Things you should never say to a tester

Home Forums Everyday Testing – Careers, Learning and more Things you should never say to a tester

Viewing 5 posts - 31 through 35 (of 35 total)
  • Author
    Posts
  • #11196
    Andrei Domuta
    Participant
    @andrei-domuta

    A thing you should never say to a tester (I am not sure about this one 🙂 ) ::
    ‘I wouldn’t go into details. Because you wouldn’t understand’

    #11274
    Kasper
    Participant
    @kasper

    @jarilaakso Yes I did notice. That does not change my opinion however.
    With the tools available programmers and testers can check for security issues without a lot of extra training.

    #11276
    Jari
    Participant
    @jarilaakso

    @jarilaakso Yes I did notice. That does not change my opinion however.
    With the tools available programmers and testers can check for security issues without a lot of extra training.


    @kasper
    , OK, I thought “I strongly disagree” means you strongly disagree with either of my quoted claims. Some points to consider:
    1) There would be no need for bug bounty programs if current tools could replace all the needs for specialists.
    2) VeriSign Trust Seal requires 3rd party testing, as does for example Trusted Shops.
    3) Something being useful doesn’t mean another thing can’t be done. For example, it might be useful to buy testing from an external party even if there are already internal testers.
    4) Many companies want IT systems, but don’t have any/enough IT professionals in their org to handle it.
    5) Not having enough skills/resources to do what one wants quite often results to purchasing part of the work from outside of the company/department.
    6) Having a test department can work very well for a company.
    7) For example, Homakov from Sakurity has written a lot about OAuth(2) problems. If specialists are never useful, and orgs have all the skills and tools they need, why problems have been reported about OAuth?

    As for

    Also it is very complicated and (therefore) costly to fix security issues afterwards.

    , I agree with the sentiment. I would write “can” instead of “is”, but as I’ve seen how costly security issues can become (especially when fixed only after many end users have been affected), I’m fairly sure we agree on this. “Test early” is a good heuristic.

    I agree with Thomas @ponnet and Gerald @jerryweinberg with a small note.

    …I don’t mind hearing any of those comments. At all. It’s just a reminder that there’s some work to do…

    (Jerry wrote about being angry.) These are emotional (system 1) thoughts, where as the “reminder to think” and the thinking part itself is logical/conscious (system 2) thinking. However, as they both might imply, we can train ourselves to receive feedback with a more positive automatic response. But I digress.

    #11430
    Jenny
    Participant
    @jenny-ferguson

    Here is an interesting read. You don’t want to mess with the testers!!

    #14242
    Archana
    Participant
    @archana

    While testing mobile apps “no one uses that device”

Viewing 5 posts - 31 through 35 (of 35 total)
  • You must be logged in to reply to this topic.