Posts Tagged ‘google’

Google is your friend

Posted: 28.7.2011 in Ei kategoriaa
Tags: ,

Every now and then (actually more than just every now and then) I find the word which I don’t have any idea. That can be e.g. “threat modeling”, “virtual user”, “xpath” and so on. I have to find quickly, what is behind that and should I really know it. I have multiple options how to proceed.

  • Ask from the forum like this
  • Ask at IRC
  • Ask at Twitter
  • Ask at Google+
  • Do the search at Google


If I’m using first four bullets, I have several assumptions. First is that someone else knows about subject. Secondly I’m expecting that “somebody” to be online and he have some free time. While waiting those conditions to become true I’m still clueless about the topic. And usually I have to get at least basic information about it quickly. I don’t want to waste my time and my client’s money for waiting. And even if I got answer, I never can be sure if that is correct answer. The one who answers might be as clueless as I am, but he doesn’t realize that. So situation is lose-lose situation. I might get wrong information. Or it’s possible that I won’t get any information at all. Not even wrong one. My work is blocked until I get the information. And someone else must waste his time to explain me the basics.

I’ve found that Google is much better option. If I write keywords to search field, add additional word “Tutorial”, I usually get some basic information about the subject I need. I also might get good references for further reading. This Monday I really had to find quickly information about threat modeling. First there was Wikipedia article, then article at OWASP-site. Those gave me good overview to subject. But it wasn’t enough. Third link was to Microsoft site and there they advertised book about threat modeling. Great! That’s what I needed. There was direct link to O’Reilly site, and possibility to buy eBook. I bought eBook, downloaded it, uploaded to my eBook reader, and now I’ve read more detailed information about threat modeling. I didn’t have to wait for days (or not even hours). I got quick overview and after that knew I had to know more.

Summary: Google doesn’t force you to wait. Usually you find at least the basics of subject you’re looking for. If after that you have questions (e.g. how to implement threat modeling to your environment), then forum is good place to open discussion about that. It won’t give you the step-by-step instructions, but it can give you some ideas how others has used same tool at their project.


Centralized cloud and other web services is major risk for private users, but also for business users. There are plenty of problems. I have experience with Google AdSense. I used to have it at one site for a short time. But it was terminated because I have “violated the contract”. That’s great. I requested information how I had done that and how to fix the problem. I didn’t have any intentional violations. I read thru the contract multiple times. Did they help me or tell the reason? No. I just got same automated (or premade) message, which told that I had violated some rules and it’s secret what I had done wrong.

Things could have been worse. Now I’m banned from AdSense forever, so I cannot get any income from Google ads. I cannot use AdSense in any of my services so good bye most ad income. How could it have been worse? They could have banned me from all of their services. That would be catastrophic for my private life. I have Google+ account, I have Gmail, I’m using iGoogle, I use all kind of fancy services they have. If I violate the term of services at Google+, I might lose all of those as reported at Business Insider. This limits my freedom of speech. This is putting razor blade on my throat. I have to be careful what I do or I might lose major part of my private and professional life.

Centralized services are good from usability point of view. But they are risk for many other parts. Everything gets worse as soon as someone owns majority of services. Microsoft couldn’t play as dirty game with Windows and other software as Google can play with the services they provide. Google can block me from many services with one click and they don’t have to justify their actions. They could just say “violated the term of services”. I don’t have money go to battle against them at court.

I have to be nice when at Google+. I’ll try to avoid being evil tester there. I just want to keep all my services and accounts up and running. Spirit is strong, but flesh is weak, but now I have to kill my flesh.

I have started to use cloud based tools to make my life easier. Here’s short list of tools I’m using and how I am using them. There’s most likely plenty of other tools which I could use, but these I use regularly. Do you have any cool tools to share?

Evernote is notebook cloud. It can be used with web browser and desktop application. When using web application, it is very easy store screen shots to there. I love that kind of feature. I have used it for article writing as well as for some blog texts. I can access to it even with my mobile phone. I haven’t done any security testing. You can use desktop application even so that you don’t sync your texts to server. It is also working very well without Internet access.

Yammer is for companies. It is much like Facebook with a lot less features. I have quite good trust to it because I’ve found only a few XSS-bugs. It is totally with https-protocol so it is not vulnerable for BlackSheep. We are using it a lot for internal information sharing of things which are not under strict NDA. It can be used even for free which is nice.

MindMeister is excellent browser based mindmap tool. You can share your mindmaps with others very easily. The access can be restricted to specified MindMeister users or put it to global use and protect it with password. I have really enjoyed it.

Google Docs is wonderful word processor. There is also other tools but I’m using it mostly with text. The best feature is possibility to collaborate. I can edit same text document with other people. I’ve fallen in love to that feature! I had wonderful time write one short story at it with my friend. I was ‘lead writer’ and she were correcting and adding some text. It was very well working. There wasn’t need to mail and have some old version.

Thanks testedtested about good thoughts @Twitter. 🙂 I had to start thinking about testability and its relationship with customer happiness and usability. 140 characters is too less for very well formulated ideas and comments so I had to write blog entry.

If I can use application, it doesn’t mean that I can test it. In many cases the testers must request developers to add code and features to increase testability. In many applications good usability means better testability, but that’s not case in many embedded systems.

Good example is Google’s self-driving car. From user point of view it is very simple system. Just submit where you are going to, hit the button and car takes you there. (This is very simplified view.) Even if that process is done simple, it is definitely not the same as testability.

I slice the simplified system to multiple parts:

  • Sensors
  • Motor
  • Wheel
  • User’s GUI which inputs the destination
  • Button which starts to drive

The software which controls all of these is software under testing (SUT) in my example. For me I’d need following things this to be testable:

  • I have to be able to send artificial messages from the sensors to SUT
  • I have to be able to inspect what kind of messages motors get
  • I have to be able to give artificial feedback from motor to SUT
  • I have to be able to control (virtual) wheels same way as normal road affects to wheels

If any of these is missing, I would not be able to test the control system. These need plenty of simulators and stubs which tester or test automation can inspect and control. But even without those simulators and stubs, extra interfaces the user could use the system and even be happy (if it works as expected). And even tester could use the system without them.

So testability is not always automatically part of usable software. Sometimes testability needs plenty of additional work for developers. And in those cases it is usually testers’ responsibility to give details how to make application more testable.