So I was visiting friends in Redmond this week and happened to run across Robert Scoble on a street off of highway 908 in Redmond:
I took this picture with my wife’s camera phone as we were passing. Seeing him in Redding surprised me because I thought he left for California? So what is the REAL story Scoble? Were you “Laid off”? Are you still working at Microsoft? Are you staying in Redmond to maintain the low-profile Mini-Microsoft blog from local internet cafés? He seems to be in high spirits so he must not be too bad off. It’s nice to see that he is maintaining his positive attitude during his time of change.
Has anybody else had a Scoble sighting in Redmond?
The bad guys are using the FireFox extensions as a means of piggybacking FireFox to steal sensitve user data.
Once FormSpy is executed, it installs itself as a component of the Firefox Web browser. The FormSpy spyware then gleans sensitive information, such as credit card and bank account numbers, from the user’s browser and forwards it to a malicious Web site. But this Trojan is capable of other tricks, as well, McAfee noted.
The IE team has posted about a new Internet Explorer 7 feature that allows you to enable or disable IE add-ons (toolbars). The feature seems to have been created with the purpose of troubleshooting add-on and IE integration issues. More on No Add-on mode can be found here.
My coworker Alex Ginos sent a link the other day to an XSS (cross site scripting) cheat sheet at ha.ckers.org. This cheat sheet is amazing; it has a LOT of XSS examples and also lists the browsers that the attack is “supported” by. I thought my XSS attack list was pretty good until I saw this list. To say the least, I’ll be adding a ton more XSS attacks to my current test case repository.
ha.ckers.org is also a blog with some really great posts about hacking and security. Another interesting post that I enjoyed was Attacking Applications Via XSS Proxies. Subscribe to this blog, these guys are freakin’ smart.
In the latest StickyMinds.com eLetter (Tool Look) Scott Barber talks about how he got into performance testing and gives some simple advice on how to select the appropriate performance testing tool for your application. Read the Tool Look article here.
Borland sent out a pointer to another SQA paper, this time the paper is entitled Software Quality Management and gives an overview of:
How to define application quality goals and metrics that match your objectives
How to measure quality status and progress
How to manage software quality to keep up with changing situations, emerging technologies and new regulatory requirements
How to improve software development and incorporate quality into every step of the process
As always, the paper is written to lead up to the use of one of their tools; for this paper the tool is Borland SilkCentral Test Manager. I find their lead ins, which are usually more than 3/4 of the paper, are very well written and speak well to real problems we have with software development and quality assurance. It’s a great informational read that can be downloaded here.