How to fight bugs effectively using User Acceptance Tests (UAT)

Test pipeline
User Acceptance Testing (UAT), also known as beta or end-user testing, is defined as testing the software by the user or client to determine whether it can be accepted or not. This is the final testing performed once the functional, system and regression testing are completed. The main purpose of this testing is to validate the software against the business requirements. This validation is carried out by the end-users who are familiar with the business requirements. UAT, alpha and beta testing are different types of acceptance testing. As the user acceptance test is the last testing that is carried out before the software goes live, obviously this is the last chance for the customer to test the software and measure if it is fit for the purpose.

User Acceptance Tests is a good way to move a solution form a "ready" to an "actually ready!" state.

Software Development, Testing

Android is by far the most popular platform, far ahead of Apple's iOS

Android vs iOS
Samsung’s success benefited the whole Android alliance. In 2012 sales of Android phones were six times the level of two years earlier, and they outsold iPhones 4 to 1. The courtroom fights between Apple and Android proxies such as Samsung were just getting started, but it was becoming clear that Android was winning and bringing the smartphone to a broader global audience. China came next. The government’s push for economic growth led to the shockingly speedy development of fast mobile internet networks in every corner of the country. Samsung was initially a powerhouse in China before the booming urban classes gravitated to Apple, but the biggest winners were homegrown smartphone companies such as Huawei Technologies Co. and Xiaomi Corp., which created customized versions of Android without Google apps. The U.S. company’s web services have been officially inaccessible in China since Google pulled back its operations in the country in 2010.

Compared to iOS, Android offers the advantage of being open and not controlled by a single corporation, controlled by a single regime.

Linux, Android, iOS

XFS vs EXT4 vs F2FS vs Btrfs on Linux 5.5 with various RAID options

XFS vs EXT4 vs F2FS - various RAID options
Lastly for trying to sum up the otherwise diverse results is the geometric mean of all the Linux storage benchmarks carried out for this article. On a single Samsung 860 EVO SSD, the fastest file-system was XFS followed by F2FS and EXT4 while Btrfs with its default configuration (copy-on-write, etc) was the slowest. At RAID0, Btrfs and F2FS performed the best while at RAID1, XFS was the standout performer. The results with RAID5 and RAID6 were fairly close while when moving to RAID10, F2FS was much faster than the others.

I actually consider switching from EXT4 to F2FS or XFS once Ubuntu 20.04 with its new kernel is released. On the other hand there is "never touch a (reliably) running system!" maxim. Ext4 and their origins are quite dated but on the other hand also quite mature and battle-proof.

Linux, XFS, F2FS, EXT4

Java 14 brings a new level of telemetry & instrumentation

The HotSpot VM emits more than 500 data points using JFR, most of them not available through other means besides parsing log files. To consume the data today, a user must start a recording, stop it, dump the contents to disk and then parse the recording file. This works well for application profiling, where typically at least a minute of data is being recorded at a time, but not for monitoring purposes. An example of monitoring usage is a dashboard which displays dynamic updates to the data.

Initially Java Flight Recorder (JFR) and Java Mission Control (JMC) were sold as commercial JDK add-on features by Oracle. Now these capabilities that enable runtime data gathering from Java applications will arrive in the OSS version of the Java runtime, i.e. the OpenJDK. JFR enables in-depth Java app monitoring paying just 1% of CPU overhead.

Java, Software Development

DevSecOps - DevOps Security Challenges

Bart Copeland, ActiveState CEO: The purpose of DevSecOps is to create the mindset within the enterprise that everyone is responsible for security. So the“Sec” means adopting security as a key component that’s fully integrated throughout the software development process. That means making security a part of an application’s DNA, starting from initial conception all the way through to release. The DevSecOps philosophy is that security should be embraced and made better by everyone within the organization. It should also be supported by those with the skills to contribute security value to the system. Security practices have to move at the speed of the rest of development. For example, developers must resolve common open source issues earlier in the software development life cycle, decreasing costs and speeding time to market. This means security considerations are moved up front, shifted-left as much as possible to the developer. In other words, security is baked into the development process. But does this mean that security is shifted entirely onto the already heavily loaded shoulders of the developer? Of course not. Security is all about protection in depth, from the edge of the network down through the application to the data layers, operating systems, and the people involved. However, it does mean that developers need the tools that can help automate and bake in as much security as possible. Ideally, baking in security at the time the code is written and when architectural decisions are being made.

DevSecOps is the new word for a concept that some companies are already applying for years. The concept boils down to the idea that security is not a state but a process. Also this process of making a solution secure should be applied throughout the entire build & delivery pipeline of a solution, starting with the concept and ending with how a solution is integrated and operated by its customers.

DevOps, Cloud, Security

USA wants Apple to further simplify access to your data for the FBI

Apple dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the FBI complained that the move would harm investigations, six sources familiar with the matter told Reuters. The tech giant’s reversal, about two years ago, has not previously been reported. It shows how much Apple has been willing to help U.S. law enforcement and intelligence agencies, despite taking a harder line in high-profile legal disputes with the government and casting itself as a defender of its customers’ information.

This is a perfect example for Apple's double-speak; on the one hand Apple publicly PR-stunt-fights surveillance and portraits itself as your very own privacy guardian; on the other hand it works together with the USA government just like any other major corporation on this planet. Keep this in mind talking about Huawei & China next time... your hypocrisy might make you pay a premium for something that does deliver the protection it advertises moralizes.

Apple, iPhone, Governance

When it comes to IoT, edge and fog computing are increasingly gaining momentum

Fog computing refers to a decentralized computing structure, where resources, including the data and applications, get placed in logical locations between the data source and the cloud; it also is known by the terms ‘fogging’ and ‘fog networking.’ The goal of this is to bring basic analytic services to the network edge, improving performance by positioning computing resources closer to where they are needed, thereby reducing the distance that data needs to be transported on the network, improving overall network efficiency and performance. Fog computing can also be deployed for security reasons, as it has the ability to segment bandwidth traffic, and introduce additional firewalls to a network for higher security. [...] This lack of consistent access leads to situations where data is being created at a rate that exceeds how fast the network can move it for analysis. This also leads to concerns over the security of this data created, which is becoming increasingly common as Internet of Things devices become more commonplace.

Fog computing is basically edge computing on steroids. Just as edge computing also fog computing returns the opportunity of decentralization to the internet. Nowadays just a few major cloud providers, i.e. Amazon, Microsoft, and Google provide major parts of the internet infrastructure. Despite remaining decentralized on the technical level, the internet has become organizationally as centralized and corporate-controlled as it was never before in its history - except for the very beginning. The concepts of edge and fog computing enable independent service providers to further decentralize the internet not only on the technical level but especially on the organizational level.

IoT, Cloud

Ads-free YouTube

On the desktop, the solution is pretty simple: just install one of many ad blocker extension for your browser. Some of them also block YouTube ads. I am using AdBlock which is probably the most popular and works just fine for me - meanwhile for years. Mobile phone browsers do not allow installing any extensions. And the YouTube phone app comes along with their ads as well. Does this mean there is now way to watch YouTube without ads?

I have started using an ad-blocker around five years ago and cannot live without it ever since. Meanwhile I have switched to uBlock Origin which just gives you distraction-free focus on what you are doing. I would not might micro-paying for content if it would be possible. The Brave browser pioneers a micro-payment approach for creators...

Web, Culture, Ads

Escaping the Google G Suite lock-in is possible, even after 12 years of dependency

Google applies the worst vendor lock-in practices to prevent G Suite subscribes from cancelling their subscriptions. G Suite subscription fees steadily increased over the past years, amount to 10 € per user, per month and will be increase yet again in the coming months. I was one of the early adopters of G Suite and started using it since the very first day it was launched as "Google Apps", 12 years ago. Some years later Office 365 SaaS offering from Microsoft, tried to enter the SaaS era as well. I am using Office 365 at work and it was and still is just broken, in every possible way. I do not want to go into details but if you doubt that Office 365 is just broken it in every way, try using it with Linux for a week...

Eventually I managed to escape Google's G Suite lock-in and reduced costs without compromising on requirements. However I still rely on Google's free e-mail account which I use in combination with Hetzner's € 2/mo web package, that gives me the option to use my own domain-specific e-mail address. As an office tools alternative I would consider using the OSS based OnlyOffice, Nextcloud, or ownCloud offerings. I have also moved my domains from the super expensive GoDaddy domain registrar to Hetzner where I pay half the price and can still easily manage all DNS entries.

Google, Office 365

A notebook, tweaked for Kubuntu Linux power users without Microsoft tax

The Kubuntu Focus is the result of a collaboration between The Kubuntu Council, Tuxedo Computers and MindShareManagement. It is a high-powered, workflow-focused laptop which ships with Kubuntu installed. This is the first officially Kubuntu-branded computer. The concept is simple and compelling: We maintain the platform so our customers can focus on work and play. Complex workflows can be achieved "out of the box" without additional software or configuration. Our team has used Linux for development, high performance and high volume clusters, and in consumer products for decades. We use this experience and award-winning industrial design to deliver the Focus to you.

The notebook is rather a desktop replacement workstation with powerful graphics than a mobile & lightweight companion. Unfortunately Linux, especially with KDE ist still at a point where the out-of-the-box experience can vary a lot: either everything just works smoothly or - more likely - there are issues that drain the battery and heat up your notebook to a point you can fry eggs on your keyboard. Therefore the market needs exactly this kind of offerings that pioneer Linux UX improvement.

Ubuntu, Linux