Testing Circus (January2011)

Testing Circus
Volume 2 - Issue 1 January 2011
Agiille JJourney Team Ag e ourney Team Commiittmentt tto Qualliitty Comm men o Qua y IIntterviiew wiitth Erkan Yiillmaz n erv ew w h Erkan Y maz Test Case Practtiice Test Case Prac ce QTP Code Corner QTP Code Corner Esttiimettriics -- PREDIICT AND Es me r cs PRED CT AND PRAY PRAY IImportance off mportance o communiicatiion iin testiing commun cat on n test ng
Ellementtary,, My Dear Wattson!! E emen ary My Dear Wa son A ffake tester''s diiary A ake tester s d ary Has Your Productt Passed Has Your Produc Passed Securiitty Testts? Secur y Tes s? Sofftware Testiing News So tware Test ng News Q--Patterns Q Patterns Testters iin Twiitttter Tes ers n Tw er
Your Monthly Magazine on Basics of Software Testing
Testing Circus
Volume 2 - Issue 1 - January 2011
Help Chandrasekhar BN, a Software Tester, beat Acute Lymphoblastic Leukemia.

Chandrasekhar B N is a 26 year old Software Tester working at Bangalore. He was detected with Blood cancer (Acute Lymphoblastic Leukemia - with Ph+ve) in October. Chandrashekar is the sole bread earner in the family. His mother is a housewife and his 21 year old brother is a student, too. Doctors have prescribed chemotherapy and bone marrow transplant at a cost of Rs. 8 lacs for chemotherapy + Rs. 10 lacs for Bone Marrow Transplant. As he is now getting treatment, with no additional income in the family, family members and friends are trying to gather funds for his treatment and daily expenses but are at the end of their resources. We urge all readers of Testing Circus to donate generously for this purpose. Please note: Donations made to CANCER PATIENTS AID ASSOCIATION , CPAA are exempt from Income Tax under Section 80G of the Income Tax Act INDIA (50% exemption). Your receipt and tax exemption certificate will be sent to the address given in the CPAA form. Please enter your full postal address where CPAA can mail your 80G Exemption Certificate carefully. No donation is small. You can do it online through your VISA/Master Card. (Donors from outside India can do it online) https://donations.cpaaindia.org/ Alternately, you can also write a cheque or send demand draft in the name "CANCER PATIENTS AID ASSOCIATION " and mail it to: Dr. Shubha Maudgal Executive Director Cancer Patients Aid Association Smt. Panadevi Dalmia Cancer Management Centre King George V Memorial, Dr. E. Moses Road, Mahalakshmi, Mumbai - 400 011 Tel: +91 22 2492 4000 / 2492 8775 Fax: +91 22 2497 3599 Please Note: Write Chandrasekhar B N on the back of the cheque.
http://helpchandru.com/
w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 2 -
Where is what?
4 9 19 26 35 42
Editorial
5 12 22 29 37 44
Emails to the Editor
6 15 23 33 41 44
Agile Journey
Elementary, My Dear Watson!
Keystroke Logging
Estimetrics PREDICT AND PRAY
Q-Patterns
In Lighter Moods
A Fake Tester's Diary
Importance of communica tion in Testing
Has Your Product Passed Security Tests?
Software Testers @ Twitter
Test Case Writing Practice
News On Testing
QTP Code Corner
Know Your Testing Guru
Testing Circus Reps (TCRs
Testing Circus Team
w w w . T e Wwwg C i r c u s . c o m stin
January 2011
Page - 3 -
From the Editors Keyboard

Has hiring practice in testing ever been tested? How many bugs are there in the present hiring practices in testing? Is anybody fixing those? How do we identify a fake interviewer from a real interviewer? Yes, I said interviewer, not the candidate. We always discriminate people from different domain and industry. We will always try to recruit somebody who is from engineering or computer background - not from other domains such as BPO, Medical sales or HR background. We also believe people with gaps in between two jobs are not the best ones to test a product. We tend to filter out people who have gap period between two jobs or who does not have a job in hand now. I have seen many female testers who left their jobs because they got married and they had a kid to care about. Now that the kid is grown up, they can join back testing job. But we would not listen. Asking definition based question does not bring out the best in a testing guy. Any one can just Google it and answer your questions and can clear your bad interview. Asking 'frequently asked question in testing' and judging a candidate is an old fashioned trick. Why dont we come up with a better hiring practice such as giving the candidate something to test? Can we accept candidates based on knowledge and passion for testing instead of looking what is written in resume and how many certification exam the candidate has passed? Sadly, this time the bugs in hiring process of testers are to be fixed by testers only. So let us take a New Year resolution to adopt a good hiring practice in Software Testing domain. I am not a firm believer of New Year resolution thing but its better to have tried and failed than to never try at all. I hope you will enjoy our series A fake Testers Diary in this issue of Testing Circus. Jai Ho Testing!
- Ajoy Kumar Siingha - Ajoy Kumar S ngha

http://twitter.com/ajoysingha
January 2011
Page - 4 -
Thanks for the wonderful magazine!! It helps me a lot to understand the Testing Concepts especially the Test Cases column. Also, I have told about this magazine to some of my colleagues and really it is helpful to them too. Hats off to you and your team of Testing Circus!! ~ Agrta Kansal [Editor] Dear Agrta, thank you for your appreciation.
First of all heartiest thanks to the team for coming up with such an innovative idea. It is certainly going to aid testers from all spheres of life. ~ Partha Sarathi Samal
First of all, congratulations on your appeal to bring all testers under one shelter to share, learn and grow together. It was nice to know that you conveyed the massage in Softech10 by Silicon India. I attended the same in Mumbai last day and I must not mention but it was a great experience. Would you mind if I suggest not limiting the Testing Circus core team only to Delhi-NCR and we can have some really influential/dedicated people in same team across major IT cities like Pune, Mumbai, Hyderabad and Bangalore? What I am thinking is, this will give more scope for TC community to grow further and along with that it will also facilitate the TCRs to convince the people in their respective organizations to join TC community. And this is how we can have a real united Testers Team across the nation. What I feel is instead of having different groups aiming at same purpose, its always desirable to have all under one roof. As Testing Circus has already been started it can play the role of an umbrella. Wish me luck so that someday I can confidently ask for my membership in TCs core team. And am pretty sure, Testing Circus would be the big family by then. ~ Lalitkumar Bhamare [Editor] Dear Lalit, the Testing Circus Representative initiative reflects your thoughts too. Thank you for interest to become a TCR. We will contact you further.
January 2011
Page - 5 -
Agile Journey Team Commitment to Quality
By Lisa Crispin
In agile development, the whole development team, not only the testers, must commit to quality, and that commitment has to mean something. The entire team has to be engaged in making sure all testing activities are completed for each story, sprint and release. Heres an example, from a recent sprint, of what this commitment to quality means to my own team, which consists of two testers, four programmers, a DBA, two system administrators and a ScrumMaster. In the past few sprints, we had started to slide into the bad practice of having leftover testing task cards that got carried over into the next sprint. Some of these were cards to write new FitNesse fixtures to automate tests for a particular new piece of functionality. Some were end to end testing cards that simply take a long time to complete. There were also development cards left over. A couple of stories had dragged on more than two sprints without a compelling reason. This was getting awful! It felt like we were dragging through waist-deep mud of technical debt. In a sprint retrospective, we got serious about solving these problems. Here are the action items we created: Finish leftover cards before starting new stories in new sprint. This meant taking on less new work for the sprint. Ask remote team member to work on existing cards before bringing in new stuff Have main developer for a story put his name on the story card and take responsibility for making sure all tasks are done Write "end to end" test cards for each story (these are cards that remind the developer assigned to that story to test that all the pieces work together) w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 6 -
Developer responsible for story should think about all task cards ahead of time, make sure all necessary cards are there Ensure everyone needed is copied on emails Stop checking in untested code
In the next sprint, we focused on finishing all the "leftovers" first. For the new FitNesse fixtures, the programmers asked that I first write example tests with my idea of how the test should work. One of our team members who works remotely then wrote the fixtures and updated the tests as needed so that they passed. These fixtures were difficult to do, as they had to use a lot of legacy code, but the ROI will be big because they test critical areas where we've had expensive production problems in the past. There was only one incident of untested code being checked in, and we talked about it right away and discussed ways to ensure this stops happening. Six days into the two-week sprint, we still had lots of testing cards and not many development ones. The programmers, of their own volition, decided during the Scrum to attack the test cards. By the end of the day, most of the test cards were finished! Then they went on to the stories that were new that sprint. Since a glance at the online storyboard now tells us who the main developer is on each story, communication has improved. When more than one developer works on tasks for a story, they're communicating better. Lots of pairing is happening too. Communication is better all around, including with the remote team member. Eight days into the sprint, a programmer was writing up the information on the functionality he had changed for a batch processing story, and as he wrote, he realized that he missed a use case. He fixed it, but was concerned there wasn't enough time left in the sprint to adequately test the new functionality. We decided to postpone that story to the next sprint. Consciously deciding to put off testing to the next sprint isn't a bad thing, when there's a good reason for it. Towards the end of this sprint, we were still very busy, but felt great to see our storyboard for the sprint with almost all the cards moved to the 'done' column. Since it was holiday time, people were taking time off, so time is short. A task to automate testing for a new UI feature implemented with Ajax was rolled over to the next sprint, because the test script was blowing up. w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 7 -
Again, this was a conscious decision by the team, not a case of "Oops! Today is the last day of the sprint and we didn't get this finished". Many teams struggle with trying to finish all the testing for all the stories by the end of each iteration. If this happens to you, the first action to take is to limit the amount of new work brought into the next sprint, so you can focus on finishing the leftovers. As you catch up and are able to reduce your technical debt by finishing testing and test automation tasks, you'll be able to increase your velocity later, without sacrificing quality. This has to be a team effort. If youre doing your best and working hard, and you still dont finish what you planned for the sprint, dont beat yourselves up. Use your retrospective to identify impediments, and focus on how you can overcome one or two of them. Talk about what your team commitment to quality really means, and take baby steps to do a little better every iteration. Youll enjoy your agile journey! w w w . T e Wwwg C i r c u s . c o m stin
An agile testing coach and practitioner, Lisa Crispin is the coauthor, with Janet Gregory, of Agile Testing: A Practical Guide for Testers and Agile Teams (Addison-Wesley, 2009), and a contributor to Beautiful Testing (OReilly, 2009) and Testen in der Finanzwelt (2009). She also co-wrote Testing Extreme Programming (Addison-Wesley, 2002) with Tip House. Lisa specializes in showing agile teams how testers can add value and guide development with business-facing tests. For the past ten years, Lisa has worked as a tester on agile teams developing web applications in Java and .Net. She teaches Agile Testing courses and tutorials worldwide. Lisa regularly contributes articles to publications such as Better Software magazine, Software Test & Performance Magazine, IEEE Software Magazine, Methods & Tools, Agile Journal, Agile Record, She enjoys sharing her experiences at conferences and user group meetings around the world. Lisa was named one of the 13 Women of Influence in testing by Software Test & Performance magazine. For more about Lisas work, visit www.lisacrispin.com
Lisa can be reached at http://twitter.com/lisacrispin
January 2011
Page - 8 -
Elementary, My Dear Watson!
By Nandagopall R Nandagopa R
The title sounds familiar, right? The master detective Sherlock Holmes often commented this to his friend Dr. Watson Even though a fictional character, Mr. Holmes is one of my favorites. I always wondered about his observation, logical reasoning and deduction skills. Though I would like to believe that Mr. Holmes did exist, its not the truth that points to the fact that how gifted the writer Sir Arthur Conan Doyle was! Mr. Holmes could have easily become the best tester in this world if he was in the Software Industry and Sir Conan Doyle could have been the most sophisticated criminal the world has ever seen (no offenses meant! I was referring to the details of the crime scenes in his stories). Now, lets come to the business part of this yes, you guessed right Observation, Logical Reasoning and Deduction great skills to have as a tester. Of course, deduction can be a trivial since one of the most common mistakes done by a tester is the assumption he/she makes after the deduction of his/her experiments. So be careful when you try to be the Sherlock Holmes tester Experience adds a lot to your testing skills in an exploratory method a simple definition of exploratory testing can be like learning the application by playing with it and using your prior experience. Once you start your career as a tester and become more experienced, you might be thinking like a tester even in lifes scenarios. Your eyes and ears become trained to look at things in a lateral way than others. I dont know whether its good or bad but I like it (and since I like Holmes and am a tester, I like it more!) I have realized that my lateral thinking has improved since I started my career as a Tester. I will site a few examples.
January 2011
Page - 9 -
Scene Number One: I went out for dinner with my wife last month. There were 3 wash basins in that hotel. My wife went straight to one and was about to open the tap. Me: Thats not working use the next one! Since she had already placed her hand on the tap, she opened it and found that there is no water coming from it. She: How did you know that? Me: The wash basin is dry, the naphthalene polls in it are as it is and looks new, and the hotel is reasonably full that means the wash basin is not working. I used Observation, Logical Reasoning and Deduction there and I was right Scene Number Two: Since I started my career as a tester, most of the time I flip the correct switches for lights or fans in an unfamiliar place. You know how? I flip the most commonly used switches in a switch board they might be evident from color change due to constant use. I used Observation, Logical Reasoning and Deduction in here too and most of the time Im right Testing and Common sense So, this brings us back to a typical interview question What are the qualities/skills you have as a tester? Curiosity, lateral thinking, problem solving are some of the skills you should have to become a good tester. Having these skills helps you to become a better tester for sure. I always wanted to become a private detective like Sherlock Holmes. Even though I couldn't pursue that dream the way it needs to be done, I'm happy that I'm doing it in some other way - I'm a Software Detective. I use my curiosity to investigate further into a problem, use lateral thinking and hence solve the problems As somebody w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 10 -
rightly said - "the best free tool you can use in testing is your brain" Common sense also plays a huge a part in making you a better tester. It comes handy when you start making assumptions. As I have stated in the start of this topic, assumption is one of the most commonly committed mistakes by a tester. Common sense helps you to get out of assumption traps and makes you do little things that might save you a lot of time and might show you that legendary showstopper you always wanted to find I remember a narration from my friend when he was reading this topic (as some you might be aware, this is already published in my blog). My friend went for a movie and in the theater; everybody is using one basin out of three. First one is clean, tap is good, everybody tried it and they got only air flowing from it. Second one is clean, tap is good and it is working. Everybody is waiting for their turn to use the second basin. Nobody is trying the third. The basin is not clean, the tap-head is broken and people conclude that there is no water in it! He tried and it was working!
Nandagopal R is a software tester with 4+ years of experience, currently working for RM Education Solutions India Pvt Ltd, Trivandrum, Kerala. He is a passionate tester who likes to practice the context driven approach. He has vast experience with web, desktop and mobile applications and is an active participant in the crowd sourcing testing community uTest.
Nandagopal can be reached at

http://twitter.com/nandagopalr
Testers observe, apply logic, then deduct and based on that deduction starts assuming sometimes. So due to the bad state of the tap, people assumes that it is not working. As a tester, I must be trying the tap even if that observation-reasoning-deduction process DOES NOT come natural to me; that is where commonsense plays the part and it points to another must have skill for a tester patience! Elementary, my dear Watson
January 2011
Page - 11 -
Information from the Internet

Keystroke Logging
Keystroke logging (often called keylogging) is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous keylogging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis. Application Software-based keyloggers: These are software programs designed to work on the target computers operating system. From a technical perspective there are five categories: Hypervisor-based: The keylogger can theoretically reside in a malware hypervisor running underneath the operating system, which remains untouched. It effectively becomes a virtual machine. Blue Pill is a conceptual example. Kernel based: This method is difficult both to write and to combat. Such keyloggers reside at the kernel level and are thus difficult to detect, especially for user-mode applications. They are frequently implemented as rootkits that subvert the operating system kernel and gain unauthorized access to the hardware, making them very powerful. A keylogger using this method can act as a keyboard driver for example, and thus gain access to any information typed on the keyboard as it goes to the operating system. API-based: These keyloggers hook keyboard APIs; the operating system then notifies the keylogger each time a key is pressed and the keylogger simply records it. APIs such as GetAsyncKeyState(), GetForegroundWindow(), etc. are used to poll the state of the keyboard or to subscribe to keyboard events. These types of keyloggers are the easiest to write, but where constant polling of each key is required, they can cause a noticeable increase in CPU usage, and can also miss the occasional key. A more recent example simply polls the BIOS for preboot authentication PINs that have not been cleared from memory.
January 2011
Page - 12 -
Form Grabber based: Form Grabber-based keyloggers log web form submissions by recording the web browsing onSubmit event functions. This records form data before it is passed over the internet and bypasses https encryption. Packet analyzers: This involves capturing network traffic associated with HTTP POST events to retrieve unencrypted passwords. Remote access software keyloggers These are local software keyloggers programmed with an added feature to transmit recorded data from the target computer to a monitor at a remote location. Remote communication is facilitated by one of four methods: Data is uploaded to a website, database or an FTP account. Data is periodically emailed to a pre-defined email address. Data is wirelessly transmitted by means of an attached hardware system. The software enables a remote login to the local machine via the internet or ethernet, for data logs stored on the target machine to be accessed. Related features Software Keyloggers may be augmented with features that capture user information without relying on keyboard key presses as the sole input. Some of these features include: Clipboard logging. Anything that has been copied to the clipboard can be captured by the program. Screen logging. Screenshots are taken in order to capture graphics-based information. Applications with screen logging abilities may take screenshots of the whole screen, just one application or even just around the mouse cursor. They may take these screenshots periodically or in response to user behaviours (for example, when a user has clicked the mouse). A practical application used by some keyloggers with this screen logging ability is to take small screenshots around where a mouse has just clicked; these defeat web-based keyboards (for example, the web-based screen keyboards that are often used by banks) and any web-based on-screen keyboard without screenshot protection. Programmatically capturing the text in a control. The Microsoft Windows API allows programs to request the text 'value' in some controls. This means that some passwords may be captured, even if they are hidden behind password masks (usually asterisks). The recording of every program/folder/window opened including a screenshot of each and every website visited, also including a screenshot of each. The recording of search engines queries, Instant Messenger Conversations, FTP Downloads and other internet based activities (including the bandwidth used). In some advanced software keyloggers, sound can be recorded from a user's microphone and video from a user's webcam. Hardware-based keyloggers Hardware-based keyloggers do not depend upon any software being installed as they exist at a hardware level in a computer system. Firmware-based: BIOS-level firmware that handles keyboard events can be modified to record these events as they are processed. Physical and/or root-level access is required to the machine, and the software loaded into the BIOS needs to be created for the specific hardware that it will be running on. Keyboard hardware: Hardware keyloggers are used for keystroke logging by means of a hardware circuit that is attached somewhere in between the computer keyboard and w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 13 -
the computer, typically inline with the keyboard's cable connector. More stealthy implementations can be installed or built into standard keyboards, so that no device is visible on the external cable. Both types log all keyboard activity to their internal memory, which can be subsequently accessed, for example, by typing in a secret key sequence. A hardware keylogger has an advantage over a software solution: it is not dependent on being installed on the target computer's operating system and therefore will not interfere with any program running on the target machine or be detected by any software. However its physical presence may be detected if, for example, it is installed outside the case as an inline device between the computer and the keyboard. Some of these implementations have the ability to be controlled and monitored remotely by means of a wireless communication standard. Wireless keyboard sniffers These passive sniffers collect packets of data being transferred from a wireless keyboard and its receiver. As encryption may be used to secure the wireless communications between the two devices, this may need to be cracked beforehand if the transmissions are to be read. Keyboard overlays Criminals have been known to use keyboard overlays on ATMs to capture people's PINs. Each keypress is registered by the keyboard of the ATM as well as the criminal's keypad that is placed over it. The device is designed to look like an integrated part of the machine so that bank customers are unaware of its presence. Acoustic keyloggers Acoustic cryptanalysis can be used to monitor the sound created by someone typing on a computer. Each character on the keyboard makes a subtly different acoustic signature when stroked. It is then possible to identify which keystroke signature relates to which keyboard character via statistical methods such as frequency analysis. The repetition frequency of similar acoustic keystroke signatures, the timings between different keyboard strokes and other context information such as the probable language in which the user is writing are used in this analysis to map sounds to letters. A fairly long recording (1000 or more keystrokes) is required so that a big enough sample is collected. Electromagnetic emissions It is possible to capture the electromagnetic emissions of a wired keyboard from up to 20 metres (66 ft) away, without being physically wired to it.In 2009, Swiss researches tested 11 different USB, PS/2 and laptop keyboards in a semi-Anechoic chamber and found them all vulnerable, primarily because of the prohibitive cost of adding shielding during manufacture. The researchers used a wide-band receiver to tune into the specific frequency of the emissions radiated from the keyboards. Optical surveillance Optical surveillance, while not a keylogger in the classical sense, is nonetheless an approach that can be used to capture passwords or PINs. A strategically placed camera, such as a hidden surveillance camera at an ATM, can allow a criminal to watch a PIN or password being entered.
Content Source http://en.wikipedia.org/wiki/Keystroke_logging
January 2011
Page - 14 -
Estimetrics - PREDICT AND PRAY

By Parimala Shankaraiah By
Akbar, the famous Mughal Emperor once asked his Royal Advisor Birbal, How many crows are there in our kingdom. After a moments thought, Birbal replied, There are ninety-five thousand four hundred and sixty-three crows in the kingdom, Sir. Amazed by his quick response, Akbar asked What if there are more crows than you mentioned? Without any hesitation, Birbal replied, If there are more crows than my answer, then it means some crows are visiting from neighboring kingdoms. And if there are less crows that means that some crows from our kingdom may have gone on holiday to other kingdoms. Fast forward this story to today. The Great Saga of Metrics If you give a manager a numerical target, hell make it even if he has to destroy the company in the process ~ Deming Metrics have been both major highlights and big pain points in Testing at the same time. How many test cases are documented for any product, how long does it take to execute each test case, how many more is one tester executing compared to his/her co-worker, how many defects did he/she find compared to the rest of the team, how many reported defects were rejected and many more. For a tester who is willing to test with freedom and creativity, measurement criteria as above only discourages them from doing good work. All that the testers would then choose to do is to adapt themselves to fit into the parameters that they are measured against. For example, if a tester is told to report 30 defects in a quarter (By the way, this is a real metric in many organizations), he/she would report at least 30 defects by hook or crook to qualify for the quarterly bonus! Out of 30 defects, if more than 15 were of low severity, what next? Ah! No worries. That becomes a metric for the next quarter: Report at least 20 high severity defects of priority type Showstopper/High. Now, if the product under test has been in the market for more than a few years and if customers are hardly escalating issues and if there are hardly any feature w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 15 -
improvements, how realistic is it to find 20 high severity defects in that product unless testing was performed by a few people who didnt know what testing is in the first place? Numbers Game Suppose that a routine medical report showed something suspicious about ones health. Apart from the family doctor, some people would prefer second/third opinion especially in critical cases. Such people are often baffled after different doctors interpret same medical report in different ways. One doctor would have focused on the positive aspect of the report and said Yes, there is a problem. But, we can get you out of it as long as you believe in yourself and our team. Another doctor might say You are going to live only for next six months. Get ready with your will. While the third one gives a perfect picture of what is going on without a speck of emotion or warmth. Do you go looking for a fourth opinion or decide what is good enough for your own self? Ashok T, Founder and CEO at Stag Software Private Limited asks Is 33 diseases in a human body good enough to be healthy? Is that a good number to measure the well being of a human being? Does the number of fungal cells wreck as much havoc as the cancerous cells? Is it fair to even compare fungal vs. cancerous cells in the first place? Is any such meaningless comparison and the measurement that follows it any good at all? Numbers in general are used to impress people. Higher the number, better are the results. Unfortunately, many organizations today fall victims to this number game and grant incentives to employees who manage to earn them either through manipulation or least amount of effort. But, their reliability is often suspected. Numbers should not be used for checking the performance of testers or their efficiency simply because testers can bluff around their superiors in any case. After all, it is part of human nature. Rewards and Incentives Tester who filed the most number of severity 1 defects, tester who executed most number of test cases in shortest period of time, tester who helped programmers the most by unit testing several new features (though it was their responsibility to unit test before dropping off the feature to testing teams), testers who say Yes boss to not just their manager, but also to other teams managers who they interact with irrespective of what is right and ethical to do in any situation and testers who are liked more by nepotists for weird reasons and less for their skills Hurray, these are the testers who get rewarded in the long run. People in power consider above numbers as The Metrics to measure their sub-ordinates against. Testers consider these as their personal targets. Once they hit these targets, its done! They dont have to slog anymore. They dont have to work harder. Anyway, they will be rewarded because w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 16 -
they crossed their targets. Why bother testing the product further and waste any more time? Estimation The joy of an early release lasts but for a short time. The bitterness of an unusable system lasts for years ~ Anonymous For any brand new project, requirements are studied, functional and technical design documents are analyzed, test cases are written, detailed test plans are created, appropriate schedules are worked out, detailed project plans are created, published and approved by the big guy who is often the project manager or the director of the engineering team in collaboration with the product management team. All of these without involving actual people who code or test the product! Typically they would need anything between 2-4 weeks to come up with an estimation plan. What? You mean close to one months planning for a project that lasts 2 months. Oh Wow! Of course, there is a lot of documentation to be done, many meetings to attend, have demos of prototypes and fights/arguments with product management teams and customers regarding timelines and cost respectively. It does take one month. May be, even more. Justified! It is common practice in most organizations to spend a fortune on project plans and estimating how much time it takes to execute them. Mind you, just execute them. Not execute them rightfully! Does your Number match mine? Test estimation at a high level includes identifying features to be tested, operating systems and browsers to be used, number of test cases that need to be run, number of testers available, the deadline by which product has to be tested and hand over to product management for a formal release. None of these is considered when a timeline is decided for many releases. A tentative date would be decided with some amount of buffer time which mostly goes to programmers. This date is just an estimated date, but it is made out to be THE DATE for the release. All that testers need to do is to squeeze in their tasks within this limited timeline, Do their best and leave the rest to their reporting managers. Project managers and Product managers are keen on just one thing. What is the earliest time by which a project can be tested *completely* and *thoroughly*. By thoroughly, they mean exhaustively. They have a rough timeline in their minds by which their gut feeling says that so and so product can be tested and released in this timelines. If the testing team comes up with anything equal to or greater than that, these guys have a problem. They always want to reduce that number and speed up the release. Agree that the customer is time pressed to buy the product at the earliest, but the question is Do you really want to deliver a baby in 6 months?
January 2011
Page - 17 -
Estimates Gone Mad The word estimation itself says that its just an estimate. It could go wrong. There is a high probability that estimates end up being wrong. In spite of this, any deadline committed is committed. Testers often have to stretch, work extra hours, sleep in office at nights, work on weekends and still stick to the deadline. Whether drops to testers were delayed, whether new requirements came in at last minute, whether defect verifications resulted in newer defects, whether regressions failed big time, no one really seems to bother unless one killer defect comes from the customer which cost the organization, that complete deal. Testers will manage anyway. After all, that is what they are hired for! Half the time, they wait. Rest of the time, they slog! Plan, Plan, Plan Having a plan is a good thing. It will help foresee many hidden risks within the project. However, worshipping the plan as if someone from the top is going to shoot you dead is a bad practice. Planning forever, but hardly doing anything with respect to the plan or acting on it doesnt make any good difference to any project. Having a preliminary plan, going by that plan, making modifications as necessary, being flexible to changing priorities and timelines, taking some buffer time into account to accommodate miscellaneous issues are also important. This is how a meaningful plan is built. To quote Steven M Smith, Have a plan. Dont worship the plan. Follow the energy and respond to it Plug and Play
Parimala Shankaraiah has more than seven years of experience in testing and mentoring teams of software testers. Apart from testing that she is most passionate about, she loves mentoring upcoming testers and has mentored over 30 testers. She frequently writes about her testing experiences at her Blog. She is also a regular contributor of articles on testing and issues concerning testing. Apart from testing, she loves to play with her 3 yo, read books, magazines, articles and many more. She is a self-claimed emotional overeater who eats to beat every emotion in the world. Parimala Shankaraiah works as a Principal Tester at Consona Corporation, Bangalore. She blogs at http://curioustester.blogspot.com/
Parimala can be contacted at

http://twitter.com/curioustester
These are the times when customers are ready to shell out money to buy products that are Plug and Play. All it matters to them is products have to solve their business problems with least amount of effort and time from their side. Times are changing. Measurement mechanisms are changing. And so are organizational practices and standards. These days, all that the customer is doing is PREDICT AND PRAY!
January 2011
Page - 18 -
Q-Patterns
This is the last part of two part series of article on Questioning pattern. Readers are encouraged to read the first part of this article published in the December 2010 issue of Testing Circus. - Editor
Questioning Patterns (Part 2)

By Viipull Kocher By V pu Kocher
Access Rights
Intent We know that To err is human, so everybody cant be given rights to do anything neither in social life nor in our systems/applications. Hierarchies are always there to control or restrict actions of users. If you have used Administrator/User hierarchy in your code/test you may ask following questions: Administration 1. Administration management Administrator role management How is new administrator created Can it be deleted Can new administrators be created Any roles/groups as role for component management only, user management only etc. Password management Default password? Change password facility?
January 2011
Page - 19 -
<Associated Pattern: Password Management> 1. Can an administrator create the sub administrator? If yes what all rights given to them to differentiate between administrator and sub administrator. 2. Whether the rights have been divided into separate groups like basic, advanced etc.? Usage 3. Can a user define roles for herself? 4. Can a user create groups for herself? 5. Whether the user can view/modify her own rights or only administrator can take care of this? 6. There should be a limited no. of groups etc.( user is not supposed to create a different group for each role). 7. Can a user account temporarily be locked? UI 8. How the rights of a user may be viewed and modified? 9. Can the administrator see the rights given to each user on a single screen (like in tree structure etc.)? 10. Can administrator make the same modification on more than one user/group simultaneously? Security 11. Number of users to access a resource, file etc. can be restricted or not? 12. Can a user be restricted from not using certain privileges? 13. Whether the Read/Write accesses etc. are being taken care? Performance 14. How much time will it take to show the different screens of user right policies? 15. How much time will it take to add/delete/modify roles to users?
Search
Intent Search is the only way to find the existence or non-existence of a record. Search is every there whether it is in a database, in a document or it is a web-search. If you are using Search in your code/test you may ask following questions: Administration 1. Who can perform the search (only an administrator, a user or certain right is to be given for search)? Usage 1. 2. 3. 4. 5. Does it search on exact matching string? Does it allow wild card search? What are the wild card characters that are recognized? Is wild card substitution for single alphabet/numeric or string recognized? When more than one search criteria is allowed does it allow OR or AND of the conditions? January 2011 Page - 20 -
6. Can all kind of operators (relational, logical) be used in search query? 7. When using the relational operators for search on alphanumeric characters, what is the behavior? 8. Does it allow specifying default sort order of the search results? 9. In case of search criteria being a date/time, does it recognize a specific format or all the formats? 10. Does it allow search in both directions (up and down)? 11. Is the search criterion case-sensitive? 12. Can we define the search area (eg. from line number n1 to line number n2)? 13. What is the behavior of search in case of check boxes are used in the search form? 14. Is the search possible on each component of the application or not? 15. Can search results be saved in a different file or not? UI 1. Does it give a correct error message when no matching entries are found? 2. When more than one entry satisfies the search criteria does it allow complete navigation between the entries? 3. Does it give an error message in case a wrong/invalid format is specified in the search criteria? 4. If we give wrong search condition then what happens? It simply shows no result or an error message appears? Security 1. Are different levels of search used (eg. An administrator can see all the records of an employee but a user is restricted to some of the records). Performance 1. If the search result shows 10,000 or 1,00,000 records then how much time will it take? 2. What happens if we give a very complex query in search condition? 3. What happens if we join contradictory queries in search condition? Other Suggested Patterns Some other useful patterns could be: UI Pattern (list handling) Groups and templates Error reporting/logging Web related: Java Applets/HTML pages/ASP/JSP/CGI Installation
Vipul Kocher is the Cofounder and Co-President of PureTesting. He is a person with deep and passionate interest in software testing which also happens to be his profession. His other areas of interests are Science Fiction, Archaeology, History of Ancient Bharat, Religions. In his own words Too many interests, too few skills.
Vipul can be reached at http://twitter.com/vipulkocher
January 2011
Page - 21 -
Q: How many software testers does it take to change a light bulb? A: None. Software testers just noticed that the room was dark. Testers don't fix the problems, they just find them. Q: How many Developers does it take to change a light bulb? A: What's the problem? The bulb at my desk works fine! Q: How many programmers does it take to change a light bulb? A: NONE! That's a hardware problem....
A FAKE Testers Diary

By Fake Software Tester
The Introduction Tanash Ramuk is a 23 yr old Software Test Engineer. Having completed his degree in computer engineering a couple of years back, he joined a start-up and was recently laid off. 2 Days back, he got a call from Ele Info Systems, a huge off-shoring software services company known for providing testing services and which could also boast of becoming a 1 billion $ company from a 1 $ company. Hes promised to write to us regularly about his adventures with Ele Info Systems and heres what he wrote to us this week. On how they recruited him. Chapter 1 - The Recruitment When Tanash arrived at the walk-in event, he found himself face-to-face with 1 of those pretty looking member of the HR dept. She was given the job of screening resumes. Observing her from a distance, Tanash understood that she was given the job of rejecting applicants, who did not have --- an engineering degree, less than 60% marks in their degree, people who could not talk proper English. He also understood that they were hiring for testing positions. Tanash slipped in his resume to her and was happy on being shortlisted for the test. He was asked to sit in a room with another 1000 grads. Looking at the other people who were writing the test, this is what he saw --- some of them were attending the test to try and get the job, some of the were there to practice for their CAT exams, some of w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 23 -
them looked like wanting to work for pocket money, some of them were there to fund their MBA exams and classes. His eyes were unable to spot a person for whom testing was a passion, in the crowd of 1000 people. Silence --- boomed the mike. Another guy well dressed with a tie took the mike and announced that they were going to hand out question papers. Tanashs 1st test lasted 50 mins, 25 questions. He had to solve aptitude problems. Tanashs 2nd test lasted another 50 mins and another 25 questions. The questions reminded him of an English test from his school. All questions were objective type questions. 3 hours later, Tanashs joy grew. He was selected for the interviews scheduled for the afternoon. Round 1 His 1st interviewer introduced himself as a senior Test Lead having 4.78 yrs of experience. Top 3 questions from the interview were:1) On Software definitions what is grey box testing? What is the difference between grey box and white box testing? What is the difference between smoke testing and sanity testing? What is break-in testing? What is the difference between component integration testing and system integration testing? 2) What is the Requirement Traceability matrix? 3) Tell me about the Defect Life Cycle and the project life cycle Round 2 The 2nd interview was conducted by the manager. The manager initially talked for 10 minutes about himself and the next 5 mins about how challenging it was to work for this company. Some words he used were cutting edge technology, out of the box thinking, high-skilled leadership, Browser Wars, etc. Tanash was wondering if he was being interviewed for some battle. Top 4 questions from the managerial round:The italics are Tanashs thoughts on the reply. And the bold ones is the gist of what he said. 1) Why do you want to join us? (Obviously coz am out of a job) I have always wanted to join a company which has become a market leader. w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 24 -
2) What do you expect from us? (US, Onsite and lotsa pretty babes).. A challenging career, working on the latest software and brightest minds, yada yada yada!!! 3) Where do you see yourself in 5 years from now? (@ Whoever pays me what I ask for!!!) Id see myself having experience on the latest technologies, leading a team and mentoring other new joiners. 4) What can you do for us which the others cannot? (How would I know? I dont know who else applied) Be more industrious, offer more due to my selflearning abilities, my better writing abilities etc. Round 3 - HR And the HR round they were only interested in his pay. He felt like he was bargaining to a vegetable vendor across the street. He felt like a resource while talking to them and not like a humanJ!!! Top 2 questions from the HR interview 1) Whats your ideal job? (Money, Money and more money!!!). --- Working in a fun environment, with the ability to contribute towards the team goals. The atmosphere should be competitive, and should reward quality!!! 2) Why do you think you previous manager is a good manager? (What makes you think hes one? All managers are Jerks and should be fed to the sharks!!!) --- Coz hes a thought leader and he has been able to effectively mentor and guide me, without passing on any kind of pressure down to me. 2 more hours later, they promised that the offer letter would arrive in a weeks time!!! Only Tanash knew how he came through the tests and interview He was able to Google the questions and answers the previous day. Tanashs adventures would continue. Hes promised to write to us about his adventures!!! Can you identify what you think are fake practices in the above story?
***All characters and organizations mentioned are imaginary, and any resemblance to real persons or organization is entirely accidental. - Testing Circus Editorial Team***
January 2011
Page - 25 -
Importance of Effective Communication in Software Testing
By Deeptii Miigllanii By Deept M g an

Testing activity for ensuring quality in any product delivery plays a significant role in the contemporary picture of IT. Along with the growth of the software industry, Testing departments in the IT companies are getting abundant opportunities to grow. With fast changing environments and increasing demand of quality at low prices Testing departments are facing new challenges to meet the opportunity. Effective communication in software testing plays a major part in reducing the scope of defects, but it has not got the significance it deserves. This paper includes
A. Different forms of Communication in testing describing the type of communication, common problems faced and recommended solution B .Importance to say NO in various situations
A. Forms of Communication in Testing

Communication occurs in following forms within and outside the testing team: Communication amid testing and development team Communication within testing team Communication by test team leader Communication with client
Objective: Development and testing team have to work together in achieving the single goal of delivering quality product in predefined time line. It is a two way process. Problem1: Defect Reporting/Unacceptable Defect Solution: An accurately communicated defect plays a major role. Testers have to see how precise they are explaining the defect to development team. Before reporting w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 26 -
Communication amid testing and development team
testers should reproduce the bug at least twice and report it in well documented format. The template/tool used for reporting the defects should include clear description of defect, sufficient steps to reproduce, exact error messages, priority, severity with references to specifications. Tester should also share the screenshots/logs, examples etc. for ready reference and better understanding of defect for developers. Testing team should ensure that the defect is communicated within the agreed timelines to the development team. A defect reported well in time pays long to the team. A defect may become invalid for the development team after a certain period.
Problem2: Defensive Development Team Solution: Testers are sometimes seen as pain in neck by development team. It is testers job to find the defects. Development team should not be cynical as it is not always developers fault. Both the teams should not indulge themselves in cold wars. Defects may occur because of several reasons like environment problems, documentation or data, improper requirement gathering etc. Developers should not take it in person .It is the imperfection of the application and not theirs. They can very well analyze the defect, notify the grounds for the defects and fix them.
Communication within testing team

Objective: Testers within team have to test different modules of single application/project. Problem 3: Issue details are not on hand among every team member Solution: It is essential that the testing team convene on regular basis to discuss about their technical challenges where every member gets a platform to put forward his thoughts. This will help the team members to get the resolutions of issues which are common to the team. Scrum meetings are daily meetings for usually 15-20 minutes where this type of technical discussion occurs and Internal Knowledge transfer session for 30 minutes every week should be planned .These type of meetings help in elevated productivity. It is important that all members of the team should be aware of every communication with customer.
Communication by test team leader

Problem: Keeping balance between technical and soft skills
January 2011
Page - 27 -
Solution: Team leader should possess good communication and interpersonal skills so that he can handle conflicts, motivate team members and if required escalate the issues in the application to the Client. He needs to allocate task to all Testing Team members and ensure that all of them have sufficient work in the project. The task allocation should be well communicated to the team so that everyone is aware of their work priorities. Team leader should raise the concerns of testing team to management in a timely manner. Effective communication of team leader creates a health environment and boosts the morale of testing team members. Team leader should frequently give feedback to his team members about their work and should mentor team that how new techniques tools, processes can be implemented. Communicating with client needs effective choice of words as project success gets impacted because of miscommunication.
Communication with client

Objective: Testing team has to often communicate with the customer to update the testing status, share testing reports, and to deliver a quality product meeting customer requirements. Problem: Hiding problems Relationship with the customer depends on how clearly we communicate. Trust within both the parties is essential in order to communicate the progress, issues or risks faced during the testing phase. It is the responsibility of testing team to keep the customer updated about the anticipated issues or risks well in advance to avoid last minute surprises for both. Team should provide maximum information of any issue or problem to the customer so as to enhance openness and trust. Problem: Communication gaps with customer Solution: We need to define the channels of communication clearly. Team has to identify SPOC (Single Point of Contact) to act as the first level of contact between test team and the customer. These two people are the first-level team for resolving problems as they arise, and additionally we need to archive all information passed to the customer. Escalation procedures should be well defined .Everyone on each side should know, whom the problem is to be escalated to. It is always good to have regular meetings (preferably weekly meetings) with the customer to update the test progress, issues or risks faced so that there wont be any communication gap.
B .Importance to say NO in various situations

A tester should also have refusal skills .He should be aware that what software testing can achieve and what not. Few situations are discussed below which a tester might have to deny.
January 2011
Page - 28 -
CERTIFICATE OF ZERO DEFECTS: Testers sometimes are considered to be the final authority of the successful completion. Testing comes at the end of the life cycle. It is done to ensure the quality but tested product is not a certificate that the product delivered is a zero defect product. Team can follow numerous processes to minimize the defects as much as possible. It is always better to deliver the product with a list of known bugs instead of hiding or not revealing them to customer. LAST MINUTE CHANGE: Sometimes user demands changes at last moment. Our aim is to satisfy customer in all respects but delivery team should understand the impact of change before accepting the change for current release. If impact is high then it should be taken as change request rather than including the change and hastily testing the product to meet timelines. TESTING TIME CRUNCH: Testers often have to face the situation where testing time is bought by development team and the duration for testing time gets reduced. It is very important for the testing team to communicate a time line beyond which they cannot cut down their time and delay in product delivery for testing, will impact the quality of end product.
Deepti Miglani has over 6 years of IT experience in Testing and support functions, currently employed with HCL Technologies Gurgaon as a Senior Test Engineer in ECMP domain. In her free time Deepti likes to read and listen to music.
Deepti can be reached at http://twitter.com/deeptimiglani
To one side from removing bugs and usage of tools in the software testing we should also work upon eliminating flaws in our communiqu capability to make the testing process more competent.
January 2011
Page - 29 -
Has Your Product Passed Security Tests?
By Santhosh Tuppad By Santhosh Tuppad

There are many instances where, I have experienced security bugs which could bring down the product in few seconds. Some are not exploited and some are. It is hard to know when the attacker breaks the door and gets in, then steals everything without trace or breaks everything inside the house and gets out. So who are these guys? And why do they want to hack into or attack the products? Some possible reasons might be, BlackHat guys doing it for fun BlackHat guy wanting to look into the e-mail conversations of his / her friend to have fun and share it with others might be one possible reason. Newbie Hackers wanting to practice some hacking techniques Some newbie hackers do it on sites which allow to practice and there are some newbie hackers who do it on any site because thats how they like it. Enemies might want to do it BlackHat guy when in school had a enemy and that enemy had a portal and now this blackhat guy want to take revenge on what his / her enemy did when he / she was in school. Product is from X country and their enemy country hackers want to harm X country product There have been instances where X country wages a war of hacking / dDoS attack on Y country who might be their enemy. BlackHat guys doing it for money If you search on web, some hackers make a public announcement in forums / blogs etc. saying they will get the credentials of so and so person for so much of X dollars. Ex-employee who knows the vulnerability and might want to exploit it when he / she leaves the employer Professional enemies might want to do it Attacker / BlackHat guy hates the product Someone wants to buy the product or a company and competitor doesnt want it to happen Cyber Warfare January 2011 Page - 30 -
Some of the Techniques in Security Testing

SQL Injection There have been many testers talking about SQL Injection but, when asked about how do they do it? Some of the answers are as I use CheatSheet which is on Google or any SQL Injection tool and etc. Usage of all these is a good idea but, that could be used as a reference material in future if you want to test better for SQL Injection vulnerability. Things a tester might want to do, Knowing the type of database the product is using [ Say No to Flat File Database, Google will help enemy to get the details if its flat file ] Common mistakes that might have happened by the developer What version of database is the product using? [ If lower version then Google for the bugs in that particular version ] Learning more about the SQL queries and practice executing the queries HTML Tags Execution / Cross Site Scripting To do this you got to have knowledge about HTML tags. There are different tests that you might want to do with respect to HTML tags execution. Entering any of the HTML tags like, <h1>Example</h1> in the First Name and Last Name during registration. If it is executed then it can be seen as big font. [ <h1> is the big heading ] Entering javascript to alert with the cookie information This could be highly vulnerable if cross site scripting vulnerability exists Learn JavaScripting. Do not just copy paste some JavaScript tag and conclude that product is not vulnerable to cross-site scripting [ Bugs will be happy if you are such kind of tester ]. How could this affect the product and end-user? [ Some of the points are under Usability quality criteria as some of the security tests, which are done affect the GUI if they are not handled properly ] Text overlapping Cascade Style Sheet not able to handle the layout properly End-user might feel his eyes are strained looking at the text which are overlapped on one another but end-user has important information to read
January 2011
Page - 31 -
Over the last couple of years, Santhosh Tuppad has come to be known for his testing skills, winning bug battles & testing competitions across the world. He is an avid testing blogger, testing enthusiast who organizes monthly meets for testers in Bangalore & Chennai. He loves being hands on. While many youngsters of his age are thinking about job security, Santhosh was game to start his own testing services. Santhosh got into testing because his girl friend wanted to. He thanks his girl friend so much today. Santhosh blogs at http://tuppad.com/blog
Through cross site scripting attackers could steal someones cookie information and take the access of the particular session In a chat conversation if HTML tags are executed then it might result in different problems like, sending large font size text entering malicious javascript and making the chat application to stop functioning [ Javascript if not ended properly might stop the other part of the code from execution sometimes ] And many more problems depending on various factors / parameters Some of the tools / utilities / add-ons that can be of help to you in starting with Security Testing, Fiddler / WireShark Mozilla Firefox add-ons Firebug, XSSme, Hackbar and many more which you might want to explore TestersDesk.com In Miscellaneous Toolkit you can find SQL Injection tool FireSheep by Eric Butler Reading articles / books on Security Testing Others are for you to explore These are very few techniques that the author has shared. In the Part II, Santhosh Tuppad will be talking about more security testing techniques and approaches. Stay Tuned! Editor.
Santhosh can be reached at http://twitter.com/santhoshst
January 2011
Page - 32 -

Adam Goucher
BIO: Tester. Blogger. Instructor. (Though sometimes not in that order) 276 following 813 followers 100 listed http://twitter.com/adamgoucher
Mohinder Khosla
BIO: Provide consultancy in Business Analysis, Data Modelling,Test management and Application Support for major platforms. 212 following 195 followers 20 listed http://twitter.com/mpkhosla
Lanette Creamer
BIO: Software tester, writer, presenter. 386 following 950 followers 115 listed http://twitter.com/lanettecream
January 2011
Page - 33 -

Elisabeth Hendrickson
BIO: Agile Consultant. Tester-Developer. Writer. Geek. Test Obsessed. 571 following 2989 followers 350 listed http://twitter.com/testobsessed
Moolya Testing
BIO: Moolya Software Testing Pvt.Ltd. is a brainual software testing services organization offering Offshore testing, Exploratory Testing, Check Automation & more. 0 following 45 followers 2 listed http://twitter.com/moolyatesting
..... more testers in next issue. TestingCircus

Bio: Testing Circus is a free e-magazine on Software Testing. 15 following 245 followers 21 listed http://twitter.com/testingcircus
January 2011
Page - 34 -
Test Case Writing Practice

By Naresh Biisht By Naresh B sht
Requirement A Fountain Pen Objective: To generate and write test cases to test a fountain pen.
Sr. Steps to Execute No. 1 Check the color of the pen. 2 3 4 Check the Logo of the pen maker. Check the grip of the pen. Write in different surfaces like plane paper, art paper etc. Check whether cap is present. Check the Hanger in cap. Check the fitting of the pen cap with the body. Check whether pen is writing in any climate (hot and cold). Check the ink storage/refill in the pen. Check the volume of ink in the refill. Check leakage in refill of pen.
Expected Result The color should be grey. Actual brand logo should be printed on the pen. The pen should not slip when user writes. The pen should write on all paper surfaces such as plane paper, art paper etc. The cap should be present with pen. Hanger should provided in the cap Body of the pen should perfectly fit with the cap of the pen. It should write smoothly in any climate. Refill/ink storage should be present in the pen. Refill should indicate the availability of ink (full/empty etc). Pen refill should not leek.
Actual Remarks Result*
5 6 7
8 9 10
11
January 2011
Page - 35 -
12 13 14 15 16
Check the color of ink. Check the Size of nib. Check whether the pen can write in any angle. Check the quality of the material of the pen. Check if the ink blots the paper.
Color should be blue. Size of the nib like 0.5mm. Pen should write in any angle. Pen should not break if it falls from 2 meter height. Pen ink should not blot on the paper.
*Actual Results are written when you get to test the actual stapler.
In this section we will practice to write test cases on various items, objects and applications. We do not claim that test cases written here are exhaustive. It is just to give ideas to testers, beginners on how to approach for writing test cases. Readers are encouraged to share their views on the test cases. Editor
Naresh Bisht has 3 years experience in Software Testing. He has hands on experience in both manual testing and automation testing using QTP. He is currently employed with HCL Technologies, Gurgaon. Naresh can be reached at
http://twitter.com/Naresh_Bisht
January 2011
Page - 36 -
NEWS on Software Testing
NCR Testers Monthly Meet -1 (Noida, India)

The first NCR Testers Monthly Meet (NCRTMM) was held on 18th December, at Impetus Technologies, Noida attended by more than 50 software testers from NCR region. Vipul Kocher of Pure Testing, Vipul Gupta of Impetus Technologies and Ajoy Kumar Singha of HCL Technologies launched the NCRTMM. The idea of the meet is to get in touch with testers from NCR area and learn, discuss, debate on testing ideas, concepts, issues and solutions related to software testing including topics like automation, performance, exploratory and agile testing and many more. The participation will be voluntary and free of cost, as far as possible. Few highlight of the meet. Mr. Navneet Sharma presented a topic on use tools to make our life easier- A testers perspective. "Problem on the table" is something where one person will propose the topic and other testers would talk/debate and share opinion on the same. There were four problems on the table topics. 1 - Test data for financial applications. 2 - Planning effective Adhoc Testing. 3 - Estimation when RFP has very little information. 4 - Increasing unresolved defects in sprints in agile testing.
January 2011
Page - 37 -
Also there were key notes topics where participants would share their thoughts on self proposed topics. These topics were not decided by NCRTMM organizers. Each speaker was given 5 minutes to sum up their thoughts.
There were goodies presented from the venue organizer Impetus Technologies. The meet was concluded with lunch. The next meet is scheduled on 15th January at Nextag Software and Services, Gurgaon. For more information visit http://ncrtesters.blogspot.com
Trends in software testing for 2011
Check out software testing trends for 2011 that will make a significant impact on the testing scene IT applications are increasingly constituted of complex business processes and are becoming more intricate and inter-connected. This aspect, combined with the pressure to reduce IT spend, is forcing enterprises to look for alternate ways to manage their growing portfolio of requirements; such as streamlining the quality processes, increasing the degree of test automation etc. In this context, I would like to briefly touch upon a few of the software testing trends for 2011 that I believe will make a significant impact on the testing scene. Key trends for 2011 Testing on the Cloud: To minimize test environment expenditures and gain better control of their IT resources, companies are beginning to take advantage of a delivery model known as cloud computing. In cloud computing, applications and information are provisioned on-demand, as a shared resource. Cloud architecture can be set up as w w w . T e Wwwg C i r c u s . c o m stin January 2011 Page - 38 -
a public cloud with services dynamically delivered from a third-party provider hosted outside of the firewall; private cloud where a cloud-like architecture can be set up over the companys private network (inside the firewall); or a hybrid model utilizing a combination of internal and external providers. Traditionally, IT would have had to purchase additional server capacity and deploy it in their test environment, requiring added staff and extra maintenance expenses. Using the cloud architecture, IT managers are now able to quickly replicate their application test environment on the cloud and have the capacity they need on-demand. Companies are still cautious about moving all of their mission-critical applications to the cloud. Agile Testing: Agile development methodology took the IT world by storm when it first emerged nearly 10 years ago. Organizations turned from waterfall and other traditional development methodologies to agile, hoping to improve business responsiveness, make their applications more adaptable to changing market conditions and enhance the quality of their IT systems. But these organizations are finding their own, unique forms of agile. Many organizations find success in taking the best of traditional methodologies and applying them to their agile projects, creating a unique hybrid model that works for them. Agile Testing does not emphasize rigidly defined testing procedures, but rather focuses on testing iteratively against newly developed code. Quality is achieved from an end customers perspective. Agile brings the development and testing functions closer together, but it does not automatically turn developers into good testers, or make testers more familiar with the development process. Organizations need to take a closer look at the skill sets required by the testing team to effectively support agile methods. Agile testers need to be more versatile than traditional testers. On the one hand, they must be more technical, more familiar with development practices, and comfortable with using non-traditional test automation tools to validate Graphical User Interface (GUI)-less applications. On the other hand, they need to be close to the business to understand the requirements, work with end-users throughout the project, react quickly to change and tie application quality directly to business value. Right Information at the Right Time: As James Whittaker, an international speaker once pointed out: Information is at the core of everything we do as software testers. The better our information about what the software is supposed to be doing and how it is doing it, the better our testing can actually be. I find it unacceptable that testers get so little information and none of it is specifically designed to make it easier to do our jobs. I am happy to say that this is changing... rapidly.... and that in the near term, we will certainly be gifted with the right information at the right time. This is definitely one of the trends that will change perceptions in 2011. Skilled Testing resources: Organizations are constantly on the lookout for better skillsets and test profiles that can add real value to improving the quality of software. In the past, the development team would typically test the systems they developed. Today, the profile of a tester is changing rapidly and organizations prefer testers who w w w . T e Wwwg C i r c u s . c o m stin
January 2011
Page - 39 -
bring both strong technical skills and the relevant domain and business knowledge to the table. In addition to being knowledgeable about automation technologies, testers today are able to understand the purpose of business solutions & requirements and contribute intelligently to improving the quality of the system. They are also able to provide actionable analysis to the development community, for faster resolution of defects. Testing is increasingly seen as being closer to the business and considered a very progressive career path with multiple roles and responsibilities. Analytics / BI (Business intelligence) Testing: In today's fast paced business environment, it is almost always an unstated fact that the success of any BI (Business intelligence)/ Data Warehouse solution lies in its ability to not only analyze vast quantities of data over time but also to provide stakeholders and end-users meaningful options that are based on real-time data. This requirement mandates an extremely efficient system that can extract, transform, cleanse and load data from the source systems on a 24/7 basis without impacting the performance, scalability or causing system downtime. One of the key elements contributing to the success of a BI (Business intelligence)/Data Warehouse solution is the ability of the test team to plan, design and execute a set of effective tests that will help identify multiple issues related to data inconsistency, data quality, data security, failures in the extract, transform and load (ETL) process, performance related issues, accuracy of business flows and fitness for use from an end user perspective. The primary focus of testing is usually on the ETL processes. This includes, validating the loading of all required rows, correct execution of all transformations and successful completion of the cleansing operation. The team also typically thoroughly tests SQL queries, stored procedures or queries that produce aggregate or summary tables. Keeping in tune with emerging trends, it is also important for the test team to design and execute a set of tests that are customer experience-centric. Reusability of testing assets: Organizations are investing time in quality solutions where they reuse 45-60% of their testing assets, leading to increased testing efficiency, high level of test case automation and shorter testing cycles. Test automation solutions: Organizations are investing on resources to implement test automation solutions to increase time to market, save money, improve accuracy, increase test/requirement coverage and improved team morale. Summary: Many of the trends outlined in this paper are fast being seen as business-asusual practices today. However, these trends are still evolving and lean towards bringing in measurable gains to the business community, so the budgets for IT testing are justified.
http://www.ciol.com/Developer/Testing/Feature/Trends-in-software-testing-for-2011/145154/0/
January 2011
Page - 40 -
Jaijeet Pandey has over 5 years of experience in Application Development, Maintenance and Testing. From more than last 3 years he is involved in automation testing with QTP and Load Runner tools. He also teaches QTP on weekends. He is currently employed with Birlasoft, Noida. He can be reached at
http://twitter.com/jaijeetpandey
Problem: There is a link on webpage, when I am moving mouse over the link, color of link gets changed. How do you check the change in color after moving the mouse over the link? Navigate to url http://indianrail.gov.in/ Hover the mouse over any of the link in left pane and see how color changed. Solution: Here is the solution color_before=Browser("Welcome to Indian Railway").Page("Welcome to Indian Railway").Link("Availability at Major").Object.currentStyle.color Setting.WebPackage("ReplayT ype") = 2
Browser("Welcome to Indian Railway").Page("Welcome to Indian Railway").Link("Availability at Major").FireEvent "onmouseover" color_after=Browser("Welcome to Indian Railway").Page("Welcome to Indian Railway").Link("Availability at Major").Object.currentStyle.color Setting.WebPackage("ReplayType") = 2 msgbox color_before&" "&color_after The same way you can find the Font Size, Font Name etc. Browser("").Page("").Link("").Object.color Browser("").Page("").Link("").Object.fontSize Browser("").Page("").Link("").Object.fontFamily Browser("").Page("").Link("").Object.backgroundColor
January 2011
Page - 41 -
Interview with Erkan Yilmaz

In this section, we will publish interview with Software Testing professionals in every issue. In this issue Erkan Yilmaz has shared his ideas about software testing and how he sees future of software testing. Editor Q: How long have you been associated with software testing? A: 6 years. Though I tested (software) much earlier, I just didn't call it that way. Q: How did you become a software tester? A: During a particular university lecture I obtained an internship in quality assurance for an IT company. I liked the tasks + the people. Q: By any means, do you regret being associated with software testing? A: No. I had the opportunity to learn besides the so called software testing path. I got to know interesting individuals + learned more about my brain. Q: Do you think software testing is less respected than other departments in IT industry? A: It depends on whom you ask. One way to judge this could perhaps be by comparing the salary (though the question comes up how to generalize this). However, it becomes clearer when you tell people what you do for a living + see their reactions. I made the experience that when you give a more detailed description of your work people tend to respect it more. Some may see software testing just a repeating cycle, but actually it is all about learning (not at last about oneself). Q: What will you suggest to people who want to join IT industry as software testers? w w w . T e Wwwg C i r c u s . c o m stin
Name Erkan Yilmaz Organization Yilmaz Consulting Role/Designation Shareholder, Evangelist Location Karlsruhe, Germany
After working as Quality Manager for a German IT company, Erkan Yilmaz will make customers happy with his consulting company. In his free time he deepens his interest in systems thinking and history. Email ID erkan77@gmail.com
Blog/Site http://iaskquestions.com Twitter URL http://twitter.com/Erkan_Yilmaz
January 2011
Page - 42 -
A: Don't stop learning (e.g. engage in systems thinking)! Interact with people (from your field) outside the company! You will make errors but always be open about it! Q: Where do you see software testing in next five years? A: I see the rise of many Jane Doe + John Doe, providing inputs for others in the software testing field. I see how tester clouds will gain importance thus helping other testers to improve their skills. I also see better quality for open source software, since it is one good way to train testers in bug reporting. And this will help software testing in getting more acceptance + recognition (as a cognitive task). Q: What qualities will you look for in a candidate when you want to recruit someone for software testing job? A: I look how people approach problems. Since candidates are generally nervous at the beginning I give them items they are familiar with (pencil, pen, puncher, the chair they sit on ...) + ask them to evaluate these. Later I want to see them working on a task that they actually expected (a software task). Apart from that I also look if they are honest how they present themselves. My advice for the interview: also swap tables and ask for the interviewer's opinion. Don't forget: the company must also suit you! Q: Your weekend routine? A: Talk with friends, listening to erhu + haegeum music + with a fresh coffee might even finish a book. Q: Movie you would like to watch again? A: Gladiator + from Bollywood genre: Kabhi Khushi Kabhie Gham. Q: I am a social networking site geek Or I hate facebook /orkut / twitter? A: I use twitter + I'm using IRC a lot. I'm also enthusiastic about wikis (Wikipedia, Wikiversity, ...).
Speed up your Testing Career. Take Online Trainings on Software Testing !!! www.BestSoftwareTesting.com
We are inviting at least one representative from each IT organization where testing is practiced as an independent activity different from development. These TCRs will help us in bringing in more testers to Testing Circus; to read, contribute and to share knowledge on software testing. We will publish a list of TCRs in this magazine. Write to us (tcr@testingcircus.com) with your organization name and location. Our team will contact you to work further in this area. Independent test consultants and freelance testers are also encouraged to apply.
Testing Circus Team

Editor Ajoy Kumar Singha Core Team Jaijeet Pandey, Naresh Bisht, C. Nellai Sankar, Kumar Gaurav, Anjali Gupta, Shivani Sharma, Sunil Godiyal Publicity Team Ish Chand Tripathi, Anuj Batta, Pramod Kumar Online Collaboration Team Amit Das, Bharati Singha Technical Team Debasish Nath, Nasim Ahmed Testing Circus. Published from Gurgaon/NCR India. Copyright 2010-2011
January 2011
Page - 44 -
Wanted A Designer for Testing Circus who can help us with the design and layout of the magazine. Also send your article for our next issue. Write to us at editor@testingcircus.com
www.TestingCircus.com
http://www.Twitter.com/TestingCircus
http://TestingCircus.blogspot.com Volume 2 - Issue 1 January 2011

The contents published in this magazine are copyright material of respective authors. Testing Circus does not hold any right on the material. To republish any part of the magazine permission need to be obtained from respective authors.
January 2011
Page - 45 -

Testing Circus (January2011)

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Testing Circus (January2011)

Hochgeladen von

Copyright:

Verfügbare Formate

Testing Circus

Volume 2 - Issue 1 January 2011

Your Monthly Magazine on Basics of Software Testing

Help Chandrasekhar BN, a Software Tester, beat Acute Lymphoblastic Leukemia.

Emails to the Editor

Elementary, My Dear Watson!

Estimetrics PREDICT AND PRAY

A Fake Tester's Diary

Importance of communica tion in Testing

Has Your Product Passed Security Tests?

Software Testers @ Twitter

Test Case Writing Practice

QTP Code Corner

Know Your Testing Guru

Testing Circus Reps (TCRs

Testing Circus Team

From the Editors Keyboard

- Ajoy Kumar Siingha - Ajoy Kumar S ngha

Agile Journey Team Commitment to Quality

Lisa can be reached at http://twitter.com/lisacrispin

Elementary, My Dear Watson!

Nandagopal can be reached at

Information from the Internet

Estimetrics - PREDICT AND PRAY

Parimala can be contacted at

Questioning Patterns (Part 2)

Vipul can be reached at http://twitter.com/vipulkocher

A FAKE Testers Diary

Importance of Effective Communication in Software Testing

By Deeptii Miigllanii By Deept M g an

A. Forms of Communication in Testing

Communication amid testing and development team

Communication within testing team

Communication by test team leader

Communication with client

B .Importance to say NO in various situations

Deepti can be reached at http://twitter.com/deeptimiglani

Has Your Product Passed Security Tests?

By Santhosh Tuppad By Santhosh Tuppad

Some of the Techniques in Security Testing

Santhosh can be reached at http://twitter.com/santhoshst

Software Testers @ Twitter

Software Testers @ Twitter

..... more testers in next issue. TestingCircus

Test Case Writing Practice

Actual Remarks Result*

NEWS on Software Testing

NCR Testers Monthly Meet -1 (Noida, India)

Trends in software testing for 2011

Interview with Erkan Yilmaz

Blog/Site http://iaskquestions.com Twitter URL http://twitter.com/Erkan_Yilmaz

Testing Circus Team

http://TestingCircus.blogspot.com Volume 2 - Issue 1 January 2011

Das könnte Ihnen auch gefallen