Clean Coder Blog

Mutation testing: testing your test suite by systematically introducing faults and seeing whether it picks them up. Nice.

to bugs mutation-testing software-engineering testing ... on 28 August 2016

How Not To Run An A/B Test

"Decide on a sample size in advance and wait until the experiment is over before you start believing the “chance of beating original” figures that the A/B testing software gives you."

to ag0803 honours significance statistics testing ... on 24 August 2014

lcamtuf's blog: A bit more about american fuzzy lop

Coverage-directed fuzzing tool, from the author of p0f et al. Easy to set up and play with.

to coverage coverage-directed fuzzing security testing ... on 05 August 2014

How to Prevent the next Heartbleed

An interesting review of some of the approaches that didn't prevent the OpenSSL heartbeat bug (either because they weren't effective or because they weren't applied).

to buffer-overflow checking openssl security static-analysis testing ... on 02 May 2014

netem | The Linux Foundation

How to simulate network problems (e.g. packet loss or delay) using the Linux network stack.

to ag0907 networking packet-loss testing ... on 28 April 2014

Diffie Hellman and TLS with nonsense parameters - Hanno's blog

Apparently quite a lot of TLS implementations will happily accept 15 as a prime for DH key exchange. Presumably even if they were checking you could rely on the probabilistic test too...

to cryptography dh prime security ssl testing tls ... on 16 April 2014

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations

Generating randomly-varied certificates and comparing how different implementations respond to them.

to ca certificate papers security ssl testing tls ... on 13 April 2014

Sixteen is not magic: Comment on Friston (2012) | [citation needed]

Review of "Ten ironic rules for non-statistical reviewers". Read the original paper first, since it's got some good points -- particularly on exactly what the limitations on normality are, and why you need to be careful about very large studies -- but it probably overstates its case a bit, as this review suggests.

to hypothesis normality research statistics testing ... on 01 April 2014