Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Swx0B-0003bo-Fl for bitcoin-development@lists.sourceforge.net; Thu, 02 Aug 2012 15:07:51 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.220.175 as permitted sender) client-ip=209.85.220.175; envelope-from=g.rowe.froot@gmail.com; helo=mail-vc0-f175.google.com; Received: from mail-vc0-f175.google.com ([209.85.220.175]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Swx07-0003TU-0I for bitcoin-development@lists.sourceforge.net; Thu, 02 Aug 2012 15:07:51 +0000 Received: by vcbfy27 with SMTP id fy27so8625665vcb.34 for ; Thu, 02 Aug 2012 08:07:41 -0700 (PDT) MIME-Version: 1.0 Received: by 10.59.1.193 with SMTP id bi1mr9370930ved.57.1343920061445; Thu, 02 Aug 2012 08:07:41 -0700 (PDT) Sender: g.rowe.froot@gmail.com Received: by 10.58.22.234 with HTTP; Thu, 2 Aug 2012 08:07:41 -0700 (PDT) In-Reply-To: <5019153B.3090001@mistfpga.net> References: <5019153B.3090001@mistfpga.net> Date: Thu, 2 Aug 2012 16:07:41 +0100 X-Google-Sender-Auth: tyGl9Te9lLDGVMj1orn_vFL0Qjo Message-ID: From: Gary Rowe To: Bitcoin Development List Content-Type: multipart/alternative; boundary=047d7bdc9b6ade74e104c649c575 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (g.rowe.froot[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Swx07-0003TU-0I Subject: Re: [Bitcoin-development] The Bitcoin Testing Project X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Aug 2012 15:07:51 -0000 --047d7bdc9b6ade74e104c649c575 Content-Type: text/plain; charset=UTF-8 Hi Steve, This looks like a good idea to me. The test suites could act similarly to the 100% Pure Java approach that successfully fended off a lot of corrupting influences to Java over the years. Maybe it's worth putting together a small starter suite of tests and showing them to the community then providing a suitable process, perhaps through BIPs, to allow tests to be created, reviewed and updated before getting incorporated into a reference. I imagine a BIP would cover an aspect of the blockchain rather than a single test or test suite since having that many BIPs would get onerous fast. Kind regards, Gary On 1 August 2012 12:38, steve wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > > I know most of you have more important things to do, and not enough > time as it is, but I would really like your feedback on the testing > project. > > Bettermeans seemed ideal, it allowed for leaderless leadership with > people being able to dip in and out of what they wanted to do. > however it seems that bettermeans is in no way a finished product and > is rotting fast. > > I would like to move away from bettermeans - whilst retaining the > voting and sub workstream style of working. I would like to set > something up around MantisBT (Mantis Bug Tracker) - this is an > exceptionally versatile bit of software with plugins and interaction > with other testing products (everything from test setups and plans to > test runs and results) I would go as far as saying it is industry > standard (yeah, i know about bugzilla, etc. mantis beats them all > hands down.) obviously we would need a wiki and other software - this > is not a problem. > > I am happpy to pay for the VPS' to host this stuff and set it all up. > > I have quite a bit of experience with mantis and other opensource > testing stuff. > > I see the testing of bitcoin to be very similar to the testing process > in the games industry. for those that do not know how this works it > is like this:- > > A company comes up with a device (xbox/ps), > They then publish a set of dos and donts for this device (TRC for sony > and TCRs for microsoft. - I wrote quite a few of the MS TCR's for the > original xbox.) > They (ms/sony) then test your game against these rules and depending > on how many you pass/fail your game can be released or not. > > I see this as mapping to bitcoin very well, the device is the > blockchain, and the TRC/TCR _tests_ are published so third party > developers can see how they fair [look at gavins recent blockchain > edge cases for an example] (ms/sony do not publish their testcases > only the requirements) > > I believe that this will allow the bitcoin testing project to be able > to cope with the stable builds, bleeding edge builds and 3rd party > implementations all at the same time. > > It doesnt matter what the app is, it is its interaction with the > blockchain, the safe guarding of the blockchain and compatibility with > the previous/future versions that are tested. > > [for the bitcoin dev list] > A little about me:- > The below is more or less a cut and paste of some of the stuff I sent > gavin in my initial email about wanting to be in on the project. > > I can back all of this up with references. I can go into more detail if > needed. > > I was heavily involved with setting up the microsoft xbox european cert > department > I set up qa department for europes largest independant games developer > (although they are no longer) > > worked for microsoft secure science designing security automation tools > > setup the internal pentest for thales e-security (now TITS [Thales > Information Technology Solutions (or Trotters Independant Traders ;), > on thier datacryptors (fpga, crypto and product) - have done full test > cycles on hsm 8000, payshield 9000, dc2k and thier latest line of > military spec comms equipment. > > Setup and pentested Thales and nCiphers credit control software (to > fips level 4 standard - This shit bitcoin exchanges need!! I know bank > is a dirty word in the bitcoin world, but we should be at least as > secure as them) > > I currently find exploits in stuff like office, quicktime, ie, ff, etc > and sell them to companies like ZDI (3com) iDefense (verisgn) and some > pentest companies that require zero day exploits. > > however I would like to ditch this and get my bitcoin related stuff > off the ground - with the BTP being top of the list. > > my spelling is rubbish, and sometimes i forget to spellcheck before i > hit send. sorry about that. > > any feedback would be really appreciated. please! I feel that this has > stagnated enough and I want to get my work out there and I want it to > be useful. (I lost 60 or so testcases because Kev left himself logged > into bettermeans and I added them under his account... none appeared > on the wiki, none appeared anywhere...) > > There is already lots of stuff on the wiki that outlines how i see > things holding together - but you cant see who posted what because of > a bug that has appeared recently [meta info is just displayed as its > meta tag, {name} on {date} wrote.] > > as apposed to Mistfpga on 30/8/2012 wrote... > > so the tl;dr > 1 - I want to use something other than bettermeans > 2 - I can admin opensource software to do the same > 3 - I want to take the voting/hiearachy style from bettermeans and > apply it to mantis and test workflow. > 4 - I want to get some testing done asap. > 5 - I have a full msdn and technet licence > 6 - I have a vast array of machines [nearly 100 cores] that I can use > to automate testing and to test different setups. > 7 - been mining for 18 months or so. > > cheers, > > steve > > I do not belive this to be related, but I am not ashamed and feel no > stigma. I have posted this on a public forum. I suffer from fast > cycling (withing a day) type two bipolar disorder. This has been and > is being managed very well by my meds (300mg quetiapine fumerate and > 30mg mirtrazipine at night) I have been well for over a year now. [and > yes, even with these mental health problems I still hold SCE clearance] > > - -- > my PGP public key is at pgp.mit.edu id: 0x5016FB50 > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.17 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEcBAEBAgAGBQJQGRU7AAoJEFvEB9dQFvtQY9oH/RiNBeWDs+tz0NQgkgtXmxcs > tDtlLWB91gRtmxvXv+yYHE0WXS/qQ5gwaor8Vek61Cvnhij4AQBf7JVYLj03/7fy > cMAFJ5k7ZQmH9URo8Jx8xzQ2tLgZ5BqLbP6fTzDstpExNGJlkZvsC6hTx9OFCubU > bzWuWmcIRzBiMhdz7DPoskOgie5sQRzzO0zrK7NvS1P2hyEhM3eFYFcYecpS8jq9 > SbkH77qnc5pZD2JULq38htVwtI16vxmg/s4GIs3OpEPaMk5xtVc5XHf6gwBZQtYw > fErwZpNDEAmGidRCB4LAqdSx1Xi0ix7GOyvTxBLWTnfB7wIAQNQpBHB9zN8diiA= > =am8B > -----END PGP SIGNATURE----- > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --047d7bdc9b6ade74e104c649c575 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi Steve,

This looks like a good idea to me. The test suites could a= ct similarly to the 100% Pure Java approach that successfully fended off a = lot of corrupting influences to Java over the years.

Maybe it's = worth putting together a small starter suite of tests and showing them to t= he community then providing a suitable process, perhaps through BIPs, to al= low tests to be created, reviewed and updated before getting incorporated i= nto a reference. I imagine a BIP would cover an aspect of the blockchain ra= ther than a single test or test suite since having that many BIPs would get= onerous fast.

Kind regards,

Gary

On 1 August= 2012 12:38, steve <steve@mistfpga.net> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

I know most of you have more important things to do, and not enough
time as it is, but I would really like your feedback on the testing
project.

Bettermeans seemed ideal, it allowed for leaderless leadership with
people being able to dip in and out of what they wanted to do.
however it seems that bettermeans is in no way a finished product and
is rotting fast.

I would like to move away from bettermeans - whilst retaining the
voting and sub workstream style of working. =C2=A0I would like to set
something up around MantisBT (Mantis Bug Tracker) - this is an
exceptionally versatile bit of software with plugins and interaction
with other testing products (everything from test setups and plans to
test runs and results) I would go as far as saying it is industry
standard (yeah, i know about bugzilla, etc. mantis beats them all
hands down.) obviously we would need a wiki and other software - this
is not a problem.

I am happpy to pay for the VPS' to host this stuff and set it all up.
I have quite a bit of experience with mantis and other opensource
testing stuff.

I see the testing of bitcoin to be very similar to the testing process
in the games industry. =C2=A0for those that do not know how this works it is like this:-

A company comes up with a device (xbox/ps),
They then publish a set of dos and donts for this device (TRC for sony
and TCRs for microsoft. =C2=A0- I wrote quite a few of the MS TCR's for= the
original xbox.)
They (ms/sony) then test your game against these rules and depending
on how many you pass/fail your game can be released or not.

I see this as mapping to bitcoin very well, the device is the
blockchain, and the TRC/TCR _tests_ are published so third party
developers can see how they fair [look at gavins recent blockchain
edge cases for an example] (ms/sony do not publish their testcases
only the requirements)

I believe that this will allow the bitcoin testing project to be able
to cope with the stable builds, bleeding edge builds and 3rd party
implementations all at the same time.

It doesnt matter what the app is, it is its interaction with the
blockchain, the safe guarding of the blockchain and compatibility with
the previous/future versions that are tested.

[for the bitcoin dev list]
A little about me:-
The below is more or less a cut and paste of some of the stuff I sent
gavin in my initial email about wanting to be in on the project.

I can back all of this up with references. I can go into more detail if
needed.

I was heavily involved with setting up the microsoft xbox european cert
department
I set up qa department for europes largest independant games developer
(although they are no longer)

worked for microsoft secure science designing security automation tools

setup the internal pentest for thales e-security (now TITS [Thales
Information Technology Solutions (or Trotters Independant Traders ;),
on thier datacryptors (fpga, crypto and product) - have done full test
cycles on hsm 8000, payshield 9000, dc2k and thier latest line of
military spec comms equipment.

Setup and pentested Thales and nCiphers credit control software (to
fips level 4 standard - This shit bitcoin exchanges need!! I know bank
is a dirty word in the bitcoin world, but we should be at least as
secure as them)

I currently find exploits in stuff like office, quicktime, ie, ff, etc
and sell them to companies like ZDI (3com) iDefense (verisgn) and some
pentest companies that require zero day exploits.

however I would like to ditch this and get my bitcoin related stuff
off the ground - with the BTP being top of the list.

my spelling is rubbish, and sometimes i forget to spellcheck before i
hit send. sorry about that.

any feedback would be really appreciated. please! I feel that this has
stagnated enough and I want to get my work out there and I want it to
be useful. (I lost 60 or so testcases because Kev left himself logged
into bettermeans and I added them under his account... none appeared
on the wiki, none appeared anywhere...)

There is already lots of stuff on the wiki that outlines how i see
things holding together - but you cant see who posted what because of
a bug that has appeared recently [meta info is just displayed as its
meta tag, {name} on {date} wrote.]

as apposed to Mistfpga on 30/8/2012 wrote...

so the tl;dr
1 - I want to use something other than bettermeans
2 - I can admin opensource software to do the same
3 - I want to take the voting/hiearachy style from bettermeans and
apply it to mantis and test workflow.
4 - I want to get some testing done asap.
5 - I have a full msdn and technet licence
6 - I have a vast array of machines [nearly 100 cores] that I can use
to automate testing and to test different setups.
7 - been mining for 18 months or so.

cheers,

steve

I do not belive this to be related, but I am not ashamed and feel no
stigma. I have posted this on a public forum. I suffer from fast
cycling (withing a day) type two bipolar disorder. =C2=A0This has been and<= br> is being managed very well by my meds (300mg quetiapine fumerate and
30mg mirtrazipine at night) I have been well for over a year now. [and
yes, even with these mental health problems I still hold SCE clearance]

- --
my PGP public key is at pg= p.mit.edu id: 0x5016FB50

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJQGRU7AAoJEFvEB9dQFvtQY9oH/RiNBeWDs+tz0NQgkgtXmxcs
tDtlLWB91gRtmxvXv+yYHE0WXS/qQ5gwaor8Vek61Cvnhij4AQBf7JVYLj03/7fy
cMAFJ5k7ZQmH9URo8Jx8xzQ2tLgZ5BqLbP6fTzDstpExNGJlkZvsC6hTx9OFCubU
bzWuWmcIRzBiMhdz7DPoskOgie5sQRzzO0zrK7NvS1P2hyEhM3eFYFcYecpS8jq9
SbkH77qnc5pZD2JULq38htVwtI16vxmg/s4GIs3OpEPaMk5xtVc5XHf6gwBZQtYw
fErwZpNDEAmGidRCB4LAqdSx1Xi0ix7GOyvTxBLWTnfB7wIAQNQpBHB9zN8diiA=3D
=3Dam8B
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------= ---
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122= 263/
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment

--047d7bdc9b6ade74e104c649c575--