Notes on testing, automation, and software craft.
I explore technology and how to build software that is reliable, safe, and affordable, quickly.
by Pete Houghton peterhoughton.com LinkedIn
A while back I created a simple web based tool that helped you create text strings of a specified length. The text strings are created to make it easy to tell their length even if they are truncated. The tool was based on a similar tool by James Bach, called perlclip. I've now…A while back I created a simple web based tool that helped you create text strings of a specified length. The text… more »
Ever feel like your team is in a deadlock? The product owner wants Gizmo+ to be shipped, your senior engineers are split between grokking Gizmo+ and fixing Widget++ . Meanwhile the SDETs are franticly updating automated checks/BDD scripts and exploratory testers are uncovering…Ever feel like your team is in a deadlock? The product owner wants Gizmo+ to be shipped, your senior engineers are… more »
I recently found a couple of security issues with the Telegraph.co.uk website. The site contained an Open redirect as well as an XSS vulnerability. These issues were in the authentication section of the website, https://auth.telegraph.co.uk/ . The flaws could provide an easy…I recently found a couple of security issues with the Telegraph.co.uk website. The site contained an Open redirect as… more »
I recently examined a popular open source medical records system named OpenEMR. A quick review of the app uncovered a SQL Injection vulnerability in the application, that would allow an attacker to execute their own SQL commands against the system. The attack is relatively…I recently examined a popular open source medical records system named OpenEMR. A quick review of the app uncovered a… more »
(This issue is now raised in OSVDB.) On the 20th October 2013, The SymphonyCMS project released version 2.3.4 of their Content Management System. The release included a security fix for an issue I’d found in their software. The bug made it much easier for people to gain…(This issue is now raised in OSVDB.) On the 20th October 2013, The SymphonyCMS project released version 2.3.4 of their… more »
When you read a blog post like this, or an article on a website, can you be sure its the 'real thing'? How would you know if it had been doctored? Lets assume the 'server' is fairly secure and hasn't been hacked into. So the content is going to be OK isn't it?, it looks OK..? So…When you read a blog post like this, or an article on a website, can you be sure its the 'real thing'? How would you… more »
Can you see the 74? This is an Ishihara Color Test. Its used to help diagnose colour blindness, people with certain forms of colour blindness would not be able to read the text contained in the image. The full set of 38 plates would allow a doctor to accurately diagnose the…Can you see the 74? This is an Ishihara Color Test. Its used to help diagnose colour blindness, people with certain… more »
Monday 3rd September 1827, A man steps off the road at the corner of Fifth and Elm, and walks into a store. He's frequented the store a few times since it opened, and he's starting to get to know the owner and his range of merchandise. In fact, like many of people in town he's…Monday 3rd September 1827, A man steps off the road at the corner of Fifth and Elm, and walks into a store. He's… more »
Someone once asked me if "Testing a login process was a good thing to 'automate'?". We discussed the actual testing and checking they were concerned with. Their real concern was that their product's 'login' feature was a fundamental requirement, if that was 'broken' they wanted…Someone once asked me if "Testing a login process was a good thing to 'automate'?". We discussed the actual testing and… more »
Last week I was performing another of my 5 minute testing exercises. As posted before, if I get a spare few minutes I pick something and investigate. This time, I'd picked Google Calendar. One thing people use calendars for is logging what they have done. That is, they function…Last week I was performing another of my 5 minute testing exercises. As posted before, if I get a spare few minutes I… more »