are going to print posters or such things. The camera has a dSLR look/form-factor.

The current version is Canon PowerShot SX50 and was released in Nov 2012.

Since I am looking at buying I though I would look at release patterns (maybe I'll wait a few months).

  • Canon PowerShot SX 60 - ?
  • Canon PowerShot SX 50 HS - Oct 2012 (50x optical zoon [24-1200mm], 2.8 inch LCD [double the resolution of previous LCD screens, I think])
  • Canon PowerShot SX 40 HS - Oct 2011 (35x optical zoom - 24mm to 840mm, Full HD 1080p, 2.7 inch LCD)
  • Canon PowerShot SX 30 IS - Oct 2010 (35x optical zoom - 24mm to 840mm, HD[1280 x 720] movie recording, 2.7 inch LCD)
  • Canon PowerShot SX 20 IS - Sep 2009 (20x optical zoom, HD movie mode [720p], 2.5inch LCD)
I think the list price has stayed pretty much around $500 for all of these (with prices from $325 or so, possible from stores providing discounts).

Because I can't find these release dates officially I am making my best guess based on internet sites. So it seems they usually release in the fall and release new version 4 straight years but not in 2013 (so a wild guess of a release for a Cannon PowerShot SX 60 from now to Oct 2014 seems pretty reasonable to me).

People are posting "rumors" online about the Canon PowerShot SX 60 being release in the Spring or Summer of 2014 but I have no idea if they have any more evidence than I do (which is close to absolute 0 evidence). It seems to me these "rumors" might even fall short of the very limited requirements to be a rumor. They have pointed to a 100x zoom lens patent Cannon has with a focal range of 3.6mm to 340mm and then say it may be for the Canon PowerShot SX 60.

There were also "rumors" the Canon PowerShot SX 60 would be announce at CES in January of 2014, which is was not. Since it missed the natural October 2013 date it isn't surprising there are continued rumors, since as far as I can tell Canon is not providing guidance.

Related: Curious Cat Travel Photo Blog - Good Customer Service from Canon - Curious Cat Travel Web Shorts

Wednesday, March 05, 2014

Banks Failed Management Practices Never Seem to Stop

I can't believe how constantly there are news stories about corruption and bad practices so deep that banks have to hand over hundreds of millions of dollars. To say nothing of crashing the world economies and requiring bailouts from taxpayers across the globe not just to stay in business but to limit the damage their immoral and unethical consequences of their practices. All the while the executives continue to act just as kleptocrates surrounding tinpot dictators - as everyone else is horrified by both groups behavior each dips into the treasury they have access to and takes all they can. And consumers suffer due to the failure to adopt sensible security practices in the USA for credit cards that the rest of the world has adopted.

What is the disclosure today of pointy haired boss banking behavior? 95% of ATMs rely on Windows 95 which is a poor security risk to begin with and Microsoft ends support for it on April 8th, 2014. How do we even allow these executives to remain in positions of authority (in businesses where security is so important)? And we go beyond that and allow these people to lavish cash upon themselves out of the funds held by the bank?
security experts have chastised the financial industry for putting ATMs on a PC operating system in the first place. They argue ATMs should be using software that is scaled down and less buggy, such as Linux.
No kidding, plus Linux versions are much more secure from the ground up.
Ironically, bank customers have less to worry about from those nondescript ATMs found in malls, bars and tiny convenience stores. Those 208,000 independently-run kiosks, built by Triton, Genmega and Nautilus Hyosung, make up the other half of the nation's ATMs. And nearly all of them run on an even older, simpler operating system called Windows CE -- which Microsoft still supports.
Jeez I don't know what to say about this. It is better I guess, but hardly any good, but maybe it is less horrible (I am not really sure).

Dealing with criminals attacking credit cards, ATMs, banking web sites and banking apps is a challenging business. The governments are not doing consumers any favors by lavishing funds on spying when those funds would be much better directed to stopping financial crimes (of this sort - and also the sort engaged in by banking executives - from which those continuing avalanche of fines for hundreds of millions of dollars stem). But since governments are choosing to spy while neglecting crime prevention it is even more important for banks to make credit card, ATM and online security a priority. Instead they are making a priority buying special favors from governments of straight welfare and subsidizing/allowing risk taking (and subsidizing any failed risk taking with taxpayer funds) to give lavish gifts to executives so they can build castles and the like. It is quite a sad system.

Related: CEOs Plundering Corporate Coffers for Personal Gain - Losses Covered Up to Protect Bonuses - Obscene CEO Pay - The Best Way to Rob a Bank is as An Executive at One

Monday, February 24, 2014

Escaping to Greener Pastures

Too many people think they can escape to some "greener" pastures by going to live in another country. While that may be true, most everyplace has plenty of positives and negatives. It is easy to take the positives of where you are for granted and ignore the negatives you don't face (until you move).

Getting out is great. But don't expect greener pastures to make everything wonderful. There are certain traits of you and the place that can make getting out the best idea - I don't like cold, other than that I think I would enjoy Banff (mentioned in the post) a great deal.

While there are conflicts between you as a person and where you are not that make people want out - I think often it is a frustration with those negatives you have been dealing with. Some people love the new experiences - so getting out is often close to ideal. But if you don't really figure out what will make you happy wherever you are getting out often just changes one set of frustrations for another.

Political frustrations I think are this time a whole bunch. While your government is likely doing tons of totally annoying and lame stuff. Finding a government anywhere that isn't doing tons of that is very hard (there are a couple, from my perspective, that I find better than most but they tend to be in very cold places - which I don't like). Often you don't care about the lame things done elsewhere until you are stuck directly inside of the consequences. I think getting out with this as a big reason is fine, it just seems lots of these people are frustrated with the new location after a fairly short time.

Thoughts after reading: How to Love Where You Live – Treat it Like a Travel Destination

Related: Living Abroad - Living in Malaysia - Quick Thoughts on the Risks of Violence while Traveling