In the last days I tested a few apps from colleagues of mine. I found some nice bugs which I often found by doing similar actions, It didn't matter if this was an Android, iPone or Symbian app.
Somem years ago I saw a presentation of James A. Whittaker at a conference in Munich, this guy had so much fun in breaking software. He actually wrote some books about testing:
"How to Break Software" and "Hot to beak Security"
In the last days I had probably the same fun trying to break those mobile apps. Some tipps from the book can be applied also on mobile apps, some other things where different, so maybe it's time for:
"How to break Mobile Software"
Here are some things that worked for me:
(Mis)Use Copy and Paste
Most smartphone supports copy and paste nowadays. And with this nice feature you can start attacking all kinds of ui elements. Assume there is an input field with some limitation, this could be the lenght of characters allowed or characters that are forbidden to type. Try to paste illegal stuff into it. This often works and is a well known test-strategy on desktop applications. It's time for bringing it to mobile phones!
(Mis)use Multitouch
Since iPhone Multitouch is the next big thing for user interaction. But it's even better for an evil tester. Try hitting 2 elements at the same time, whether it 2 listeelements or 2 icons. Most applications are not designed to be protected against this. There is no deselect between the events so the app gets out of sync. Often a thread is started for an action and there is no synchronization that could stop this. Chances are high that you create strange effects on the app. And if the app get's into a strange situation for example overlapping menus: don't stop! This is your chance, now you have good chances to crash it and win by knock out.
(Mis)use Softkeyboard
Since the iPhone started a huge amount of devices came without any keyboard. They have so called soft keyboards that appears where needed on the screen. Try to get the keyboard at a point where it is not needed and use it. Maybe you can confuse the app.
(Mis)use Orientation changes
Accelerometers are more than a nice toy. But writing orientation aware apps isn't easy. Ever saw text falling out of it's boundary dialog? Try to rotate the device in the middle of an action, maybe you have the luck to find such a problem.
Freitag, 5. Februar 2010
Donnerstag, 4. Februar 2010
BlackBerry JVM errors
More as a reminder for myself than a normal blog:
http://www.blackberry.com/developers/javaknowledge/general/kpa0307163334.shtml
good to know:
When you have one of those JVM whitescreen you can still use javaloader.
I could capture a screenshot and grab the eventlog.
http://www.blackberry.com/developers/javaknowledge/general/kpa0307163334.shtml
good to know:
When you have one of those JVM whitescreen you can still use javaloader.
I could capture a screenshot and grab the eventlog.
Dienstag, 2. Februar 2010
Oracle and Microedition?
Just watched Oracles webcast about the upcoming Java strategy after acquisition of Sun:
http://oracle.com.edgesuite.net/ivt/4000/8104/9236/12630/lobby_external_flash_clean_480x360/default.htm
Best news for Java mobile developers: the plan is to merge ME and SE!
Best news of the day for me. 2 years ago at RIMs annual developer conference the head of Java development for BlackBerry said in a session this would never happen for their platform, so we'll see. Now there is a big player involved as well ;-)
It will obviously take a while but Google showed how to build a modern platform with Android based on Java SE. It will be interesting to see what will happen next.
Interesting: JavaFX and Netbeans are both part of the mobile strategy. It will be a thrilling year for mobile java world.
Here's the ME slide:
(c) Oracle 2010
http://oracle.com.edgesuite.net/ivt/4000/8104/9236/12630/lobby_external_flash_clean_480x360/default.htm
Best news for Java mobile developers: the plan is to merge ME and SE!
Best news of the day for me. 2 years ago at RIMs annual developer conference the head of Java development for BlackBerry said in a session this would never happen for their platform, so we'll see. Now there is a big player involved as well ;-)
It will obviously take a while but Google showed how to build a modern platform with Android based on Java SE. It will be interesting to see what will happen next.
Interesting: JavaFX and Netbeans are both part of the mobile strategy. It will be a thrilling year for mobile java world.
Here's the ME slide:
(c) Oracle 2010
Dienstag, 19. Januar 2010
Getting redirected
I just ran into a problem with HTTP redirects.
As a BlackBerry developer I don't have to deal with those 30X responses as long as the BIS or BES is doing the HttpConnection. Those services follow every redirect automatically and the clientside call to HttpConnection.getResponseCode() will get only return the final result. The application will not know, that it was redirected at all.
Actually I saw a lot of implementations (example Symbian) where this is simple handled by HTTP API itself. On ME devices some implementations also do this.
But when you start with SSL Connections (https) this will fall back on you. Same for APN based connections where no proxy is inbetween.
But my code was prepared and checked for:
HttpConnection.HTTP_MOVED_PERM
and
HttpConnection.HTTP_MOVED_TEMP
which I knew for a long time where the redirect values (as integers these are 301 and 302).
But yesterday this code broke! Why? Because I got a different result: 307!
After some google I found out that the specification of HTTP 1.1 changed the default value for moved temporarily. They now called it "redirect temporarily" with the new value 307. The old moved 302 is not simply called "found".
But as always I just should have looked into the JavaDoc more closely, its already there:
HttpConnection.HTTP_TEMP_REDIRECT
So alway check for both: HTTP_MOVED_TEMP and HTTP_TEMP_REDIRECT!
see also http://developers.sun.com/mobility/reference/techart/design_guidelines/http_redirection.html
As a BlackBerry developer I don't have to deal with those 30X responses as long as the BIS or BES is doing the HttpConnection. Those services follow every redirect automatically and the clientside call to HttpConnection.getResponseCode() will get only return the final result. The application will not know, that it was redirected at all.
Actually I saw a lot of implementations (example Symbian) where this is simple handled by HTTP API itself. On ME devices some implementations also do this.
But when you start with SSL Connections (https) this will fall back on you. Same for APN based connections where no proxy is inbetween.
But my code was prepared and checked for:
HttpConnection.HTTP_MOVED_PERM
and
HttpConnection.HTTP_MOVED_TEMP
which I knew for a long time where the redirect values (as integers these are 301 and 302).
But yesterday this code broke! Why? Because I got a different result: 307!
After some google I found out that the specification of HTTP 1.1 changed the default value for moved temporarily. They now called it "redirect temporarily" with the new value 307. The old moved 302 is not simply called "found".
But as always I just should have looked into the JavaDoc more closely, its already there:
HttpConnection.HTTP_TEMP_REDIRECT
So alway check for both: HTTP_MOVED_TEMP and HTTP_TEMP_REDIRECT!
see also http://developers.sun.com/mobility/reference/techart/design_guidelines/http_redirection.html
Dienstag, 5. Januar 2010
Google utilities
A happy new year!
it doesn't always has to be Apache/Jacarta libraries when you need some utilities.
Check out what google has to offer:
http://code.google.com/p/guava-libraries/
It's Apache licenced too and contains Googles new Collection Library 1.0
It's for Java5 only, therefore currently only mobile developers for Android can benefit of it
it doesn't always has to be Apache/Jacarta libraries when you need some utilities.
Check out what google has to offer:
http://code.google.com/p/guava-libraries/
It's Apache licenced too and contains Googles new Collection Library 1.0
It's for Java5 only, therefore currently only mobile developers for Android can benefit of it
Sonntag, 6. Dezember 2009
Hard reset your BlackBerry
Ever find yourself in the position where you want to hard reset your Blackberry without pulling out the battery? There are some apps in AppWorld that can do exactly this. Every wondered how they do this? There is no API for it.
I just found a great post in the BlackBerry Support forums which explains how to do the magic:
The only situation where the BlackBerry wants to restart is after installation/deinstallation of running modules. And that's exaclty the solution: just do it. :-)
(from http://supportforums.blackberry.com/t5/Java-Development/How-can-I-programmatically-reset-a-blackberry/td-p/116854)
I just found a great post in the BlackBerry Support forums which explains how to do the magic:
The only situation where the BlackBerry wants to restart is after installation/deinstallation of running modules. And that's exaclty the solution: just do it. :-)
(from http://supportforums.blackberry.com/t5/Java-Development/How-can-I-programmatically-reset-a-blackberry/td-p/116854)
Donnerstag, 3. Dezember 2009
Midlet Installation Problems
Do you know the depressing moments when your JME application doesn't start? Or can not be installed although everything was fine on simulator or even on the different device?
The system is normally not much help at all so you spent hours guessing and trying: software development at it's worst.
Often it's simple a system check of properties in some of the files (often much too strict if you ask me). This could be a version number that contains a wrong formated build-number (Midlets need major.minor.build instead of major.minor.build.revision) or signature hashes written by your build tools into the manifest file.
Next time when you don't have a clue this document could help as a checklist (thanks to my colleague Yousuf who found this document):
Why Doesn't My MIDlet Run?
The system is normally not much help at all so you spent hours guessing and trying: software development at it's worst.
Often it's simple a system check of properties in some of the files (often much too strict if you ask me). This could be a version number that contains a wrong formated build-number (Midlets need major.minor.build instead of major.minor.build.revision) or signature hashes written by your build tools into the manifest file.
Next time when you don't have a clue this document could help as a checklist (thanks to my colleague Yousuf who found this document):
Why Doesn't My MIDlet Run?
Abonnieren
Posts (Atom)
Posts
