Archive for July, 2006

Scoble sightings


So I was visiting friends in Redmond this week and happened to run across Robert Scoble on a street off of highway 908 in Redmond:

I took this picture with my wife’s camera phone as we were passing. Seeing him in Redding surprised me because I thought he left for California? So what is the REAL story Scoble? Were you “Laid off”? Are you still working at Microsoft? Are you staying in Redmond to maintain the low-profile Mini-Microsoft blog from local internet cafés? He seems to be in high spirits so he must not be too bad off. It’s nice to see that he is maintaining his positive attitude during his time of change.

Has anybody else had a Scoble sighting in Redmond?

WatirMaker is now WatirRecorder++ and is going open source


Coworker Scott Hanselman and Rutger Smit have given WatirMaker an overhaul and renamed it WatirRecorder++. Read more and download it here.

At this time this appears to be the only recorder for Watir, there was a Watir WebRecorder but for some reason it has been deemed “unavailable until further notice”.

If you just started looking into Web browser automation make sure and give SWEA, C#, and NUnit a try; I think you’ll be more impressed with this solution if you’re in a .NET environment.

FireFox trojan extension


The bad guys are using the FireFox extensions as a means of piggybacking FireFox to steal sensitve user data.

Once FormSpy is executed, it installs itself as a component of the Firefox Web browser.
The FormSpy spyware then gleans sensitive information, such as credit card and bank account numbers, from the user’s browser and forwards it to a malicious Web site. But this Trojan is capable of other tricks, as well, McAfee noted.

Read more here.

XSS cheat sheet


My coworker Alex Ginos sent a link the other day to an XSS (cross site scripting) cheat sheet at This cheat sheet is amazing; it has a LOT of XSS examples and also lists the browsers that the attack is “supported” by. I thought my XSS attack list was pretty good until I saw this list. To say the least, I’ll be adding a ton more XSS attacks to my current test case repository. is also a blog with some really great posts about hacking and security. Another interesting post that I enjoyed was Attacking Applications Via XSS Proxies. Subscribe to this blog, these guys are freakin’ smart.


Back to blogging after writing my first magazine article!


I’ve been semi-quiet on the blogosphere lately due to the evenings being filled up with the season end of my boys’ baseball and writing my first magazine article! 🙂

Yep! Too cool, I’ve been asked to submit an article to Better Software magazine for their Tool Look column. If all goes well you should see it later in the year. Wish me luck!

Software Quality Management paper from Borland


Borland sent out a pointer to another SQA paper, this time the paper is entitled Software Quality Management and gives an overview of:

  • How to define application quality goals and metrics that match your objectives

  • How to measure quality status and progress

  • How to manage software quality to keep up with changing situations, emerging technologies and new regulatory requirements

  • How to improve software development and incorporate quality into every step of the process

As always, the paper is written to lead up to the use of one of their tools; for this paper the tool is Borland SilkCentral Test Manager. I find their lead ins, which are usually more than 3/4 of the paper, are very well written and speak well to real problems we have with software development and quality assurance. It’s a great informational read that can be downloaded here.

Post navigation