How to Break Software: A Practical Guide to Testing W/CD 1st Edition

Thsi book was recommended by two people working at Microsoft. One was a Test Lead in IIS team and another a Test Manager with the Games for Windows team. I thought that being the case it would be worth giving it a shot. Here are some of my observations:1) This book is fast paced.2) Every point is made succinctly and not blabbered on, so it keeps your interest througout.3) Provides lots of examples to help relate. Many are errors in MS Word 2000, which also makes it interesting to read.4) Covered many distinct types of approaches, so is very thorough and organized. Different types of testing, types of attack within each type of testing, how/what/when details of the attack is all listed. Nothing left out.5) Aimed towards newbies to testing, but is a good quick refresher resource for those who have been into testing for a little bit.

This is an awesome book for software testers with less than two years of experience. If that's you, then you'll definitely get a lot of value out of it. You should buy it without hesitation.What it does well is provide a clear understanding of what it means to "think like a tester." I recommend also that QA managers give it to their greenest team members. They will undoubtedly become better testers as a result.However, if you're someone who has been in QA for several years, all of these attacks are going to be obvious--and ones that you almost certainly will already consider a part of your regular testing repertoire.Even still, it's fun reading about some of the extant bugs in shipping Microsoft products, with step-by-step instructions on how to make them happen. I also like the freeware that comes with it--it's limited in scope, but still quite useful for certain testing situations.

This book is geared toward testers and how to properly test your software, but it should be required reading for software developers as they are usually the worst testers out there. I had the opportunity to take a one day course based on this book from the author is it was great.

This book runs away from theory and go right into practice. It can open up your view on how to test software. Great book. I recommend.

I acquired this book as part of a training exercise from my current company. I figured since I used Amazon reviews largely to decide which books to purchase for that it would be good to leave some in return.When I graduated college, I told myself I'd never again pick up a school book without good cause because they are largely terrible reads and can be very difficult outside of a school setting both because there's no professor and no drive. When I found out that "How to Break Software" was written by a college professor for his students I was skeptical. However, I found it to be a very good read. Professor Whittaker writes in a very easy to read style with the references to self and social aspects that I enjoy as well as incorporate in my own writing (despite what I was taught in college;)). His examples are simple and easy to understand I imagine for novice or veteran testers.Unfortunately, this is where my use of the book and enjoyment of the book ended. I've been working in the QA/QC industry for about 7 years now. After the introduction, I found most of the chapters to be more of a synopsis of good practices than teaching me anything. This is fine for school kids who know little to nothing about testing or for people just getting into QA; however I did not find it particularly useful as a veteran which is contrary to the disclaimers in the introduction as well as the snips about the book on the covering. This feeling lasted until about the time they introduced the Canned HEAT and Holodeck applications which I found interesting and was excited to use. That is until I saw the examples they gave and I realized that if I used them in my current workplace I would be testing the web browsers and operating system more than I would be testing the application itself. That's a specific issue though and this is not to say the tools are not useful (they may even have some use in my workplace) however reading chapters about them and mostly them was annoying knowing this.Ironically, the best part of the book in my opinion was the synopsis of what QA (QC) is and why it's difficult which was essentially the last thing I read (Appendix C). However, no part of the book beyond a brief mention in the intro/TOC told you to read this. Also ironically, one Chapter did warn you to read Appendix A and B before reading on and then proceeded to go over the material in those Appendices as if you did not even using the same examples, something I found frustrating as a reader. I got the feeling, he as a teacher expected his students NOT to read the Appendices and thus put the material in there anyway. I could be wrong though.Another part of the irony about Appendix C is that it is, as disclaimed, an article taken mostly from an IEEE article. So, the part of the book I enjoyed the most wasn't even written by Professor Whittaker.The fact this book is dated really shows in the examples as well which are for programs such as IE5 and Windows 2000. The flaws here may be able to be reproduced but most likely they have been fixed. I also found the exercises trite and did not execute any of them.Anyway, in synopsis, I don't not recommend this book (yes, double negative), however, I think it has limited use for those who are moderate to experience QAers. I think it's a great read for anyone starting out and for them would become a great book to put on their shelf and say this is what guided me to become the QA/QC professional I am today. The tools seem valuable and I look forward to trying them out but their application is not for every professional environment.PS: I didn't remember this until I was going to post the article but based upon other reviews I chose to purchase this book over "How to Break Web Software" and "How to Break Software Security". This may have been a mistake on my part. Perhaps I will check out those two in a future endeavor. I am not so turned away from Prof. Whittaker as to not consider that.

Great book covering orthodox and some unorthodox thoughts on testing methods and some specific guides. While the college trained tester or the person with many years of experience will probably find this too basic, it's still worth thumbing through for a new idea or two. The most common testing faults are missing common issues, such as testing for bad or negative input.

The text is interesting and informative. The text is short and sweet. There are examples, which is nice. That is as good as it gets.Much of the text is based on Canned Heat, a test environment which the author claims works of Windows 2000. This claim appears to be bogus. I have verified that the software does not work on several perfectly healthy Windows 2000 workstations. The software does appear to work on Windows XP.The problem is that so much of the text is based on Canned Heat, so if you can't get this to work, much of the text is not that useful. The text begins to sound like a marketing brochure for Canned Heat.If you go to the website, you may be dissappointed (as I was) to never receive a response. Every form I tried returned an error message. I have verified this with other interested parties. Emails to the addresses provided have not been answered.My best advice is to avoid "How to Break Software" and "How to Break Software Security." For what little you get, the books are overpriced.If the author wants his readers to take him seriously as an authority on software testing, then he should spend more time testing his own software before shipping it out. Frankly, I find it hard to take him seriously if this is the best he can do.

Thanks.