How Does the Epitome of Spyware Differ from Other Malicious Software?
Inattentional blindness
1. When we focus closely on
one thing, we often fail to see
other things in plain sight
Inattentional Blindness
2. Our beliefs about our perception are wrong
We don’t perceive the world exactly as it is.
What we “see” is filtered by our brain and influenced
by multiple factors.
Inattentional Blindness
3. We think we see in widescreen
◦ Only a very small part of our vision is in focus at
any one time
Inattentional Blindness
4. We tend to see what we expect to see
◦ Small differences can go unnoticed
“At the time of writing, Apple's website says the gold
MacBook won't ship for another three to four weeks. This
applies to MacBooks in both the 246GB and 512GB
storage options. The space gray and silver options are
sold out too, but those will ship in between one and three
business days.”
Our perception can be easily “primed”
Inattentional Blindness
11. We can easily miss issues which seem
obvious to us later, or are obvious to others
Different people, presented with the same
visual information, may see different things
It’s hard for us to see software “fresh” as a
user does
Inattentional Blindness
12. Nothing, really
◦ We’re made that way
◦ We would find life very hard if our brain didn’t apply
filters for us
Inattentional Blindness
13. If we at least know issues like
Inattentional Blindness exist, we can
try to reduce their impact.
Here are some thoughts – and you may
have your own....
Inattentional Blscuits
14. Vary the “mission”
◦ Test the same feature or scenario with different
goals
Vary inputs
◦ Different paths
◦ Different values
◦ “Galumphing” (James Bach)
Be wary of scripted testing
◦ Reduces thought
◦ Takes focus away from the application
Inattentional Blindness
15. Pair with another tester
◦ One drives, the other gives directions?
◦ Perform the same test separately
Pair with a non-tester
◦ Developer?
◦ Business/Product person
◦ A real user
But .... management may need convincing
Inattentional Blindness
16. DISCLAIMER: Seems to help me – may not help
others!
Making quite detailed notes whilst testing
◦ Hand-written
◦ Typed eg. any text editor, Rapid Reporter
I think more about what I’m doing
◦ Less danger of being on auto-pilot
◦ Make better mental connections
But.... Takes longer . Not always suitable
Inattentional Blindness
17. Taking a break can unblock ideas
Deliberately defocus for a moment
◦ Look at non-active parts of the application or the
screen
◦ Look away and look back
But.... Usually focus is good. Need to find the right
balance.
Inattentional Blindness
18. Which direction is the cat spinning?
Try to make it spin the opposite way...
Inattentional Biscuits
19. We can easily miss issues which seem
obvious to us later, or are obvious to others
The way human perception works – especially
when we’re focussed – can count against us
◦ Often described as “inattentional blindness”
We can try to reduce the problem by
experimenting with ways to change our focus
whilst testing
Inattentional Blindness
Not about how good your eyesight is. Not about how intelligent you are.
We tend to assume our vision works like a camera, just taking in the objective reality in front of it.
Dan Simons – “Seeing the world as it isn’t” video (3:20 – 5:10)
https://www.youtube.com/watch?v=9Il_D3Xt9W0
We see what we expect to see and miss subtle changes.
Give examples of mistakes I’ve made lately
It’s very useful to be able to focus and filter out distractions, eg. Listening to one conversation in a noisy room.
Good that our brain organises ambiguous, uncertain information and gives us early warning of possible threats.
Separate looks at an area of the product. Just as you might look once to make sure the happy path works, and another time to test negative scenarios. One pass specifically to look at the UI, messaging etc
if there is more than one way to get to a particular screen or function don’t always follow the same route. Think if there might even be routes that aren’t obvious or documented but a user might find
Don’t always enter the same data eg. Same usernames and passwords.
You’re more likely to have a narrow-focus or be on autopilot if you always follow the same steps
.. And therefore....
If you’re following pre-determined steps and being told what values to enter you’re not thinking as much about the possibilities. (A user hasn’t been given these steps).
Just by reading a set of steps off a screen you’re taking your eyes off what’s happening in the application
Just my idea. Seems sort of counter-intuitive because you’d think when you’re doing this you’d be more focussed on what you’re doing.
I definitely don’t always do this. There’s an obvious overhead in that your testing is slower.
As we’ve seen we can only apply a narrow focus.
Look for ways to change/break it.
Can do this without having to get up and walk away (which risks the problems of losing momentum when context shifting)