April 28, 2010

All Things Quality is One of the Top 100 Software Testing Blogs!



Reading a post from my friend The Director over at his QA Hates You blog (http://qahatesyou.com/wordpress/2010/04/qahy-gets-recognized/), I noticed that All Things Quality is ranked there as well.


Q: What do Larry Bird and All Things Quality have in common?
A: Both are #33.

At least that's where Steven Machtelinckx places us in his TestingMinded blog post "Top 100 Software Testing Blogs".

http://www.testingminded.com/2010/04/top-100-software-testing-blogs.html

Thanks, Steven!
Thanks, The Director!
Labels:

April 21, 2010

Perhaps They Should Have Tested More - McAfee



Due to a faulty virus definition update, machines running Windows XP Service Pack 3 using the faulty definitions will delete svchost.exe, causing many key Windows services to fail to start. This Windows file is being mistakenly detected as W32/wecorl.a. Failure to start svchost.exe causes Windows to automatically reboot.

  • National software glitch
  • Hundreds of thousands of computers disabled
  • A huge disruption
  • Strangely similar to a widespread virus outbreak
  • Software update caused the anti-virus program to misidentify a harmless file (svchost.exe) as infected
  • Endless cycle of rebooting
  • A chain of uncontrolled restarts and loss of networking functionality
  • Shut down the State of Vermont's computer network
  • Many hospitals postpone elective surgeries
  • Organizations who had to shut down for business until this is fixed.
  • According to Ars Technica it "Would be trivially detected with even basic QA, which makes the regularity of such problems perplexing"
  • According to Amrit Williams (a former director of engineering with McAfee) it shows "a complete failure in their quality control process"
  • Unmitigated disaster for McAfee
McAfee says:
We are investigating how the incorrect detection made it into our DAT files and will take measures to prevent this from reoccurring.
http://siblog.mcafee.com/support/mcafee-response-on-current-false-positive-issue/
And:
Mistakes happen. No excuses. The nearly 7,000 employees of McAfee are focused right now on two things, in this order. First, help our customers who have been affected by this issue get back to business as usual. And second, once that is done, make sure we put the processes in place so this never happens again.
http://siblog.mcafee.com/support/a-long-day-at-mcafee/
This is not the first time for McAfee.  Back in 2006, they similarly flagged system files as infected:
http://strazzere.blogspot.com/2010/04/perhaps-they-should-have-tested-more_4761.html

Perhaps they should have learned their lesson in 2006.  Perhaps they should have tested more.

See also:
http://www.pcworld.com/businesscenter/article/194752/few_answers_after_mcafee_antivirus_update_hits_intel_others.html
http://www.eweek.com/c/a/Security/Buggy-McAfee-Security-Update-Takes-Down-Windows-XP-Machines-827503/
http://www.computerworld.com/s/article/9175896/Flawed_McAfee_update_paralyzes_corporate_PCs
http://news.cnet.com/8301-1009_3-20003074-83.html
http://www.burlingtonfreepress.com/article/20100422/NEWS03/4220303/McAfee-software-glitch-disrupts-Vt.-state-business
http://www.syracuse.com/news/index.ssf/2010/04/university_hospital_plagued_by.html
http://www.engadget.com/2010/04/21/mcafee-update--shutting-down-xp-machines/
http://www.nytimes.com/aponline/2010/04/21/business/AP-US-TEC-McAfee-Antivirus-Flaw.html
http://www.theregister.co.uk/2010/04/21/mcafee_false_positive/
http://arstechnica.com/business/news/2010/04/broken-mcafee-dat-update-cripples-windows-workstations.ars
http://www.kpth.com/Global/story.asp?S=12353561
http://news.bbc.co.uk/2/hi/technology/8636985.stm
http://www.theinquirer.net/inquirer/news/1602329/mcafee-update-kills-windows-xp-systems


Updated, April 23, 2010
From Barry McPherson on McAfee's blog:
"Of course many of you are asking how the faulty DAT made it past our quality assurance checks. The problem arose during the testing process for this DAT file. We recently made a change to our QA environment that resulted in a faulty DAT making its way out of our test environment and onto customer systems.

To prevent this from happening again, we are implementing additional QA protocols for any releases that directly impact critical system files. In addition, we plan to add capabilities to our cloud-based Artemis system that will provide an additional level of protection against false positives by leveraging an expansive whitelist of critical system files."
http://siblog.mcafee.com/support/an-update-on-false-positive-remediation/
https://kc.mcafee.com/corporate/index?page=content&id=KB68787

A change to the QA environment caused a faulty DAT to get released to production?

And in his blog, technology writer Ed Bott tells us that he received a document from an anonymous source that appears to be a pre-scrubbed (and perhaps more telling) version of what appears on the McAfee blog.


Among the interesting nuggets:
"Specifically, XP SP3 with VSE 8.7 was not included in the test configuration at the time of release."
http://blogs.zdnet.com/Bott/?p=2031

They left Windows XP SP3 out of their test matrix? Wow!
Labels:

April 7, 2010

Vacation in Florida 2010

For our Spring vacation this year, my wife and I decided to go back to Florida.

Longboat Key, Florida

This time we went to Longboat Key, a beautiful barrier island on the west coast of Florida, surrounded by the Gulf of Mexico and Sarasota Bay.

The weather was perfect, the beaches were wonderful.
  • We stayed at a really nice Inn
  • Each morning we took long walks
  • Each day we spent time in the sun, in the ocean, in the pool
  • Each evening we watched the sun set over the Gulf of Mexico
  • We took in a Grapefruit League baseball game - the Red Sox crushed the Orioles in Sarasota (go Sox!)
  • We spent some time shopping and eating at St. Armands Circle
  • We went to Siesta Key Beach - home of "The Best Sand in the World"
  • We went to some really nice restaurants
One thing I experimented with this year - no reading!

Usually, I bring at least 3 books for vacation reading. But this year I wanted to try something different. Rather than bringing the usual reading material, I loaded up my iPod with podcasts. Not bad! Some really interesting lectures and discussions about science, politics, sports. I think next vacation, I will go back to bringing books, but will also continue with the podcasts. Oh, and I need a different set of earbuds. The ones that come with the iPod get uncomfortable (at least for me) after a while.

A truly wonderful vacation. One of the most relaxing vacations I can remember.
Labels:
Subscribe to: Posts (Atom)