Click for full size
I love FTP Voyager by RhinoSoft; I’ve used it off and on for a decade now. However, during one previous workstation migration, I didn’t get a license for it and relied on the command line until such time as I was managing too many Web sites relative to my typing speed. So I downloaded the trial version and ran it for 29 days (of 30) before purchasing.
Immediately, the application popped up a modal dialog box whenever I opened the application reminding me that it was a trial version and I could purchase the application and register it. After a set number of day, it began popping up the dialog box while I was running the application (in addition to when opening the application). I think this was an event-driven reminder, as it often showed when I finished a file transfer.
However, I think the reminder event logic could use a review, as it popped up the modal dialog box immediately after I successfully entered the registration code:
Some songs do seem to go on forever, but not that long:
When do you make the same sort of control do different things? In two situations:
For an example of this, let’s look at this IBM banner ad I saw on ComputerWorld.com:
See that little Open link with the X on it. You’ve seen similar control types even on banner ads, mostly with the X Close thing to shut those BadBoys up, right? So one would assume that this banner ad requires a click to open it and expose its content.
Ha ha! Fool! This merely requires a roll-over to expose it and start its audio come-on blaring. Given that, at ComputerWorld.com, it sits in the right sidebar between the scrollbar and the content, the odds of the user inadvertently mousing over it are pretty high indeed.
When it’s open, look what we have:
Does the banner ad close on mouseout? Oh, but no; now, you do have to close the button to shut it down.
The two similar-looking controls behave differently, and not only that, but they behave differently in the fashion that will prove most annoying to the disinterested user.
In a column by St. Louis Post-Dispatch columnist Bill McClellan, dummy values shine through:
A little bit of logic checking to see if the data-driven information was the dummy/default information and hiding the block if it was would have prevented this unfortunately not-embarrassing gaffe, but because it wasn’t embarrassing, the development team decided they could live without a couple extra lines of validation code.
As you know, you should always test your edit boxes to make sure that it can handle things like HTML and XML tags within it, particularly the dreaded
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">. At best, the application will handle it through any sort of mechanisms, such as:
What the application should not do is this:
Remember, computer users are not all geeks, nor are they godlike rockstar developers who live on Web logs, twitter, usenet, or whatever today’s cool means of intrageek chatter is. Here is your computer user:
Pensioners surfing the internet are spending more time online than their younger counterparts.
So-called “silver surfers” dedicate an average of 42 hours a month to the World Wide Web, compared with 37.9 hours among 18 to 24-year-olds.
Those are the computer users who need the bumpers and the training wheels and all the mechanisms within your Web sites/applications. If it’s good enough for those who quote Office Space or Hackers or Star Wars all day, it’s not good enough to ship. It has to be good enough for your grandmother who’s one of the 12 million people still dialing up through AOL.
Pardon me for harping on this again, but I spent several hours last night trying to explain client-server technology, again, to someone who asked me how to move image files (my term, not hers) from My Documents to My Pictures.
Well, you’ve found an issue, ungentle tester; now what? Well, we’ll assume you have some sort of mechanism in place to track that issue, but the software mechanism (usually called a defect tracker, but sometimes known as the developer’s junk e-mail box) only serves to provide a technological means to support a process that handles these issues. That is, your organization needs to have an effective idea of what to do when QA starts identifying what the developers have done wrong and how to make sure that the issues are addressed correctly. That is, the developers are brow-beaten into actually opening up their little script editors/Eclipse/IDEs and making things right.
This post, then, will discuss various ineffective defect processes I’ve seen and how issue resolution should work. (more…)
One of the dangers of becoming too automated in your page generation:
You can automate junk right into your alt text.
You know what’s worse than your development team? Someone else’s development team. At least, your development team has to deal with you. Whether you have the dev team frightened of you, fearing for their existential meaning and worth because you can hold them accountable, or you have the dev team ignoring you until such time as you can triumphantly claim, “I told you so!” when something fails spectacularly, many shops don’t even have that. And they’re proud of it. Chances are, if you have to work with some other group for any aspect of technology or design, it’s going to be crap. Because that QAless organization has a better grasp on the whole “It’s more profitable if we do it with eyes closed” and “Deliver the client’s minimum expectations at maximum bill rate” things than your organization, which is why you’re employed and why your company is at the mercy of slops.
There’s nothing like making your Web site look like a security risk to the general user:
Especially since those in the know recognize the domains as delivering ads. So one of the ads on the page under review triggers this alert, making it look to Joe Consumer like….well, who knows what evil malware/spyware/spam Joe Consumer would think this message represents? Regardless, Joe Consumer thinks your Web site is the problem.
Sometimes, developers mock up certificates for dev or test environments so the company doesn’t have to pay for an extra certificate. Sometimes, during deployment to production, mistakes happen. Did I say sometimes? I meant Always. Once in a while, they deploy an invalid certificate like this one.
How do you find this error? You look at the Web site. Which, and for the life of me I cannot fathom why this is, most people involved in developing Web applications or Web sites do not do. They leave it to QA, if they have QA, and to the client to find the obvious for them.
Meanwhile, Joe Consumer looks at this and thinks I just got a virus and never comes back to the ad-delivering Web site.
In an otherwise tolerable article entitled “Defect Tracking Lacks Appeal But its importance is at a premium” about how defect tracking can serve other useful functions in addition to the already useful function of taunting developers using a database backend, the author inserts this howler:
Nathan Rawlins is yet another bug-tracking pundit who declared process to be more essential than ever. Rawlins’ role gives him sufficient street cred to make that claim. He is a senior director of product marketing at San Mateo, Calif.-based Serena Software, a company that generated more than US$250 million in revenue in fiscal year 2007 selling application life-cycle management software, a category that includes defect tracking.
To those of us in the trenches, sitting in a corner office in San Mateo evangelizing a software product does not give one street cred in QA. Scars from lessons learned meetings, QA lab tattoos, and large number of bug-shaped decals on one’s cubicle wall, each representing a stack trace eliicited, now that gives you QA street cred.
As you know, stack traces provide QA with the joie de vivre and esprit de corpse that get us through the day. As part of an ongoing series, I am going to present a series of some of my favorite stack traces that never fail to bring a smile to my face and a Dosso double-snap to my fingertips. From the Gallery today, we have two extra fun .NET stack traces that occur, frequently, when you do naughty things with dates and times.
It sure sounds as though she’s worked on a timeline or two:
The Days that we can spare
Are those a Function die
Or Friend or Nature — stranded then
In our Economy
Our Estimates a Scheme —
Our Ultimates a Sham —
We let go all of Time without
Arithmetic of him —
Last evening, as they worked late into the night on a production deployment, a tech lead and his tester asked my opinion on a proper QA playlist. Well, not exactly; no one ever asks for QA’s opinion, but they all surely receive it, often accompanied by expressive hand gestures or an icy stare.
So what is a good playlist for your iTunes while you’re breaking software? I offer the following which served as the sweet sounds by which I serenaded a previous collection of co-workers. The open floor plan ensured that everyone got to enjoy the music that properly captured the QA mood.
So here’s what I had on the playlist:
The following is not a compensated post; I’m merely extolling the virtues of a piece of software I found useful.
As I’ve mentioned,
falsifying taking screenshots is a good means to capture details for defect reports. Your basic Windows install comes with Microsoft Paint, which is a mechanism you can use to save and manipulate your images, but it’s very clunky, with rudimentary tools and only the ability to have one file open at once.
Some people use Microsoft Word or PowerPoint for their picture editing ability and save their screenshots as documents or slide presentations, but some of our outsourced friends might not have Microsoft Office on their workstations. Remember, you want to save those screenshots as an image format so the developers can ignore the obvious that’s presented by an image editor or a simple Web browser.
I’ve used Paint Shop Pro since version 7 (which I still have installed on my main workstation, since there’s nothing I’ve needed since 2001. Jasc and then Corel have come out with newer versions every couple of years, and they’re still priced under $70 a seat (unlike other, more expensive graphics editors). Like UltraEdit, I’ve spread it across several of my employers.
Paint Shop Pro has a pretty good set of tools for circling or highlighting issues on screenshots, for adding text for emphasis, and for altering Web 2.0 user submissions to give cute little doggies red demon eyes to match your QA soul. You can do all of these at once because you can have more than one file open at a time.
So if you haven’t considered a graphics editor, consider this one. It costs under a hundred, so you’re not exactly breaking the budget on it, either.
I thought an article entitled A Guide to Hiring Programmers: The High Cost of Low Quality would thoroughly explain why spending lots of money on developers was a bad idea, and how you could improve your process by putting development and the developer staff back into its place in the software development lifecycle. Unfortunately, while the article makes some good points about how a good developer is better than a bad developer (I mean, when isn’t good better than bad?), it falls too easily into the trap of DEVELOPERS ARE LIKE THE GODS!
Companies need to stop thinking about their developers as cogs in the machine. They are more akin to artists, authors, designers, architects, scientists, or CEOs.
The rest of the piece explains why expert developers are worth top dollar: because they’re ROCK STARS!
Expert/experienced anything are worth more than less skilled/less capable employees because they have experience in their field as well as problem solving ability related to their job duties. In many cases, developers have seen the rudiments of software (presentation, data access, network communication) before so they can apply those lessons to new problems at hand.
Big deal; any produce clerk at a grocery store who’s been on the job for a while will develop a system for culling stuff left on the rack quickly, for optimal filling patterns, and for building appealing displays. But does that mean that he or the equally skilled meat clerk is the axis around which the whole store rotates? No.
Likewise, having smart developers is better than having dumb developers, but it won’t make or break your organization because smart developers are only cogs in your machine. If you blow all of your money on Expert Developers, you’ll not afford smart project managers, smart QA, smart customer managers, and smart everything else. And an organization run by and for Expert Developers will do lots of cool and smart stuff, but that’s rarely the same as profitable stuff.
What, foolish mortals playing with things they don’t understand because it’s cool? Say it ain’t so:
As a result, many companies that have rushed to AJAX-enable their sites may be dangerously vulnerable to a variety of Web-based threats they’re not even aware of.
So once again, software “engineers” put on their pointy hats, mutter some incantations, and in most cases, the user gets data loaded into a Web site without a page refresh, but every once and again, a boy in India suddenly gets rich, an airplane drops 10,000 feet rapidly, a Martian rover does a doughnut, or an Eastern European crime syndicate steals the user’s data.
And the grown ups in QA have to try to simulate all of those situations to test for them.
The Mozilla Foundation plans to give away its own security tools, including a fuzzer:
So if you haven’t been fuzzing your applications, you’re running out of excuses.