The state of Matrix

The developers behind Matrix (in their own words, An open network for secure, decentralized communication”) have recently published a post about a demo they’ve built of truly peer-to-peer communication on the Matrix network. It’s a bit of a hack, but shows what’s possible. Running code provides real-world feedback and allows them to find and focus on unexpected problems.

I’m a keen advocate of decentralised tools and the need to escape ubiquitous, casual surveillance of our online lives, so I want to see Matrix succeed. I’m not using it yet as a daily driver.

Matrix is yet another project I don’t have the mental bandwidth to follow in detail, so I appreciated the summary by a participant on the Binary Times Audiocast Telegram channel on the current state of Matrix. I quote verbatim:

I use RiotX on Android on a — probably weekly — basis. There’s a bit of change going on at the moment in the Matrix ecosytem with the device cross-signing.

I want to like Matrix, and still use it instead of an IRC Bouncer. There’s also a couple of small communities I follow who are only on Matrix, which is good. The UI for new threads isn’t great however, so I find myself clearing notifications for many chats instead of just a single group.

I’ve also used Matrix as a bridge to other systems, like Telegram and Slack, and I find it a bit crap for those, sadly, although it does (in theory) give you a singlular pane of glass for all your communities. The problem is exacerbated by the fact that New Vector (the firm who run Matrix) only host bridges to Slack and IRC. For all other bridges, like Telegram, Discord etc, you either need to host your own or use someone else’s service. The Someone else’s service” is the real sticking point, as once it gets loaded, you rapidly risk losing messages, at which point the benefit to the bridge is lost.

As an open source distributed IM system, it’s capable and being developed in a sensible way, BUT, it has nowhere near the resources it needs to push it beyond Signal, WhatsApp or Slack, so it’s always going to be second or third tier.

The fact that Mozilla have backed it is good, and should have brought it more recognition, but frankly, it’s been more like a preaching to the choir” moment. People who know open source, and care about IM know that Mozilla backed it… But that’s a niche of a niche of a niche.

There are three key things for me:

  1. the flexibility of the project. Technically, it’s not an IM platform, it’s a distributed database. People have used it for blogging and diaries and all-sorts.
  2. baked in e2ee for multiple devices. With megolm (an iteration on the Double Ratchet techniques) and cross-device signing, there’s the capability to be an exceptional replacement for services like Signal, particularly if they sort out P2P mode.
  3. possibly currently the biggest letdown in the project, but the thing that’s likely to attract most attention is the bridging. It’s a gateway drug to Matrix…. If they could make it compelling… But they’re generally flaky and not well implemented.

There are some very interesting challenges ahead for the Matrix team, and not just in technical terms.

I suspect I’m like many others who learned of Matrix because of its bridging feature. The name of the project didn’t invite me to dig deeper; I thought bridging was all there was to Matrix.

The incomplete bridging feature is a distraction for the team and a possible PR nightmare. Bridging to muliple protocols is a hard problem to solve and it’s not the core point of Matrix.

June 4, 2020

Getting the most out of Cygwin

A default install of Cygwin can feel very alien, even if you’re familiar with command-line Linux. Part of that is down to Cygwin’s not-great default integration with your Windows account. Another part of it is the dopey installer defaults which leave you with a half-crippled environment.

As you install Cygwin…

Choose the appropriate architecture

If you have a 64-bit machine, use the 64-bit installer. This will allow you to make the most of the memory on your machine.

Run the installer as Administrator

This is not obvious, but not doing it this way is the cause of many broken Cygwin installs.

Keep the setup defaults

Did I mention that Cygwin Setup is brittle? The rest of Cygwin is much smoother, I promise.

Choose some extra packages

Search for vim and check all the options you see.
Choose curl. Choose wget. Choose file. Choose openssh.

Don’t use the Irish mirror

It’s a dog. Pick one from a UK university instead.

After you’ve installed Cygwin…

Here’s what I always do after installing Cygwin for the first time on a new machine:

Edit the shortcut to mintty to make it a login shell

Find the Cygwin Terminal in your start menu and right-click it. Choose Properties’.
Charge the value of the argument to mintty.exe in Target’ as follows:
C:\cygwin\bin\mintty.exe -e /bin/bash --login
This change will cause the shell opened in the terminal program to be a login shell - which means your ~/.bash_profile file will always be read when you open a new terminal.

Make your home directory a symbolic link to c:<me>

Open a Cygwin shell. You’ll be in your Cygwin home directory, which has none of the familiar stuff you’d expect to see when you open Windows Explorer. We’ll fix that now.
Move all of the contents of your Cygwin home directory into your Windows home directory: 
$ _IFS=$IFS && IFS=$'\n' && mv $(find . -mindepth 1 -maxdepth 1) $(cygpath -u $USERPROFILE) ; IFS=$_IFS
Delete your now-empty Cygwin home directory and create a symbolic link with the same name pointing to your Windows home directory:
$ cd /home && rmdir $USER && ln -s $USERPROFILE $USER
Change directory back into your new home directory and start Windows Explorer:
$ cd ~ && explorer . &
Presto, you’ll see all your usual files! That means you can now use Cygwin to - for example - navigate to your Documents” folder with the command cd ~/Documents

Fix the colourful but wonky-looking default prompt

Using your favourite editor, open the file ~/.bash_profile. It may not exist; that’s OK, you can just create it.
If it doesn’t exist, add the following lines to it:
export PATH=$PATH:.:~/bin
PS1="[\u@\h:\w]$ "
If it does, just add the last line.
If you’re feeling a bit brave, you can try the following subtle but useful prompt instead:

Configure your corporate proxy in your bash environment

If you use a corporate proxy, use the following as a starting point. These settings go into your ~/.bash_profile:
export ftp_proxy=http://corpproxy:8080
export http_proxy=http://corpproxy:8080
export https_proxy=https://corpproxy:8080
export no_proxy="10.*, 192.168.*"
Remember that ~/.bash_profile is only read when your shell is started, so open a new terminal to get the changes.
Having the proxies set in your environment will allow lots of command-line tools that use the network to work properly: apt-cyg, youtube-dl, curl, wget, links and so on.

Install apt-cyg for command-line installation of Cygwin packages

As you’ve probably already noticed, the Cygwin installer is very clunky. I bypass it by using a tool that bears a passing similarity to Debian’s apt-get - it’s called apt-cyg.
If you need to use a proxy, follow the steps above, then follow these instructions to install apt-cyg.

Set up some useful aliases

Add these to your ~/.bash_profile:
alias ls='ls --color'
alias ll='ls -l'

September 8, 2014

ISO 29119 is dead in the water

The ISO are attempting to standardise testing, but there’s no consensus in the testing community. In particular:

‘An opponent of the specification, Scotland-based test consultant James Christie, does not like the idea of a standardized approach to software testing nor the approach of the ISO effort. ISO 29119 puts too much emphasis on process and documentation rather than the real testing,” Christie says. Of course that is not its purpose or the intention of the people who have developed it. However, I have seen in practice how people react when they are dealing with a messy, complex problem and there are detailed, prescriptive standards and processes on hand. They focus on complying with the standard and lose sight of the real goal.”’ 

Sound familiar? ;-)

Take a look at the conversation on Twitter to get a feel for the level of opposition.

I think the Context Driven school do a much better job of providing testers with a guidance and a rich education; See Cem Kaner’s Black Box Software Testing course and James Bach’s Rapid Software Testing courses. Cem Kaner’s course materials are available online via a Creative Commons license. The context-driven approach is about descriptivism rather than prescriptivism.

August 29, 2014

Softest Ireland: Nathalie Rooseboom de Vries presents How to catch a high-speed train - End to end testing at NS Hispeed”

Softest Ireland host occasional presentations by testers from Ireland and around the world; Janet Gregory and Michael Bolton have been previous guests. These presentations are free to attend, you just have to be prepared to make the time.

Nathalie’s talk was particularly worthwhile. She was the sole tester on the end-to-end (E2E) testing of the ticketing system of Fyra, the high-speed rail connect between Belgium and the Netherlands.

These are the key ideas she shared. Some are borrowed from her spare-time pursuit as a casualty simulation victim, during which she gets to observe medical personnel at work. I’m always interested in hearing ideas from folks who are open to cross-fertilisation of ideas into testing from other disciplines.

  • Draw a talking picture” of the system; a simplified diagram of each of the components and the paths through each over time, for each business flow. Use this to discuss testing coverage with non-technical staff.
  • Ask stakeholders What is your worst nightmare?” Prioritise these scenarios.
  • Radiate confidence. The calmer you are, the calmer the stakeholders will be.
  • Cultivate relationships with the business folks; find ways to get to know your team.
  • Ask for help. Asking for help is very empowering, as it is difficult to refuse.
  • Use checklists - you can’t memorize everything, especially when you’re under pressure.
  • Implement a time-out protocol.
  • When running an end-to-end test, have a pre-agreed signal to indicate a No Test” situation. This is a flag you can raise to indicate a critical issue discovered during a test (but perhaps unrelated to the test being executed). When the No Test” flag is raised, the teams must come together to implement and install a patch on the E2E system. The best Nathalie and her team were able to do from an initial No Test” flag to getting the patch into the E2E environment was four hours.

Interestingly, she also outlined how she got hold of a dedicated end-to-end environment - she commandeered the best acceptance testing rig, and then attached components to it as they became available.

The event was very well attended, and the question and answer session during the second half of the talk was better than most, perhaps because everyone can get their heads around a train ticketing system and so the questions tended to delve into interesting details of the challenges Nathalie faced.

Nathalie blogs at Female funTESTic Fanatic and she’s @FunTESTic on Twitter. Thanks for the talk, Nathalie! Hope your broken toe heals soon!

November 28, 2013

Exploring historical formal systems research to steal ideas for modern testing approaches

You probably know I’m a bit of a computer history buff; probably because this field is so dynamic and young that its history seems short enough to get a handle on. (Turns out that’s wrong, but who cares, I’m hooked.)

I’ve started watching the 1982 BBC TV series The Computer Program (watch it in its entirety at (…and consider giving this wonderful organisation a donation!)). At the end of the first episode (starting at 21:39), author and technology commentator Rex Malik forecasts how the ubiquity of computers in society will transform our lives over the coming decades - in fact up to our present time. He’s astonishingly prescient!

At the start of the clip, the camera pans in close-up over a stack of books on Rex’s desk, to the sound of him mashing keys on a manual typewriter. The title of one of those books caught my attention, and after I’d heard Rex’s accurate prognosis, I reckoned his books were worth taking another look at.

One of them is entitled Every Object is a System, by Dr Patrick Doyle. The book is out of print, and some casual Googling doesn’t turn up any second-hand copies, but I did find a summary of the book, in Bernie Cohen’s sharp, witty, short and (as far as I can tell) accurate A Brief History of Formal Methods (PDF). (…he’s a little too liberal in his use of scare quotes, but we’ll forgive him that.)

Here’s what Cohen has to say about Patrick Doyle and his book Every Object is a System:

In the early 70s, Dr. Patrick Doyle, a mathematician with the Irish Life Insurance Company in Dublin, was commissioned to develop a sales commission tracking system. Not being a systems analyst’, he tackled the problem in an unconventional way: by constructing a model of the required system in set theory. Although he believed that the model he had constructed captured all the requirements of the potential users of the system, he felt that it should be signed off as an acceptable specification before he proceeded to implement it. So he offered the appropriate authority, the Board itself, an interesting alternative: either to receive a long, rather boring and probably ambiguous English-language document, which he could derive from his model, or to follow a short course in elementary set theory which would enable the Board members to read and understand his specification in its original form. The Board took the course, read and understood the formal specification, made some suggestions for change and signed it off. Doyle turned the model into a collection of precise software module specifications which he passed to a small team of (non-mathematical) programmers, who coded and integrated’ the modules. The system worked first time! Paddy Doyle was so far ahead of his time that he had to publish his own book, Every Object is a System (still available from its author), in which he presents his unique view of the rôle of mathematics in information system design, concluding that, ultimately, it is an exercise in topological manifolds.

That article was published in the journal Formal Aspects of Computing in January 1995.

I’m still not sold on formal methods, but the field is nonetheless worth paying attention to. Perhaps the most revealing passage about translating formal methods into a language comprehensible to end users comes in the very next paragraph in Cohen’s paper:

At about the same time, Jean-Raymond Abrial and Steve Schuman, in the IRIA laboratory in France, were also investigating the use of set theory as a medium for system specification. They called their notation Z (after Zermelo and Fränkel, who had defined the well-founded set theory on which they relied). Z was taken up by the Programming Research Group at Oxford University, by then under the leadership of Strachey’s successor, Tony Hoare, where it was enriched, supported by tools and applied to several real problems in industry and commerce. One of these was the CAVIAR system for administering visitors to STL Harlow, ITTs main laboratory. Abrial himself interviewed the client, Gladys, who manually maintained the records and bookings for the 12000 visitors who passed through STL each year, and constructed the (very elegant) Z specification.

However, unlike Doyle, he made no attempt to instruct Gladys in the mysteries of set theory. Instead, he validated’ his model by deriving from it ten theorems (’emergent’ properties of the model), each of which could be cast in the form of a simple, English-language statement about the system, such as: No two visitors shall share the same hotel room’, and asked Gladys to confirm, or deny, them. Gladys gladly did so and the system was duly implemented.

The model’s emergent properties’ sound to me a lot like the tests that emerge from a specification when using Acceptance Test Driven Development (ATDD). To find out how to do that well, take a look at How to transform bad acceptance tests into awesome ones, by Augusto Evangelisti. Augusto and I used to work together, and it looks like he’s taken ATDD to a very clean level indeed. In my opinion, this approach is the future of automated testing.

September 14, 2013

Falsehoods programmers believe about time

Almost exactly two years ago, Patrick McKenzie wrote Falsehoods programmers believe about names, which lists common assumptions about how human beings are named. As the offspring of Dutch immigrants living in Ireland, this post rang very true to me - my family background forces me to notice names and the assumptions people make about them. Patrick’s post is one I’ve returned to again and again when I need inspiration when testing how names are stored in systems I work on.

Now Noah Sussman brings us Falsehood programmers believe about time, in the same spirit as Patrick’s post. Here are a few of them. Go read the full list.

  • The system clock will always be set to the correct local time.
  • The system clock will always be set to a time that is not wildly different from the correct local time.
  • If the system clock is incorrect, it will at least always be off by a consistent number of seconds.
  • The server clock and the client clock will always be set to the same time.
  • The server clock and the client clock will always be set to around the same time.
  • Ok, but the time on the server clock and time on the client clock would never be different by a matter of decades.
Update: (the organisation for standardisation on the web) has put together a decent page entitled Personal names around the world. It provides real-world examples of names that don’t fit the western naming approach, explains the conventions behind these different name presentations and then makes recommendations for form design. Well worth your time.

August 24, 2013