An easy way to start up a debate in a software testing forum is to ask the difference between black box and white box testing. These terms are commonly used, yet everyone seems to have a different idea of what they mean.
Black box testing begins with a metaphor. Imagine you’re testing an electronics system. It’s housed in a black box with lights, switches, and dials on the outside. You must test it without opening it up, and you can’t see beyond its surface. You have to see if it works just by flipping switches (inputs) and seeing what happens to the lights and dials (outputs). This is black box testing. Black box software testing is doing the same thing, but with software. The actual meaning of the metaphor, however, depends on how you define the boundary of the box and what kind of access the “blackness” is blocking.
An opposite test approach would be to open up the electronics system, see how the circuits are wired, apply probes internally and maybe even disassemble parts of it. By analogy, this is called white box testing, but already the metaphor is faulty. It is just as hard to see inside a white box as a black one. In the interests of logic, some people prefer the term “clear box” testing, but even a clear box keeps you from probing the internals of the system. It might be even more logical to call it “no box” testing. But the metaphor operates beyond logic. Since “white box” testing is the most common term, I’ll use it here.
To help understand the different ways that software testing can be divided between black box and white box techniques, I’ll use the Five-Fold Testing System. It lays out five dimensions that can be used for examining testing:
1. People (who does the testing)
2. Coverage (what gets tested)
3. Risks (why you are testing)
4. Activities (how you are testing)
5. Evaluation (how you know you’ve found a bug)
Let’s use this system to understand and clarify the characteristics of black box and white box testing.
People: Who does the testing?
Some people know how software works (developers) and others just use it (users). Accordingly, any testing by users or other nondevelopers is sometimes called “black box” testing. Developer testing is called “white box” testing. The distinction here is based on what the person knows or can understand.
Coverage: What is tested?
If we draw the box around the system as a whole, “black box” testing becomes another name for system testing. And testing the units inside the box becomes white box testing. This is one way to think about coverage.
Another is to contrast testing that aims to cover all the requirements with testing that aims to cover all the code. These are the two most commonly used coverage criteria. Both are supported by extensive literature and commercial tools. Requirements-based testing could be called “black box” because it makes sure that all the customer requirements have been verified. Code-based testing is often called “white box” because it makes sure that all the code (the statements, paths, or decisions) is exercised.
Risks: Why are you testing?
Sometimes testing is targeted at particular risks. Boundary testing and other attack-based techniques are targeted at common coding errors. Effective security testing also requires a detailed understanding of the code and the system architecture. Thus, these techniques might be classified as “white box.”
Another set of risks concerns whether the software will actually provide value to users. Usability testing focuses on this risk, and could be termed “black box.”
Activities: How do you test?
A common distinction is made between behavioral test design, which defines tests based on functional requirements, and structural test design, which defines tests based on the code itself. These are two design approaches. Since behavioral testing is based on external functional definition, it is often called “black box,” while structural testing—based on the code internals—is called “white box.” Indeed, this is probably the most commonly cited definition for black box and white box testing.
Another activity-based distinction contrasts dynamic test execution with formal code inspection. In this case, the metaphor maps test execution (dynamic testing) with black box testing, and maps code inspection (static testing) with white box testing.
We could also focus on the tools used. Some tool vendors refer to code-coverage tools as white box tools, and tools that facilitate applying inputs and capturing inputs—most notably GUI capture replay tools—as black box tools. Testing is then categorized based on the types of tools used.
Evaluation: How do you know if you’ve found a bug?
There are certain kinds of software faults that don’t always lead to obvious failures. They may be masked by fault tolerance or simply luck. Memory leaks and wild pointers are examples. Certain test techniques seek to make these kinds of problems more visible. Related techniques capture code history and stack information when faults occur, helping with diagnosis. Assertions are another technique for helping to make problems more visible. All of these techniques could be considered white box test techniques, since they use code instrumentation to make the internal workings of the software more visible. These contrast with black box techniques that simply look at the official outputs of a program.
To summarize, black box testing can sometimes describe user-based testing (people); system or requirements-based testing (coverage); usability testing (risk); or behavioral testing or capture replay automation (activities). White box testing, on the other hand, can sometimes describe developer-based testing (people); unit or code-coverage testing (coverage); boundary or security testing (risks); structural testing, inspection or code-coverage automation (activities); or testing based on probes, assertions, and logs (evaluation).
Mohit Wattal
Quality Analyst,
Mindfire: India's Only Company to be both Apple Premier & Microsoft Gold certified.
Feel Proud to be a part of Team Mindfire.
Friday, December 18, 2009
Wednesday, December 16, 2009
How to write good passwords
A good password is a system for creating codes that are easy to remember but hard to crack
A good password isn't a password at all. Instead, it's a system for creating codes that are easy to remember but hard to crack. And by codes we do mean codes, plural, so that someone who finds out one of your passwords won't know them all. Here's one methodology to help you generate unguessable but memorable gibberish.
Step 1: Choose a core phrase. Start with a phrase that's at least five words long. It could be the first line of a song, a quotation, a book title - anything that sticks in your head. Draw your core password from that, perhaps by using the first letter of each word:
tcith
These are the first letters of the book title "The Cat in the Hat," for example.
The payoff: This simple step protects you from someone who is running what's called a dictionary attack, in which every single word in the dictionary (and many proper names too) are tried until the right one is found. Computers can run through a dictionary attack in no time flat.
Step 2: Replace some lowercase letters with capital letters, numbers or symbols. Now mix things up by creating conventions around letters that you'll always make uppercase or change to symbols or numbers. Do what makes sense to you, so you don't have to write your system down:
Tc!tH
Here, we've capitalised the first and last letters of the phrase, and replaced an "i" with an exclamation point. You could also make "@" stand in for "a," "1" stand in for "l," and so on.
The payoff: This step exponentially increases the amount of time it takes for someone who is running a password cracking program that burns through every possible combination of characters until it finds the right one. Rather than guessing from the 26 lowercase letters on the keyboard, the program has to try 52 uppercase and lowercase letters, plus 10 digits and at least 10 more punctuation marks.
Step 3: Customise the password for each site or application. You can use the same core password multiple times, but add a character or three to ensure that every passphrase includes a number, and also that the passphrase is at least seven characters long. To get there, think up a system for generating an extra letter and number based on the name of the website or program you're accessing.
o5Tc!tH
Assuming that the password is for a Yahoo webmail account, we've added an "o" - for the last letter of Yahoo - and a 5, for the number of letters in Yahoo.
The payoff: We started with a password of five lowercase letters, which has 11,881,376 variations (26 to the fifth power, for math wonks). After step three, our password has more than 10 trillion combinations of characters (72 to the seventh power). Even a desktop computer that can guess a million passwords per second will need more than three months to run through all those possibilities.
Step 4: Write down your hint. As long as you understand your methodology and rules, now you can write down a mnemonic device that will jog your memory without being obvious to anyone else. You should still keep this piece of paper hidden, though. Author and security expert Bruce Schneier recommends keeping actual passwords on a piece of paper in your wallet, because you guard it closely and know when it goes missing. Keeping hints there should be even safer. This would be enough to make us remember that we used the title "The Cat in the Hat" to generate our basic password.
Step 5: Repeat. While you can use the same core phrase for multiple accounts, make sure that you establish different levels of passwords. You could use the same core phrase for all accounts that don't involve financial information, another one for accounts where you've used your credit card number and a third for online banking. In an ideal world, passwords should be changed at least every 90 days. But most of us would be doing pretty well if we changed them whenever daylight saving time starts and stops.
Tuesday, December 15, 2009
In Case U ot swayed away by the 3G, Here comes 4G:
4G Mobile Service Debuts: What You Need to Know
#REF:Jeff Bertolucci, PC World
Dec 15, 2009 4:26 am
A Swedish telecom firm has become the first carrier to offer 4G wireless service, albeit on a very limited basis. TeliaSonera announced Monday that its 4G/LTE network for data services would be available initially in Stockholm, Sweden and Oslo, Norway, according to a report in the Wall Street Journal. The carrier plans to expand 4G coverage to 25 cities in Sweden and four in Norway by the end of 2010.
On paper, TeliaSonera's 4G mobile broadband sounds blisteringly fast, with speeds of up to 100 Mbits/second--up to ten times faster than the provider's Turbo 3G service, the company says. Users of data-intensive apps such as video conferencing, online gaming, and Web TV broadcasting would benefit from 4G speeds, which initially is for data services only. The company's FAQ provides additional pricing and service details.
As is often the case with cutting-edge tech, early adopters will face some major challenges when upgrading to 4G. TeliaSonera customers, for instance, will need a special modem manufactured by Samsung to access the 4G network. And since the Samsung modem isn't compatible with 3G networks, users will need a separate 3G modem for when they leave the 4G coverage area. The good news is that a 3G-4G combo modem should be ready by Q2 2010.
4G in North America
On this side of the pond, the rollout of 4G will likely be a slow and steady process.
Wireless service provider Clearwire is currently building the first national 4G network in the U.S. Using WiMax technology, Clearwire offers broadband speeds of 4Mbps to 6Mbps--relatively poky compared to TeliaSonera's 100Mbps offering. As of September 2009, Clearwire reported 173,000 WiMax subscribers.
Sprint, which owns 51 percent of Clearwire, has announced plans to sell a 4G smartphone in 2010. And
Comcast, using the Clearwire network, is offering WiMax 4G service in Portland, Oregon. The Comcast High-Speed 2go service maxes out at 4Mbps.
Verizon, meanwhile, has been testing its 4G LTE network in a few U.S. markets, including Boston and Seattle. The carrier, as well as archrival AT&T, is expected to begin offering 4G service in limited areas next year. However, it's unlikely either provider will offer widespread 4G coverage until 2011.
Monday, December 14, 2009
Google Nexus One phone could break Exclusivity barriers!!
More…
Facebook
Twitter
Digg
PrintRumors have been circulating for a while now that Google is developing its own Android-based handset. The Wall Street Journal reports that the rumors are confirmed and that Google employees are currently using a prototype of the Google device, which will be dubbed the Nexus One
Google is expected to market the Nexus One directly rather through any wireless carrier partnership. It is expected to be an unlocked GSM-based device which will be available in early 2010--possibly as early as January. If it is, in fact, GSM-based, that means it will work on either the T-Mobile or AT&T networks.
The Nexus One hardware is allegedly from HTC--from the same mold as the HTC Passion. Based on the current rumors, the Nexus One runs on the blazing fast Snapdragon processor, has a super high-resolution OLED touchscreen, and will be thinner than an iPhone.
The number of Android-based handsets has exploded this past year. T-Mobile, Sprint, and Verizon each offer mobile devices built on Android. The most notable of these have been the recent release of theMotorola Cliq with T-Mobile, and the massive unveiling of the Droid from Verizon.
Google competing directly against Android-based devices from third-party manufacturers could ruffle some feathers. HTC, the company rumored to be producing the actual Nexus One hardware, has a variety of its own Android-based handsets planned for 2010, and the Nexus One would compete head-to-head with them.
Vendors like Motorola and Samsung, which have embraced the Android platform, may revolt--or at least shop for a new mobile operating system alternative rather than competing with Google. If the Nexus One is built on Android 2.1 as rumors have suggested, there could also be charges of unfair competition and predatory practices since the current version available to other vendors is Android 2.0.1.
The FTC might approve If Google markets the device directly, unlocked for use with any GSM-based carrier as suggested. Device exclusivity is a recurring issue and one that the FTC is currently exploring as a part of its widespread attempt to rein in the wireless industry.
Users--both consumers and businesses--may not want to unleash that genie, though. Purchasing directly from Google implies that there won't be any contractual obligation for service, but there also won't be any subsidization of the handset cost. As much as small business customers and consumers complain about contractual commitments and early termination fees, they also enjoy being able to upgrade to the latest technology every couple years without having to pay full price.
The Nexus One may be an attempt by Google to borrow from the Apple playbook. Although the hardware is from HTC, rumors suggest that Google has dictated every last detail of the hardware specifications and is customizing the Android experience to be uniquely Google.
As successful as recent Android-based devices have been, perhaps Google feels that none of them are truly living up to the potential that Android has to offer, and that only Google has the vision to deliver on the promise of Android.
The Nexus One could be Google's 'iPhone'--a pure Android handset straight from the imagination of the Android developers.
Sunday, December 13, 2009
Microsoft and Firefox engineering a Chrome web OS rival?
In July, Google Inc. had announced that it was working on an operating system for netbooks called Chrome operating system (OS) and it is reported that it is set to have a publicly available "stable release" by the second half of 2010। The new browser based operating system can be a competitive product for the software giant, Microsoft Corp, who needs to respond.
Recently, the company has demonstrated an early version of Chrome OS that features tabs for frequently used web-based apps and a 7 second boot up time. Further, Google has released the source code under open source licensing as Chromium OS. Now, various analysts suggest that the new Chrome OS will start a race to develop browser based operating systems like Internet Explorer OS, Firefox OS or even Opera OS।
Google Chrome Operating System
The company has stated that the Google Chrome Operating System project will be an open source by the end of 2009. Although, it is based on the Linux kernel, it will use "a new windowing system". The Chrome Operating System is being targeted at users who spend most of their time on the Internet and is designed to run on computers ranging from netbooks to desktop computers.
Chrome Operating System concept
Various developers said that the concept behind browser based operating is simple, use enough Linux under the browser to run on modest hardware and you have a hit formula for the success. It is assumed that if Google can develop its Chrome OS in about two years, Microsoft, Firefox, etc, would be able to develop their own "browser based operating system" at the time when Google’s version arrives next year.
It seems that there are various customers for Chrome OS out in the market, which include Hewlett-Packard, Acer, Lenovo and Asus. Therefore, Microsoft, needs to respond, who holds the world’s operating system market with more than 90 percent share. Further, Firefox and Opera could also release their versions to retain their future market share and stand with the competition.
It is assumed that such browser based OS would support its parent's own web-based productivity applications, but Firefox could be a spoiler as Microsoft and Google will head in proprietary directions. Developers said that if these browser based OSs have similar specifications like Google than users can have interchangeable operating systems in future, which can be carried on memory cards.
Mr. Sundar Pichai, Google's VP of Product Management said that if any other browser maker wants to build their own version of the OS using their own browser, they can. It is assumed that Chrome OS is going to make computers cheaper. Analysts predict that there can be a drop of $100 per PC. Since the operating system will not involve any licensing fees and up gradation charges.
Conclusion
In spite of recent breakdown in Google services, the company has convinced people that their data is safe in the cloud, as their personal information is already up there. However, the company has not detailed that what apps can be run on the operating system. Can we run Photoshop on it and what are the applications changes to make Chrome OS a better choice than Windows? But we can say that only for self-defense, Redmond giant needs an alternative to Chrome OS to offer its customers.
Recently, the company has demonstrated an early version of Chrome OS that features tabs for frequently used web-based apps and a 7 second boot up time. Further, Google has released the source code under open source licensing as Chromium OS. Now, various analysts suggest that the new Chrome OS will start a race to develop browser based operating systems like Internet Explorer OS, Firefox OS or even Opera OS।
Google Chrome Operating System
The company has stated that the Google Chrome Operating System project will be an open source by the end of 2009. Although, it is based on the Linux kernel, it will use "a new windowing system". The Chrome Operating System is being targeted at users who spend most of their time on the Internet and is designed to run on computers ranging from netbooks to desktop computers.
Chrome Operating System concept
Various developers said that the concept behind browser based operating is simple, use enough Linux under the browser to run on modest hardware and you have a hit formula for the success. It is assumed that if Google can develop its Chrome OS in about two years, Microsoft, Firefox, etc, would be able to develop their own "browser based operating system" at the time when Google’s version arrives next year.
It seems that there are various customers for Chrome OS out in the market, which include Hewlett-Packard, Acer, Lenovo and Asus. Therefore, Microsoft, needs to respond, who holds the world’s operating system market with more than 90 percent share. Further, Firefox and Opera could also release their versions to retain their future market share and stand with the competition.
It is assumed that such browser based OS would support its parent's own web-based productivity applications, but Firefox could be a spoiler as Microsoft and Google will head in proprietary directions. Developers said that if these browser based OSs have similar specifications like Google than users can have interchangeable operating systems in future, which can be carried on memory cards.
Mr. Sundar Pichai, Google's VP of Product Management said that if any other browser maker wants to build their own version of the OS using their own browser, they can. It is assumed that Chrome OS is going to make computers cheaper. Analysts predict that there can be a drop of $100 per PC. Since the operating system will not involve any licensing fees and up gradation charges.
Conclusion
In spite of recent breakdown in Google services, the company has convinced people that their data is safe in the cloud, as their personal information is already up there. However, the company has not detailed that what apps can be run on the operating system. Can we run Photoshop on it and what are the applications changes to make Chrome OS a better choice than Windows? But we can say that only for self-defense, Redmond giant needs an alternative to Chrome OS to offer its customers.
Saturday, December 12, 2009
Top 10 Camera Mobile Phones Of 2009
Gone are those days when we use to see mobile phones as a single utility device. Today it is much more than picking up calls and sending SMS. You can play music, record videos, watch clips, pay bills, store data, browse internet, get interesting apps on it, take pictures, share it on Facebook, flickr, and much more. Most of the people find taking pictures as the best utility of all, as capturing beautiful moments in life is just unbeatable. While you are on a college trip, or on a family vacation – good quality camera mobile phones can replace professional cameras in taking snap. But then landing up buying a camera cell which is not-so-good can certainly spoil your good moments when you take a hard copy of it. There are certain things you should remember before buying any mobile phone.
In case of camera phones, most of the people make a mistake of thinking that the higher the megapixels, the higher the quality of the phone. But no, megapixels play only 50% of the role and other features you must look at are, autofocus, sensor, flash, optical zoom, speed, interface, panorama options etc. Phones without camera are of rare “phenomenon” today, but not every handset can offer you the best quality. We have already reviewed Top 10 Music Phones of the year and this article on honeytechblog intends to provide information of Top 10 Camera Mobile Phones Of 2009, so that you pick up the best.
This definitely one of the best the camera phone of the year. This 12.1-megapixel camera with Xenon flash and intuitive touch focus gives you stunning, high-resolution shots you’ll want to blow up big and keep. With the Sony Ericsson Satio camera phone, all your favorite stuff is just a touch away. Tap directly into TV series, mobile videos, podcasts and music via the ingenious full-touch media menu on this amazing entertainment phone.
Interesting Features of Sony Ericsson Satio
- Camera Options – 12.1-megapixel with Xenon flash, auto-focus, Geo-targetting, Image stabilizer, red-eye reduction, video recording, 12x digital zoom and much more.
- Screen – 360×640 pixel – 16,777,216 color TFT touchscreen
- Display – 3.5? touschreen, 16:9 widescreen display with 16 million colors
- Memory – SanDisk microSD™ support
- Networks- GSM/GPRS/EDGE/HSDPA
- Colors – Black – Silver – Bordeaux
- Connectivity – Wisepilot™ turn-by-turn navigation, Bluetooth, Google Map, WiFi and more.
- Sizes – 112.0 x 55.0 x 13.0 mm – 4.4 x 2.2 x 0.5 inches
- Weight – 126.0 gram
2. iPhone 3G S
With a 3-megapixel autofocus camera and a photo application that makes it easy to share, iPhone 3GS is the most photo-friendly phone ever. The new 3-megapixel camera takes great still photos, too, thanks to built-in autofocus and a handy new feature that lets you tap the display to focus on anything (or anyone) you want. You can now also shoot video, edit it, and share it — all on your iPhone 3GS. Shoot high-quality VGA video in portrait or landscape. Trim your footage by adjusting start and end points. Then share your video in an email, post it to your MobileMe gallery, publish it on YouTube, or sync it back to your Mac or PC using iTunes.
Interesting features of iPhone 3G S
- Camera options: 3-Megapixle with AutoFocus, Crop, Rotate, Geotagging and video recording
- Display –Touchscreen 480 x 320 pixels (3.5 inch)
- Size – 115.5 mm (4.55 in) (h), 62.1 mm (2.44 in) (w), 12.3 mm (0.48 in) (d)
- Connectivity and Network – Wi-Fi (802.11b/g), Bluetooth, USB 2.0/Dock connector, Quad band GSM 850 900 1800 1900 MHz GPRS/EDGE including, A-GPS; Tri band UMTS/HSDPA 850, 1900, 2100 MHz. 3GS also supports: 7.2 Mbps HSDPA
- Special features – Accelerometer, Proximity Sensor, Fingerprint-resistant oleophobic coating, Cut, Copy, Paste, Voice Memos, Voice Control and much more.
- Memory – 32 Gigabytes
- Weight – 4.8 Onces
Nokia’s best camera phone till date with 8MP resolution sensor and this phone and 28mm wide angle lens. Take ultra high-quality pics with the 8 megapixel camera with auto focus, flash and Carl Zeiss optics. You can also capture clear images in bright and dark conditions with a wide exposure range, variable aperture and high speed shutter. And then share photos through Ovi*, email and MMS, or print them with a compatible printer. Capture DVD-like quality video day or night with a wide exposure range, stabiliser, and integrated video light.
Interesting Features of Nokia N86 8MP
- Camera Options – 8 Megapixels with AutoFocus, Dual LED Flash, Video recording.
- Display – OLED Display screen, 16M Colors
- Size : 240 X 320 pixels, 2.6 inches
- Memory : 8GB
- Connectivity – 3G, WiFi, GPS, Bluetooth, Radio
- Weight – 5.36 oz
Samsung Memoir is widely known as a camera with the mobile phone. With 8.0 megapixels, a Xenon flash and a host of dedicated camera functions, the Memoir sets a new standard. But the Memoir™ doesn’t stop there. It’s also a music player, a full Web browser, a GPS navigation system and one of the most advanced touch screen phones in the world. The photo quality is superior, and the overall feature set is very striking. It does carry great performance.
Interesting Feature of Samsung Memoir
- Camera Options – 8 Megapixels with Xenon flash, auto focus, multiple shooting modes, Smile Shot smile and video recording with camcorder.
- Display- 240 x 400 pixels, 262 144 colors, TFT
- Network – GPRS/EDGE/UMTS/HSDPA 1.8 Mbit/s/HSDPA 3.6 Mbit/s
- Special Features – Caller groups supported, 1000 -names capacity, Multiple Numbers Per Contact, Picture ID, Ring ID
- Multimedia and Music Player – MPEG4, 3GPP, H.263, H.264 – MP3 ringtones, AAC, AAC+, WAV, MIDI
- Size – 4.17 x 2.11 x 0.55 inches
- Memory – microSD/microSDHC
- Connectivity – USB, Stereo Bluetooth
- Weight – 4.40 oz
Renoir takes super-sharp 8 megapixel pictures that can be edited in camera and are instantly ready for sharing online or printing. The phone’s list of features includes some that are usually only found on extremely high-end standalone cameras, such as Schneider-Kreuznach certified optics, a Xenon flash, auto and manual focus, sensitivity up to ISO 1600 and geo-tagging.
- Camera Options – 8 megapixel camera with autofocus, manual focus and xenon flash
- Video recording (MPEG4, 320 x 240 pixels, 120 frames/second)
- Display: Touch screen, TFT LCD, 262k colors, 240 x 400 pixels (3 inches)
- Audio – MP3/AAC/AAC+/AAC++/WMA formats
- Messaging: SMS, EMS, MMS, Email, Instant Messaging
- Memory: MicroSD Card Upto 16GB
- Connectivity: 3G, WiFi, GPS, Bluetooth, Radio.
- Size: 108 x 55 x 14.5 mm
- Weight: 110g
6. Sony Ericsson Cyber-shot C905
The 8.1-megapixel C905 Cyber-shot™ phone is equipped with Xenon flash and is always ready to capture the best moments of your life. C905 has all the functions you need for perfect pictures, smart Contrast balances light and color, face detection helps you focus on people and many more.
Interesting Features of Sony Ericsson Cyber-shot C905
- Camera Options – 8 MP pixels with autofocus, xenon flash Geo-tagging, face and smile detection, smart contrast, image stabilization, smile detection and videocalling
- Video recording – QVGA@30fps
- Display – TFT, 256K colors
- Size – 104 x 49 x 18-19.5 mm
- Memory – Memory Stick Micro (M2), up to 8GB, 2GB or 8GB card included
- Network – GPRS/EDGE/WLAN/
- Connectivity – Bluetooth, USB
- Weight – 136 gram
Samsung M8910 Pixon12 is the world’s first 12-megapixel camera phone for instant photo shoot. The Samsung Pixon12 enables users to take perfect pictures quickly and easily, thanks to a Dedicated Camera Power Key which gives users fast one-touch access to the camera function. Once the camera is turned on, users can point and shoot, capturing images as fast as today’s advanced digital cameras. The Samsung Pixon12 also features fast image saving, so users can move to their next shot within around 2 seconds.
Interesting Features of Samsung M8910 Pixon12
- Camera Options – 12 MP with Tracking Touch Auto-Focus, Image Stabilization, Beauty Shot.
- Video Recording – D1(720×480)@30fps, QVGA@120fps
- Display – AMOLED Resistive touchscreen, 16M Colors
- Size – 480 X 800 pixels, 3.1 inches
- Memory – microSD, up to 16GB,
- Connectivity – Bluetooth, USB
- Network – GPRS/EDGE/WLAN/ HSDPA,7.2 Mbps, HSUPA
- Weight – 120 g
Capture and share print quality images with this 5 megapixel camera. The comfortable and straight forward design makes clicking photos quick and easy. This is actually the lowest priced 5MP you will locate on the market with excellent web browsing and call quality features. The most interesting part apart from camera options, you will find is the battery life. It comes with solid 12 hours battery life with music player on.
Interesting Features of Nokia 6700 classic
- Camera Options – 5 Megapixel with Autofocus, LED flash, Active toolbar, Photo editor on device, Color tone modes: normal, greyscale, sepia, negative and Direct printing to compatible picture printers.
- Video Recording – 640 x 480 @ 15fps or 352 x 288 @ 30fps
- Display – TFT screen, 16M Colors
- Size – 240 X 320 pixels, 2.2 inches
- Memory – MicroSD Card Upto 8GB
- Connectivity – 3G, GPS, Bluetooth, Radio.
- Network – GPRS/EDGE/WLAN/ HSDPA,TCP/IP support
- Weight – 113 grams
The Behold® II is the latest Android phone with corporate email synchronization, WiFi, and visual voicemail. And its Webkit-based browser is fully integrated with Google applications so you can check Gmail, automatically add an event to your calendar, and find directions with Google Maps. The Behold® II also features a 3.2” AMOLED screen so you can view your graphics, photos and YouTube videos in clarity. And it is everything you need for multimedia, offering 16GB of expandable memory, Bluetooth 2.1, MP3 music player and a 5MP camera/camcorder with auto-focus, flash and 8x zoom. It’s truly something to behold.
Interesting Features of Samsung T939 Behold 2
- Camera Options – 5 MP, 2592?1944 pixels, autofocus, LED flash, geo-tagging and video recording.
- Display – AMOLED capacitive touchscreen, 16M colors
- Size – 320 x 480 pixels, 3.2 inches
- Memory – microSD, up to 16 GB,
- Network – GPRS/EDGE/WLAN/HSDPA
- Connectivity – Bluetooth, USB
- Weight – 4.2 oz
10. Nokia N97 mini
The sleek Nokia N97 mini integrates the web into your life and seamlessly connects you to your friends and favorite online services. It is younger than Nokia N97 and also comes with different design, slid opening, and better features. With this you can capture high resolution pictures and record video in DVD quality. Further impressive part is that you can save up to 10 hours of quality video on 8GB internal memory, or store up to 30 hours with a microSD external memory card.
Interesting Features of Nokia N97 mini
- Camera Options – 5 MP, 2592×1944 pixels, Carl Zeiss optics, autofocus, Dual LED flash, video light and Geo-tagging
- Video Recording – VGA@30fps and VGA@15fps
- Display – TFT resistive touchscreen, 16M colors
- Size – 360 x 640 pixels, 3.2 inches
- Memory – microSD, up to 16GB
- Network – GPRS/EDGE/WLAN/HSDPA
- Connectivity – Bluetooth, v2.0 microUSB
- Weight – 138 g
You can no doubt drop the option of buying a camera for yourself, if you pick any phone from the above list. These phones are best of the year and hey it is Christmas time. So probably you could get one for your loved one as a beautiful surprise gift. Happy Clicking!
How to unchrome your Google Chrome
do you know: Each Google Chrome installation contains a unique ID that allowing identifying its users who install it on their system.
For those who don’t know about Chrome
Google Chrome is a browser that combines a best use of system memory and as a result of minimal design with sophisticated technology to make the web faster, safer, and easier.
So if you don’t want to get chromed and wants to unchromed ( i.e don’t want to get identify by the google chrome) then here is an application named UnChrome. This application was designed to remove the unique ID that allowing identifying of your sytem.
How It works
It replaces your unique ID with Null values so that your browser cannot be identified any longer. The functionality of Google Chrome is not influenced by this. You only need to apply UnChrome only once.
How To Apply Unchrome
- Close the Google Chrome
- Download the unchrome application
- Install the unchrome application
- Now your chrome installation is anonymized
Testing Cookies in Web Applications
A "cookie" is a small piece of information sent by a web server to store on a web browser so it can later be read back from that browser. This is useful for having the browser remember some specific information. These are small data files which act as unique identifiers and allow our site to remember a particular user. Cookies do not harm computer. Certain areas of our web site, such as our forums use cookies. Some times user’s personal information is stored in cookies and if someone hacks the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues. This is why testing of website cookies is very important.
In this white paper, we will focus on basics of cookies world and also how to test the website cookies.
INTRODUCTION
In today’s world we use websites for numerous activities, like shopping, travel ticket booking. And here comes an important word “cookie” in the picture. Almost, everywhere cookies are used to store the information sent by web servers.
So, we will first focus on what exactly cookies are and how they work. What are cookies?
Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve information from that machine. Generally cookie contains personalized user data or information that is used to communicate between different web pages. An example is when a browser stores your passwords and user ID's. They are also used to store preferences of start pages, both Microsoft and Netscape use cookies to create personal start pages.
Cookies are nothing but the user’s identity and used to track where the user navigated throughout the web site pages.Why Cookie?
The communication between web browser and web server is stateless. For example if you are accessing domain http://www.example.com/1.html then web browser will simply query to example.com web server for the page 1.html. Next time if you type page as http://www.example.com/2.html then new request is send to example.com web server for sending 2.html page and web server don’t know anything about to whom the previous page 1.html served.
What if you want the previous history of this user communication with the web server? You need to maintain the user state and interaction between web browser and web server somewhere. This is where cookie comes into picture. Cookies serve the purpose of maintaining the user interactions with web server.
How cookies work?
To exchange information files on the web, the HTTP protocol is used. There are two types of HTTP protocol: Stateless HTTP and Stateful HTTP protocol.
Stateless system
A stateless system has no record of previous interactions and each interaction request has to be handled based entirely on the information comes with it. For eg, if we enter http://www.example.com/sample.html into our web browser’s address bar and press Enter, then conversation between the browser and the example.com web server goes like this : Web browser will simply query to example.com web server for the page sample.html.
Once the browser receives the last byte of information using HTTP, the example.com web server essentially forgets about the request data. If now, we send some other request to the web server, it will execute upon the request, without memory of the earlier request. It does not need to remember the earlier request for the response of the new request. This isn’t bad for example.com website; no harm, no foul.
Stateful system
Stateful system
Are there are cases where state does matter for a web based system? The answer is YES, and here comes the Stateful system. Stateful HTTP protocols do keep some history of previous web browser and web server interactions and this protocol is used by cookies to maintain the user interactions.
Whenever user visits the site or page that is using cookie, small code inside that HTML page writes a text file on users machine called cookie. When user visits the same page or domain later time this cookie is read from disk and used to identify the second visit of the same user on that domain. Expiration time is set while writing the cookie. This time is decided by the application that is going to use the cookie.
Applications where cookies are used
- Online Ordering Systems: An online ordering system could be developed using cookies that would remember what a person wants to buy, this way if a person spends three hours ordering CDs at your site and suddenly has to get off the net they could quit the browser and return weeks or even years later and still have those items in their shopping basket.
- Website Tracking: Site tracking can show you places in your website that people go to and then wander off because they don't have any more interesting links to hit. It can also give you more accurate counts of how many people have been to pages on your site.
- Shopping: Cookies are used for maintaining online ordering system. Cookies remember what user wants to buy. What if user adds some products in their shopping cart and closes the browser window? When next time same user visits the purchase page he can see all the products he added in shopping cart in his last visit.
- Marketing: Some companies use cookies to display advertisements on user machines. Cookies control these advertisements.
- UserIds: Cookies can track user sessions to particular domain using user ID and password.
Death of a cookie!
When a web server sets a cookie into the system, it was optionally give it a “death” expiration date. When the date reaches, then the cookie gets deleted from the system.
If the web server does not give an expiration date to a cookie, then the cookie is a per-session cookie. Per-session cookies are deleted as soon as you close the current session of the browser. So, if the cookie is not having any death date, then as soon as the browser is closed, the cookie is no longer into your system.
Listed below are examples of the steps taken to view your browser's cookies settings:
Changing cookie settings for Mozilla Firefox 1.5 (Adapted from the Firefox 1.5 integrated help system)
By default Firefox 1.5 accepts all cookies, including cookies which would allow a site to recognize you effectively forever. If you want to grant sites you trust the ability to store cookies permanently
Click Exceptions
Enter the site address (In this case it would be americanadoptions.com)
Click Allow.
Changing cookie settings for Internet Explorer 7
Click on the Tools menu and then click Internet Options
Click the Privacy tab, and then click Sites.
Type americanadoptions.com in the Address of Web site field.
Click Allow to always allow cookies from americanadoptions.com
Changing cookie settings for Internet Explorer 6
Click on the Tools menu and then click Internet Options
Click the Privacy tab, and then click Sites.
Type americanadoptions.com in the Address of Web site field.
Click Allow to always allow cookies from americanadoptions.com
Changing cookie settings for Netscape 6
Click Edit Menu
Click Preferences
Select Privacy & Security
Select Cookies
To view your cookie settings on a browser not listed above, refer to your browser's documentation.
Drawbacks of cookies
- Loss of site traffic: Site containing cookie will be completely disabled and can not perform any operation, if user has set browser options to warn before writing any cookie or disabled the cookies completely. And this results in loss of site traffic.
- Loads of cookies: If too many cookies are present on every page navigation and user has turned on option to warn before writing cookie, in that case this could turn away user from the web site and this could result in loss of site traffic and eventually loss of business.
- Valuable hard drive space: Cookies take up valuable hard drive space, so it may be to your advantage to delete a few on occasion, especially third-party cookies. Third-party cookies are placed on your computer by sites you haven’t visited. They usually come from companies who place ads on sites you have visited. Luckily, most browsers give you the option of rejecting only third-party cookies.
- Security: Some times user’s personal information is stored in cookies and if someone hacks the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues. Some sites may write and store your sensitive information in cookies, which should not be allowed due to privacy concerns.
Cookie Testing
Now when we know the basics of cookie world, let’s address how to test sites that use cookies.
Disabling Cookies
This is probably the easiest way of cookie testing. What happens when all cookies are disabled? Start like this: Close all browsers delete all cookies from PC.
Now, open the website which uses cookies for actions. Now, perform the major functions in the website. Most of the time, these will not work because cookies are disabled. This isn’t a bug: disabling cookies on a site that requires cookies, disables the site’s functionality.
Is it obvious to the website user that he must have the cookies enables? Web servers are recognizing that attempts are made with disabled cookies, so, does it send a page with a normal message that cookies needs to be enabled before working?
There should not be any page crash due to disabling the cookies.
Selectively rejecting cookies
What happens when some of the cookies are accepted and some are rejected? If there are 10 cookies in web application then randomly accept some cookies say accept 5 and reject 5 cookies. For executing this test case you can set browser options to prompt whenever cookie is being written to disk, delete all previously saved cookies, close all open browsers and then start the test. Try to access major functionality of web site. On the prompt window you can either accept or reject cookie. What’s happening: pages are getting crashed or data is getting corrupted?
Corrupting cookies
This is the test which will test the site! For this, we need to know the cookies the web site is saving and the information that is stored in the text files. Manually edit the cookie in notepad and change the parameters to some vague values. For eg, change the content of the cookie, change the name of the cookie, and then perform actions in the website. In some cases corrupted cookies allow to read the data inside it for any other domain. This should not happen in case of your web site cookies. Note that the cookies written by one domain say rediff.com can’t be accessed by other domain say yahoo.com.
Cookie Encryption
There are websites, where we have no option other than saving sensitive data in cookie. Here it needs to be tested that the data stored in cookie is also getting stored in encrypted format.
Deletion of cookies
Access a website and allow it to write cookie. Now close all the browsers and manually delete the cookies. Again open the same website and try to work on it. Is it crashing?
Some times cookie written by domain say ABC.com may be deleted by same domain but by different page under that domain. This is the common case if you are testing some ‘action tracking’ web portal. Action tracking or purchase tracking is placed on the action web page and when any action or purchase occurs by user the cookie written on disk get deleted to avoid multiple action logging from same cookie. Check if reaching to your action or purchase page deletes the cookie properly and no more invalid actions or purchase get logged from same user.
Multi Browser testing
This is an important case to check if web application page is writing the cookies properly on different browsers and also the web site works properly using these stored cookies.
CONCLUSION
Cookies shouldn’t be put in the same category as the viruses, spam, or spyware that are often created to wreak havoc and chaos on computers. They are mostly benign tools to help you manage your time more efficiently on the Web. Plus, you have totally control over them if you think your secrecy is being violated. Therefore, accept or reject cookies as you want. And the testing should be done properly to check that website is working with different cookie setting. For demo Amazon.com is a very good website for good quality cookie usage.
Mohit Wattal
Quality Analyst,
Mindfire: India's Only Company to be both Apple Premier & Microsoft Gold certified.
Feel Proud to be a part of Team Mindfire.
20 essential firefox addons for testing
Firefox is one of the most important browser for testers working in web application domain. Specially, with all the add-ons around it, Firefox is certainly essential for testing web applications. Over a period of time, I have used plenty of add-ons to test various web applications. Following list of add-ons are extremely useful for testing web applications. There are add-ons useful for security testing, analyzing page source, accessibility, debugging and pretty much everything you need for web application testing. You can certainly enhance your productivity using some of these add-ons.
1. Firesizer 0.92
Provides a menu and status bar to resize the window dimensions to a specific size. This add-on is extremely useful if you want to test how your application will look in different size windows.
2. W3C Page Validator 3.0.0
This little add-on validates a page using the W3C Markup Validation Service. Depending on your context, if your organization is committed to create W3C compliant web applications, this might be very handy.
3. SQL Injection 1.2
This is an excellent tool to help developers in identifying SQL injection vulnerabilities. This add-on transform checkboxes, radio buttons and select elements to an input text box.
4.QuickRestart 1.1.5
If you need to restart firefox to test your cookies, sessions or because of any other reason, this little button in your toolbar will do it with a mouse click. This is a very simple utility, but can be extremely useful.
5. Firebug
If you are working in web application domain, I am sure you are already familiar with this add-on. Firebug, along with the development toolbar are absolute minimum your firefox should have if you are working in web application testing domain.
6. Regular Expression Tester
This small add-on allows you to test your regular expression. The tool includes options like case sensitive, global and multiline search, color highlighting of found expressions and of special characters, a replacement function incl. backreferences, auto-closing of brackets, testing while writing and saving and managing of expressions.
7. HttpFox
This add-on is an amazing tool if you want to dig deeper into http request / response and analyze all the traffic. Using this add-on, you can get information about request / response header, sent and received cookies, Querystring parameters, POST parameters and Response body.
8. HackBar 1.3.2
I haven't explored this myself, but from description it looks like it should be useful for SQL injections, XSS holes and site security.
9. Web Developer Toolbar
As mentioned earlier, this one along with the firebug are must have extensions if you are working in web application domain. These extensions are complete toolset and probably require separate articles to explain their capabilities.
10. Accessibar 0.7.8
Its an amazing add-on to test accessibility of any site. Using this add-on, you can change font size, line spacing, hide all the images / flash and so on. It also integrates text to speech reader and reads string on mouse hover / focus elements.
11. Add N Edit Cookies
There are very few applications which does not use cookies these days. This little add-on allows you to add / edit cookies and test how your application will respond to changes in the cookies setting.
12. LinkChecker 0.6.3
This is a very simple tool to check if there are any broken links on the web page. It highlights all the links in various colors to show if they are broken or not.
13. MeasureIt 0.3.8
If you have a design team which is very particular about the size of every element, than this little add-on can be used to test hight and width of all the elements. It draws a ruler around any element and shows hight / width of the element.
14. YSlow 2.0.0b3
YSlow analyzes web pages and gives you information on why they are slow based on the Yahoo's rule for high performance websites.
15. User Agent Switcher
If your application behaves differently based on the user agent or if it records this information than this add-on can be very handy. It simply switch the user agent of the browser. Please note, changing user agent will not make it render like IE.
16. FireShot 0.69
FireShot can be handy in situations where you want to take screen shot of your web application. It even allows you to write comments, highlight specific element of your application and so on.
17. URLParams 2.2.0
This little add-on make it convenient to analyze GET and POST parameters of the current website in the sidebar. You can ever change their values, add new parameters etc.
18. Tamper Data 10.1.0
Tamper Data allows you to view and modify HTTP/HTTPS headers and post parameters. You can use it to test security of your web applications by modifying POST data and analyzing how your application will respond to those changes.
19. View Dependencies 0.3.3.0
This is an extremely useful add-on if you want to figure out what are all the files / images etc. are getting downloaded for every page, how much time they are taking and many such details.
20. Flash Switcher 2.0.2
If you are involved in testing Flash Applications, than this little add-on is extremely useful to test your flash application on various versions of flash players.
I have purposefully not included add-ons like Selenium and TestGen4Web , because they are separate test automation tools in themselves. Hope you found this list useful. Please add other interesting add-ons you have used in the comment, which are not listed above.
1. Firesizer 0.92
Provides a menu and status bar to resize the window dimensions to a specific size. This add-on is extremely useful if you want to test how your application will look in different size windows.
2. W3C Page Validator 3.0.0
This little add-on validates a page using the W3C Markup Validation Service. Depending on your context, if your organization is committed to create W3C compliant web applications, this might be very handy.
3. SQL Injection 1.2
This is an excellent tool to help developers in identifying SQL injection vulnerabilities. This add-on transform checkboxes, radio buttons and select elements to an input text box.
4.QuickRestart 1.1.5
If you need to restart firefox to test your cookies, sessions or because of any other reason, this little button in your toolbar will do it with a mouse click. This is a very simple utility, but can be extremely useful.
5. Firebug
If you are working in web application domain, I am sure you are already familiar with this add-on. Firebug, along with the development toolbar are absolute minimum your firefox should have if you are working in web application testing domain.
6. Regular Expression Tester
This small add-on allows you to test your regular expression. The tool includes options like case sensitive, global and multiline search, color highlighting of found expressions and of special characters, a replacement function incl. backreferences, auto-closing of brackets, testing while writing and saving and managing of expressions.
7. HttpFox
This add-on is an amazing tool if you want to dig deeper into http request / response and analyze all the traffic. Using this add-on, you can get information about request / response header, sent and received cookies, Querystring parameters, POST parameters and Response body.
8. HackBar 1.3.2
I haven't explored this myself, but from description it looks like it should be useful for SQL injections, XSS holes and site security.
9. Web Developer Toolbar
As mentioned earlier, this one along with the firebug are must have extensions if you are working in web application domain. These extensions are complete toolset and probably require separate articles to explain their capabilities.
10. Accessibar 0.7.8
Its an amazing add-on to test accessibility of any site. Using this add-on, you can change font size, line spacing, hide all the images / flash and so on. It also integrates text to speech reader and reads string on mouse hover / focus elements.
11. Add N Edit Cookies
There are very few applications which does not use cookies these days. This little add-on allows you to add / edit cookies and test how your application will respond to changes in the cookies setting.
12. LinkChecker 0.6.3
This is a very simple tool to check if there are any broken links on the web page. It highlights all the links in various colors to show if they are broken or not.
13. MeasureIt 0.3.8
If you have a design team which is very particular about the size of every element, than this little add-on can be used to test hight and width of all the elements. It draws a ruler around any element and shows hight / width of the element.
14. YSlow 2.0.0b3
YSlow analyzes web pages and gives you information on why they are slow based on the Yahoo's rule for high performance websites.
15. User Agent Switcher
If your application behaves differently based on the user agent or if it records this information than this add-on can be very handy. It simply switch the user agent of the browser. Please note, changing user agent will not make it render like IE.
16. FireShot 0.69
FireShot can be handy in situations where you want to take screen shot of your web application. It even allows you to write comments, highlight specific element of your application and so on.
17. URLParams 2.2.0
This little add-on make it convenient to analyze GET and POST parameters of the current website in the sidebar. You can ever change their values, add new parameters etc.
18. Tamper Data 10.1.0
Tamper Data allows you to view and modify HTTP/HTTPS headers and post parameters. You can use it to test security of your web applications by modifying POST data and analyzing how your application will respond to those changes.
19. View Dependencies 0.3.3.0
This is an extremely useful add-on if you want to figure out what are all the files / images etc. are getting downloaded for every page, how much time they are taking and many such details.
20. Flash Switcher 2.0.2
If you are involved in testing Flash Applications, than this little add-on is extremely useful to test your flash application on various versions of flash players.
I have purposefully not included add-ons like Selenium and TestGen4Web , because they are separate test automation tools in themselves. Hope you found this list useful. Please add other interesting add-ons you have used in the comment, which are not listed above.
Subscribe to:
Posts (Atom)