zondag 24 april 2016

time for WhatsApp forensics with R and SQLite

It's the end of April 2016.
Spring is in the Netherlands (still some wet snow, but who cares)

Time for some adventures in computer forensics.
This time I want to combine R and mobile forensics.

And what's the best app for that: WhatsApp !

Hm, but how to get data from WhatsApp into R.
Well, WhatsApp uses SQLite to store its data.
SQLite is an open source, embedded relational database and via R you can examine the data in the SQLite database used in WhatsApp at your mobile phone.

So, follow this week the  #RWhatsApp on the TestingSaaS social network for my deepdive into WhatsApp forensics with R and SQLite.
Feedback is always welcome.


Trust me, it's going to be a fun week!

zondag 20 maart 2016

When curiosity gets noticed: an interview about my journey in big data

Last year I started my deepdive in big data.
Blogging, Tweeting and following Coursera data science modules gave me a good start.

Well, that was noticed by my Twitter followers.
One guy, Matt Ritter saw my enthusiasm and wanted an interview.
We talked about my curiosity for big data, my journey and the problems I face when dealing with big data.

Matt, thank you for interviewing me and sharing my journey.
A great guy to follow.

Join also my social network for sharing adventures in big data, software testing, SaaS and computer security and forensics.

Enough adventures for a lifetime!




dinsdag 26 januari 2016

Data science and software testing, it's all about the question

Introduction

When I started my career in software testing I was a biologist without business experience, but I knew how to crunch data through statistics, python and machine learning.
In the last 11 years software testing was my main profession and still is.
But, more and more companies are into Big Data (as a part of data science) and as a biologist, trained in crunching lots of data (genetics, bioinformatics), I got curious.
Is there a way to combine my knowledge of statistics and crunching big data and software testing in today's business?
Sure there is: a lot of methods (statistics, data mining, web scraping) and programming language (R, python) used in data science can also be used in software testing.
Both software testing and data science are empirical studies trying to answer a specific question. The answer to this question can be derived by using tools or methods.
Mind you, don't let the tool or method determine how the answering process proceeds, let the question be the determinant.
Be open minded! Remember a fool with a tool is just a fool.

Data science and software testing

Data science is not just statistics, it is an interdisciplinary field like bioinformatics, combining mathematics, statistics, computer science, information science etc.
Just like Big Data, it's a buzz word, but a data scientist, according to Coursera, has one goal:

Ask the right questions, manipulate data sets, and create visualizations to communicate results.

Well, that's the same in software testing.
Without the correct question, dataset and visualization (report) a software tester can't inform the stakeholder about the state of quality of the object under test.

Now I know testers have tools like Jira, Microsoft Excel and Selenium to help them.
Why should we know about data science then?
Well, as I said before, a fool with a tool is just a fool.
You maybe know how to use many testtools, but the most important thing a tester does is asking the right questions. This triggers the other stakeholders to answer these and this way possible issues are found.
Data science is all about asking the right questions. It can help the tester with creating the question and deriving the testset, even when the testset has missing data. It also learns the tester how to visualize its findings.
Testtools can also do these things, but, in my opinion, a tester should be able to do it himself.
Knowing data science can help the tester to stay critical. 
There are a lot of data science courses online like Coursera or Udacity.
Try a course, it won't be easy, but that's part of the learning.


Conclusion

Software testers can learn from data science to help them in their daily work: ask open minded critical questions, testdata development and processing, testtool selection and visualizing the quality of the object under test.

For me, data science increased my ability to ask the right questions and diminished the fear of going too deep into the data. 
A software tester never should be afraid to ask the right questions to different (!) people, go deep if neccesary and report his/her findings
You have a job to do: Visualize the quality of the object under test, as critical as possible!






zondag 1 november 2015

So what's your hobby? Resurrection!


2015 is a busy year for me: new job, more responsibilities, work abroad and some explorations in data science using R.

I noticed I did not post anything on my TestingSaaS blog for a while now.
Well, it's that time again.
Too much is going on in software testing,cloud computing, forensics and information security to let unnoticed.
Questions to be answered like:

  • Is the software tester a dying breed?
  • How can we test the Internet of Things?
  • Can we use data science when doing software tests?
  • Isn't test automation just checking, not testing?
  • What's a RAT in information security, and why should you know about it?
Just a few questions, and the next few months I am going to answer these through my blog and my articles for Eforensics Magazine.

TestingSaaS is not a dying breed.
Why not?
Because his hobby is: Resurrection!







zaterdag 24 januari 2015

A decade of software testing, how it all started

When you are having fun time flies!
Well, you could say that with me concerning software testing.
And I am a fun-loving tester now for ten years, a decade of adventure!
How did it all start?

Ten years ago I got the idea to become a software tester.
Pretty strange at that time because I just finished a Masters in Biology at the Wageningen University and Research Centre (WageningenUR) and was destined to become a bioinformatician.
However, specific events led me to this decision:

  1. I always was intrigued by computers: birds were my first love, but computers my second
  2. A summerjob introduced me to the world of softwaretesting: I had to test a time-planning application for truckers, exploratory tessting to the max!!
  3. 10 years ago biology was more in the DNA labs than behind the computer
  4. I did not want to be a programmer:. I can build, but I like breaking more!
So I wanted to earn money, use my brain and get some business experience.
Softwaretesting is then not a bad career move:
you get a nice salary, you have to think a lot and you explore different businesses.
When I was studying biology, I would have never thinked of working at a bank, a logistics company or a mbile security firm. Or spending your free evenings and nights exploring XMLs, identity protocols or forensic software.
And still I find enough time to explore testing adventures abroad.

Sometimes a bumpy ride, but with enough fun time.
Well, it's a jungle out there, and it's survival of the fittest, but this guy adapts and sometimes he wins.

Let's see how the next decade goes.
I am ready to go, are you?






donderdag 11 december 2014

Back in business: Software testing, information security and computer forensics

The last 2 months I was very busy with a lot of things except blogging on this site:
I founded a new social network about the behaviour of birds and together with SocialQuant, a company founded by my friend Dr. Morten Middelfart, we increased the online social Twitter-traffic for TestingSaaS and BirdBehaviour. Lots of fun and a lot tested and learned.

But, it started to itch again and after following an event organized by Testnet yesterday I was in the blogging mood again.
Why?
Well, the event was about information security and privacy.
Although the things said were not new to me I realized information security (infosec) and computer forensics depend on each other.
With infosec you want to defend information from wrongful behaviour by a third party.
This can be criminal behaviour, for which the evidence can be pertained by computer forenics specialists to use in legal court.
Yesterday, the first speaker from EMCS IT Services was saying government organizations were exploring the internet for criminal cyberbehaviour, but he did not say the evidence found for this has to be secured for forensic investigation. Finding the evidence is one thing, securing it and reporting it is something else.
To learn more about this, just have a look at Eforensics Magazine .
It's the same with software testing, bugs in the code and flaws in the documentation can be found, but this work is not effective without a sound description and report.
That's why I like software testing, information security and computer forensics.
It's all about interdisciplinary (functional, technical and legal) analysis and the way to visualize it in a report.
You can say that you found a bug, breach or forensic proof, but without a good report (with argumentation to back it) do not expect a pat on the back.

dinsdag 29 juli 2014

using forensics for mobile testing

In May 2014 I started a new job as the QA engineer at Onegini.

It is a software company, which develops access management solutions for online services for insurance companies, webshops and financial businesses
Who is familiar with my social network TestingSaaS will not be surprised hearing this, because of my fascination with online authentication.
One of the many challenges I now have is to develop a testing approach for their mobile solution.
That involves developing a test strategy, knowledge training, test automation and tool/device training.
The hardest part here is the knowledge and tool training.
Mind you, the company uses the agile methodology and that means every two weeks a delivery of workable software. No time for on-the-job reading.
Fortunately, another hobby of mine (yeah, I see software testing as a paid hobby :) ), computer forensics (not paid yet :) ), provides me the knowledge necessary to be able to test the mobile application.
Both for software testing and computer forensics (read mobile forensics) you need analytical skills to know what you have to analyse. For software testing this is identifying, analysing and documenting bugs and for computer forensics it is identifying, preserving, recovering, analysing and presenting facts and opinions about the digital information.
Both disciplines require a sound understanding of the object under analysis.
For a couple of years now I write for the online magazine Eforensics Magazine ,where I use my testing skills to study forensics software. A great way to learn forensics and practise my software testing skills.
Eforensics Magazine also has special issues on Mobile Forensics, with a load of reading material on forensics and mobile operating systems.
I am not a die hard programmer, but a forensics enthusiast, so Eforensics Magazine is my prime supplier of enough material to enhance my knowledge on mobile operating systems to test the Onegini solutions optimally.

Android, Blackberry, Apple, Windows Phone, it's a jungle out there, but I am ready to explore!