One example -
For login window, suppose you provide uname and passwd and click "Cancel", it turns to the login window again but database still maintains the record and saves it.
In this case, black box testing will verify that "Cancel" button working properly and login window turns up again. But only white box testing would be able to make sure whether the cacelled data has really been discarded or not
1. Login Counter :
Black Box testing may not be able to overwhelm a certain data type value say Int 65326 but if developer is keeping track of login counters the the integer value may be overwhelmed soon and there is a possibility of error. Looping in whitebox(Statement coverage?) would find the issue.
2 MS Calc : sqrt(4)=2, sqrt(2) =1.412........ again reverse the order i.e sqr(1.412....)=2,sqr(2)=4
Functionally this is right and even the display will show you four(4)
Now just subtract 4 from the result and you get a precision error. This would have been easily detected in unit(white box) testing.Think what a disaster it could be for a banking application.
3.when there is a never ending loop trigger by setting something in the application say. a vehicle reached Times Square=True and once true a while loop keeps initiating x classes. Functionally here nothing would be wrong but this could be a disaster in terms of memory leak.
A lot of errors will be missed if we use only black-box testing. That is well known fact. That's why we should perform both. Most of the black-box tests doesn't cover mixed examples. We cant be sure that program will run all of the internal statements and all logical path will be covered. That is possible missed bugs. Its the same like if you don't test part of the program. For example we cant catch memory leaks with black box testing. Program can allocate a lot of memory for something without releasing it.
I will look for something short to show you. Most of the examples are difficult to explain.
I mean i have to give a lot of introduction before you get the difference. It is connected with a lot terminology also. How familiar you are with coding? In white box testing this is vital to be familiar what is happening in program. If you dont get the logic you cant test it.
Most of security problems and encapsulation problems cant be found with black box testing just because there is no way for you to see what is happening inside. Program seem to be secure.
You can login and program makes difference between correct and incorrect password but hackers cant easily get your information with just few tricks using sql injection etc.