- Who Our Users Actually Are (2 Aug 2012): We often have an unrealistic mental image of our users, even though we are technology users ourselves. Society's norms of what a "technology user" looks like are flat-out wrong, and we need to get past them.
- Hero Culture or Crisis Culture? (6 Aug 2012): We often talk about avoiding a "hero culture", but I think this is a misnomer. The real problem is a culture that encourages a steady stream of crises, each of which requires heroic intervention to solve.
- Upgrade Your Wetware for Better Testing (9 Aug 2012): Testing is a thinking activity. I'm fascinated by how we can try to make our minds "think better" in order to become better testers.
- Learning by Osmosis (13 Aug 2012): Few of us get as many formal learning opportunities as we might like -- conferences, seminars, and so forth. If we pay attention to how we spend our time, we can try to take in a little learning and some new ideas every day.
- When Unencrypted USB Keys Go Missing (28 Aug 2012): Elections Ontario recently lost two unencrypted USB keys containing personal information on as many as four million electors. Good security policies alone won't prevent losses like this -- you also have to ensure they're actually followed.
In the last couple of months I've started a new writing gig with SQE -- the folks who publish Better Software magazine, run StickyMinds.com and TechWell, and have published several of my articles before.
They're calling it a curation gig. We'll be serving up frequent short pieces linking to other interesting opinions or resources from anywhere on the web. So far, I'm really liking this format -- not only do we get to highlight some of the most helpful and insightful things that are out there, it also gives us the chance to expand on them, put them in context, or compare different approaches to tackling a difficult problem.
At any rate, I hope you find these pieces useful and worthwhile! Here's a recap of mine for July 2012.
- Leaked Passwords and Better Security Practices (2 July 2012): Password security was in the news a great deal in June, with LinkedIn, eHarmony, and Last.fm all having their insecurely-stored password databases leaked onto the public internet. Here's a quick review of the very basics of secure password storage.
- The Independent Double-check (19 July 2012): Nobody is perfect. In my former job as an artillery soldier, the way we dealt with this was making sure every crucial thing was independently checked by at least two people. As testers, we need to do the same thing, even when someone with more authority than us insists the code is correct.
- Bug Chaining (31 July 2012): Bug chaining is an idea from the security world that hasn't gotten much traction in the wider QA/testing community yet. Assuming that all bugs are orthogonal to each other is a mistake -- sometimes two minors make a showstopper.
The predominant metaphor we use to describe software creation is an engineering or construction one -- writing a program is like building a bridge, or a house. I've long been unsatisfied by this view; to me, writing software has always seemed more similar to writing prose, or at least carving bespoke items out of wood. Chris McMahon, Marlena Compton, Zeger Van Hese, and many other folks have written up their own takes on what software creation has in common with art.
My latest article on StickyMinds wraps up the Philosophy & Testing series by exhorting individual testers to look to the arts, humanities, and social sciences and see what insights they can draw into their testing.
I think it's a common misconception that only applications that are targetted at an international audience have to deal with the topics we usually think of as internationalization, such as non-ASCII character sets, handling time zones and international addresses correctly, and so forth.
But in this day and age, you can get most of these "international" data variations even from dealing with a strictly domestic audience. Most common word processors emit non-ASCII characters like directional quotes, and users are increasingly aware of how to make use of characters with dïacritics, symbols like ©, and so forth. Besides, if you're working on a web app that'll be going on the public internet, trust me when I say that you'll get all kinds of different data thrown at it from all over the world, whether you like it or not.
StickyMinds just posted my take on the subject as this week's weekly column: Bare Minimum i18n.
My latest StickyMinds column: Logic and Software testing.
As technologists, I think we often fail to consider that most everything we do has two sides to it: a technical side, and a human side. Similarly, the digital logic that underpins how computers work is first to mind when we mention logic in the context of software testing, but there's another equally important aspect of logic in software testing: using informal or persuasive logic to reason with other people. Dealing with zeroes and ones is part of our jobs, but so is arguing that a certain bug needs to be fixed, that one feature should have priority over over another, or that a proposed solution should be rejected as unsuitable.
I'm happy to note that my latest article has gone up on StickyMinds. This one's on Epistemology & Software Testing.
This one was actually a bit arduous to write, because it went off in a very different direction from where I initially thought it'd go. The pieces that do that can end up being the most illuminating ones, though.
I've got the front page of StickyMinds.com this week with a column on Ethics & Software Testing.
I would have loved to delve more into the foundations of ethical thinking and some of the ideas people have articulated about how to best "solve" ethical dilemmas, but the length and focus of the piece doesn't really permit. Maybe that's something for the future. =)