Now that I have been doing a good bit of functional testing, I am ready to branch out and learn more. One area that I know very little but have a ton of curiosity about is security testing. I do have a small slither of experience. It’s not really even worth mentioning although I find myself wanting to share it right here right now.
When I was in college, the Internet was a much smaller place. I went to a college that had a healthy community of computer geeks. I found my way into their lives on a whim. I was taking a required basic computer class when our teacher told us about the campus BBS. My first thought was, “that sounds like a great way to keep up with what is going on campus.” While BBS did stand for Bulletin Board System, the computer version is way different than the one posted in the school student center. So I logged on my first time expecting to see a virtual bulletin board with events and such but what I found was chat rooms, subject boards(think early forum posts), and some files you could download. I also found many wonderful friends from that BBS – so I’m glad I was curious enough to log in and brave enough to stay logged in after realizing this was totally different than what I had expected.
Many friends I met were into computers – which make sense that you would find those interested in computers logged onto and chatting with other computer users. One person I met was a guy who was in grad school at the time and super good with computers. He already had a high tech job and had written his own BBS. It was through him that I conducted my first security test – hacking into another friend’s fake BBS account.
One friend had an alias – well he had several but he had one I really liked. Her name was Ginger and she was flirty and fabulous. Females on the BBS system were a rare thing – so chances are if you were talking to a sexy, flirty female, that was really a guy who probably had some deep-rooted issues. But back to Ginger. She was cool and fun. It was also an account he would log into a lot. So I thought it would be fun to log in – pretending to be Ginger when he was on his real account. He would have no idea who it was. at one time I knew Ginger’s password but he had changed it without telling me the new one. So my other friend helped me pull this off by cracking Ginger’s password. I remember he used some software (maybe password finder…who knows) to get into the account. The program seemed to run through many different password options and it took about 30 minutes to break in. Oh but what a feeling of accomplishment! It was a lot of fun. Some days I think if only I had been more interested in the technology behind the BBS and not just chatting for hours then I would know all this stuff I am trying to learn years later.
So to begin learning, I am reading a lot of books. Then I hope to work through the exercises and then move onto more books. Then maybe I can get some real-world experience. If only I had paid more attention back then, I could be some sort of Software Testing Superstar today.