8:12 AM Feb 28th, 2010
Hold vendors liable for buggy software - http://bit.ly/c2y5YJ

11:01 AM Feb 27th, 2010
2010 CWE/SANS Top 25 Most Dangerous Programming Errors - http://bit.ly/cNVjit

9:37 PM Feb 23rd, 2010
Use Speedy Tab Shortcuts to Increase Your Firefox Productivity - http://bit.ly/crxdMx

8:06 PM Feb 19th, 2010
Vanish - Self Destructing Digital Data - http://vanish.cs.washington.edu/

7:35 AM Feb 15th, 2010
Making the IE voodoo doll - http://bit.ly/8nZW

8:53 PM Feb 12th, 2010
2010 Pacific NW Software Quality Conference Call for Papers - http://www.pnsqc.org/2010-conference/call-for-abstracts

6:59 AM Feb 8th, 2010
When should I use a semicolon? - http://cache.gawker.com/assets/images/17/2010/01/500x_semicolon.jpg

10:17 AM Feb 7th, 2010
Top 10 Themes from 2010 Davos - http://www.businessweek.com/managing/content/feb2010/ca2010022_162429.htm

8:56 PM Feb 5th, 2010
I wish I could drop support for IE6 - http://lifehacker.com/5460043/google-apps-drops-support-for-ie6

6:17 PM Feb 2nd, 2010
RT @Conenza: If you’re having trouble getting your bosses to adopt social networking, the Pope may be your ally. http://tinyurl.com/ydj4g2q

7:20 PM Feb 1st, 2010
James Whittaker’s “Interviewing Insights and Test Frameworks” - http://www.testingreflections.com/node/view/8437

Here are the 25 items:

1. Failure to Preserve Web Page Structure (’Cross-site Scripting’)
2. Improper Sanitization of Special Elements used in an SQL Command (’SQL Injection’)
3. Buffer Copy without Checking Size of Input (’Classic Buffer Overflow’)
4. Cross-Site Request Forgery (CSRF)
5. Improper Access Control (Authorization)
6. Reliance on Untrusted Inputs in a Security Decision
7. Improper Limitation of a Pathname to a Restricted Directory (’Path Traversal’)
8. Unrestricted Upload of File with Dangerous Type
9. Improper Sanitization of Special Elements used in an OS Command (’OS Command Injection’)
10. Missing Encryption of Sensitive Data
11. Use of Hard-coded Credentials
12. Buffer Access with Incorrect Length Value
13. Improper Control of Filename for Include/Require Statement in PHP Program (’PHP File Inclusion’)
14. Improper Validation of Array Index
15. Improper Check for Unusual or Exceptional Conditions
16. Information Exposure Through an Error Message
17. Integer Overflow or Wraparound
18. Incorrect Calculation of Buffer Size
19. Missing Authentication for Critical Function
20. Download of Code Without Integrity Check
21. Incorrect Permission Assignment for Critical Resource
22. Allocation of Resources Without Limits or Throttling
23. URL Redirection to Untrusted Site (’Open Redirect’)
24. Use of a Broken or Risky Cryptographic Algorithm
25. Race Condition

Look at the Call for Abstracts page for full details.

8:56 PM Jan 29th, 2010
James Bach’s "Logging: Exploratory Tester’s Friend" - http://www.satisfice.com/blog/archives/401

5:32 PM Jan 28th, 2010
Brett Kelly’s "How to Make Today a 25-Hour Day" - http://brettkelly.org/2010/01/20/how-to-make-today-a-25-hour-day/

6:54 AM Jan 28th, 2010
"The Real Reason Outsourcing Continues To Fail" - http://www.lessonsoffailure.com/developers/real-reason-outsourcing-fails/

7:12 PM Jan 27th, 2010
Reading Joel Spolsky’s "Why testers?" - http://www.joelonsoftware.com/items/2010/01/26.html

6:03 PM Jan 27th, 2010
"Only worry once" - Phil Kaplin quoting his father on This Week in Startups #twist

10:34 AM Jan 24th, 2010
January Software Test & Performance magazine available for download (free membership required) - http://www.stpcollaborative.com/magazine

2:51 PM Jan 22nd, 2010
RT @Hexawise "Quality means that the customer keeps coming back, not the product." - Navaraj Javvaji #softwaretesting #quality

8:23 PM Jan 21st, 2010
RT @Conenza: A Conenza-hosted corporate alumni community delivers lasting financial and business benefits. http://tinyurl.com/ydcp7×4

9:39 AM Jan 18th, 2010
Five success factors for branded online communities: http://econsultancy.com/blog/5227-five-success-factors-for-branded-online-communities

5:21 PM Jan 17th, 2010
Brent Strange’s "Tips for Automation Success: Toot Your Horn" - http://bit.ly/6PSnR4

10:58 PM Jan 16th, 2010
"Quantity is rarely an indicator of quality; if it were, spammers would be the definition of email quality" - Jono Bacon

7:06 PM Jan 16th, 2010
Ops Folks - "You will lose power, so be prepared." - http://bit.ly/3o5tiP

7:55 PM Jan 11th, 2010
Programming competition based on the ACM International Collegiate Programming Competition (ICPC) available to all - http://bit.ly/6yPaYq

7:53 PM Jan 8th, 2010
Two VCs predict my old company Varolii will IPO in 2010: http://bit.ly/8eHP4J

8:46 PM Jan 5th, 2010
How to do a slideshow in XHTML: http://www.w3.org/2005/03/slideshow.html

7:20 AM Jan 4th, 2010
Why fresh eyes are important in testing: http://bit.ly/kELup - search for "The Risks of Autopilot"

4:46 PM Jan 3rd, 2010
The Y2K10 bug - Australian bank date jumps to 2016. From the Sydney Morning Herald. http://bit.ly/5aezgd

7:26 PM Jan 1st, 2010
It’s twenty-ten - not two thousand and ten. http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2010/01/01/MN621BB41U.DTL

I was hoping for a discussion around the broader test case / test suite management and the intersection with test automation. Instead, it discussed the value of creating small tests with limited dependencies and using dependency injection, mocking, etc. Not to say that it is a bad talk - just a quick introduction for these topics. I would say the talk is aimed at getting developers writing and enabling automated testing.

If you are already familiar with dependency injection and mocking, I would not spend the time watching. However, if these concepts are new, it may be valuable.

In particular, Pairwise Testing with QICT by James McCaffrey provides enough insight into the QICT tool that it can be easily ported to any platform. While Automated Unit Tests for Legacy Code with Pex by Nikhil Sachdeva is specific to Microsoft technologies, Pex is a tool that all testers should become familiar. Finally, Using Agile Techniques to Pay Back Technical Debt by David Laribee has tips that are useful to most test organizations.

I am not recommending spending time watching this video. The presentation is not bad. However, it does not translate well to video. There is a lot of interaction with the audience - which is great when you are present at the presentation. However, in the video the audience cannot be heard and the presenters do not repeat many of the questions / responses. In addition, the talk is misnamed. While an AJAX application is used as the example throughout the application, most of the talk is not about how to test an AJAX application. The talk is a good discussion of how to tame automation - automation of any application.

Here are the slide titles:

• AJAX: A Different Beast
• An Example GWT Application - (GWT = Taming the Beast - How to Test an AJAX Application)
• Some Statistics - (At this point there are questions to the audience regarding their automated testing experience.)
• System Architecture
• Small Medium Large - (Essentially how much of the application is under test)
• Testing Layer Pairs
• Are we done?
• Comparison
• Conclusion

5:56 AM Nov 4th, 2009
Fascinating trip down startup / vc memory lane: http://bit.ly/1jo3Ve

Overall, I like online content. It is easier to find items at a later time. Unfortunately, I find that I do not read as carefully/thoroughly when I read something online. I am now purposely trying to read professional development material online with more focus — but it is an effort. Who knows what other changes are ahead of us.