Posts in Software Testing
Fun with Google
I'm doing some self education with security testing again. It's been a while. I'm back to Hacker High School working the lessons.

Today, it's fun with Google. I can't hack any real sites, so I thought I would try to find stuff on some of my sites. I found a lot of good detail by reading Google Hacking Mini-Guide by Johnny Long.

Even something so simple as the following can return a lot.


allintitle: "index of" xls


I couldn't find a problem with any of my sites, but that's probably because they are so poorly designed that Google can't even index them properly.

This is a lot of fun and a bit addictive. I recommend turning Safesearch on if you have an aversion to elicit material.
Intuition and The Expert Mind
If you haven't read James' post on intuition, please do. Once complete, scroll further down his blog and read my response.

When out working with James shortly after that post, he had me read The Expert Mind by Philip E. Ross. The article gave me a new word, apperception, the process of understanding by which newly observed qualities of an object are related to past experience.



Some other interesting tidbits from the article:


Without a demonstrably immense superiority in skill over the novice, there can be no true experts, only laypeople with imposing credentials. Such, alas, are all too common. Rigorous studies in the past two decades have shown that professional stock pickers invest no more successfully than amateurs, that noted connoisseurs distinguish wines hardly better than yokels, and that highly credentialed psychiatric therapists help patients no more than colleagues with less advanced degrees. And even when expertise undoubtedly exists--as in, say, teaching or business management--it is often hard to measure, let alone explain.



...what matters is not experience per se but "effortful study," which entails continually tackling challenges that lie just beyond one's competence.



...experts-in-training keep the lid of their mind's box open all the time, so that they can inspect, criticize and augment its contents and thereby approach the standard set by leaders in their fields.


Here's to effortful study by all the experts-in-training reading TestingReflections. I really like articles like this. If you know of any others, please post them below.

For example, if you like chess then I recommend Attack & Defence by Dvoretsky and Yusupov. In this book, Dvoretsky talks about using intuition in time-limited situations. He also gives examples of effortful study within chess and provides some sources of chess intuition.


"...intensive analysis of concrete situations--this significantly develops and enriches our intuition." -Dvoretsky