Interviewing senior engineering leaders.
A friend recently reached out for advice on interviewing and hiring senior engineering leaders. I’ve spent a good deal of time on this topic over the last couple years, starting with partnering with Laura Hilton to design Stripe’s interview loops for engineering leadership, and more recently going through a search for my own role. Leadership hiring is particularly interesting as a window into an organization’s psychology: for the highest stake decisions, do they turn to structure or to intuition?

For many topics I can write the algorithm that I’m confident will lead to a pretty good outcome, but this definitely isn’t one of them. Rather these are just the notes of what I’ve seen so far.

For clarity’s sake, I’m defining “senior” as managing an engineering organization of 30+ folks, likely with a Director-plus title at a pre-IPO company or the VPE/CTO at a smaller startup. These ideas will apply to folks outside of these narrow lanes, but will require some adaptation.
hiring  management 
1 hour ago
FastBit Embedded Brain Academy | Online Courses | Embedded Systems
Mastering microcontroller with Embedded driver development
Mastering microcontroller: TIMERS,CAN,PWM,RTC,LOW POWER
Mastering RTOS: Hands on with STM32Fx with debugging
Embedded Linux Step by Step using Beaglebone Black
ARM Cortex M Microcontroller DMA Programming Demystified
STM32Fx Microcontroller Custom Bootloader Development
Embedded Systems Programming on ARM Cortex-M3/M4 Processor
Black Box Puzzles
Scroll straight to the most-recent puzzles

You want your team to be great at exploratory testing? To diagnose pathologies? To find the system's true behaviours? To describe the true impact of a problem? To work through a system in measurable, disicplined, explainable ways?

You do. And I can help.

Find out about my in-house workshop

These Black Box Puzzles now have a page on Patreon. Get your name in the credits, and inspire me to make more – sign up today!

Sign up to my mailing list for workshop/conference discounts, and to be the first to hear about free events and new puzzles.

Follow @workroomprds for shorter, more random stuff.

Here is a short selection of tiny applications. I'm not going to tell you what they do. They're puzzles: use your testing skills to discover what you can. If you can describe what they do with a couple of short sentences, that's it.

It's always interesting to share your testing approaches, but you may frustrate others by telling them your solution before they're ready.

These puzzles are generally deterministic, they don't tend to hide what they do, and they typically do simple things. If you think most are random, sneaky or complicated, you should be able to find neater models. The puzzles may well have bugs, but I've not put those bugs in on purpose.

Some have hints, some don't. I'm always open to suggestions for better hints.

The question mark, logo, puzzle name, and camera (if it's there) don't form part of the puzzle, and are broadly similar across puzzles.

They're written in AS3, and run in your browser using flash player. They won't work without the flash player, so phones and tablets are generally out. Local copies may not work well at all. You can probably work out how to decompile them if you want to quiz the code.
testing  puzzles 
Tester Interviews: Techniques and Tasks | Cassandra HL
This post is inspired by a recent discussion on the The Club at Ministry of Testing.

Edit: It has also been translated into Russian on Software-Testing.RU.

I’m a software tester with a past life in the IT recruitment industry. I’m also a serial interviewee. Immediately before starting my current position at MaibornWolff, I attended interviews with five companies before choosing the right opportunity for me. In the previous five years, I’ve interviewed with a further five to ten, as well as conducting my own interviews as a recruiter and advising companies on how to conduct theirs.

The above post on The Club has inspired me to write about the different techniques that have been used during the interviews I attended this year, and the kind of tasks I was set. I’ll also include some methods I’ve heard about being used, and briefly give my opinion on the advantages and disadvantages of each. Hopefully this helps you to think about how you interview testers in your organisation, and perhaps inspires you to try some of the techniques described.

Please note that I won’t describe any technical coding tasks, as I don’t have enough personal experience of these to comment on their effectiveness.



Straightforward Questioning

Behavioural / Competency-based Questioning

Knowledge Questions

Industry and Community Awareness


At Home vs. On Site

Critical Thinking Games

Testing Requirements

Three Amigos

10 Minute Test Plan

Testing Example Software

Testing “Real” Software


My Recommendations and a Pinch of Salt
testing  interviewing 
Repper – Home
Amazing web app for creating patterns/tilings
4 days ago
Michigan’s MiDAS Unemployment System: Algorithm Alchemy Created Lead, Not Gold - IEEE Spectrum
A case study into how to automate false accusations of fraud for more than 34,000 unemployed people
13 days ago
Becoming a World-Class Tester
A tester is somebody who knows that things can be different.

That is Jerry Weinberg’s description of a world-class tester, which reminds us that testing is about critical thinking and imagination. It is about not believing anything at face value, but maintaining an investigative mindset.

Testing is questioning a product in order to evaluate it.

That definition of the activity of software testing, from James Bach, includes one of the most important aspects of testing: information discovery and delivery. Software testing is about revealing the unknown.

If quality means value to some person who matters (as Weinberg has defined it), then testing is in the service of discovering anything that threatens this value. To provide this service, a tester needs to be able to do a variety of things, such as asking good questions, commenting on requirements, and interacting with a product in such a way that it yields information that’s useful.

My definition of a world-class tester is a person who is able to rapidly discover highly relevant information about the product, who makes the most use of any resource that is available to him/her, and who has the respect of people involved in a project. It is a person who can be trusted.

So, given these definitions, what skill and mindset dimensions should you invest in to become a world-class tester? What areas do you need to be good at in order to avoid being discredited as a “mouse-click-monkey”?

Technical proficiency
Investigative curiosity
Observational skills
Communication skills
Writing skills and bug advocacy
Domain knowledge
Willingness to learn
Social skills
14 days ago
the four-hour tester
There are many ways to learn testing. The 4-hour tester is a way that focuses on simple exercises that take at most one hour to complete. The format is quite simple: briefing, exercise, evaluation.
Why don't you try one right now?
Test design
Note taking
Bug reporting
softwaredev  testing 
14 days ago
Learn the hack - Stop the attack
WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.

Web application security is difficult to learn and practice. Not many people have full blown web applications like online book stores or online banks that can be used to scan for vulnerabilities. In addition, security professionals frequently need to test tools against a platform known to be vulnerable to ensure that they perform as advertised. All of this needs to happen in a safe and legal environment.

Even if your intentions are good, we believe you should never attempt to find vulnerabilities without permission. The primary goal of the WebGoat project is simple: create a de-facto interactive teaching environment for web application security. In the future, the project team hopes to extend WebGoat into becoming a security benchmarking platform and a Java-based Web site Honeypot.
security  practice 
14 days ago
Web Application Exploits and Defenses
Want to beat the hackers at their own game?
Learn how hackers find security vulnerabilities!
Learn how hackers exploit web applications!
Learn how to stop them!
This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application. Specifically, you'll learn the following:

How an application can be attacked using common web security vulnerabilities, like cross-site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF).
How to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.
To get the most out of this lab, you should have some familiarity with how a web application works (e.g., general knowledge of HTML, templates, cookies, AJAX, etc.).
google  security  practice 
14 days ago
Ironies of automation – the morning paper
Originally published in this form in 1983, its lessons are just as relevant today as they were then.

The central irony (‘combination of circumstances, the result of which is the direct opposite of what might be expected’) referred to in this paper is that the more we automate, and the more sophisticated we make that automation, the more we become dependent on a highly skilled human operator.
automation  future 
4 weeks ago
Fringe Festival guide to accessible events
events  accessibility 
8 weeks ago
11 Automated Testing Best Practices (And Bonus Red Flags)
Best Practice: Tests Should Be Atomic
Best Practice: Follow Page Object Pattern
Best Practice: Tests should be fast
Anti-Pattern: UI tests should not expose interactions with web elements
Anti-Pattern: Assuming that more UI automation is better
Anti-Pattern: Using complicated data store such as Excel
Anti-Pattern: Trying to use UI automation to replace manual testing
Anti-Pattern: Mixing functional automation with performance testing
Anti-Pattern: Keyword Driven Testing
Anti-Pattern: Giant BDD Tests
Anti-Pattern: Imperative BDD Tests
Anti-Pattern: Large Classes
8 weeks ago
Project Lovelace
Interested in science and programming? Project Lovelace is a bunch of free scientific programming problems. Each problem teaches some bit of science, like how to simulate a guitar, splice DNA, or predict the weather, and requires you to code up and submit a solution in your favorite programming language. So you learn science and programming through problem solving. The problems cover all the fields of science and sometimes mathematics. They get progressively harder but the goal is to learn cool science through programming (or vice versa!), not to solve boring problems or struggle with frustrating details, so we try our best to be helpful and guide you through. We post new problems every week.
programming  exercise  science 
11 weeks ago
these are the most important things I want you to know about being a good interviewer — Ask a Manager
1. Don’t wing it.
2. Get clear on your must-have’s.
3. Figure out how you’ll assess your must-have’s.
4. Ask follow-up questions.
5. See candidates in action.
6. Don’t ask silly interview questions.
7. Put people at ease.
8. Know that bias is a real thing – and work to combat it.
9. Commit to truth in advertising.
10. Realize candidates are assessing you as much as you’re assessing them.
interviewing  hiring 
12 weeks ago
Cut down on reports with the 5-15 method - The Globe and Mail
It's intended to take no more than five minutes to read and 15 minutes to write. Even better than the condensed time frame, he writes on the CO2 Partners blog, the weekly reports "allow team members to communicate successes without feeling awkward, capture important lessons, demonstrate awareness of next steps, and alert you to setbacks without asking for support." The structure, developed by Patagonia Inc. CEO Yvon Chouinard, is:


Week ending:

Accomplishments for the week: (List completed activities and notable accomplishments. In general, what is working? What is your current situation?)

Priorities for next week: (Be specific.)

Challenges/Roadblocks: (Describe potential challenges that may impede your intended tasks/goals.)

Lessons Learned/Opportunities for Improvement: (List any area that might benefit from improvement; questions you are trying to solve; lessons recently learned or relearned.)
management  work 
november 2019
Although hardware hacking has gained visibility in the last couple years there are still interfaces and capabilities that are relatively unknown. In this paper we attempt to provide an introduction to the UART interface; what it is, why it is interesting, how to interact with it and some of the things a researcher could do with it. Our goal is to increase awareness and understanding of the impact that a UART interface has on system security.
november 2019
« earlier      
1:1s academia accessibility activism advice agile android api arduino art asturias audio australia awesome backup blog bom books briannalaugher business canvas career cc-by cc-by-sa cffsw code comic community compling conferences cool copyright creativecommons crowdfunding css cycling data database debugging decentralisedwiki dementia design devops dictionary distributed diversity django documentation dreamhost education emacs embedded essays events feminism firefox flickr floss flossmanuals freecontent freeculture freedom freesoftware ftd funding fundraising funny games gdpr geekculture geekfeminism geeky gender geospatial gfe git glam google government graphics gui hardware hiring history house howto html images indonesian inkscape interesting internet interview interviewing iot javascript job jobladder language languages library linguistics linux linuxchix livejournal lote machinelearning machinetranslation management maps mashups media media:image mediawiki medicaldevices melbourne microservices mobile monitoring music nlg nlp nonprofit oer openaccess openhardware opensource organise pdf performance photography podcast politics polyamory postgres printing privacy productmanagement programming prolog psi publicdomain pytest python queer research review rss rust science search security software softwaredev spain spanish speaking sql startups statistics svg svn swimming t10n technology techphilanthropy terminology testing textpattern tips transgender translation travel triathlon tutorial twitter ubuntu unimelb unions usability useful uyghur vegetarian versioncontrol victoria video visualisation weather weatherforecasts web web-based web2.0 webdesign webdev wiki wikimania2009 wikimedia wikimediaaustralia wikimediacommons wikipedia wikireader wikis women work yoga zines

Copy this bookmark: