Posted by admin on Jan 29, 2010 in
tips 
The company I work for has recently introduced Websense to filter out certain sites which they believe to be non-conducive to a working environment. This is not such a bad this as they block certain sites which are deemed to hold malware and other things.
However Websense is quite bad in that it restricts what users can view and this I disagree with. It’s more than a Malware site filter it also blocks social networking sites and many blogs. Twitter is not a bad site and I wanted to check a tweet of a user who had posted something interesting regarding testing and website security.
But because we have websense it was blocked all I got was the message .
This Websense category is filtered: Social Networking and Personal Sites.
URL:
http://twitter.com/
The other thing I think is bad regarding the use of Websense is that users will attempt to bypass it. Its in their nature especially if you have a team of Web-testers.
So if you don’t want a bunch of proxies and ssh tunnels installed in your network it’s better to just leave it for users to be responsible enough to decide what is a site worthy of visiting in work time.
So now on to the quick and dirty hack to get your twitter feeds on a network that is using Websense.
You can either load up http://www.twittergadget.com/ which is a IGoogle Plugin – It allows tweeting and reading of other tweets from the your personalised Google Homepage.
TIP: I advise that you turn off the thumbnails in twittergadget or your browser will still attempt to make calls which will be logged by Websense. Once thumbnails are tuned off Websense never logs any twitter traffic. so you still can make and receive feeds without Websense being any the wiser.
or you can use the below link which allows reading only
Bypass Websense for all Tweets which have the Term Test
You could just as easilly insert the peoples names who tweets you follow and that will work.
Hope you found it useful 
****UpDate – 28th Jan-2010****
Google is running a trial or Twitter Feeds in the main results page on normal searches.
Its only on certain “Hot Topics”
the below link is for the new Ipad from Apple.
Google Apple Ipad results with Twitter Feed
see the screenshot.
Screenshot
Posted by admin on Jan 8, 2010 in
Uncategorized 
This is a really quick post.
Today I was looking to see if I could find a star “*” in excel and everytime I pressed search excel treated it as a wildcard and highlighted every cell in turn one by one.
To find the star I had to use the excel escape character of tilda “~”
so in the end in the search box I typed ~* and it found the star just fine.
Like I said just a quick tip in case its useful to anyone else.
Tags: tips
Posted by admin on Jan 1, 2010 in
Today's News 
Google's New Year
Well Its now 2010 and the countdown clock on Google’s I’m Feeling Lucky site is displaying fireworks
Happy New Year Every One.
The URL for I’m feeling lucky is
http://www.google.co.uk/search?&btnI=3564&q=
Just type anything you want at the end of the query (q) parameter to be taken there by Google.
So how could this be used?
Well how about a simple Rick Roll
http://www.google.co.uk/search?&btnI=3564&q=Rick Astley Video
Lets change those words as they look too obvious.
Just a tiny bit of URL Encoding and we’re done
http://www.google.co.uk/search?&btnI=3564&q=%52%69%63%6b%20%41%73%74%6c%65%79%20%56%69%64%65%6f
Yep Looks like a normal Google Link to me. How many people would know that the above URL would get them Rick Rolled?
Well how about I now go out and buy myself I nice IDN Domain which looks exactly like Google.Com but no matter what you type in I return all pay-per-click ads (remeber the site would look exactly like Google.com).
I’m sure you now get the idea that just because someone posts a google link and it could even be a Real Google Link like I used above in my examples, it doesn’t mean that you are not going to get sent to a virus site or a site you did not intend to visit.
BeSafe and Once again Happy New Year
Google Fireworks
Posted by admin on Dec 14, 2009 in
Today's News 
New Google Easter Egg - Feeling Lucky
Well it seems that Google has placed an new easter egg on its main site for UK searches.
If you click on the I’m Feeling Lucky Button you will be taken to a count down clock.
There was a lot of speculation about what the countdown timer meant.
But it seems quite obvious that it is the New Year Count Down Clock. (Nice Touch).
In the past they have had other strange Easter eggs (Aliens /Crop Circles, Infinite Loops and the famous Konami Code)
All good fun and its nice to break up the monotony of carrying out tons of searches.
If you’ve found any interesting east eggs in any of the major search engines then fee free to post below in the comments.
Posted by admin on Jul 14, 2009 in
productivity,
tools 
To Do lists
I’ve been using TADA lists for about 3 months now and I love them. They just do exactly what you would expect.
You set up a list and you can move the priorities around depending on how your plans throughout the day change.
I have lists created for
In Test
In Staging
In Planning (soon to be handed to test)
Handed Back to Developement for defect correction.
Let me make clear that this is not meant to replace any defect management system you may have in place. Its far to basic for that.
However if like me your daily priorities are constantly changing and you need to maybe make other team members aware of what things are being worked on in which environments then I have found this as a quick and easy fix.
It can of course be used for many other things like shopping lists. I’ve taken my mobile phone shopping before and when my wife gets home she jumps on the PC and just updates my TADAlist with any items that she needs that I may have missed off.
I then get an email on my mobile phone and bingo I now have an updated list to walk around the shop with. Yes she could ring me but I’d have to write it down. I just find this just easier.
Maybe on that note in the future I should make a post about the perils of using technology just because its there.
Anyway enough of the digressing I hope you find the tool as useful as I and the people I work with have.
Martin H
Posted by admin on Jul 7, 2009 in
Testing,
Uncategorized 
Playing with Search engines.
As most of you know I spend virtually all of my working day testing search engines. I thought that today I would take a small look one of the new big kids on the block Bing which is the new search engine from Microsoft.
As I’m a Test Manager I won’t be be comparing basic searches but I’ll be looking for weird results and also looking for possible defects.
One of the great things about Bing is that it’s very similar to Google in that they share the same search structure, so if I type into Bing that I want to look for The Test Manager the URL will look a little something like http://www.bing.com/search?q=The+Test+Manager.com&go=&form=QBRE&filt=all&qs=n . Now if I want the exact same search in google all I need to do is to change the domain name from bing.com to google.com keeping the rest of the URL so the query now reads. http://www.google.com/search?q=The+Test+Manager.com&go=&form=QBRE&filt=all&qs=n .
So lets start looking for interesting data. Read more…
Posted by admin on Jun 28, 2009 in
Testing 
The one thing a tester has to be able to do is to correctly evaluate risk. This can be done when choosing the priority or severity of a defect or to a Test Manager having to decide how to correctly decide what defects are going to be added or removed from a deployment during the triage stage.
The reason for the picture on the left is that Pigs kill people each year than sharks do. An interesting fact that is not very widely known.
So it’s strange that more people fear sharks. Its this fear that messes with our ability to correctly evaluate risk.
I had a conversation about the shark/pig statistics above with a work colleague and their reply was that they ” had never heard of a pig killing on the news yet they had heard of shark kills on the news”.
This sort of proved my point. News is exactly that a rare event that happens. We don’t hear that over 60 million people go about their daily lives each day in the UK without any major events happening, however when a stabbing or a shooting happens then it makes the news because its a very rare event. We also on average spend more time of our lives in waters where sharks frequent than we do on farms.
People should realise that if something happens that makes the news then usually, they don’t need to worry about it. By definition, ‘news’ means that it hardly ever happens. If a risk is in the news, then it’s probably not worth worrying about. When something is no longer reported—automobile deaths, domestic violence—when it’s so common that it’s not news, then you should start worrying.
Posted by admin on Jun 26, 2009 in
Testing,
code 
Lets Break some code
The title is a little misleading as the one thing I think that testers do not do, is to break developers code.
Instead we should working with them to help find as many potential issues before our customers do.
(think of it as a department that carries out a specialised peer review)
However as a tester you need to have a few tricks up your sleeve which enable you to quickly punish an application.
The following strings will usually cause most web-enabled applications to perform strange functions or just plain fall over in a heap.
Each separate line is a separate test.
I have created a bespoke parameter fuzzer which I load my list into and 99% of the time I get a fail in a web-application.
You can also use my URL Encoder / Decoder to look a little deeper into the char-sets being used.
Read more…
Posted by admin on Apr 19, 2009 in
Uncategorized And thats the US Govt.
Generalising most people would state that virtually all botnets are bad. By this I mean that usually they are not used by their owners to attempt to look for a cure for cancer etc.
They are however used to launch mass denial of service attacks against .com websites and large corporate networks, even Governments.
They are not the kind of thing I would like shady Gov’t agencies to be involved in.
However it seems that Darpa/Arda are looking to create a tool to remotely take over existing botnets and become their new bot master.
Information below.
http://cryptome.info/traceback.htm
https://www.fbo.gov/
Posted by admin on Mar 30, 2009 in
Testing 
Load Test Clocks Movement
I was running a Load / Stability test on the weekend and noticed something strange with my results.
I kicked off my test at around 19:15 and after about 29 hours and 45 mins the webservers stopped responding.
At first I thought it was a network outage or something of the like, then I looked at the packets that my machine had sent to the server to check if it was a request or response issue. It seemed that my machine had stopped sending packets also. This ruled out a network issue as that would only stop responses and not request. So while I was scratching my head I remembered that the clocks in the UK had moved forward an hour on Saturday Night/Sunday Morning.
That was my answer. British Summer Time messing with my test results.
So clocks moving froward are one thing as you miss an hour so it looks like at no results on your test for this period (this is the non-existent hour of the movement of the clocks)
thinking about I thought what would happen for Winter when the clocks move backward. Would the Load Test send the page requests through twice for the same period. So that I get two sets of results for the hour 29-30 in my load test?.
Just a minor anomaly I noticed.
Larger Load Test Image Here
