Mental Health 103 - Counselling and roads to wellness

I cannot begin this piece without first thanking many people who have sent emails, Tweets and left comments of support for my previous piece.  It reaffirmed my belief that "this is something worth talking about", and I was moved how my tale had touched so many people in different ways.  For myself sharing it was an important water-shed, an affirmation that "these things happened to me - but I refuse to let them to continue to have power over me".

Oh, there's still a footprint remaining - but time and treatment have helped to reduce them.  For myself and many others, the road to wellness in this area was counselling, which is sometimes called therapy.  A lot of people have opinions about counselling – ironically, when challenged most people turn out never to have been in a session.  There is a lot of misinformation out there, not helped by clichés we've all see in films, TV and the media.

The phrase that I hear the most is “I'm not going to have someone sit there whilst I tell them all about my life, just so they can judge me”.  As someone who not only been through counselling myself, but has friends who have also used the service, I would like to talk you through my experiences.

Let’s start with what it isn't …

• Counsellors don’t sit there and judge you
• Counsellors don’t treat you like a child and tell you how to live your life
• Counsellors don’t go home and laugh about what you've told them with their friends
• Going to counselling is not a sign of weakness
• Going to counselling isn't even necessarily a sign you have a mental illness

Let’s try and clear some of that out of the way now – the media stereotype we're used to is one of some awful wet-behind-the-ears hippy who just tell us repeatedly “so how did that make you feel?”.  I have never met a counsellor like that.

Counselling is about exploring an aspect of your life that is uncomfortable and causes you distress.  Let's be blunt about this, to get benefit from the session, you need to feel you should be there because there is something in your life that's such a pain point that you want to address it.  The counsellor doesn't know anything about you but what you tell them – so in truth, you are firmly in the driving seat.

Most counsellors work by essentially guiding your through processes as you explore past events, your thought processes, how it affected you afterwards, and yes indeed – how it made you feel.

For myself – I can quite simply and clinically recite to others the bare bones versions of those events “I was sexually abused”, “I saw someone killed”, “we tried for a second child, but it didn't work out”.  But the fact is, it’s the whole “how did these things make me feel” that’s the clincher.  For each of those topics it’s complex and labyrinthine, and I got so used to avoiding thinking about them, I honestly never explored how they did make me feel.  Regarding the sexual abuse for instance we explored in counselling how it affected going through puberty and adolescence, my sexual discovery, my confidence, and my feeling in situations where I felt similarly dis-empowered.

An important part of the counselling relationship is it’s confidentiality.  Counselling is a professional career which takes it’s obligation to your welfare seriously.  In fact in my opinion, counselling cannot work unless you have a level of trust with the person you’re going to spend this time with.

There are limits though to even this confidentiality though that it's important to understand – counsellors will remind you at the start of your session that they are obliged to break this confidentiality only if they feel you are likely to harm yourself or others.  But even this makes some obvious sense, this is about your wellbeing after all.

For myself and the areas which have caused stress in my life, they are not subjects it’s easy to talk with others about.  Certainly not people I have a relationship with.  They are about discussing a certain level of insecurity and are certainly “heavy” subjects, which need to be dealt with sensitively, and perhaps not casually.

I have to be blunt – when I was at University in Liverpool, a friend in my drama group wanted to meet me early at a pub one night, before the rest of our group.  She then dropped a bombshell that her father had just been diagnosed with an inoperable brain tumour with months to live.  But she didn't know if she felt comfortable about that, or indeed even wanted to see him.  You see, he’d abused her for years, and she was terrified he was just manipulating her again like he’d done before.  I have to admit, I just felt completely out of my depth in this conversation.  Being the best friend I could do, literally all I could do was “try my best”.  But this wasn't an easy conversation at all, and it really worried me if I had given the best advice, or listened enough.  At the same time I admit I did really feel honoured that Pip felt comfortable enough to talk with me about this.  I just really didn't want to let her down.

This is why I think it’s a bit bullshit when people say “you don’t need counsellors, you just need friends who’ll listen”.  Counsellors are used to listening to such stories, and dealing with such conflicts on a daily basis – of course they’re going to be not only more comfortable, but be able to produce a better outcome for the person in need.

Typically a round of “primary care counselling” which deals/tackles a single aspect of life takes about 4-6 sessions.  I had to use counselling for typically 6 sessions for each of those life issues I've discussed.

As mentioned, trust in your counsellor is key.  I typically use my first session with a new counsellor to explain who I am, and a high level overview of what my problem is.  I use this session to really probe the counsellors behaviour.  At the end of it, I either say “see you next week”, or “I'm sorry, I'm really not feeling comfortable with you – is there any other counsellor I can use?”.  Twice before I've had really nice counsellors, but I've just not felt I could be open and truthful with them, and it that case, it’s better for both of you if you say so upfront.  Counselling will only work if you feel safe enough to be open.

Why not keep taking the pills?

A lot of people fear medication – there is sadly no “cure pill” out there, but medications of different types can really dull some of the effects of depression, moods swings or anxiety which can help people to function relatively normally.

For some people, the drugs work marvels, and they can stay on them the rest of their lives and live a full life.  For myself after our attempt of a second child and how moody the steroids treatment had made me, the medication allowed me to get my brain back on an even keel until I was ready to do without them again.  The counselling then helped me to just deal with all the frustrated emotions, and to not only come to terms with it, but remember I already had a child and rediscover my joy in life (that might sound dumb – but in all the frustration for a second child I swear we sometimes forgot).

But for many people like myself, some counselling can help to explore the emotional issues and really reduce their power, with a view to allowing us to cope without them.

I will leave the final words with a friend of mine, Martin Sloman who works as a counsellor in Kapiti Coast.  I asked him about his thoughts about when people talk about counsellors “sitting there in judgement of people”,

“Firstly all good Counsellors never judge. Secondly a good counsellor has empathy, usually at least in part because of their own awareness of life's difficulties. I see counselling more like personal development. You don't go to school or college because you are thick. You hope to come out better equipped to deal with your future.”

If you want to explore more about counselling, I really recommend having a look the the FAQs of both Martin's website, and that of the Massey University counselling service, which I think really help to answer some fundamental fears around counselling.

As mentioned in a previous posting, most companies do provide access to a counselling service, and in the UK, you can usually get a session for primary care counselling, although there can be a bit of a wait.

Mental Health 102 - My experiences

There have been for me, three real difficult and traumatic events I've had to deal with that have caused periods of depression in what (for the first two) I'm told was post-traumatic stress.

Childhood Abuse …

As a pre-adolescent 10 year old, I was subject to a series of events, which I found incredibly distressing.  At the time, I couldn't come forward and talk about them, because I was so ashamed of what had been done to me, and felt guilty by association.  Later off I thought of them as possibly a form of ritual humiliation to “put me into my place” and I was just being an overly sensitive cry baby.

But I never really “got over it”.  I hated what had happened to me, how powerless and frightened I felt, even when I was no longer that dis-empowered 10 year old boy, I still felt like that inside.  I felt silly, but at 30 I ended up getting worse and worse flashbacks to event, that I ended up going to see a counsellor about it.  That’s where they gave it a name – “sexual abuse” – something I was uncomfortable with.  Something that I felt until then couldn't describe what happened to me, because things like that only happened to women.

I like many were touched by Justine’s account of a recent event of sexual abuse that had happened to her at a technical conference.  I felt such a strong flood of empathy there, and respect for the courage she took just in voicing what had happened.  I’d spent 20 years finding the courage to talk about what had happened, and even here, I can’t bring myself to discuss it in detail.  This of course is unusual for me, but indicates just how completely out of my comfort zone I am discussing it.

Many people say “she should have done X or Y”, but I got it.  The whole paralysis that happened to me, the fear of people knowing what they did to you, the shame associated with it because you feel you've let it happen to you – a shame which of course is totally unfair and unfounded.  And yet as unfair as it is you feel it.  You don’t need other people telling you “oh why didn't you handle it differently”, because in my case I’d spend 20 years asking myself just that.

What happened to me almost feels out of the pages of the Abu Ghraib prison.  Only I was a junior Scout, and it was inflicted by older Scouts, and perpetrated by Girl Guides for added humiliation.  It was done to bully me and keep me in line, with the follow up threat of what would happened if I told anyone.

I still feel physically sick when I see Girl Guides/Scouts.  A man my age with a phobia about Girl Guides should be hilarious shouldn't it?

To be honest, being able to see some humour I'm told (through therapy) is an important factor in my mental health.  My sense of humour, although off the scale weird (and gets me into trouble), is part of how I cope with a lot of things.  Humour allows us to escape and laugh at times when really all we want to do is wail.  To be frank - the sexual abuse isn't comic though, but the phobia it’s set up, I can see the funny side to that.

The problem with sexual abuse is it’s a crime unlike any other.  When I had my car stolen in 2010, within hours everyone knew about it.  It took me 20 years to talk about this – and then only in private.  It’s a crime where the victim feels tarnished and responsible – and a lot of therapy around it goes to the heart of that.  And it doesn't just happen to women – as this very powerful piece showed me …

Witnessing someone getting killed

This was probably a much harder event for me to deal with – which ironically meant I got help that much quicker.  Although again, not soon enough.

This is the problem with many traumatic events – they smoulder away in your mind and cause long term harm to us emotionally.

The day after I finished exams for my first degree, I travelled over to my brothers to (so the plan went) have a massive bro’s weekend of drink and dumb stuff.  He met me at the train station, and in the evening, walked back to his place.

As we went by a pub there was a large fight going on.  A gang had punched a man to the floor.  We were stunned, and too far away to do anything but witness.  On orders from one of the gang, someone in a car revved the engine, driving the car over the prone man, snapping his head back in one of those horrific moments that plays in your mind repeatedly for the rest of your mind.

It felt for a moment that everything went silent – then all hell broke loose.  People were yelling, screaming, crying.  We just ran – we felt terrified, vulnerable, confused – and we just wanted to run to somewhere that felt safe.

I just remember trying to put the kettle on when we got in, but couldn't because I was shaking so much.  We tried to tell one of my brothers flat mates what had happened.  But though the guy was really very calm and sensitive, we just started to cry.  It was so senseless.

In the end – we just found ourselves calling up our parents because we just didn't know what to do.  They were 40 miles away, but came to fetch us.  We were just a gibbering mess.  We were no use to the Police – we’d only seen a fraction of what was going on, we could describe the victim but no-one else.

For myself it was a difficult thing to “get over”.  For years I wondered if I could have stopped it.  I hated the feeling of being complicit by just being a spectator.  I hated that my instinct was to run.  I hated that I just cried and cried.

It took me years, and indeed counselling to accept those things.  I had frequent flashbacks, which actually got stronger as the years got on.  Initially I wanted to just move away from cities and those kinds of problems.  Ironically I looked to moving to Germany to just get away, and that would lead me to meet Beate Zschaepe, who is currently undergoing trial for her involvement in a string of racially motivated murders.  The fact that I was so scarred by seeing someone killed, but later was attracted to someone who was involved in murder, is almost a trauma point in itself

In a really tragic footnote whilst writing this article, I heard that Ian Fisher, my brother's flatmate who had been such an eye of calm on that terrible night, had been killed in a suicide bombing this month whilst he served in the British Army in Afghanistan.

Trying for a baby

My wife and I have a son – he was a happy accident.  One day, we were carried away, and forgot our birth control.  It was no big issue though – we both wanted children, the timing wasn't superb, but we were happy to go with it.

Two years later we decided to put away the birth control again, because we were ready to have another child.  After all, if we’d conceived from forgetting contraception just once, how hard was it going to be?

A year later - twelve months of failure - we were wondering what was going wrong.  Every month was the same cycle of trying, hoping, and then disappointment.  Friends kept telling us to just keep trying and something would happen.

In the end we went to the doctor about it, and both had to be referred to specialists with long waiting lists.  This meant scans for my wife, and me making emergency dashes of sperm samples to far off pathology labs (between set hours they were open for business, as the samples died off quickly outside of the body).

It turned out of be a little bit of both of us.  I was suffering from immobile sperm, and my wife from irregular ovulation.  She was put on fertility drugs to increase the number of eggs she’d ovulate each month, and I was put on a strong course of steroids which I was told would reduce my immune system, as my antibodies were attacking my own sperm, killing them.

The steroids did do their magic making my sperm function much better from pathology tests.  But there were side effects – the drugs (and possibly situation, it’s impossible to tell one from another) made me incredibly irritable and emotional, as well as causing large weight gain.  It was equally emotional in its own way for my wife.  Then add to this that the act of intercourse went from being one of emotional engagement between us, to one of obligation.  Yes, trying for a baby was killing our sex life.

After just under a year, we had to come off our drugs regimes.  It had been soul destroying.  The only option open from here was costly IVF, which we had to be blunt and admit we didn't have the money for.

I would like to say that I’d found work supportive, but over that one year I'd had 10 changes in team lead.  Originally I laid my cards on the table about what was going on, but it became increasingly humiliating.

For the first time in my life, I consulted with my doctor and admitted I was in a huge emotional low.  I went onto some anti-depressives, which helped me cope a lot, but alas had a side effect of even more weight gain.

People ask me what being on anti-depressives is like.  Some people wonder if it “robs you of your soul”.  Before taking them, I was in a very irate and wound up state, partly from my situation, the steroids effect and the lack of support from work (except for some close friends).

Most types of anti-depressives take a while to work – typically up to a month to build up in your system.  And I was lucky in only needed on a relatively low dose.  I remember a conversation with my doctor asking how I felt and my reply was “well things still go wrong in life, and they can hurt, but I don’t feel like I fall to pieces anymore when it happens, like I can cope and weather them”.

Again, long term counselling helped reduce my dependence on the anti-depressives, which I was on for about 18 months before slowly cutting them out.

In each of these trials, counselling helped me to move on … I will be talking about that in my next piece.

Mental Health 101 – The ultimate taboo

Back when I was closing in on my 100th post, I put on Twitter a list of potential future topics for blog posts.  The one I was surprised to see the appetite for was on the subject of mental health.

You see, I was pitching that topic thinking “maybe it’s just me”.

Mental health is a difficult subject to do, and do well.  It is in many ways the ultimate taboo.  By admitting that in the past I have ever had any problem in this area, I potentially run the risk of a future employer coming over this piece and viewing hiring me “as a risk”.  But I really hope we’re coming out of the dark ages here when we talk about attitudes to mental health.

Over this series of articles, I will be frank about my own experiences, and will also discuss those of friends that I've worked with, or know outside of work through various channels.  For these people, I’ll be using their experiences but under assumed names.  The only person I break this for is for my friend Violet, who died, and who was such a crusader for mental health, I know this'd have her blessing.

Make no mistake, these posts that follow are going to be a dark and explicit because of the nature of what’s being explored.  It will probably unsettle some people – but I'm putting this together for those people who need to know “it’s not just me”.  I have had too many people within the IT industry who thought it was.

Is that requirement 100% tested yet?

There are a lot of "test management" tools out there.  When you are testing a complex project with a lot of tightly defined requirements, they can be really useful to keep track of the spaghetti shaped mess.  When a requirement changes, you can work out which tests will be affected, and watch the change ripple down, and work out what you'll need to change.

When I worked on the Harrier mission computer, not surprisingly its behaviour was well thought out, and there were two phone-book-sized requirement documents covering every piece of functional behaviour in intense detail.  Our test management tool was a must to keep track of it all.  Add to this we were a team of 16 testers as well, it helped to divide up the work.

But it came at a cost - to work like this with requirements, scripted testing, etc typically we needed 18 months between releases.  But the system was so complex, and none of us were pilots, that our only oracle for working out what was going on were the sub-system design requirements.

The problem is though that many projects I've encountered since do not tend to have the same rigid waterfall approach.  This is hardly surprising - there are some fields you expect to be quite rigidly controlled - flight, medical, nuclear power plant are all applications you'd expect strongly defined behaviour in.

The issue I have with test management tools is how some people in the profession will see how well they work for a project like the Harrier mission computer, and try and use them on other projects in a different context.  And there they can often find the results are variable.

Most test management tools cover the spectrum of requirement -> plan -> defect.  They only work well if you have a strong footprint in all these areas.  You have to have business analysts using it to amend and author requirements.  Otherwise your test team will have a lot of data entry to do.  And if this is happening but your requirements keep changing - guess who it is who has to keep updating them in your system?

They also only make sense if your requirements are suitably "test driven" to be testable, that is they're not "vague statements".

Here I'm going to thrash out a test tool driven approach to testing a requirement vs a Context Driven approach, and we'll see which stands up the best in terms of coverage.  This is to show how painful, and misleading use of a test management tool can become if you're using it badly or on an unsuitable project.

Test Tool Approach

This is our requirement - LOG010,

• At the login screen when the user enters a username and password, they are taken to their account page.

Sadly our tester is non-too experienced, and so creates the following test, LogTest01, which they then link to the requirement,

When a manager comes along, and checks in their test management tool and sees this ...

According to the test management tool, that looks like the testing for the Log On page is perfect - it's hard to argue with 100%  So hard in fact that many people will find it hard to actually ask the tester "what does 100% here mean?".

Indeed, if pressed I have heard many a tester claim that "the tests are as good as the detail in the requirements provided", and if there's any problem with the testing performed, it's source problem is that there isn't enough clarity in the requirements.  It's "not a testing problem, but a requirement problem".

Context Driven Approach

For the Context Driven School of Testing this statement of it being "not a testing problem, but a requirement problem", is no get out clause.  As professionals we will do the best we can with what we're given, and we'll use our skills to work beyond when we can.

In aContext Driven mentality, a software product is evaluated by "oracles" or "expectations of how the software should behave".  The most obvious one of these is requirements.  But other types of oracle can simply be "when I use a similar product it would behave like this".

Logging into a site is something we do every day, so unlike that tester, we should take what's in requirement LOG010, and work from and beyond it.  Yes, like in script LogTest01, we should have a test that,

• When I log in with the correct username and password, I am taken to the account page.

However from use of similar websites, and implied (but not directly said) in that requirement are the following tests,

• When I log in with an incorrect username and password, I am not logged in.
• When I log in with a correct username but incorrect password, I am not logged in.
• For security it might be best if the system not tell me if I've given a correct username but incorrect username.
• If I try to log in with an incorrect password too many times, I would expect for security to be locked out of the account, even if I give the correct password.
• I expect if locked out to be locked out for either a period of time, or until I contact some form of helpdesk.
• I expect the use of upper/lower case not to be important when entering my username
• I expect the use of upper/lower case to be important when entering my password
• I expect my password to be obscured by asterisks

I ran this by one of my test team, and true to form, they also came out with,

• Should I be able to copy to/from the password field?
• The username/password is kept in the database, are there any wildcard characters in either field such as *, ', ", /n etc which will cause an issue when used as a username or password because of the way the code will interpret them?

Using the test tool driven model, we easily get 100% test coverage in a single test (or I would rather say "the illusion of 100%).  But with a Context Driven approach, we powerfully cover off a lot more behaviour in about 11 tests - but the Context Driven approach doesn't offer up percentages, it's more focused on a dialogue between the tester and manager to discuss what's been done.  The coverage certainly isn't 11 x 100%

The Context Driven approach certainly covers a lot more ground.  I know I'm probably being unfair to people who use test management tools - most testers I know would have added an "incorrect login" test as well (so maybe 2-3 tests).  But the truth is, the test management tool which is supposed to "make testing easy and visible" actually can often fog it up using a smokescreen of numbers, they particularly fail when you can't break requirements into "discreet testable statements".  It also subtly decides your testing strategy - because testers feel driven to provide enough tests to "make it 100% coverage".  It's possible to fix this by spending time breaking apart requirements into smaller test requirements - but this involves a lot of initial outlay that only pays off if the requirements aren't likely to change.

The Context Driven approach embraces the fact that it's often extremely difficult to achieve such perfection in requirements (unless perhaps you are in avionics and are biting the bullet of "this is going to take a lot of time").  More than anything it wants to challenge complacency (esp when you see the green 100% sign), and get testers focused on running as many tests as possible, over making assumptions.  Though perhaps trying to run the most compelling of tests first.

It's certainly something to think about - when you're feeling a bit complacent, and "well I've tested everything here", try and take a step back, ignore the numbers and requirements, and go with a gut feel.  Is there another test, coverage be damned, that you'd like to try?  You might be surprised.

The "Four Candles" guide to customer dialogue

When I was talking this week with another tester about how comedy can be an aid in learning, I immediately thought to the sketch below.  It was voted one of the funniest sketches of all time in a British poll, but I don't believe it's travelled well outside the country.

So I bring to you, The Two Ronnies in Four Candles ...

It's a great piece of comedy, but what has this got to do with building software?  A lot more than you would believe.

At it's heart, Four Candles is a comedy about miscommunication.  There are two perspectives to this sketch, either it's about a customer who comes into a hardware shop with a list of things that he clearly want, and finds himself increasingly bemused by a somewhat surely and agitated shopkeeper.  Or it's about a shopkeeper who finds himself frustrated by a customer who seems to be trying to be deliberately difficult, and evading any attempt to be specific.

Both points of view have some justification.

Of course within the world of software, this is where we have some empathy to this scenario.  How often have we either been supplying software to a customer, or else sending work outside of our organisation.  There is always a spectre of "how much information to supply", and no matter how much information you give or get, there is a potential for misinterpretation.  Which means software delivered which doesn't match someone's expectations of it.

This was one reason (in the early 2000s) I was pretty sure that outsourced work and distributed teams just could not work.  When everyone was located in a single office block (as my projects at the time were) when requirements were delivered in phone book sized monuments - even then I'd seen the potential for communication to fail, and what was being delivered to be less than ideal.

In our software delivery groups, we probably have more empathy with the shopkeeper than with the customer in the scenario above.  He's doing his best to deal with his customer, but he feels the customer isn't really helping him.

After being caught out over the "four candles" really being a request for "fork handles", the shopkeeper realises he'll need to ask for more information.  So when asked about "plugs", he asks for more information "what kind?", and is told "rubber, bathroom".  So he finds his box of sink plugs and asks for a size to be told he needs to supply a "13 amp" one ... that is an electrical one.

It goes on this way (hilariously), and the shopkeeper tries various tactics to try and get more information out of his customer, and thus evade a lot of needless effort (such as going up a stepladder to get a box for the wrong thing).

In the end, the shopkeeper tries to break the cycle, by asking for the list, because as it is, this is just not working, and he's becoming increasingly frustrated.  Reading through the list, he sees something, and decides at this point that it's time to walk away, and gets someone else to deal with his customer.  It turns out the item that caused the shopkeeper to decide to break the cycle was a request for "bill hooks" (bollocks - a UK swearword).

Getting out of customers what they really want is a tricky business.  But it's important though, you want happy customers, because generally happy customers equals successful business.  But also you want to save yourself wasted time when you can.  We've all been the shopkeeper who feels frustrated going back to get the box of letters from the top shelf for the "Ps".  And the customer trying to give clarification by just "repeating their ambiguous original request" doesn't help.

Like the shopkeeper we should try different tactics (clarification, getting the list from the customer etc) to try and break through the frustration.  But if we can't break through and make progress, as frustrating as it is, we have to be prepared to walk away and let someone else try.

WEB103: In for the hunt ...

I've recently been going through the subject of browser comparability testing with one of my team, and this series have been some of the notes from these sessions.  The great thing about such coaching is it forces myself to take a good long look at the "whys" of things around this area, and learn something new myself!

So far we've taken a quick look at the history of web pages and how to get environments to actually test on.  Now comes the challenging part - what are we going to do?

Taking a pure black box approach, if we have 11 browser types and versions we need to test comparability on, then that means we have to run the same testing we've got planned 11 times, once on each browser, yes?  This is where such an approach becomes messy - testing is always under-the-gun, and such approaches just aren't going to work.  To have a valid strategy we need to think about how websites work (at a very basic level), the kind of issues we'd expect with browser incompatibility and go to where the risk is.

Web Basics

What follows is a really basic, "just enough" description of a web site, and how it works.

So, when you look at a page, your browser is provided information from a web server to create a page.  This information is in the form of html, which essentially forms of "downloadable program" of content for your browser.

What exists on your browser is completely independent of the web server at this point.  In fact, right now, disconnect your PC cable, or turn off your wi-fi.  You'll find that this web page just does not simply "vanish" if you do.  It exists on your machine, in it's browser, and won't disappear until you try and do something.

To get a good browser testing strategy, it helps to know what functionality is to do with what's on your browser, and what functionality exists on the part of the web server (and it's back end).  And that can be actually harder than you'd think.  As a user, most of our web experience is seamless between the two (black box).

But to be effective in browser testing, we need to be testing those features which are associated with the web pages rendering in the browser.  But the features which are driven from the web server and the back end we're less likely to need to test so frequently (the back end is the same back end, no matter the browser used).

Example - the good old login screen

I'm going to refer to Twitter functionality a lot here, as it's something you can take a look at and investigate with ease.  Let's consider the login page,

Here are some typical test scenarios you might explore

• "Happy Day" - there's a Username field, a Password field, and a Sign in button.  When you enter the right username and password, you're logged in.
• If you enter the right email and password, you're logged in.
• If you enter the right email but the incorrect password, you're not logged in
• If you enter the right username but the incorrect password, you're not logged in
• If you enter the wrong username or password but the correct password, you're not logged in
• If you enter the wrong password for an account 3 times, your account might be locked
• If you enter the wrong password for an account 2 times, followed by the right you, you're logged in.  If you log out, enter the wrong password again, followed by the right one, you are logged in, and your account is not locked.

Usually in a system that "logs you in", the functionality that decides from the account and password detail you've provided if you will either be logged in, not logged in, or your account locked all lives in the "web server" side of the system equation (ie, not in the browser part).

So for each browser you'd probably want to see the "Happy Day" path - looking at the page, and the basic flow through.  There is also a case you might want to see the "incorrect login" and "account locked" messages at least once.

But all the validation rules listed above you expect to reside server-side.  Which means you probably need to run them at least once if you can, but not for every browser - this might be a good assumption to make, write down and "make visible" to see if someone technical architect-y disagrees.  This doesn't mean it might not be worth running these tests again in different browsers anyway if you have time, but it means it looks to be "low risk" for browser issues.

So what kind of issues should you be expecting?

Back in WEB101, I talked about an web application I originally wrote which didn't cope well in IE.

In Netscape, it looked like this,

But in IE, all the labels got stuck in a corner, like this,

In web testing, we expect that there will be something in the html that the browser won't handle well, and hence interpret badly.

So for example - in the Twitter login example, we might be missing the fields for our username, password or the sign in button.  Those kind of details are cosmetic defects yes?  Oh .... except if these things are missing or hidden, we can't supply our username, password and select to login (you can see how it makes an issue a lot more functional).  It makes our whole system unusable on the browsers.

The kind of issues we'd expect could go wrong with a browser, are roughly,

• missing/hidden fields and buttons - high impact
• script code for items such as drop down menus might not work - high impact
• buttons out of alignment / text out of alignment - low impact

What behaviour is browser side?

We took an educated guess with the login example that everything about validation was web side.

I find the following rules of thumb useful for investigating which behaviours which are browser side.  First of all, as mentioned above, everything you see on a page, has the potential to be browser specific (so use your eyeballs).

But secondly, for behaviour and functionality, try this - unplug your machine from the internet (physically or by turning off the wi-fi).  Anything you can do on that page that doesn't end in an error like below, indicates functionality which is browser side over web server side,

Lets take a look at signing up for a Twitter account ...

I opened the page, then turned off my wi-fi.  Let's work through a few of these fields ...

Full name - we can enter anything, and it validates if it looks like a real name - all browser side functinality.

Email address - we can enter any text we like, so that's browser side.  But it goes into a circular loop trying to validate the email address (I suspect to see if it's been used) - so that behaviour is in the web server.

Create a password - we can enter text, and it coaches over whether it thinks the password is long enough or secure.  All this seems browser based.

Choose your username - as with email, you can enter information, but it gets hung up validating.  I think this again checks for uniqueness, and the validation is at the web server end.

Experimenting in this manner allows you to made educated guesses at the kind of behaviour on a page that's browser based, and hence worth revisiting for different browsers when time allows.  This gives you an educated guess at the areas of greatest risk in terms of browser compatibility.  It's not infallible, but it gives you a decent rule of thumb to have conversations about what you think needs retesting a lot, and what needs less retesting with the rest of the team.

Opinion: Keith Klain and the ISTQB petition

For a while now, Keith Klain has asked me to sign his petition to the ISTQB.

His petition asks of the ISTQB, the following,

As a public service to the people who have taken the ISTQB Foundation level exam, I wish to add my name to those appealing to their board of directors for answers to the following questions: 

1) Have there ever been issues with the ISTQB Foundation exam reliability coefficient reviewed by your exam consultants Kryterion? 

2) Have the reliability co-efficients consistently shown, since the inception of the ISTQB's certification program, that results on the certification exams accurately measure the testers' knowledge of the syllabi? 

3) Have there ever been any other issues with the validity of the exams? 

4) How often do those external reviews take place? 

5) Are the results of Kryterion's (or a third party's) independent evaluations publicly available?

I have found the question of whether or not to sign this petition has split me like no other issue of late.  People who know me well also know that I have a bit of a radical past - signing petitions and even protesting are things I've a history of.  At University I petition, marched, sat in, occupied.  I would like to think I still have that level of passion even in middle age.

My dilemma though is that although I'm not a huge fan of the ISTQB, I'm not going to just sign anything that's "anti-ISTQB".  My personal issues with the ISTQB, their syllabus and how they measure "good enough" are specific points.

I strongly believe that an organisation like the ISTQB which claims to be non-profit and which also claims to be championing the testing profession should be accountable to queries from the testing community.  It's like asking a famine aid charity "how much of every dollar I give actually make it into food for Africa".  You should have a right to a certain level of transparency.

However my issue was with the questions themselves.  I know the areas I find myself not really seeing eye-to-eye with the ISTQB, and these questions didn't seem to cover that ground at all.  Truth is I didn't really understand what the questions were driving at.  I couldn't sign up to a petition "just because it was anti-ISTQB", and neither do I believe should you.

When at University I petitioned or marched or occupied, I knew why the principles being put down mattered (okay, occasionally it was to impress a girl ...).  If I can't explain and champion the principles on a petition, I really can't sign it, and that's why I didn't.  As someone who is sympathetic to the Context Driven School of Testing, I'm not going to sign a petition just to "flip the bird to the system", and neither am I going to do that because of peer pressure.

So thankfully this week, I managed via Twitter to really discuss why this petition was so important to Keith, and ultimately, to me and every tester on the planet.  It wasn't just about the questions in the petition, it was about the context of the questions, something you might miss from the questionnaire itself, but is more clear here in Keith's open letter to the ISQTB.

The root cause of the petition comes from Keith (who is a Context Driven Tester) discussing ISTQB exams with Rex Black, who is a member of the board, and past president of ISTQB.  Oh and he just happens to provide a lot of training courses on the many levels of ISTQB (which some might say is a vested interest - much like for example making the Chairman of BP the Secretary of State for the Environment).

Rex's comment around the ISTQB exams was that for the American board, the exams have professional exam consultants work with them, and the exams "though not perfect" were "constantly perfected" (whatever that means - but wouldn't elaborate).  He claimed that he could not comment beyond that due to non-disclosure agreements (which some might say is convenient).  He has declined further comment, saying pretty much that that is all we need to know.

Keith sees Rex's comments as a smokescreen - they don't really give much information or satisfactory answer.  And remember this is from a board which champions overly detailed measurement and metrics as the way to do any task.

Keith's petition therefore is about "digging for truth".  Rex is telling us that the exams are independently analysed, but that data is only shared secretly within the board.  But they can tell us on behalf of this independent group how great they are.  This reminds me of the kind of science and statistical analysis you see used to misrepresent and mislead in TV ads, especially (shudder) infomercials.

This is not how you see scientists behave in New Scientist, or at conference.  Galileo, Newton, Einstein showed their proofs and data to the world, and risked  ridicule and backlash.  They do not go "we have amazing data to prove this, which we can't tell you, but you have to just take our word on how awesome we are".

Discussing this with Keith, he convinced me how this was important to have this data, and the questions are about being able to peek into this (without infringing anyone's confidentiality).  The whole case of the ISTQB validity from Rex Black (who is a high up person in the ISTQB scheme of things), rests on these exams being independently validated and (in his roundabout way of razzle-dazzle) as perfect as a multi-choice exam can get.

But people who aren't in the inner circle aren't allowed to know details, they just have to have faith.  This reeks of the kind of leadership you get in a cult.  And this is why it's in everyone's interest - both CDT testers and testers who stand by ISTQB to sign this petition.  Not to have a go at ISTQB, but to support the level of transparency that an organisation like this needs to champion with the community it claims to represent.

Based on this, I had found my voice on this issue, and found myself agreeing with Keith's stance, signing his petition - but typical me, I added a mini essay,

The choice to sign this petition is an individual one - but needs to be made for the right reasons.  I'm not going to tell you to sign it - just to think about the issues at play here - and to give you my opinion.  If you think I've got it wrong ... that's what the comments box is for!

Discussion and disagreement isn't wrong - in fact me and Keith had to disagree and question for a whole while before we saw eye-to-eye.  We're not drones, and we shouldn't be expected to act as such.  That means not bowing down to Rex Black telling you "what you need to know, for your own good" or Keith telling you "sign my petition".  Your opinion counts - whether towards Keith or to Rex, make it count.