How Do you Eat a Mastodon?

… one piece of the time. Really. Don’t worry about it – it’s similar to eating an elephant.

While Discord and Slack sites can be places to go for communities with the faill of Twitter – they are closed systems. You need an invite and communication closed within the instance. This is good for closed discussions you want to gatekeep. Mastodon seems to be the place for serendipity and cross-collaboration across topics and communities. It’s not new, the framework started in 2016 gaining 1 million users in 2017. There are a number of great and extensive guides – one of them is fedi.tips. Another great guide is Mastodon Lessons Learned by Lisi Hocke (@lisihocke).

Hi I’m Jesper🧷🌻🐐📕🗺🇩🇰 (@Jo2sn@mastodon.social)

Signup and Servers

For Mastodon, you create accounts on a server (or instance) in the Mastodon-based network. Through a shared protocol the people on the servers can communicate with posts, threads, likes, and resharing as known from other platforms. Mastodon is really the software framework (on GitHub) and the network called “Fediverse” – but people mostly call it “on Mastodon”.

Someone wrote that picking a Mastodon Server feels like selecting a character in a new video game. You don’t really know what you’re looking into and how you will play the game. Luckily you are not fixed to one account on the Mastodon network. You can have multiple and easily redirect from the old to the newer. I have tried jumping profiles myself, as the first one I made was on a server with too few general topics. One of the elements of Mastodon is that each server has a timeline – besides the ability to communicate across.  

Some servers are topic-based on Open-source software, others on art and LGBT, you can pick a specific server and expect the local content mostly on that topic. Or you can pick a general-purpose server – if one topic doesn’t define you. There are some tools, like debirdify that can help you in the process – but not yet a 1-click tool to move over. 

Two ways to select a server:

• Browse the directory at https://joinmastodon.org/servers 
• Use https://pruvisto.org/debirdify/ to see where your Twitter people have moved

People can and will move to many places – there is yet to be a primary test community instance. 

Profile and Settings

• Your username is text-based, but you can go crazy with emojis in the profile name field
• Create your profile with a picture, banner, and profile text
• Profile meta-data and hashtags will help people find you and recognize you
• Add 2-factor authentication and save the password and keys
• If English is not your native language, there are other languages available (German is rather prominent). Selecting a language seems to give you more content in that language.
• Enabling the “slow mode” setting is recommended. It forces you manually to reload the feeds and not have the dreaded firehose. 
• Make an #introduction post and write your favorite hashtags, that will help people find you.
• Write your Mastodon username @user@server.name in your Twitter bio so that others can follow you

General Use

As there is no algorithm to drive engagement, so use hashtags and reshare content from others. Likes are only posted to the author – so reshare/retoot great posts. Similarly to following people you can follow hashtags like #MinistryOfTesting and #TwitterTestingPeople. The culture of Mastodon is to be inclusive. Use Content-Warnings and hide images as a common rule – and ALT-text on images as a general rule. 

Mastodon has free apps (Android, iOS) for casual use and some pay-to-use apps. Currently, it seems you can’t follow hashtags in the iOS app, so I tend to use the browser more. There is a range of choices – see what bests fit you. You can get a long way with just the primary site.

Servers are run by small teams of admins, so in peak periods there might be suboptimal performance. Most servers seem to be funded by patreons or similar fundraising. 

In theory, an instance could close down and take everything away. If you have content that is more permanent and you want to own, put it somewhere you control. The same challenge is true for ad-based social media (Facebook) and subscription-based platforms like Medium. 

If you feel like organizing the content coming your way, enabling the advanced web GUI setting will give you columns like “TweetDeck” – but the setting is global for your login. Sometimes I just want a quick read over the timelines, other times I want to monitor specific topics. To monitor topics I have set up columns in Sengi https://sengi.nicolas-constant.com/. It’s a per-browser setting, so it’s more of a topic radar that can be different across my devices. Personal lists are a feature too, but it seems based on people not so much on topics. 

Do notice that direct messages aren’t private messages. All the people you tag can read the messages. So don’t tag the people you want to rant about. 

The visibility of a toot/post follows the flowchart below. 

Via @Geekymary: https://mastodon.social/@Geekymary/109290888512800541

A Story About Lifting People Up

This article is a parable, it’s not a traditional testing post. But as with all parables, this is a story to reflect on. It comes with all the best and noble intentions. [TW: semi-religious content].

There once was this person named Zach. Well, the name is really not so important. It could have been Dilek, Kim, Brie, or Latoya. Zach’s job was to collect fees among the community members – a service job for the benefit of the community. It could, as well, have been removing spam, sorting, and organizing content. And onboarding new people to the community. Menial work, which could be a hassle to the others – yet important for the community to run.

Reflection: What glue work gets taken for granted where you are?

But, there is no doubt Zach had cut some corners along the way. After all, that’s just the way business was done sometimes, thought Zach. And because of that, the fancy people of the community ignored and dispised Zach even more.

To make matters worse, Zach was not as tall as the others. You could say, that Zach didn’t have the same attributes as many of the others. And that made Zach feel further diminished and small in the eyes of the community. And that probably added to Zach’s cheating. Nothing Zach did was ever really recognized.

Reflection: who is putting in an extra effort to be seen?

One day a superstar and thought leader was present in the community. Everyone in the community gathered around and engaged. There was a buzz going on and Zach wanted to be a part of it. But it was still a burden for Zach to engage. Zach had to make an extra-extra effort just to catch what was going on.

Suddenly the superstar called out: Hey Zach! I see you. I will come to join you where you are. And so he did. The superstar joined Zach, the menial fee collector. Zach pledged to be a better person and has been since. Zach is now sharing surplus energy with the others in the community and has made up for the wrongdoing previously done.

Reflection: Are you meeting people where they are? How can you lift people up that are not seen?

#263: There is a Model for your Trouble

Often directors, managers and other decision makers talks about an advanced challenge they have: What can we automate, who should automate and what tools to pick. There more and more I listen, the more I hear – they have not applied any models of the problem at hand. And there usually is a model of the problem space already. Any old model is preferable over no model at all. But it can be hard to see in the middle of chaos.

Continue reading →

I’m Part of the MoT

Continue reading →

Episode V: Return of the ESN

In which our hero must revive old wisdom to battle empires and where the band of front runners will be supported by fuzzy friends to bring down legacy structures.

Continue reading →

Testing is like … vacuuming

• It’s better to do it often, than to let it pile up
• It’s a tedious task that robots can do (partially)
• Automation can catch some base level hairy stuff
• Bigger hairy catches should be hand-picked
• It’s always involves using tools
• It’s better when it’s a whole team approach to cleaning
• If everybody does their area, it all adds up
• There’s always the usual spots …
• .. And the spots to see after you thought you were done
• In a hurry, you use the snow-plow method
• It catches bugs

This is an analogy blog post – consider it an experiment, not a wholesome truth, but rather a model. And a model is always false, but sometimes useful.

This blogpost is also coming from a community outreach from the  Bloggers Club on the Ministry of Testing. There are regular challenges that aim to share community thoughts. This month, the challenge is to share the personal perspective about “Testing is like…”

The analogy is inspired by Heathers post about their new vacuum robot below. If you want to consider how to test a robot vacuum, go see the club post: How to Test a Robot Vacuum?

Meet my new friend Floor-a the Explora.

It's going to take over the hoovering for me. Gotta charge first though! pic.twitter.com/Oz5v6mFZq8

— Heather Reid (@heather_reiduff) June 29, 2020

[Image of “Floor-a” with permission from Heather]

Your Learning is on You

You, yourself, is responsible for getting the training, learning and knowledge you need. Don’t wait for your boss – be proactive, it drives your success. Here are some places to start:

Meetup’s are happening online now, which removes one primary barrier to attending great talks. Similarly conferences go online, some with a fee, some for free – some even in multiple time zones. Lastly online training sites are abundant with relevant information for the challenges you have. Yes – also for you!

Stop moaning about getting test automation and accessibility to be a part of Definition of Done, or how to build a whole team approach to quality. It’s already out there – reach out.

Just this week, April 2020, I’m attending:

• Smart Bear Connect 2020, online / live
• Lean Agile Scotland 2019 recording
• Test Bash @ home 24 hour online / live

With plenty of talks about risk based testing, test management in the light of automated deliveries, BDD etc. With live slack groups the experience is almost as the physical conferences :). Next up in may is the Online Test Conf, Spring 2020 with topics for everyone in convenient global time slots.

When your boss says there’s no budget for attending conferences in person this year (again!), there are other ways to attend – physically. You could try to submit a talk and get accepted, but the barrier is quite high. A great way is simply to reach out and volunteer to help the program committee. If you can time it, with regards to the budget year, ask you boss based on the conference program aligned with your company strategy. At least what the boss should do is to allow it to be company time – else take the time off. …

If you are hungry to learn

What I see in the global testing community is that Scandinavians are complacently waiting for the company to pay time, money and effort to their learning, while people in emergent economies (Hi Sfax and Argentina) are eager to learn and on the forefront of the trends of the trade. They are driving the change of a positive inclusive community.

Time to information is the key factor – not only in digital transformation, not only in IT deliveries and but for the organisation as a whole.

And for you!

if you still work in silos, your success – will be less

Mike Lyles, Smart Bear connect 2020

Your Mileage Will Vary

Looking at all the podcast, conference and community chatter you could get the impression that everyone else’s projects always follows the latest trends and hottest principles. That everything is perfect, and everything is a success – and that all new ideas are working right off the bat.

First Try… ish

It almost sounds as if testing has to be in a specific way, and that what you experience is wrong or less worthy. That there are no failures, no scrum-fall projects or old legacy systems. It sounds like everything runs smoothly on an up-to-date CI/CD K8 technology stack with all the bells and whistles.

Hmm.. no.

Don’t worry, listen to the “Guilty tester podcast”

The Testing community regularly acts like most places are doing testing from the beginning, in a collaborative and none segmented way. In my opinion, this is significantly rarer than we admit it is, with the large majority of Testers still having to fight (1/3)

— AllCapsTester (@AllCapsTester) March 17, 2018

Every single project/company/context is both it’s own mess and it’s own best. There is a huge difference between all the worlds companies and all the countries traditions around IT. Sure, it may happen – let me tell you the world of IT projects is a weird place, and that’s OK. So take all the stories of successes with the added American car commercial catch phrase goes “your mileage may vary” [YMMV] or as we tend to say coming from a Context Driven point of view “It depends“.

It depends on your context if modern testing is a thing for you, it might work in an enterprise setting of commercial standard systems. Using Robot Desktop automation in testing might work better in that setting, but then again it will probably not be a good fit in your average software development project. In a context of developing software business-to-consumer the web features is more importation than in an enterprise setting. And round and round the practices and approaches goes and goes…

If you look a little beyond the borders of your own project you will see similarities to others doing the same, but also the diversity in approaches, successes and failures. You are not doing all of it wrong.

You are not doing it wrong

– you’r mileage is just different.

When are we Testing/QA folk gonna give ourselves a break?

“Testing is dead”
“All Testers need to learn to code, to be relevant”

We are not in a one size fits all industry! #softwaretesting

— Simon Prior (@siprior) March 4, 2019

You don’t have to be a boss to be a leader

It’s really that simple, yet awesomely profound. And a typical Gerald Weinberg quote, like my other favorites of their points:

• No matter how it looks at first, it’s always a people problem (The second law of consulting)
• You’ll never accomplish anything if you care who gets the credit
• Things are the way they are because they got that way
• Quality is value to some person

Regarding the last quote; which was later extended with “who matters, at some time“. Once I had an argument about how to deliver quality. The other side held towards IEEE definition of delivering the expected. But even when they did, they failed to see that the unmeasured and irrational parts affected the value to the customer. I agree completely with The Cowboy Tester that knowing works of Weinberg is a measure of seriousness.

For many of us learning whether or not you know about @JerryWeinberg is a kpi for how serious you are about testing as a career and craft. You don’t have to agree with him, but you should know him.

— TheCowboyTester (@cowboytesting) August 8, 2018

Weinberg worked not only with testing, but among other things also consulting and organisational change management. I did not know that when reading “Making Sense of Change Management” (Cameron & Green 2012). I literally jumped up and started laughing while reading the quite serious elaborations to the Satir Change model – the authors found that Quality Software Management: Anticipating Change (1997) is a “masterly book on change, but with a title that might not appeal to everyone“. It might not appeal to change scholars, but definitely appealed indirectly to a lot of people in testing.

Recently (August 2018) Jerry died aged 84. Not a boss – yet a leader.

3 Sessions of Security Testing

One way to collaborate in a team is to achieve shared knowledge together. An example of this is the online activity of “30 days of testing” that The Ministry Of Testing has been putting out to the online community to participate it. My test team has a “Work Group / Special Interest Group” with regards to security testing, so when a 30 day challenge for security testing came up, we scheduled sessions to learn from the topics provided (see below).

As we are testing consultants doing work for our customers, we scheduled 3 sessions – initially for an hour. At the start of the hour we picked 4-5 topics from the list, and worked our way through them in a prioritized order – within the time box of the hour. Come to think of it we might as well have used the Lean Coffee format. As we have team members two places in DK and one place in PH, it was a skype call using screen sharing. After the call I  summarized sending out a “link mail” to all in the testing group (DK and PH). Evaluating the sessions we extend our ordinary scheduled WG meetings to make room for collaboratively investigate additional security testing topics.

12 From the list: ZAP, Google Gruyere, threat models, HTTP proxies, posture assessments, tiger boxes, recent hacks (elaborated by Troy Hunt), OWASP top 10, OWASP SQL injections, adding data integrity testing into a test plan, share ideas for security testing internally and externally, discuss security testing with regards to EU GDPR compliance.

7 Not on the list: Naughty Strings form GitHub, Bug Magnet plugin, How real persons names trick IT systems, how to be careful with custom license plates, DDoS attacks, IoT privacy failures, Chaos monkeys/Siamese army and little Bobby Tables:

XKCD: Exploits of a mom

To sum up, we have learned about: what tools that can make testing easier, where to read about vulnerabilities and and simple exploits, understand how personal data and logins are used and stored, how to pitch security testing based on fear of breaches and safety concerns, testing the requirements for “by design” security.

30 Days of Security Testing