Curated Articles Wrapup for July 2012

[rickscott]

In the last couple of months I've started a new writing gig with SQE -- the folks who publish Better Software magazine, run StickyMinds.com and TechWell, and have published several of my articles before.

They're calling it a curation gig. We'll be serving up frequent short pieces linking to other interesting opinions or resources from anywhere on the web. So far, I'm really liking this format -- not only do we get to highlight some of the most helpful and insightful things that are out there, it also gives us the chance to expand on them, put them in context, or compare different approaches to tackling a difficult problem.

At any rate, I hope you find these pieces useful and worthwhile! Here's a recap of mine for July 2012.

• Leaked Passwords and Better Security Practices (2 July 2012): Password security was in the news a great deal in June, with LinkedIn, eHarmony, and Last.fm all having their insecurely-stored password databases leaked onto the public internet. Here's a quick review of the very basics of secure password storage.
• The Independent Double-check (19 July 2012): Nobody is perfect. In my former job as an artillery soldier, the way we dealt with this was making sure every crucial thing was independently checked by at least two people. As testers, we need to do the same thing, even when someone with more authority than us insists the code is correct.
• Bug Chaining (31 July 2012): Bug chaining is an idea from the security world that hasn't gotten much traction in the wider QA/testing community yet. Assuming that all bugs are orthogonal to each other is a mistake -- sometimes two minors make a showstopper.