Thoughts on Mozilla

Thank you, Mozilla

I originally sent this as an all-company email. Below is an edited version.

After 9 fantastic years I’ve decided to move on from Mozilla. Here are some reflections about what makes Mozilla such a special place to work at.

My first commit was a simple right to left localization fix on -- wow, I couldn't believe I was shipping a web app used in 40 languages! It has been an honor to make such a powerful impact in so many people’s lives all over the world. Thanks to Mozilla for inviting me to be a part of their unique and crucial mission. Since then I've had the chance to work on many different projects and technologies, most recently in UI engineering.

Working in the open has been fascinating to me...

read article

Some Tips On Working Remotely

I've been working remotely from a home office with Mozilla since about 2010 (4 years so far) and although it has challenges I still enjoy it. It requires some discipline and most importantly a routine. Matt Gemmell's article on this has excellent pointers on routines and setting up an isolated work space at home. I wanted to add a few things to his post from the perspective of working as a software engineer (my profession)...

read article

How To Protect Against Heartbleed And Other Vulnerabilities

The OpenSSL heartbleed bug was a heavy wake up call. This video provides a quick overview if you want the details. In summary, an attacker could craft a payload with a fake size (up to 64k) and trick openssl into sending a random chunk of server memory. WTF?! To understand how bad this was I spent a minute hacking on this script that was going around. I pointed it at (which is no longer vulnerable) and tried to see if I could catch a username and password flying by. I had one within 30 seconds. That's how bad it was; you could read random parts of the server's memory which may contain passwords, private keys, or whatever else OpenSSL was processing for current site visitors.

I had stolen someone's credentials. Game over, right? How do you protect yourself against something as bad as this? ...

read article

What's Happening at Mozilla?

Most people at Mozilla are remote so each quarter we sync up face to face as a group for an all-hands meeting. There are over 600 employees! We of course sync up in smaller groups more frequently but this is a chance to see what's going on across the entire Mozilla horizon.

So what's happening at Mozilla? We're on the cusp of a huge shift towards an open web platform. That is, something more than a web browser -- something you can run "native" apps on. There's a lot of work left to do, of course. Here is a random dump of interesting projects in the works...

read article

How Do We Open Up The Social Web?

The release of Google Plus presents a unique opportunity to open up the social web. Why? Because it's a compelling product -- it's intuitive and fun with innovative features like circles, hangouts, sparks, etc. In many ways it's a clone of Facebook but that's just a reinforcement of what Facebook (and before that, Friendster) got right. If Plus continues to succeed then the optimist in me envisions this as a golden opportunity! ...

read article

Firefox Goes Mobile

When I got my first Android "smart phone" it felt like a slow, hard-to-use computer on dial-up Internet. Now I use an Android G2 (HTC Vision) which I'd call a pretty snappy, easier-to-use computer. I can't say I do much on it besides calls, texting, and Twitter but I'm excited that Firefox Mobile has just been released. You'll need a newer Android phone (arm v7) to install it and it's going to eat up a whopping 14MB (plus caching) but, hey, Firefox is now mobile! ...

read article

Firefox 4 Is Here And It's Glowing

Firefox 4 has launched! If you want to watch the whole planet upgrade in realtime head over to (built by @potch, @jeffbalogh, and others!). If you haven't already downloaded Firefox 4 then what are you waiting for? After that, join the twitter party by using the #fx4 hashtag in your tweet...

read article

What Happened To The Feeling Lucky Search In Firefox 4's Awesome Bar?

Firefox 4 is about to ship! And it contains a massive amount of enhancements, especially UI enhancements, blazing fast JavaScript, and more HTML5. I'll probably write more about these hot new features and how important Firefox is to the international community but first, this.

In the next week millions of people will begin upgrading to Firefox 4. A large number of them will be upgrading from Firefox 3 so they'll be disappointed to learn that when you type a name or phrase into the Awesome Bar it no longer takes you directly to the website you are looking for. Technically this feature was called Browse By Name but most people probably understand it as performing a "feeling lucky" search in Google. The forums and support site are already filling up with complaints.

Don't worry! The feature was just disabled, it wasn't removed entirely...

read article

How To Achieve True Privacy On The Web: DOMCrypt

The Internet was invented so that data could be decentralized and liberated. Well, so much for that idea. With the rise of services such as Facebook and Twitter we are back to the original mainframe problem: everything is stored and controlled by a central authority. Ironically, today's "to the cloud" meme is making us depend on central authorities even more.

So what about data privacy? In this centralized model we go about our online lives constantly posting data to all these different servers that we trust...

read article

What The New Open Web Can Do: Firefox 4 Demos

Firefox 4 is near the end of its beta cycle but what is so special about this release? Why not see for yourself on the new demo site, the Web of Wonder (requires Firefox 4 beta but some demos do work in Chrome and Safari). I'll be honest, as a web developer, the new power of HTML5, CSS3, SVG, WebGL, etc totally blows my mind...

read article

I've Joined the Web Dev Group at Mozilla

Whenever I'd hear about someone from the Python community getting hired by Mozilla I'd get really excited because I knew they'd continue to share and collaborate in the open source world that I was a part of. So here I am about a month into joining Mozilla myself to work with the WebDev team. Everything Mozilla does is right out in the open: ideas are posted on blogs, code is committed to public repositories--free to use, free to fork, etc. They take a firm stance that everything you do on the web should be free and open even to the point where the new Firefox 4 audio API (which is amazing) doesn't even support the patented, closed MP3 format despite its ubiquity.

This transparent approach to technology is really powerful...

read article