Archive for March 2017

Daily Learning - Day 36

Date: 22th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning

Topic 1: HTML Fundamentals - HTML Links



Today's learning is about:
  1. Link Targets
  2. Linking Attributes based on Named Targets
  3. Linking Attributes based on ID
  4. Linking Targets with absolute url and relative url
  5. Title attribute can be used to display as "Mouse Hover Text"
  6. Other attributes for Linking: Language=en, Content-Type=text/html,Relationship=prev.


Exercise:




<p> See the <a href="#Terminology">terminilogy</a> section below for more details </p>

<a title="technical terms">

<h3 id="Terminology"> Terminology</h3>


<li> <a href="./Content/TextElements.html#deepLink"> Text Elements  </a> </li>

<a name="DeepLink" title="Deep Link">
<h1 id="deepLink">Deep Link</h1>

</a>





Lesson Learnt:



Practice:
Always copy and paste the code in Validator and check for errors.


Topic 2: Security Vulnerability Disclosures

CVE-2017-5638: New Remote Code Execution (RCE) Vulnerability in Apache Struts 2 

See more at


https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2/

CVE-2014-0050: Apache Tomcat vulnerable to Denial of service attack

http://www.ehackingnews.com/2014/02/cve-2014-0050-apache-tomcat-vulnerable.html


PS: Follow the Progress over here on Skills


Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 35

Date: 20th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning

Topic 1: HTML Fundamentals - HTML Links

Today's learning is about:

  1. HTML Links
  2. HTML Links: Types of Links
  3. Absolute Links - Creating a Folder and Targeting the Link Absolute to Folder HTML
  4. Relative Links to Other Documents
  5. Source and Target in Links


Exercise: Linking the Text Elements, Lists to Absolute Links for Documents inside the Folder Path




Exercise: Linking the Superscript Text: 1, 2 to Outside URL's



Lesson Learnt:
When inputing the text for Relative Path as ".\Content\TextElements.html"
W3C Validator says: Error - Backslash ("\") used as path segment delimiter.

To Solve this, we can use - ForwardSlash "/", instead of Backslash "\" 


Practice:
Always copy and paste the code in Validator and check for errors.


PS: Follow the Progress over here on Skills

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 34

Date: 19th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning

Topic 1: HTML Fundamentals - HTML Lists

Today's learning is about:

  1. HTML Lists: Unordered List - Disc, Square, Circle
  2. HTML Lists: Ordered List - Alpha, Roman
  3. HTML Lists: Definition List - Definition Text, Definition Definition.
  4. Ordered List and Unordered List with Class - CSS Styles
  5. Ordered List with Start and Value Attributes.
References:


Lesson Learnt:
Earlier, we were able to use ordered list or unordered list with type attribute to define the list. 

Now, Using CSS - We should define the list type.


Exercise O/P:

Practice:
Always copy and paste the code in Validator and check for errors.


PS: Follow the Progress over here on Skills

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 33

Date: 18th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning

Topic 1: HTML Fundamentals - 1

Today's learning is about:

  1. HTML Elements: White Spacing
  2. HTML Elements:  Superscript , Subscript
  3. HTML Elements:  Citation, BlockQuote
  4. HTML Elements:  Acronym, Abbreviation
  5. HTML Elements:  em , Strong 




Lesson Learnt:
Verify if the HTML Elements are supported by HTML Version or not.
https://www.w3schools.com/TAgs/

Example:
The <acronym> tag is not supported in HTML5.




Practice:
Always copy and paste the code in Validator and check for errors.


PS: Follow the Progress over here on Skills


Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 32

Date: 16th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning

Topic 1: HTML Fundamentals - 1

Today's learning is about:


  1. HTML Elements: Head , Body,
  2. HTML Attributes: id, class
  3. Script and Styles in HTML
  4. HTML Headings
  5. Block and InLine Elements
  6. Tags: Span, Line Break, Horizontal Line, Pre - wrap text
  7. Character Entities: &lt; , &gt; &nbsp;



References: 

Inside P Tag, we cannot have nested Div Tag
http://stackoverflow.com/questions/21084870/no-p-element-in-scope-but-a-p-end-tag-seen-w3c-validation



Practice:
Always copy and paste the code in Validator and check for errors.
validator.w3.org/#validate_by_input



PS: Follow the Progress over here on Skills
 http://testingeduindia.blogspot.in/p/skills.html 

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 31

Date: 15th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning


Topic 1: HTML Fundamentals

Today's learning is about:

  1. Who invented Internet
  2. Who created World Wide Web
  3. What is HTML
  4. What is HTTP
  5. How HTML Document transfers to WWW
  6. Structure of HTML
  7. Anatomy of HTML Document
  8. What is HTML Doctype
  9. Why do we need to use HTML Doctype in HTML Document
  10. How to Validate HTML Document



References: 
HTML Doctype:  https://www.w3.org/QA/2002/04/valid-dtd-list.html


Validate HTML Document:  validator.w3.org/#validate_by_input
Exercise: Copy the HTML Document code and Paste it in the Validator. Observe, if your Website following all standards and displaying No Errors ?


If any Errors/Warnings:  It will display as Below.





PS: Follow the Progress over here on Skills

 http://testingeduindia.blogspot.in/p/skills.html 

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 30

Date: 12th March 2017

Below are the topics i learnt today..

Follow Hashtag: #SKC100DaysofLearning

Topic 1: Java Fundamentals

Few days back, read that in Every Agile Delivery Team, Testers should have below Skills.

  1. Testing knowledge and experience
  2. Automation knowledge and experience
  3. Agile knowledge and experience
  4. Domain knowledge
  5. People skills
  6. Growth mindset

To start with Automation Knowledge, I need to know the programming first.

So, Started with Java Fundamentals. As I feel, i am not much knowledgeable in Programming.

Below are the Topics , I did a Jump Start.



PS: Follow the Progress over here on Skills - http://testingeduindia.blogspot.in/p/skills.html 

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 29

Date: 4th March 2017

Below are the topics i learnt today..


Follow Hashtag: #SKC100DaysofLearning


Topic 1: Security - Multi-Factor Authentication 


Multi-factor authentication (MFA) is a method of computer access control in which a user is granted access only after successfully presenting several separate pieces of evidence to an authentication mechanism – typically at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).




Two-factor authentication (also known as 2FA) is a method of confirming a user's claimed identity by utilizing a combination of two different components. Two-factor authentication is a type of multi-factor authentication.



Real Example:

We login to Gmail or Box, if 2FA is enabled for your account.
After logging to the application with your password, a OTP is sent to your mobile number and email.
Once you enter the OTP and then User should be able to login to the application.

Another Multi-Factor Authentication Example is:
Income Tax India EFiling Website: If we forgot the password of Login.
Unless you enter both the PIN, the user is not accessible to change the password and access the website.

It sends the PIN (Different) for Email and Mobile Number.


Another Way:

In Gmail - Security, We have Access codes where, in case we could not able to receive the OTP due to Network issues. We can use Codes to Login to the application.

Exercise:
List of websites and whether or not they support 2FA.

https://twofactorauth.org/

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 28

Date: 3rd March 2017

Below are the topics i learnt today..


Follow Hashtag: #SKC100DaysofLearning


Topic 1: Security - Passwords Hard to Remember?

As there are many systems, and we may choose similar/same passwords to most of them.

Do you know whether, your user credentials have been in any breach?

There is a Web Service created by Troy hunt.

https://haveibeenpwned.com/

Note: This is an educational site.

Go to the URL and enter your email address.

Have I been pwned? allows you to search across multiple data breaches to see if your email addresses has been compromised., often with the same passwords which then put the victims at further risk of their other accounts being compromised.





Lesson: Never Choose same passwords for multiple accounts.

Noting the passwords on Online Docs is also not secure.

Possible way: Instead of Passwords, Note the Hints.

Hint Like: Smith 
Smith is well known word, But it is hard to know the password - whether it would be "Cricketer or Name of Country Smith Played or Which Smith or a Restaurant Name"

There are few software services which can generate secure passwords.

1. LastPass
2. 1Password

Remember: These are also less secure.

Read about - 





https://myers.io/2015/10/22/1password-leaks-your-data/

The Best well known password secure storage is Your Brain.

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 27

Date: 2nd March 2017

Below are the topics i learnt today..


Follow Hashtag: #SKC100DaysofLearning


Topic 1: Security - Strong Passwords Secure Way.

Instead of storing as plain text, Convert the password to a fixed length encrypted string using hashing algorithm.

Problem:
If you have same password for multiple users: the encrypted string will be same.

To Solve this, We need to ensure every hash is unique.

Adding a Salt, which is a unique key to the hashing algorithm can be used only by that username.

Final:  Even if multiple users chose the same password, their hash values would not be the same.


Advice from Security Researchers: Not to store the SALT in Database.

It should dynamically apply based on initial character of Original Password.


Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 26

Date: 28th February 2017

Below are the topics i learnt today..


Follow Hashtag: #SKC100DaysofLearning


Topic 1: Security - Strong Passwords


Does your application follow strong password rules?


If Not/Yes.. Read this, If you are having Strong Password Rules.

 


Did you check anytime your Password Strength ?

If Not, Do Not Worry. There is a Handy Tool to Know Your Password Strength.
https://howsecureismypassword.net/

If your password is test1234 - As this password is very commonly used. It would be cracked almost instantly.



When you "Sign Up" in any website, do you keep same passwords for  most of them ?
If Yes, Then it is a Bad Practice. Security Researchers advice's, Not to Use same password for multiple websites.

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India