Unfortunately, the number of businesses being targeted for cyber attacks is growing, according to a recent survey by Internet-analytics company Neustar. According to the study, more than 300 businesses (across industries such as travel, finance and retail) have experienced an cyberattack. From Mashable:

Ted Swearingen, director of information security operations at Neustar, says the number of cyberattacks and the variety of industries affected have increased dramatically.

“We’ve seen a game change in last two years,” Swearingen told Mashable. “It’s significant. The damage that comes with one of these attacks — the thought of being down for a day, not being able to sell goods or services online is just amazing in terms of monetary cost.”

The costs can indeed be high. 65% of businesses said a site outage would cost them up to $10,000 an hour, 21% said it would run them $50,000 an hour, and 13% of businesses would lose $100,000 every hour if their site went down. …

35% of Neustar’s respondants said they’ve experienced an attack which lasted longer than a day, while 11% said they’ve seen an attack continue for more than a week.

Read the full Mashable article >>>

If your business relies on customers’ expectation of security (such as e-tail or financial sites) or if you face a lot of competition (like in the e-tail and travel industries) you can’t afford to have your site taken down from a monetary or a customer experience/loyalty standpoint.

It’s becoming more and more apparent that any business – no matter how big or small – is a potential target for hackers. Be proactive. Security test your website and apps and be sure you have backup server plans in place so you’re not stuck if your business is targeted. When you’re in the middle of an attack is not the time to start thinking about security.

Anyway, if you’ve been following this story, you’re probably also aware of the major security bug that exposed sensitive details of domain applicants and put a halt to what Reuters calls the “most ambitious expansion of the Internet so far.” Here’s Politico with the details of the bug:

Because of the glitch, as many as 50 applicants were potentially able to see information for about 105 applicants. The information is closely guarded by many applicants who do not want others to apply for similar words and bid up the price. ICANN is in the process of notifying applicants whose information may  have been revealed as well as those who may have looked at the information. At some point, it will reopen the application system for five days.

The Association of National Advertisers recently called for an independent investigation of the ICANN application system. Beckstrom said ICANN hadn’t responded to the request, which can be pursued through ICANN’s multi-stakeholder process.

“The good news here is that we had enough security; we can see every user’s  keystroke, every turning of a page,” he said. “That’s going to discourage any parties from using information they might have seen.”

That was a few weeks ago. On Tuesday, the project reopened after more than 40 days, with ICANN apologizing for the inconvenience. The deadline for submission is now May 30th.

To close, I’ll leave you with a few thoughts and impressions from this story, as well as a classic South Park video:

• Relative to some other high-profile security breaches (cough – Sony – cough) this one did not seem too serious. Only 50 applicants could see info on 105? That seems low to me, but it was enough to shut down the process for well over a month. Something to think about.
• Is there a definitive Guide to Dealing With Security Bugs anywhere out there? I would think a book on this subject would be immensely valuable. Better yet if there were a consulting firm soley dedicated to security bug crisis management – someone to come in and handle angry customers, the media and of course, to patch the security hole. I’m picturing a geekier version of The Wolf from Pulp Fiction.
• Are these new domain names really going to take off? Granted, the $185k application fee will deter old-school cyber-squatters, but it seems to also eliminate all but the biggest brands and businesses.
• What, if any, are the testing implications of these new domains?
• What would happen if the Internet really closed? I think it would look something like this:

What do you think about this story? Let us know!

Joining our roster of blogs – including the MobileAppTesting blog, In The Wild Testing blog and this blog – uTest is proud to announce our newest addition, the WebAppTesting Blog!

Launched last Friday, WebAppTesting is already teeming with content about internet protocols, browser wars and share, mobile web news and interviews! As we move forward WebAppTesting will cover topics like:

• Browser and OS compatibility
• Test automation tools
• Agile testing and other methodologies
• Web security issues
• Testing the mobile web
• Load testing for web
• Interviews with web app experts

And anything else we come across that might interest you about the world wide web! And, as always, if you find anything interesting that you’d like to share with the world, we love guest posts!

*********************

Gerald Weinberg, Author and Consultant

I like my software to do what I bought it for, and not do other things. Without testing, that won’t happen.

If you’re asking what I like most about *doing*, testing, well I like the software I help produce to be good at doing what people buy it for, but I think that’s not the answer you’re looking for. (You should be, though, because that feeling of pride in one’s work is essential to a successful profession.)

As for the actual work of testing, I like the intellectual challenge most. While testing, I feel like, say, Sherlock Holmes—-and nobody has to be murdered (usually).

*********************

Scott Barber, CTO at PerfTestPlus

I like the diversity of it. Take a recent week for example. I was helping one client devise a performance testing strategy for a database that is growing at the rate of 1TB per month that supports an application that enables M.D.s, Medical Test Labs, and Pharmacies to share relevant patient information, prescriptions, lab results, etc. essentially in real-time. I was working with a small team to figure out how to performance test a web-based voting application for a national (not North American) election that reasonably expects to need to securely & reliably process over 1 million votes per hour. I paired with a complete stranger to test a desktop application using screen and voice capture tools to document our testing and report defects. And I was testing a “teach programming to kids” application with my son.

But what I *really* like is the virtual impossibility of it all. While complete testing is not practically possible, balancing that against time, budget, technology, market, and human factors with a host of unknowns that feels bigger than the knowns, is the most fascinatingly challenging puzzle I’ve ever actively tried to solve. It’s a puzzle that always keeps me on my toes, always keeps me actively studying new things; from new technologies, to human psychology, to organizational management, to whatever industry my current client is in. For a person who loves to learn, loves to make a difference, is motivated by seemingly impossible challenges, gets bored easily, yet doesn’t want to be looking for a new career every 3 months, I simply can’t think of a field that is a better fit.

*********************

Matt Heusser, Writer and Consultant

Two decades ago I was a military cadet in the Civil Air Patrol, and I vividly remember a poem over our commanders desk:

“We the willing, led by the unknowing, have been doing the impossible, for the ungrateful.  We have been doing so much for so long for so little that we are now qualified to do anything for nothing.”

While the spirit of that poem was a little passive-aggressive, I have to say, I was inspired by the content, this idea of doing the impossible under tough constraints.

In some ways, I see this in software testing. From an infinite set of possible tests, we need to derive the most powerful ones.  We need to figure out what to test right now; what to do quickly, what to automate.  We need to figure out what the results of those tests tell us, and to give answers that stand up to scrutiny.

I call this the “Great Game of Testing,” and I don’t think it’s too much of a stretch to say that I am in software testing “For Love Of The Game.”

*********************

Michael Cooper, Senior Director of QA at T-Mobile

When I was testing on a daily basis, I treated testing like a game.  I was so happy whenever I found defects and design gaps that would have had real impacts on the end customer.  I enjoyed the challenge of quickly learning new applications, systems and functionality; and I loved being the “go to” subject matter expert (SME) whose opinion was valued during ‘go/no-go’ decision-making.  I had to use my imagination and astuteness to try to put myself into the shoes of the customer or end user.  I felt very proud to know both the big picture and the technical details of the application.

When I moved into test automation, I loved doing things more efficiently than other testers and being able to locate defects that could not be found manually.  When I got into performance testing, I loved the concept of understanding systems well enough to uncover and help tune real performance and load issues.  I would stay up late at night reading knowledgebase articles about the systems being tested; and learning new scripting and tuning skills.

When I became a Test Manager, I loved mentoring other testers that shared my love for testing; I really enjoyed finding process improvements in testing and Quality Assurance.   Then, as a Senior Manager and Director, I love sharing a strong vision for QA and Testing.  I am truly passionate about driving quality and inspiring other testers to reach their full potential.

My love for testing continues to evolve each and every day. These days I lead a team of over four hundred testers, Quality Assurance professionals, and Infrastructure Specialists and I love the challenges and opportunities that my work brings every day!

*********************

Pradeep Soundararajan, Blogger and Founder & Managing Director at Moolya Testing

Software testing is a piece of honey in this world and I think of testers as bees. While there are bees that spend a lot of time collecting honey and want to spread the taste of honey to larger groups, there are also bees that seem to want to add impurities to the honey. There is no authority and there shouldn’t be. However, the bad bees want to act like being in authority and end up preventing the new born bees from tasting pure honey. Also, there are fights between the groups of good and bad bees and sometimes a lot of buzz.

The good bees don’t understand that spending more time fighting with bad bees means time away from collecting more honey. There is another way to look at the same thing. Fighting the bad bees helps the good bees save new born bees from being influenced by the bad bees. Every good bee has a role to play today. Some guard the territory, some collect honey, some carry honey to far off places, some spread the taste, some rejuvenate the newborn bees with pure honey and some openly kill the bad bees.

Who am I? I am just one among the bees. I have tasted the pure honey and I think it is the sweetest thing I have tasted. I see some bees wanting to add impurity into it and I have donned several roles in my life so far. Right now, I am playing the businessman-cum-test-consultant-bee role, helping good bee customers get the honey they want.

*********************

Steve Vance,  Author and Sr. Software Engineer at uTest

There are so many ways I like testing, but first and foremost I’m a big fan of applying Lean principles to product development. In that context, I see testing as the key to building quality in rather than training your software to do the right thing after the fact. If you can practice test-driven development (TDD), fantastic. Acceptance test-driven development (ATDD) is even better. If you’re just doing test-early, that’s still pretty good. And while it’s great to have the tests that verify the functionality and continue to serve as regression tests, the primary benefit is how it helps you focus on doing the right things effectively with a good and testable design. Ultimately, this all comes together to help us sustainably create high-quality software from inception, reducing our costs and increasing our productivity with long-term returns.

In a complete shift of approach to the question, I love the puzzle represented by testing. Figuring out how to bring software under test can be the ultimate legal hacking project. A lot of software is not designed with testability in mind. It’s not just at the system and integration test level that you find this, either. A lot of low-level classes and other “units” are equally difficult to test. Figuring out how to tame them with a minimum of change beats sudoku for a challenge in my book.

*********************

Peter Shih, Director of Community Management at uTest

“Testing is like a box of chocolates. You never know what you’re gonna get.” The fact that software testing is so multi-faceted is what I love most about this field. Does the app function as designed? Is it intuitive to use and enjoyable to use for your core audience? Does it provide a level of security and privacy that builds confidence in your end users? How does it perform when there’s peak activity or traffic?

Along the same lines, software testers themselves are also diverse in their training and experience, which has trained me to reserve judgment until after I’ve worked with a tester. Some of the best functional testers I’ve worked with have non-technical backgrounds in fields such as music and philosophy. And some of the best usability experts are ex-marketers who have an intuition and passion for “making stuff work.” Despite the diversity and differences, however, one common trait among great testers is their inquisitiveness and stubbornness for solving problems. For that I’m very grateful!

*********************

The discussion doesn’t have to stop here. Let us know what YOU like most about testing in the comments section below. As always, thanks for reading!

Our Testing the Limits guest this month is Galina Kramer, the Senior QA Manager of Localization for Zynga. In this role, she is responsible for L10N testing of the company’s web and mobile games, including hits like CastleVille, Mafia Wars Hidden Chronicles and Poker.

In this interview, we asked Galina about the challenges of testing high-profile applications in more than 16 different languages; what testing is like at Zynga; her criteria for hiring testers; switching industries and other topics. Enjoy!

***********

uTest: You’ve spent much of your QA career in the healthcare and financial sectors. Now, you’re focusing on a different aspect of QA (localization) in a totally different industry (social gaming). What’s been the most difficult adjustment you’ve had to make during this transition? Similarly, what advice do you have for QA professionals switching industries?

GK: The most challenging aspect of working at Zynga overall is the release cadence. I was used to weekly releases, but not daily. Having such a short release cycle brings its own challenges to functional QA, which I managed at Zynga for a year. Now that I am working in Localization QA, it is even more complicated since everything has to get translated first.

My advice to anyone switching industries – GO FOR IT! Try new things and have some fun!! I love working in the gaming industry and never thought work can bring so much enjoyment.

uTest: At Zynga, you oversee L10N for all of the company’s web and mobile games, which are currently supported in 16 different languages (with more to come we assume). What languages or markets have been the most challenging thus far and why?

GK: When we first started localizing our games, we had a lot of issues with staffing for certain languages and that was a real challenge. Now that we have established a robust process, we are smooth sailing. It helps having great partnerships with both internal and external teams in order to make things happen as fast as we need them to.

uTest: Not only are you supporting 16 languages, you’re also supporting countless versions of operating systems, mobile devices, wireless carriers and other factors. How is your team able to manage such a complex testing matrix?

GK: It’s all about prioritization and risk assessment. We shuffle resources on a daily basis depending on a priority and work together. Teamwork is the key, truly.

uTest: With so many users who are willing to report issues, it’s often assumed that in-depth testing isn’t needed in certain industries, such as social media and gaming. This is obviously not the case at Zynga. What is the company’s philosophy when it comes to testing and QA? And has it changed as they continue to expand their global footprint?

GK: Zynga takes testing very seriously and understands that our players’ happiness and enjoyment is the key to our success. We listen to our players all the time – QA teams work with CS and Community so that we are constantly aware of what our players are feeling.

I don’t think Zynga changed the way we do things now – I think we are becoming smarter with every new launch and therefore things are getting smoother. It’s all about learning and getting better at what you do. If every team does that you are in good shape.

uTest: True or false: Localization is the most challenging type of testing.

GK: True. The main reason is the timing. QA is always the last line of defense and often does not get enough time to do the job properly (because other teams slip the schedule). Well, in the case of localization it’s even more complicated because the translators must do their part before it can be tested. Hence, more wait time.

uTest: Aside from being challenging, localization is arguably one of the most misunderstood testing types. We don’t expect you to disclose any specific bugs, but what are some of the types of issues that are uncovered during the course of a localization test? Misspellings? Poor translations? Others? And while we’re at it, how do you define localization testing?

GK: Localization testing covers all of the above and more We definitely look for misspellings, poor translations, truncation issues…  We need to make our games equally enjoyable in every language. This means keeping in mind culture differences, religious beliefs, language intricacies – all of it.

uTest: Fill in the blank: The most important quality Zynga looks for when hiring a tester is ____.

GK: When I interview testers the main thing I look for is Passion. A great manager once told me: “If an interview candidate does not know something you can teach him/her and in six months he/she can become an expert in the field. If a person doesn’t have passion inside of them – six months later he/she will still not have passion,” I really believe in that.

uTest: Users have incredibly high expectations when it comes to Zynga’s games. If something isn’t right, we expect that complaints are made quite publicly. Has the spotlight of Zynga changed the way you approach testing? What advice do you have for test teams whose products are very much public facing?

GK: I have always taken testing very seriously and brought that into Zynga with me.

One piece of advice I can give is – put passion in your work and get it done the way that makes you proud. If you do that people will love it.

uTest: Be honest: testing games like Farmville, Mafia Wars and FrontierVille is not what you had in mind when you started your QA career 10 years ago. That said, what did attract you to the testing space to begin with? What were your expectations?

GK: It was over 13 years ago, and I found myself constantly finding imperfections in software. I would write up a few issues at a time and email the web masters about it. One day I heard back from one of the sites I emailed and was offered a job as a tester. The rest is history

uTest: What do you like most about testing?

GK: I like seeing a product go from buggy to clean. I am very passionate about every game or product my team is responsible for and the feeling I get during every launch is a thrill equivalent to skydiving (and I love skydiving!).

uTest: What’s Galina Kramer doing when she’s not helping Zynga launch world-class social gaming apps?

GK: Playing with my one year old toy poodle Sterling, watching Manchester United (English soccer) or trying out new restaurants in the city.

Editor’s note: Thanks for checking out this month’s Testing the Limits interview. If you have ideas for future interviews, send us your suggestions.

Caleb Cohen, a gold uTester helped us organize this latest event where testers and customers alike gathered from the Tri State Area. They enjoyed making introductions, exchanging testing experiences and generally enjoying each other’s company. Meeting at Ayza Wine and Chocolate bar we shared good drinks, amazing cheese,and of course chocolate!

We’ve received some great feedback from testers who have taken part in uMeetups in the past. Being passionate about testing and about uTest seems to be a common thread that brings these testers, and now customers, together. It was really exciting to add customers to the mix and let these different groups share their experiences and network with each other.

Want to have a uMeetup in your area? Check the forums to find the one nearest to you. If you don’t see your country on the list  apply for a sponsorship here. Previous uMeetups have been in Cordoba Argentina, St. Petersburg Russia, Singapore, Mumbai India, Chicago, Shenzhen China and Boston.

Last week the uTest team exhibited at the CTIA Wireless Convention in New Orleans, while back at home our CEO Doron Reuveni was accepting an award as one of SBANE 2012 New England Innovation winners.

Earlier this week, Doron was at the InterContinental Hotel in Miami attending the AmDoc InTouch 2012 event.  uTest has recently partnered with AmDocs, get the inside scoop on the uTest website.

“By utilizing both uTest’s and Amdocs’ testing offerings, communications service providers can rapidly launch new services with higher quality than ever before.”

While attending AmDocs InTouch 2012, Ewan MacLeod, Editor of Mobile Industry Review, did a video interview with Doron. It hasn’t been posted yet but we’ll let you know when it’s up.

And the month isn’t over yet! Today and tomorrow, uTest will be recognized at the world’s largest conference for technology entrepreneurs as one of 10 winners in the Mobile Category of the TiE50 Awards.  We are proud to be chosen as one of the 50 overall winners out of 131 world finalists.

“The TiE 50 judging process was designed with meticulous planning, screening and judging by a team of more than 40 prominent entrepreneurs, venture capitalists, corporate executives and other domain experts.”

Here is a complete list of the winners of the TiE50 Awards. Our VP of Product Delivery, John Montgomery will also be speaking at TiEcon 2012 – at the Santa Clara Convention Center on May 19^th at 3:15pm.

Next Tuesday (May 22) you can find members from our C-level team exhibiting at Innovation Showcase for the MIT CIO Symposium in Cambridge, MA.  We’ve been chosen as one of 10 startup companies to exhibit at this showcase as a 2012 Innovation Showcase Finalist.

That wraps up our busy, busy May. To see photos from all of the events, visit our uTest Flickr stream!

The image you’re seeing is a data chart of thousands of separate device models encountered by the dev team at OpenSignalMaps over the course of a six month period. It may not be a flashy infographic, but it’s one of the best visuals I’ve seen to convey the challenge of Android hardware fragmentation. Here with more details on the chart (and on Android fragmentation in general) is arstechnica:

The developers logged 3,997 distinct devices, the most popular of which was the Samsung Galaxy S II. This figure was inflated quite a bit by custom ROMs, which overwrite the android.build.MODEL variable and cause those phones to be logged as separate devices. 1,363 types were logged only once, and while some were custom ROMs bucking the numbers, a good few were just massively unpopular devices—for example, the Hungarian 10.1-inch Concorde Tab.

It’s not only the sheer count of devices that’s daunting, either—the spread is also intimidating. It’s easy to imagine a practical Android developer who doesn’t want to waste time supporting niche devices restricting the app to require high-end hardware and recent APIs, covering only the 25 or so most popular phones, and devil take the hindmost. But in OpenSignalMaps’ case, the top 25 devices don’t even encompass half of the map, and would still exclude well-known and popular (if old) models like the Samsung Nexus S. The developers would be missing out on over 50 percent of the Android market.

Some commentators on the article have correctly pointed out that hardware fragmentation alone is not an impossible challenge to overcome. However, many are forgetting to consider that hardware is only one aspect of fragmentation. Yes, there’s more.

As any Android developer can attest, fragmentation across location, carrier and especially operating system also complicate the testing process. See our previous articles on Instagram’s Android launch or Neflix’s Android Testing Challeneges for some good real-world examples.

Before finishing up, it should be noted that we’re not for or against fragmentation in principle. In fact, we’ve written about the many benefits of Android fragmentation in the past. Still, it should be clear by now that fragmentation isn’t making things easy for mobile QA teams. In an ideal world, your app would work the same on every device (yes, even you, Hungarian Concorde Tab). Realistically, it’s just not that easy.

Lucky for you, help is available! Shameless plug coming in 3,2,1…

For an easier way to test your Android app across devices, browsers, carriers and more, be sure to check out uTest’s in-the-wild testing services. You can also try AppGrader for Android- our free tool to help you rank your app on the most common devices and operating systems.

Until then, happy testing.

The bug was introduced when we launched the API in conjunction with our new homepage on April 24, and was live until it was discovered and fixed on Friday, May 11, at 1:42pm. The bug made accessible the project description, goal, duration, rewards, video, image, location, category, and user name for unlaunched projects. No account or financial data was made accessible.

Luckily, the majority of the breached information was accessed by a Wall Street Journal reporter who notified Kickstarter about the issue. While information from 70,000 projects was accessible, only 48 projects were accessed by people other than the reporter.

Now I don’t know Kickstarter’s testing practices, and maybe this was just one of those things that unfortunately slipped through the cracks, but it seems like a prime example of the need for regression testing. When you’re introducing a new element to your site, or software or app it’s extremely important to make sure it doesn’t break any existing components – especially security related aspects. Kickstarter’s lucky personal or financial data wasn’t leaked, but that may not be the case next time. So let this be a lesson on why regression testing is so important!

Pixar had something very similar happen to them when they were developing their hit movie Toy Story 2. A mistyped rm command inadvertently deleted the entire movie. Then, to make matters worse, they discovered their backups were all bad. This short video, narrated by two of the technical leads from Pixar, explains how the whole thing went down and the one random thing that saved the whole project.

A good reminder to everyone: whether you’re developing the next great app or producing the next blockbuster movie, backup often and make sure your backups actually work.