Posts Tagged ‘qa’
Turn the Love-Hate relationship with QA to just Loving QA ! :) !
You’re QA Team is the last line of defense before your software gets to the end-user. They are your last, best hope at finding any bugs that may be detrimental to a successful product. Treat them well and you will be well rewarded in the end with good communication and a successful product.
I’ve worked at places and with developers that see the QA Team as a nuisance. Constantly interrupting with bug issues when you’re just trying to move on to the next step. I mean, you tested it yourself right? What could some QA person have found that you didn’t account for? That’s the point. As the old phrase goes:
“It takes more intelligence to debug code than to write it. Therefore, if you write the most difficult code you can create, you are not smart enough to debug it.”
The other thing to remember is that when you as a developer test code you have the bias of knowing exactly how it works and will test with that in mind, there’s no escaping it. The QA Team is there to not only test it to see if it works, but to try the most asinine tests that end-users will do and see if it breaks. No matter how well you design your software the end-user will use it in ways you never thought possible, the QA Team is there to help you in these cases by testing obscure scenarios and reporting what they’ve found.
There’s more to it than understanding QA’s role and respecting them and relying on them. We as Developers need to be engaging them. When I turn over my software to QA, if I don’t hear anything within a few days I go bug them. My ultimate goal as should be the goal of all developers is customer satisfaction, if the customer isn’t happy you’re not going to be doing much development for them. We should be asking QA what we can provide so they can better test the code. Maybe creating a tool that will allow them to automate certain interactions or giving them DB access to see what’s getting stored. In any case we also need to be sitting down with them and making sure they understand exactly how the software works. Sit down and explain the DB table structure with them, make sure they understand the process flow. The more they understand of it the more they will know how to test it. Also keep in mind that a good rule of thumb to follow is however long it took you to develop it, it may take twice as long for QA to debug it. Your QA Team is your friend, not your enemy. QA is the body armor to failure. The more you help QA the better your chances of success.
So, Bottom Line : LOVE YOUR QA TEAM !
Tags: qa
Microsoft confirms 17-year-old Windows bug
Microsoft late yesterday issued its second advisory of the last week, warning users that a 17-year-old bug in the kernel of all 32-bit versions of Windows could be used by hackers to hijack PCs.
The vulnerability in the Windows Virtual DOS Machine (VDM) subsystem was disclosed Tuesday by Google engineer Tavis Ormandy on the Full Disclosure security mailing list. Coincidentally, Ormandy received credit for reporting the single vulnerability that Microsoft fixed last week on its regular Patch Tuesday.
The VDM subsystem was added to Windows with the July 1993 release of Windows NT, Microsoft’s first fully 32-bit operating system. VDM allows Windows NT and later to run DOS and 16-bit Windows software. More »
Bad QA Personal at USAF ! :D !
Publicly and privately, the Pentagon pinky-swears that militants haven’t been able to make a dent in U.S. operations, even though they’re able to tap into American overhead surveillance feeds. But at least one Air Force official, under the cover of anonymity, is telling a different story. One militant group in Iraq was able to stay a step ahead of U.S. forces, he says, thanks to their ability to intercept spy drones’ transmissions.
“We noticed a trend when going after these guys; that sometimes they seemed to have better early warning,” the officer tells Air Force Times’ Michael Hoffman and John Reed.
Eventually, American troops were able to raid a safe house of the Kata’ib Hezbollah militia, based out of Baghdad’s Sadr City. As Hoffman and Reed note, the group “has long been suspected of being a surrogate for Iran’s Quds Force.” U.S. forces were surprised at the level of technical sophistication. On confiscated laptops, they found footage taken by both Predator drones and the Army’s fleet of smaller unmanned aerial vehicles, or UAVs.
The Army drones are the most vulnerable to interception, because they broadcast their feeds unencrypted and in every direction. Retrofitting the hand-held Raven UAVs will take “at least two years,” Col. Gregory Gonzalez tells Hoffman. Locking up the Army’s other drones may take even longer.
For the Shadow, Hunter, Warrior Alpha and the Extended-Range Multipurpose UAV, the Army will retrofit all systems with encryption, as funding permits, said Gonzalez.
According to the Air Force’s Unmanned Aircraft Systems Flight Plan, the service has an objective of ensuring “protected communications” on its MQ-1 Predator and MQ-9 Reaper drones by 2014. “Both the MQ-1 and MQ-9 use the proprietary datalinks that are unencrypted and as such susceptible to enemy exploitation,” the Flight Plan notes.
UPDATE: So how important is this security hole, really? Check out the comments in this earlier Danger Room post for a well-informed debate.
UPDATE 2: Air Force officers told me last week that the intercepts were no big deal, because the interceptors were only seeing the raw video shot by the drone or spy plane. Without the metadata to go along with it, the footage was extremely hard to interpret. “As this is video only, it was assessed overall that this capability in the hands of our immediate adversaries posed limited threat to operations or capabilities,” one officer e-mailed.
It turns out that intercepting the metadata isn’t much harder than tapping the video itself. Because “there is also mission control data carried inside the satellite signal to the ground control stations,” according to an analysis carried by Wikileaks. Everything from target locations to drone headings to sensor angles can be pulled off the satellite transmission, too. The more this security breach is examined, the bigger it becomes.
