play Russian roulette
to take foolish and dangerous risks
Introducing Russian Roulette
To “play Russian roulette” is a commonly-used phrase, describing taking unnecessary risks. I wonder how many of you know the origin of this idiom. For those who were as clueless as myself, Russian roulette is a potentially lethal game in which one places a single round in a revolver, spins the cylinder, places the gun to one’s head and pulls the trigger. As you may have guessed “Russian” refers to the country of origin and “roulette” to the risk-taking and also to the spinning of the cylinder which is reminiscent of spinning a roulette wheel. One chamber of the revolver is loaded which means that the person pulling the trigger has a one in n chance of hitting it.
The phrase “Russian Roulette” has been around since the 1930s when it was first used in a short story by Georges Surdez (the chap on the right) and I argue that such foolish practices are still going strong. And you, dear tester, are not so far-removed from Russian Roulette games. You may not own a weapon or even know how to fire one but you could be playing a game of Russian Roulette every single time you test your mobile applications. Let me explain…
Testing Mobile Applications= Playing Russian Roulette?
You’re testing mobile applications independently or for a company. In the case that you’re working for a company and playing by their rules, you may find yourself using a public cloud. And here, dear tester, is where you are playing Russian Roulette. You may be aware of the risks and dangerously ignore them or you may genuinely not know what risks you are exposed to. Allow me to elaborate on the risks involved in using a public cloud when testing mobile applications:
Exposing Sensitive Data to Strangers
It could very well be that when using the public cloud in order to device your mobile devices you are exposing sensitive corporate data to other users. In fact, your data could be intercepted as it leaves the public cloud by unauthorized users. Only a private cloud that is protected by the corporate firewall will allow you to have full control over the devices you are testing and will secure device communications via encryption.
Sharing Devices with Competitors
Developers and testers from other organizations, including competitors, could be running tests on the same devices you’re using. Mistakes happen- devices could be made “available” for others without them first having been wiped or restored to their original status. What a perfect way for others to see just what you’ve been up to! Once again- a private cloud solution will ensure that your data and devices stay within the safe corporate firewall.
Industry Regulations Could Be Compromised
Let’s suppose that you are testing a mobile application for a healthcare organization. In the field of healthcare information pertaining to the healthcare of clients is considered absolutely confidential. Now imagine that you are testing the health organization’s application in a public cloud. Can you vouch for the fact that client data remains 100% protected and confidential? You know the script by now- only private, cloud-based mobile testing can allow you to be confident in that fact that you are not compromising the regulations of the industry you testing the application(s) for.
Inaccurate App Performance Representation in Jailbroken & Rooted Devices
I’m not a believer in testing on jailbroken and rooted devices in any case. For those who combine jailbroken or rooted devices with public cloud…you are, as some say, bringing a curse down on your head. Jailbreaking is not looked kindly upon by the Digital Millennium Copyright Act and could even be considered a copyright violation, depending on the device. When testing mobile applications in the public cloud on jailbroken and rooted devices you are not only putting the corporation for whom you’re doing the testing in a legal bind, you are also taking the chance that the app will perform differently than to how it may perform on a non-jailbroken, non-rooted device. And that, my friends, is a lot of risks to be taking, don’t you think? You already know what I think the answer is- so steer clear of jailbroken and rooted devices and secure your mobile app testing process with a private cloud solution!
Security Gaps Created by Using Third Party Vendors
Security gaps are created by managing services externally through off-premise hosting services that are operated by third-party vendors. Another opportunity for unauthorized users to access confidential information. Apps and devices can be secured by using a centrally-managed pool of them in…a private cloud of course.
In conclusion? It’s high time we got rid of the dangerous practice of Russian Roulette in all its forms and practices and in my eyes, there is nowhere better to start than in our field of Mobile Application Testing. Play safe testers…