I hate it..but I must admit I’ve not tried it

It seems the more that something becomes popular the more that people start to hate it, often without even trying it. Look at what’s happening with Agile in the testing community. A lot of negativity from people who’ve never tried it. The lashing out is usually based on false ideas of what it actually means to be a tester in an agile context. A good example is a classic and incredibly misguided BCS blog post here. The comments are invaluable…and funny.

I see the same thing in the social media arena too. Lot’s of people berating twitter, blogging and facebook as nothing more than a passing trend. Yet for many it’s bringing them closer to their real customers and end users. For some it’s building long lasting friendships and relationships. Giant circles of contacts. Extending peoples reach, making the wider community available to us all.

The detractors seem to be those who haven’t tried it, or dabbled and didn’t like what they saw. It is those who see it from a distance and critique it, often with misplaced or over hyped information, often without understanding how contexts and environments play a role.

Look at how some people react when you mention acceptance test driven develoment or exploratory testing.

They offer the same look my careers advisor once gave me when I told her I wanted to be a Ventriloquist when I leave college.

Some people go mad at how ridiculous these ideas are. “Where’s the quality” they shout?

New communication techniques and social media channels give us a platform to challenge the one sided stories we’ve been hearing for years and years. The empty arguments and global testing norms can be challenged, globally, locally, glocally. We can discuss these so called Best Practices and expand our sources of information to get a better picture of what may or may not work for us. We no longer have to go to the mainstream for our information.

I heard someone at a Testing Conference criticising Virtual Machines when used for Load Testing because they felt they weren’t reflective of real systems.

Yet they spent thousands of pounds on expensive build environments, big teams to manage these environments and they then had to wait two days to rebuild this system after a failure.

The interesting part of this story was that the “real” system the presenter was Load Testing was indeed virtualised anyway. What? A live system being run on virtual machines??? Never.

It’s a bit of a rant this post, but really……if you must criticise, reject or belittle something, then criticise something you have at least tried. 

Scraps, Information, Management and Notes

I’ve recently being giving a lot of thought to information scraps, notes and the outputs from my testing. I’ve been considering them a lot recently because I noticed something intriguing in the way I make notes. I don’t use just one system.

I have always tried to make notes in my “Testers Notebook”; a standard A4 hardback notebook from our stationary cupboard here at work. But then I noted that not all of my notes were always “work” or project related, so I ended up with another “everyday” notebook. At EuroSTAR 2010 I was introduced to Rapid Reporter, an awesome tool for making notes as I do my testing.

I am also partial to Evernote for checklists created before testing. I also use a Test Case management tool called Testuff to manage the teams testing, charters and labs. But then I often scribble stuff down on post-it notes or scraps of paper, or even the back of my hand.

Do you see where I’m going with this?

 

The intriguing thing for me was that I have no “one” specific place for all of my notes.

 

Add to this my blog ideas (also stored in Evernote), audio reminders of ideas and tasks (Evernote and my mobile phone), my to do lists (ToDoist and Pivotal Tracker), my project story information (Pivotal Tracker and a white board), photos of interesting things like whiteboard diagrams, design sketches or process ideas (post-its, phone, Evernote), cheat sheets (printed out and stuck on the window next to my desk), IP addresses, logons and domain information (secure password tool), test data (excel and simple tools), meeting notes (paper notepad).

There’s more for sure, but I know I’m not unique in this. I’ve observed it for many years with people I work with and there’s plenty of research on the web to suggest the same thing.

We often reach for the nearest thing to make a note, rather than seeking out our “planned” medium. We’ll do this even if we later have to transcribe the notes to our preferred system. Despite our best efforts we all probably think we’re more comprehensive with our notes and note taking mediums than we actually are. Which results in many sources of notes and information.

 

So here’s some mediums I’ve noted.

I sometimes use sticky pads or post-it notes for IP addresses, short terms notes like bug numbers or ideas. As a company we use them for tasks on our Kanban board. We often pass post-its to each other with ideas, notes or reminders written on them.

Photo_1

It’s not uncommon to see people scribbling notes on their arm. The lowest tech note taker?

Photo_2

We often take photos of whiteboards, diagrams and other sketches. I often take photos of products and technology in situ to support my unhealthy interest in Ethnography and tech in society.

Photo_3

We store lots of information in defect reports.

Photo_4

There are my trusty notepads. Now made redundant as I explore apps for my iPad. I’m sure I’ll return but I’ve essentially skipped the transcribe stage of my notetaking – the digitisation of my notes.

Photo_5

I use my smart phone for taking photos, making quick notes and recording audio reminders and ideas. I use the Evernote for mobile app, but sometimes I’ll just jot in a text file on the phone.

Photo_1

Every company should have a Wiki. Invaluable amount of domain and business specific knowledge stored in here.

Photo_2

Who could forget books? I include digital books in this category also.

Photo_3

Our test cases and test scripts will also contain invaluable information on our testing, our plans and our expectations of the testing.

Photo_4

Of course we will have notes, ideas and tests on our computers. I have documents, spreadsheets, code, results, databases and a whole lot more on the computer.

Photo_5

Social networks are becoming increasingly dominant in my testing. Communities like The Software Testing Club (Shameless Plug) are becoming a great place to source ideas and find people testing in a similar domain to myself. Twitter, Facebook and Blogs are also great sources of information and discussion playgrounds. LinkedIn (if you can stomach the spam and Best Practice pushers) is also useful. We have an internal Development blog also, which compliments the Wiki and provides a great interface for sharing learning and knowledge.

Photo_3

I’d be far less productive in my idea generation without mindmaps. I know the whole team are starting to be intrigued by them too. There are plenty of people in the community using mind maps with great effect.

Photo_4

Whiteboards and other “Information Radiators” are invaluable sources of information and knowledge that help guide my testing and my work.

Photo_5

No doubt there are plenty of other sources of information I’ve missed but as you can see, things could get lost, missed or ignored when we are faced with a large number of information scraps. An interesting thing I’ve noted is that people with good note management need less “duplicate information”. What I mean by this is that they very rarely have to be communicated with twice about the same problem/idea/piece of data.

For example, a Tester who makes copious amounts of notes during a discussion is more likely (not always though) to need less repeated communication. I once worked with someone who made ZERO notes and constantly asked for IP addresses, advice on how to connect to Databases and other everyday activities. I know I sometimes do this too. Maybe it’s just stages of zero notetaking.

So why the blog?

Well, I’ve been exploring and attempting to build a couple of prototype systems. These systems, in a nutshell, vacuum up all of the potential data sources and present them in one unified system, complete with contextual information allowing quick searching and linking. I must admit though that my ideas outweigh my technical ability, but that’s not putting me off. I’ve been experimenting with the Exhibit framework to achieve my goal but I’m wondering whether existing tools like Evernote could achieve this goal too. Maybe Google+??? Now there’s an idea.

Photo_2

Imagine though a system that could take in many different data sources (images, text, audio, social feeds, test case results, exploratory charter notes etc) and provide a simple, safe, secure and usable API or interface. At that point we could start to build a front end that suits your needs.  I could add my observations, videos, bugs, notes, tests, checks and any other ideas/thoughts in to the system and then search through all of these items. Maybe even build up a system of visualisation so I can communicate with others the levels of testng being done and outcomes.

Different levels of detail for the different audiences I need to communicate to. Everything related to your testing in one place. Searchable, extendable, shareable, secure, robust, trusted, reliable.

 

Maybe I’m imagining a pipedream. I know to some extent I am..but if I don’t share the idea I’ll never know whether it’s good or bad.

 

So here’s the thing.

 

1. Do you think it’s a good idea to combine all of these information scraps within your own notes or business?

2. How about globally so we can share test ideas and concepts?

3. And would you mind awfully filling in this survey on your information scraps to help me try to build a bigger picture of note taking amongst testers?

Communication. Signs. Symbols.

I’ve studied communications for years now but today was the first time I encountered the video from Archive.org that I’ve included in this post. Which is a shame because it’s fantastic. At the same time I’m glad I’ve stumbled across this video now so that I can share it with those who are interested.

Communication underpins everything we do. In a sense, we cannot do anything without communicating something, so it’s important we understand the implications of this.

For those that follow this blog you’ll know I’m interested in simplifying the discussions around communication by elevating the deeper rooted theory in to a simple three thought process. Purpose. Audience. Context. It’s a starting point to think about communication and how well we communicate but is no means complete.

This video does an excellent job of explaining the deeper rooted theory, particularly focussing on Shannon’s model of communication but also touching on signs, symbols, culture and noise. It’s a great video and carries that typical 1950’s haunting aspect of informational videos. I love the images, editing techniques and footage and the soundtrack just tops it all off. But despite all of this retro greatness there’s nothing more important in this video than the content.

It’s a long video at 20 mins but well worth sticking through. Some highlighted phrases stood out from a testing point of view.

 

English language is one half redundant

and

Computers are often referred to as brains….The greatest fallacy in the comparison is one of degree.

 

Enjoy:

http://www.archive.org/flow/flowplayer.commercial-3.2.1.swf

The Peltzman Effect

I find The Peltzman Effect incredibly interesting from a Testing point of view.

The Peltzman effect is the hypothesized tendency of people to react to a safety regulation by increasing other risky behavior, offsetting some or all of the benefit of the regulation” (Wikipedia)

I find it interesting because I wonder whether we see this (or some other closely related theory) when we build secure systems or create safe ways for people to interact with our applications. If we provide an application that is secure and/or communicate outlandish safety and security claims, do our users exhibit less secure behaviour when using it?

I have a friend who interpreted “The most secure ISP provider on the market” to mean that he no longer needed Anti-Virus or a Firewall on his laptop. He had his credit card details stolen 2 weeks after signing up.

I know of someone else who fell for the same phishing attack 5 times. He put his trust in the new “Incredibly secure online banking portal” to protect him.

I know of systems that are incredibly secure yet send out all login details via just one mailing through the post. Get the mailing, get the credentials, get the money.

I know of people who keep their PIN numbers in their wallet with their cards.

Some people use obvious passwords like 1234 or 0000 or Pa$$word – check out the iPhone password stats here.

And so as a tester I always take a step back when it comes to security and look at the wider picture.

Experience has shown me that it’s the human that’s typically the weak link in any security process or application usage. And I can’t help but wonder whether this same human, when bombarded by claims of high security and safety, becomes an even weaker link in the chain.

Maybe it’s the Peltzman Effect? Maybe it’s something else? Maybe it’s nothing at all?

But I reckon all testers would benefit from drawing/sketching out the whole process (including the human elements) of your system under test and ask yourself one question:

“How can the human parts of this process compromise the security?”

Some light reading :