Farm Development

Thoughts on Mozilla

back to all thoughts

Some Tips On Working Remotely

I've been working remotely from a home office with Mozilla since about 2010 (4 years so far) and although it has challenges I still enjoy it. You have to have some discipline and a routine. Matt Gemmell's article on this has excellent pointers on routines and setting up an isolated work space at home. I wanted to add a few things to his post...

How To Protect Against Heartbleed And Other Vulnerabilities

The OpenSSL heartbleed bug was a serious kick to the Internet's collective ass. This video provides a quick overview if you want the details. In summary, an attacker could craft a payload with a fake size (up to 64k) and trick openssl into sending a random chunk of server memory. WTF?! To understand how bad this was I spent a minute hacking on this script that was going around. I pointed it at login.yahoo.com (which is no longer vulnerable) and tried to see if I could catch a username and password flying by. I had one within 30 seconds. That's how bad it was; you could read random parts of the server's memory which may contain passwords, private keys, or whatever else OpenSSL was processing for current site visitors.

I had stolen someone's credentials. Game over, right? How do you protect yourself against something as bad as this? ...

What's Happening at Mozilla?

Most people at Mozilla are remote so each quarter we sync up face to face as a group for an all-hands meeting. There are over 600 employees! We of course sync up in smaller groups more frequently but this is a chance to see what's going on across the entire Mozilla horizon.

So what's happening at Mozilla? We're on the cusp of a huge shift towards an open web platform. That is, something more than a web browser -- something you can run "native" apps on. There's a lot of work left to do, of course. Here is a random dump of interesting projects in the works...

How Do We Open Up The Social Web?

The release of Google Plus presents a unique opportunity to open up the social web. Why? Because it's a compelling product -- it's intuitive and fun with innovative features like circles, hangouts, sparks, etc. In many ways it's a clone of Facebook but that's just a reinforcement of what Facebook (and before that, Friendster) got right. If Plus continues to succeed then the optimist in me envisions this as a golden opportunity! ...

Firefox Goes Mobile

When I got my first Android "smart phone" it felt like a slow, hard-to-use computer on dial-up Internet. Now I use an Android G2 (HTC Vision) which I'd call a pretty snappy, easier-to-use computer. I can't say I do much on it besides calls, texting, and Twitter but I'm excited that Firefox Mobile has just been released. You'll need a newer Android phone (arm v7) to install it and it's going to eat up a whopping 14MB (plus caching) but, hey, Firefox is now mobile! ...

Firefox 4 Is Here And It's Glowing

Firefox 4 has launched! If you want to watch the whole planet upgrade in realtime head over to glow.mozilla.org (built by @potch, @jeffbalogh, and others!). If you haven't already downloaded Firefox 4 then what are you waiting for? After that, join the twitter party by using the #fx4 hashtag in your tweet...

What Happened To The Feeling Lucky Search In Firefox 4's Awesome Bar?

Firefox 4 is about to ship! And it contains a massive amount of enhancements, especially UI enhancements, blazing fast JavaScript, and more HTML5. I'll probably write more about these hot new features and how important Firefox is to the international community but first, this.

In the next week millions of people will begin upgrading to Firefox 4. A large number of them will be upgrading from Firefox 3 so they'll be disappointed to learn that when you type a name or phrase into the Awesome Bar it no longer takes you directly to the website you are looking for. Technically this feature was called Browse By Name but most people probably understand it as performing a "feeling lucky" search in Google. The forums and support site are already filling up with complaints.

Don't worry! The feature was just disabled, it wasn't removed entirely...

How To Achieve True Privacy On The Web: DOMCrypt

The Internet was invented so that data could be decentralized and liberated. Well, so much for that idea. With the rise of services such as Facebook and Twitter we are back to the original mainframe problem: everything is stored and controlled by a central authority. Ironically, today's "to the cloud" meme is making us depend on central authorities even more.

So what about data privacy? In this centralized model we go about our online lives constantly posting data to all these different servers that we trust...

What The New Open Web Can Do: Firefox 4 Demos

Firefox 4 is near the end of its beta cycle but what is so special about this release? Why not see for yourself on the new demo site, the Web of Wonder (requires Firefox 4 beta but some demos do work in Chrome and Safari). I'll be honest, as a web developer, the new power of HTML5, CSS3, SVG, WebGL, etc totally blows my mind...

I've Joined the Web Dev Group at Mozilla

Whenever I'd hear about someone from the Python community getting hired by Mozilla I'd get really excited because I knew they'd continue to share and collaborate in the open source world that I was a part of. So here I am about a month into joining Mozilla myself to work with the WebDev team. Everything Mozilla does is right out in the open: ideas are posted on blogs, code is committed to public repositories--free to use, free to fork, etc. They take a firm stance that everything you do on the web should be free and open even to the point where the new Firefox 4 audio API (which is amazing) doesn't even support the patented, closed MP3 format despite its ubiquity.

This transparent approach to technology is really powerful...

Recent Projects

  • JSTestNet

    Like botnet but for JS tests in CI.

  • Nose Nicedots

    Nose plugin that prints nicer dots.

  • Fudge

    Mock objects for testing.

  • Fixture

    Loading and referencing test data.

  • NoseJS

    Nose plugin that runs JavaScript tests for a Python project.

  • Wikir

    converts reST to various Wiki formats.