Archive for October, 2006

Quarter-million hospital patients social security numbers “lost”


A quarter-million hospital patients social security numbers were burned to CDs, put in an employees bag, the bag was exchanged at a store for a larger version, and the exchanged bag (with CDs) were bought by another person. The person brought the CDs back 3 days later.

Think about this story and the lack of responsibility next time you give somebody your social security number!

Read the full article here.

Privacy Guidelines for Developing Software Products and Services


Today, my coworker Aaron Jensen provided a link to Microsoft’s Privacy Guidelines for Developing Software Products and Services paper. I haven’t had a chance to read it yet but I think this will be a great starting step towards helping develop software with respect for user privacy. The development community needs this…The testing community could benefit highly from this document too. A guy could create a pretty sweet set of privacy test cases from this information.

Some blogging gratification


About a month ago I posted about how NUnit fails with SystemIOFileNotFoundException. This month Noah left a comment stating “A malformed xml file screwed me up too. You saved me hours of my life.”

Hell yeah! My blogging did somebody some good! I love it! This is what I want to see… This is what I want to hear.

As far as I figure you peeps think I’m in it for the Google Adsense revenue but… REALLY I’m not. Yes, the revenue is nice and has paid for my car, bike, house, dog, and the wife’s boob job (super-duper thanks for that by the way), but I’m not materialistic like that. I’m doing this for you peeps…

Google Adsens Revenue for 10 months of blogging: $108.71 (Have you seen my car? Not gonna touch the boob thing). 

Helping somebody via a blog post: priceless 

Thanks for the comment Noah. 🙂

Defect of the day: Repeat songs on MSN Radio


I can’t imagine this is a feature, so I’ll call it my Defect of the Day (imagine loud booming, stereo, monster truck announcer voice with that). Here try it again….DDEEEFECT OF THEEE DAAAAAY:

Many a time while listening to MSN Radio I’ll hear a song that I really like and wish that I could hear it again, over and over and over and OVER. Nothing like a little musical spice while testing, spice that forces you to shake your little booty in your chair while nodding your head rapidly to the beat (all the while making darting glances into you rear-view PC mirror to make sure your co-workers aren’t mocking you in the background).  Back to the defect… Since its “Radio” you can’t rewind or go back right? Wrong…In Media Player (I’m using version 10) when the song is nearing the end press the stop button, the progress indicator will go back to the beginning of the song. Press the play button and the song starts from the beginning. Sweet!

I can’t even begin to tell you the number of defects I found today while testing, groovin’ with my “MSN Radio manual repeat defect”, and Ice Ice Baby.

Top 10 Web 2.0 Attack Vectors

0 published an article stating the Top 10 Web 2.0 Attack Vectors. In their opinion the top 10 are:

1. Cross-site scripting in AJAX
2. XML poisoning
3. Malicious AJAX code execution
4. RSS / Atom injection
5. WSDL scanning and enumeration
6. Client side validation in AJAX routines
7. Web services routing issues
8. Parameter manipulation with SOAP
9. XPATH injection in SOAP message
10. RIA thick client binary manipulation

Do you have test cases in place to help prevent these top 10?

FireFox 2 released bragging JavaScript 1.7 but actually using 1.5?


FireFox 2 is released and can be downloaded at! What does this mean for us browser compatibility testers?

From experience, my compatibility testing woes that come with version changes are:

1. JavaScript version changes, causing JavaScript errors.
2. Rendering engine changes (especially CSS); causing display issues (e.g. object alignment, font changes/inconsistency).

So….as I peruse the FireFox 2 feature list I see an upgrade to JavaScript 1.7. Hmm, sounds historically defect prone…BUT, before I read the feature list I went and did my own homework of seeing if the JavaScript version changed. My homework unveiled that FireFox 2 was using JavaScript 1.5? WHAT THE? Am I looking at an issue caused by having multiple FireFox installations on a machine (I have 1.0.8, 1.5.4, and 2.0 installed). When you’re running FireFox 2 what is your JavaScriptVer when you visit Leave your findings in the comments please!

ASP.NET AJAX v1.0 Beta released


The formerly known Atlas is now ASP.NET AJAX and was released as v1.0 Beta last week. You can download the free framework here. The accompanying site has quite a few “How Do I” videos that show off the framework and guide you through using some of the features. See the video list here. I watched the 18 minute video entitled  Developing ASP.NET 2.0 Applications using AJAX and was impressed with the simplicity of developing with ASP.NET AJAX.

Stupid Testing Trick #2: Which .NET framework rendered the Web page?


So I’m told…When a Web server that has the 1.1 .NET framework installed as well as the 2.0 framework, if the Web app’s virtual directory is set to utilize 2.0 it’s possible that “issues” could occur and that it could revert back to 1.1 to keep the app running (not too sure what “issues” are). How do you figure out which framework your Web page was created with? Modify the applications web.config’s trace key “enabled” and “pageOutput” parameters to be true and then the “localOnly” to be false:

<trace enabled=”true” requestLimit=”10″ pageOutput=”true” traceMode=”SortByTime” localOnly=”false” />

Once modified, you are then in BIZNESS! View/open the suspect application/Web page in your browser and look at the very bottom of the trace dump. The .NET Framework version will be displayed. It will will look something like this:

Microsoft .NET Framework Version:2.0.50727.42; ASP.NET Version:2.0.50727.42

Have a Stupid Testing Trick? Email me using the “E-Mail” link on the right.

Software is like sausage


I often discover new QA blogs through my readers via comments or referrer URLs. Today I discovered because Željko left a comment on When I went and checked out his blog I laughed pretty hard at one particular post/joke Software is like sausage:

Software is like a sausage. You lose your appetite when you see how it is made.

Check out Željko’s blog he’s a Ruby/Watir user. Hey Željko, when are you going to leave the dark side? SWEA is patiently waiting for you! 🙂

Post navigation