March 25, 2009

A Lending Library at the Office





I really enjoy reading. I have a home library where I keep the books I read often, and all my technical, reference, and QA books. But some books I read once and I'm not terribly interested in reading them again. So after doing some spring cleaning, I found I had a stack of books that I needed to clear out.

I hate to throw away useful items. I'd much rather find a good home for a book than have it end up in a landfill somewhere. So I decided to try something I had enjoyed at other companies - I decided to start an office "Lending Library".

I brought the books in, placed them on a central bookshelf and told the company. Here are the "rules":
  • If you want to permanently donate a book, just place it on the shelf
  • If you want to lend a book and get it back, first write your name on the inside cover
  • If you want to keep a donated book, just take it
  • If you want to borrow a lent book, just return it to the shelf when done
So far, the reaction has been very good.

Pretty much everyone thought it was a good idea. Some people quickly found books that they wanted to read, and a few that they wanted to keep. And some additional books have begun to appear on the shelf.

I'll be doing a bit more spring cleaning, and expect to bring in another batch of books soon.

March 10, 2009

Perhaps They Should Have Tested More - Google Docs

A recently-introduced bug in Google Docs caused some documents to be shared with users who were specfically not authorized to see them.

Some of the reactions:
  • A massive blunder on Google's part
  • Highlights why cloud-based services scare many people
  • Estimates that it affected over 200,000 documents
  • It doesn't paint a great future for cloud computing in general
  • You can't expect commercial levels of security when you are not paying for the software
  • You get what you pay for
But Google now assures us that it only occurred in about 0.05% of all documents, and that this was an isolated incident:
As we noted in the Google Docs Help Forum yesterday, we've identified and fixed a bug where a very small percentage of users shared some of their documents inadvertently. The inadvertent sharing was limited to people with whom the document owner, or a collaborator with sharing rights, had previously shared a document. The issue affected so few users because it only could have occurred for a very small percentage of documents, and for those documents only when a specific sequence of user actions took place.

For this small percentage of documents, the bug (now fixed) occurred when the document owner, or a collaborator with sharing rights, selected multiple documents and presentations from the documents list and then changed the sharing permissions. The bug did not affect spreadsheets.

We're sorry for the trouble this has caused. We understand our users' concerns (in fact, we were affected by this bug ourselves) and we're treating this very seriously.
In addition, the fix to the problem that Google rolled out was not without its own side-effects, as some permissions got removed:
If neither you nor your collaborators remember removing people from the document in the last 24 hours, it's likely that the removal was the result of a fix to an issue that we released late last night. This bug (now fixed) affected a small percentage of users who may have shared permissions between some documents in their account without their knowledge. This inadvertent sharing happened only when the document owner, or a collaborator with sharing rights, selected multiple documents and presentations from the documents list and changed the sharing permissions. (This issue didn't affect spreadsheets.) As part of the fix, we used an automated process to remove collaborators and viewers from the documents that we identified as being affected. We apologize for the inconvenience of having to re-share your docs. We have sent notifications to the owners of impacted docs, informing them of this fix.
Perhaps they should have tested more. 

And perhaps you need to think twice before trusting your important information with "the cloud".

see also:
http://blogs.wsj.com/digits/2009/03/08/1214/?mod=rss_WSJBlog?mod
http://www.computerweekly.com/Articles/2009/03/10/235216/google-docs-security-its-free-what-do-you-expect.htm
http://www.itbusinessedge.com/cm/community/news/sec/blog/google-admits-privacy-glitch/?cs=30970
http://www.independent.ie/business/technology/googlersquos-docs-software-exposes-documents-on-web-to-other-users-1666443.html
http://news.cnet.com/8301-17939_109-10191463-2.html
http://www.techcrunch.com/2009/03/07/huge-google-privacy-blunder-shares-your-docs-without-permission/
http://www.webpronews.com/topnews/2009/03/09/google-docs-privacy-glitch-accidentally-shares-documents
http://blogs.zdnet.com/Google/?p=1308
http://googledocs.blogspot.com/2009/03/on-yesterdays-email.html
http://www.google.com/support/forum/p/Google+Docs/thread?tid=2ef115be2ce4fd0e&hl=en
http://www.pcadvisor.co.uk/news/index.cfm?newsid=112426
http://techfragments.com/news/607/Tech/Google_Docs_Privacy_Vulnerability_Under_Control.html

March 9, 2009

5 Questions (Plus 1) for Phil Kirkham

5? (+1) for 


My friend Phil Kirkham's blog - Expected Results - is all about "Testing, managing, consulting, quality and the art of motorcyle maintenance". 

Recently, he has been writing a nice series of "5 Questions For..." posts.

So since he asked me five questions, I thought I'd turn the tables a bit and ask him.  And since I don't want to steal his idea completely, I decided to "improve" on it by asking him a bonus sixth question as well.

(Phil says he "didn't realise it was so hard answering them".  Now you know, Phil.  Now you know.)

1. Why did you start blogging and what were you hoping to get out of it ?
( and have you got what you hoped for ? )

Started it because the place I was working at at that time no-one was interested in testing so I had no-one to discuss ideas, concepts, theories with. It also seemed a good idea to help get my name known in case I wanted to move on. (sadly it didn't help, they were more interested in if I had the ISEB certification)

When I did start it I got a lot of encouragement to keep it going ( especially from Antony Marcano and the SQA forums people)
I've got way more out of it than I could ever have imagined - a lot of great contacts, a lot of encouragement and a great boost to my confidence as people seem to like what I write
2. What have you learned from doing your blog?
That the testing community is a friendly helpful place (apart from the occasional cat fight that breaks out) 
3. Do you track your visitors - if so, any unusual searches to find your blog ?
I do track them - my post about a 50 year old test gets a lot of hits - probably from people hitting middle age :)

http://expectedresults.blogspot.com/2008/10/50-years-old-test.html

as does my CSI testing one - I do wonder what people are looking for with that one
Or maybe I dont want to know

http://expectedresults.blogspot.com/2008/10/csi-testing.html
4. Do you have a favorite post that you have written?
I could keep adding entries to my list of test blogs that complain about testing being confused with QA

http://expectedresults.blogspot.com/2008/09/testing-cliches.html

And the lack of quality testers still seems to be a problem http://expectedresults.blogspot.com/2008/07/quality-testers-crisis.html

- especially now that I'm helping moderate the Software Testing Club and see the questions that get asked (but other readers never see !) 
5. Any advice to new bloggers ?
Do it !

Write about your experiences and thoughts - anything that reads like a cut n paste from a textbook or marketing hype isn't worth reading. The point of a blog, for me, is to share my thoughts and experiences and get feedback on them
BONUS QUESTION...
6. Clearly, you read a lot of blogs. What do you like to see in a blog that makes it interesting for you, and makes you want to keep coming back?
Probably the same as outlined in the advice to new bloggers -
Someone writing about their experiences and ideas, new ideas , an opinion - basically anything that gets me to think, something I could use at work. I might not even agree with the viewpoint of some of the blogs I read - but they force me to think about reasons why I am right and they are wrong
And any blogs that have a good old rant that shows passion are always good to help keep me energised
Thanks, Phil!

March 8, 2009

General Input Tests for Email Addresses


Here are some routine tests to try for an email address field.

To use these values, you should first have some idea about the mechanism being used in your system to validate the email addresses.  For example, many systems will attempt to validate email addresses when they are entered, but then follow up by attempting to send an email to the address.  If no such email address exists, the address is rejected. If this is the case in your system, then you may need to substitute real addresses for the valid email addresses which follow the described pattern.

Then decide which of the following are relevant for your input field and use them.

If you are using an automated test tool, these values can easily be used exhaustively, or randomly, by a test script.

Valid Email Addresses
Valid, but rejected by some sites
Invalid Email Addresses
Invalid, but accepted by some sites
See also:


Updates:

June 24, 2009 - Added link to page explaining length FAQs

April 5, 2009 - Added valid email containing several periods within.
Charles S van der Linden said "Multiple periods before the @ are allowed by many eg. john.van.der.tester@gmail.com  will work.   (gmail actually strips all the periods so that address maps to the same thing without the periods before the @ sign)."

March 25, 2009 - Added invalid email with a trailing period.
Heather Noggle said "I always also validate to be sure e-mail addresses don't end with a dot. A lot of people copy e-mail addresses out of text, and the e-mail address in that text is followed by a period to make sense in normal written English.  Lots of non-savvy computer users will just go ahead and copy that dot if they're not directly clicking through."

March 7, 2009

5 Answers from Joe Strazzere

5 Answers

What do I have in common with these well-known folks?
  • Matt Heusser
  • Lisa Crispin
  • Jonathan Kohl
  • Linda Wilkinson
  • James Bach
  • James Whittaker
  • Antony Marcano
  • Catherine Powell
  • Alan Page
  • Bj Rollison
  • Pradeep Soundararajan
Until recently, I would have said only "a love for software testing".

But my friend Phil Kirkham has a blog titled "Expected Results" (great name for a tester's blog, Phil).  And he has recently written a series of posts called "5 Questions for..." where he asks other bloggers in this profession five questions.

So, after he queried all these well-known testers, he asked me!  Very flattering.

You can read the questions, along with my answers here:
http://expectedresults.blogspot.com/2009/03/5-questions-for-joe-strazzere.html

Thanks, Phil!