Mind of Bigyellow

Builder:  Like the menu in fast food restaurant, the order has a framework, and customer just fill her need. Representive Class The builder abstraction (interface) The builder Implementation A director //The director public class CarBuildDirector { public Car Construct () { CarBuilder builder = new CarBuilder (); builder . SetColour ( "Red" ); builder . SetWheels ( 4 ); return builder . GetResult (); } } Here a car is build.  Car.Construct() calls a car builder, and returns a car. Fluent API A fluent interface is normally implemented by using  method cascading  (concretely  method chaining ) to relay the instruction context of a subsequent call (but a fluent interface entails more than just method chaining  [1] ). Generally, the context is defined through the return value of a called method self-referential, where the new context is equivalent to the last context terminated through the

Browser http://getfirebug.com/ https:/ /www. wireshark. org/ Test Generation http://textmechanic.com/Permutation-Generator.html Security http://www.opensourcetesting.org/security.php http://packetstormsecurity.com/files/tags/tool/ https://www.owasp.org/index.php/Appendix_A:_Testing_Tools https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/ https://dzone.com/articles/security-testing-tools-you-need-to-know-about Test Data http://www.generatedata.com/# t1 C# pluralsight-training.net  training http://www.pluralsight- training.net/microsoft/Courses   http://freeworld.thc.org/root/ phun/unmaintain.html http://silverlightchina.net http://phonegap.com/ jet brains , ants profiler, check code performance

There are lot of great talks in EuroSTAR 2015.  I was really enjoy it, as well as the city Maastricht. Tidy, charming city with history, gourmet and exclusive shopping :) There are a few hot words into my ears. Autonomous management , self steer group.  DevOps is all about communication, collaboration, transparency.   Always start with WHY, follow with WHAT then HOW Continuous learning is the way to survival for tester.   Dedicate team, Automation in Agile.  Small team with B ig goal, leads to -> disruptive .  ************************************************************************** DevOps: My feel of DevOps is Collabration and Communcation.  To achieve efficiency, TA should be communication with different parities, get the needs from them ,and make the things happen. Open mind and fearless. [TU4].  Continuous Delivery means Continuous  Testing , but not means Continuous  Deployment  [TU4]. Communication brings Trust [KS2] from Engagement -> Excellence.-

测试报告是测试分析师非常重要的技巧之一。是分析师和所有的利益方进行交流的方式，也是提供可靠信息的保证。M.Bolton 在他的Blog写了测试报告三部曲，有很多值得借鉴的地方，一个产品的报告和一个具体的缺陷的报告的侧重点也有区别 http://www.developsense.com/blog/2012/02/why-pass-vs-fail-rates-are-unethical/ http://www.developsense.com/blog/2012/02/braiding-the-stories/ http://www.developsense.com/blog/2012/02/delivering-the-news-test-reporting-part-3/ a failing test is only an allegation of a problem. Investigation and study of a failing test is likely to inform us of something more useful:  Showstopper (n.): Something that makes more sense to fix than to ship. Significance, relevance, credibility

Reading  https://www.accenture.com/us-en/insight-future-fintech-banking.aspx Difficult to fast deploy new techonoly banking service would be added incrementally to non-financial service offerings. Openness, Collaboration, Investment making customer's life easier not on asset monopolies.  Bank Open API for the innovators to create new service (isn't what Chinese 3rd party payment companies do?) The bank provide a open platform for the newcomers.  How to manage the risk, and how to execute the compliance for those 3rd party products?

We all struggle with how to communicate emotion over email. Without normal cues like tone of voice or facial expressions, miscommunication can happen easily. These recommendations can help: People overestimate their ability to convey emotions in email. The simplest way to avoid confusion is to  explicitly state the emotion  you want to relay. For example, “I’m very happy with this…” or “I’m confused…” People also read and interpret emotions differently. Prevent misunderstandings by  imagining how your email will sound  to the recipient. We tend to trust those who act like us.  Mimicking the style of the person you’re emailing, whether through emoticons, exclamation points, or slang, can help you come across the way you intend. It’s easy to appear fake or ungenuine over email. Sometimes,  making an intentional typo can help you seem warmer and more authentic, especially when you’re in a position of power. Adapted from  “The Dos and Don’ts of Work Email, from Emojis to Typos,”  

Always time and number of users.. The differences  Steps What is the a great tool to choose. 

The slides are from an EUROStar webinar,  The future tester requires both test management and test sill. The traditional test task split will become less important.  

Injection:  在输入中加入代码，直接进入系统 Broken Authentication and Session Management: 利用Session  管理的问题，比如登出，密码管理，超时，remember me等等里面的漏洞来进入其他用户的账户。 Cross Site Scripting：将恶意代码发给多个用户，一旦有一个用户疏忽，就会被侵入。之后此用户和网页之间的数据交换，cookie等就有可能被暴露。  Haker --> Create Page Victim --> Visit page   Victim --> Get inject script Hacker --> Do bad thing on victim behalf Insecure Direct Object References：没有权限的用户可能访问某些需要权限才能访问的对象。特别是某些文件目录，侵入者可以猜测目录结构，然后进入一个应该保护但是没有被保护的目录 Application Security Misconfiguration：某些不必要也不安全的组件被放在网页上面，比如一些内部用的调试组件，侵入者可以通过这些组件绕过认证的过程。  Sensitive Data Exposure: 需要被加密的数据没有被加密储存或者传递，或者使用低级别的加密技术 Missing Function Level Access Control：某些函数或者控件只能被认证用户使用，但是因缺少保护，侵入者可以找到这些漏洞。 Cross-Site Request Forgery：用户访问网页的时候，现访问侵入者的主机，此主机在用户的请求后面注入恶意代码在发给用户真正要访问的服务器。  Using Components with known vulnerabilities: 开发的时候没有注意使用的库可能是已知的有问题的。使用这种库，就容易出现问题。 Unvalidated Redirects and Forwards: 网站经常会将用户重新定向。 如果定向设计的有缺陷，侵入者可以加入一些参数，引诱用户点击以后被重定向到他们希望的网页。 

Functional test for new development: Divide to two stage: i) Early test: test in each team's isolated dev env. those envs are regularly sync.ed. Release test: each test analyst will be responsible for several test plan, which covered one or more new feature/requirement. So test analyst is a role, plan the test, design the test, execute the test, and report the test. ii) Automation test for regression test:  A lot of automation test (UI and Unit) as gate checking. Other test: Performance. Performance test. Problem or challenge: 1. Each team/test analyst works alone, find error in their own domain. Cross domain error sometimes not caught. 2. The strict release date and predefine feature(most likely are promised to customer)somehow restrict the Agile development. 1. script failure, hardware failure, network failed, and the dependencies, database failure, or system crash due to ...... etc 1. I should not only test the CR, also think the theory behind it. 2. Figu

Q: More Asset Management team seeking nontraditional investment in nowadays, what is the opportunity to me A: Instrument Type added, and the infomation of Insrument type will be added. Q: How to deal with the support to different version. A: After 5.6, install the agent in testtemp folder, and no need to remove the agent from default folder. . Q: Also think about test as service, what I should change my behaviour. A: Test as service is mainly to know what you custemer needs. Interview the stakehold what they want, and design the test for them. No quite same as the work we do here. Q: How to perform release test and cr test, figure out a good way to do that. Get project information -> Write strategy -> Script the test. Relase test should not only test the CR, also test the requirement, not only the functional, should I consider the non functional, or higher level test. Use script is good for simplify the labor work, but also make the test to always use the predifine s

1. 为什么联系汇率 优质资产国家，为了保证汇率稳定不上升保证出口。  2. 联系汇率的压力 欧元资产 烂 ->;  欧元进入本国 购买优质资产  -> 本国货币紧俏 -> 本国货币汇率上升 -> 维持稳定 -> 央行加印本国货币 -> 买入市场欧元 ->  欧元外汇储备增加  ->  本国资产泡沫化 -> 欧元贬值  -> 外汇储备资产贬值   3. 阻止热钱 1.  放开汇率，会对本国出口造成影响 2.  降低存款利率，减小热钱的兴趣 Question  为什么  QE ->导致避险资金涌入  参考: 1. 而瑞士央行要履行瑞士法郎对欧元汇率不得低于1.20的承诺，就不得不大量买入流入国内的欧元“热钱”，成为市场上唯一的欧元对瑞士法郎汇率“多头”。 2. 这样的汇率保卫战已使瑞士央行不堪重负，目前瑞士外汇储备占GDP比重已经从2011的30%左右一跃升至如今的70%以上。面对资产泡沫风险加剧、瑞士法郎被严重低估的前景，瑞士央行出此“食言”之举也不难理解。至少现在瑞士法郎迅速摆脱了被低估的风险。 3. 彭博援引Rabobank策略师Emile Cardon称，瑞士央行放弃欧元/瑞郎汇率下限，可能是因为了解到在欧洲央行实施QE后，再买汇以阻止瑞郎升值的代价会越来越高。

You buy pension from pension company, pension company use your money buy bonds from credit, and  credit use your money to lend to you, After all, you pay interest to credit, credit use your interest to pay pension company, and pension company use your interest to pay your pension interest.

在论坛上看了太多中医的东西，我就自己写写我自己的看法吧， 中医，太笼统了，粗分一下，有中医诊断和中医治疗 中医是从经验发展出来的一门技术，中医诊断，基本就是靠猜。基本靠不住。日常常见的小病估计还凑合，可以听听，略微严重点的病就算了。 中医治疗，粗分成药物治疗和物理治疗把， 药物治疗，和诊断一样，非常常见的小病，也许可以一试，很多方子都是一些验方。说它完全没效果也是不对的。大部分的方子还是少碰为好。 物理治疗，这个估计是中医可取的地方。针灸和按摩也都是经验科学，其实就是通过刺激身体里面的神经来进行治疗，虽然讲不清楚原理，但是有时候也确实有用，而且这个副作用也小。