This grand experiment, the Mozilla project, wraps up its 9th year and begins its 10th today.
Today also marks the ninth anniversary of my first attempts to get involved with the Mozilla project. It ended up taking several months of reading newsgroups, reading bugzilla reports, testing occasional builds (made available by Mike Wynholds, and later Jason Kersey's mozBin site,) before I considered myself to be a valuable part of the project, but I've been here since the beginning and I couldn't be more proud of what we have accomplished in these 9 years.
(Literally) tens of thousands of people have devoted uncountable hours and herculean effort making this project what it is, and today I celebrate all of you.
You all are amazing, extraordinarily amazing.
March 2007 Archives
Years ago, Deanna and I moved Ptolemy over to Hill's Prescription Diet Feline c/d Dry because she was suffering from urinary tract problems. The low-magnesium diet helps prevent the urinary tract crystals that were causing her serious discomfort (and she's actually quite happy with the taste.)
When the news started to break about the hundreds of brands of pet foods that were being recalled for causing serious illness and death, we breathed a sigh of relief knowing that they were only wet foods produced by Menu Foods and Ptolemy eats a dry food made by the Hill's company.
This evening I read that the FDA knows of a manufacturer of dry food that uses the same tainted filler that's apparently at the root of the problems in the recalled wet foods. In the same story, it's noted that Hill's has recalled it's Prescription Diet Feline m/d Dry (not the same as what Ptolemy gets, this one is for overweight cats) because it contains the problem filler. The FDA won't say if it's Hill's that they're investigating or some other manufacturer.
After several minutes of anxiety (we're in Boston for a few days and Ptolemy's at home with a big bowl of c/d) I located the actual Hill's recall, and we're relieved to learn that the problem is limited to just that one Hill's m/d formula and none of their other lines contain the dangerous filler.
This is great news for us and for Ptolemy, but I can imagine the anxiety that the rest of the dog and cat families out there who aren't on a "known good" food must experiencing. What are they supposed to be doing? The FDA is telling them that there's another manufacturer making potentially deadly pet food but they won't say who. Likely thousands of animals have already died as a result of this tainted food and the FDA won't even tell us whether this new manufacturer they're investigating is Hill's or yet another company. Just saying "Yes, it's Hill's" would give a lot of comfort to a lot of people. Alternately, if it's not Hill's saying even that would be better than saying nothing. Saying "we know, but we're not telling" is the just horrible. Time is the difference between life and death in kidney failure situations and not releasing any and all information that could help save pet lives is unacceptable.
I'm a big fan of high-quality "complete" commercial pet foods, and it would be going against the recommendations coming from some respected vets, but if you're one of those pet families that doesn't know whether your cat or dog food is eating a deadly poison, you might consider temporarily moving them over to a homemade diet, even for pets that need specialty diets. I wouldn't recommend this as a long-term program when high-quality, nutritionally complete foods are available at reasonable prices, but I don't believe that there's anything wrong with playing things safe for the next little while -- or at least until the FDA will stop putting business interests ahead of the lives of our non-human family members.
Deanna and I left Redwood City at 4:20 this morning, and 12 hours later we're now in Boston. I'll be at the Mozilla Developer Day tomorrow, presenting with Seth.
If you follow the tech press (or any press, for that matter,) there's an interesting read over at Wired.
via Vlad's blog, I see that APNG support has landed on the trunk and now there's even a tool that will create them! How cool is that.
For those of you who don't know what this means, it means that Firefox pre-3 testing builds have experimental support animated PNG images. They're kind of like animated GIFs but because they're PNG, they support alpha blending.
And now the first APNG editor is also available. It's experimental too, but at least you don't have to code to make them any more. Check out GIF Movie Gear and have some fun with animated PNGs.
I'm reading an increasing number of complaints online that Firefox is charging some monthly fee or installing adware. That's not us. It's most likely people installing something from some scam freeware site. Mozilla doesn't require a credit card to download Firefox. It won't come with toolbars or other third-party crap. Please spread the word. Thanks.
update: I'm not actually talking about the Firefox bundles like Firefox+Google Toolbar here. What I'm talking about are the sites that users register at, download Firefox, and then start receiving a monthly bill for $39, where it's not made clear up front that they're being charged for access to a repository of free software. These sites, and sites that are offering Firefox plus some spyware program without telling the user what they're getting, are the problem, not Firefox+Google Toolbar.
If you've got more than a handful of readers, you're probably reading the occasional insult. If you've got a lot of readers, you might even have regular trolls. It's pretty easy to get used to all of that. If you're passionate about what you do, you're probably willing to endure quite a bit of ridicule.
But nobody should have to endure this.
It's disgusting and it's illegal and I hope that it's prosecuted and someone goes to jail.
I've been tracking the browser share at boingboing.net for a while now because it's a pretty good proxy for overall share in the blogosphere. Right now, Firefox is sitting at 52.1% share of boingboing.net's readership and combined with the other Gecko-based browsers, Mozilla's user agent now accounts for more than 55%.
It's also interesting that while roughly 24% of boingboing.net's usage comes from Macintosh users, Safari only accounts for 12.4%. There are no other Mac browsers with >1% share at boingboing.net so I think it's a reasonable interpretation that nearly half of the boingboing.net Mac users are surfing with Firefox.
What kind of numbers are you seeing at your blog?
Most of you know that I'm not a developer. Actually, I'm about as far from a developer as you can get. I don't even write script. I am interested in learning, though. So, my questions is, for someone that's never done any scripting, what's the best scripting language to start with. I've heard from some people that python is best because it is rigid and will teach you best practices. Others have said that perl is top because it's so versatile and forgiving. Then there's javascript -- the language of the web. And I guess I could also look towards ruby or asp or php.
If you were starting out with little or no knowledge and you wanted to start learning, where would you begin?
How do you all read this blog? Do you read it in a browser or a feed reader. Does your feed reader show the HTML or the syndicated content? I'm going to be making some changes to the site and I want to do as little disruption as possible. Please let me know in the comments how you consume this site. Thanks.
2005-09-07 16:30 GMT <Asa> I love Opera. I can't, for the life of me, figure out why any of them see my commentary as motivated by anything but love.
If you haven't already, go read Nat Torkington's latest radar post, "The Future of Web 2.0". It's a hoot.
I'm headed to Boston on March 30th for Mozilla Developer Day. If you're in the area and you're interested in learning more about Mozilla or just meeting other Mozilla people, do stop in. And if you're gonna be there, do add yourself to the list. (mediawiki is no evite.)
If you've already seen the saddest commercial on television, do yourself a favor and watch the follow-up.
There was a recent slashdot story and now this post at David Berlind's Testbed blog pushing the idea of a Mozilla desktop operating system. All of this was started by a newsgroup post from an unknown user who said, "It seems like a waste not to have an OS that is based primarily on the Mozilla platform..." This was not a serious discussion among Mozilla engineers planning a Mozilla OS. This was an off-topic (to the dev.planning newsgroup) post that has got a bunch of not-Mozilla people discussing the idea of a Mozilla OS.
Get your Twitter on with Tweetbar, a handy way to use Twitter right from the comfort of your Firefox Web browser.
It looks like some in the tech press are finally starting to understand that online security is about the exposure.
To add insult to injury to IE, Mozilla developers patched Firefox five times faster than did Microsoft's. On average, Firefox had an attack exposure window -- the amount of time between the disclosure of a bug and when it was patched -- of just two days based on a sample set of 26 flaws. By comparison, Microsoft took an average of 10 days to patch the sample 15 vulnerabilities.
But it's not just about time to fix. Time to deployment is also critical, as is the time it takes users to install the update. Microsoft operates on a monthly schedule. Firefox operates on a "get fixes into the hands of users as soon as humanly possible" schedule. Finally, with Firefox's automatic update system, all Firefox users get those installed fixes ASAP. No modern browser can be considered safe without an automatic update system for security bugs.
Forgot one other thing. While I'm happy to praise this writer for moving in the right direction, he still fails to mention that these are "disclosed vulnerabilities" and as far as I can tell, Firefox is the only browser on that list that discloses all of its vulnerabilities -- bugs discovered by both third parties and internal developers/QA. More on that later.
A few people have been expressing some concern around "unexplained" pings or IDS triggers from Mozilla servers. I spoke with our IT team and learned that this is happening because we're trying to improve our load balancing to give users better service at our websites.
As I understand it, there are two basic ways to improve service to different geographic areas. The first is to have a table of IP addresses that correspond to different geographic areas and so when the server sees an IP that is from, say, France, it can connect them to our co-location facility in Europe rather than the one in the US. This, theoretically, can give the user a faster connection and better service. The second mechanism is that when a user connects to us, we can query their nameserver and use that information to determine which data center facility to send them to. The second method can, theoretically, provide even better service because it doesn't rely on static data but actually measures things right then and there to determine which of our co-lo centers can best serve that user.
Now, I'm not an IT guy, but that's how I understand things. Here's the actual response that our IT team is sending to people who have expressed to us some concern about this system:
Mozilla is using proximity based load balancers that send probes from each site to the nameserver that looked up the address to a Mozilla web property (like www.mozilla.com) to dynamically determine which Mozilla data center is closest.What you're seeing is a result of those probes and in no way represents any compromised host. I am working with Citrix to find a better way to reduce the frequency of probes.
If you'd prefer to be statically assigned to a particular datacenter, please send me a list of netblocks in your network and which datacenter is closes (traceroute to 63.245.209.4 or 63.245.213.4).
The Mozilla IT team aren't doing anything untoward here. They're just trying to ensure that people visiting Mozilla get the best possible service. They do recognize that this is causing some users to be concerned so they're working on alternative solutions.
For those of you who prefer something more definitive than my non-tech explanation of how this works, here's a technical description:
When a client's LDNS accesses the GSLB site for the first time, the RTT information is not available with the system. In such cases, GSLB VIP selects a site using the Round Robin method and directs the client to this site. The system then starts calculating the RTT between the site and the LDNS. Similarly, the system deployed on the participating site begin to calculate the RTT between the LDNS and the GSLB site. Periodically, the system participating in GSLB will report the RTT to other participating systems. When the DNS query is sent the next time, the system selects the best site using the network metrics.The system uses different mechanisms such as ICMP echo Request/Reply (PING), TCP, and UDP (DNS) to probe the Round Trip Time (RTT) metrics between the LDNS and the sites participating in the GSLB domain. First, a PING probe is performed to obtain the RTT. If the PING probe fails, the DNS probe is performed to calculate the RTT. If the DNS probe also fails, the TCP probe is performed.
Note: The system performs UDP probing on port 53 and TCP probing on port 80.
Let me know if there's any more info I can provide here.
There are nearly 100,000 blog posts on Firefox extensions, according to Google's Blog Search.
I've taken a liking to the ChromaTabs extension. I'm using Firebug occasionally. I still like textarea resizer. That's about it. I can certainly get along without them and none of the "my top n" or "must-have" or "can't live without" blog posts have swayed me much.
What Firefox add-ons can't you live without.
I read a lot of blog posts about Firefox and one of the common complaints I'm seeing is that Firefox's spellchecker doesn't recognize certain words. What doesn't seem obvious to many people complaining about this is how easy it is to add words to the dictionary. It leads me to wonder if those people might also be missing the spelling suggestion feature. Both are available when you right-click on the mis-spelled or unrecognized word.
Maybe we need to investigate this UI some. It doesn't seem that different to other inline spellchecking features I've used.
update: another tip
Sometimes we get so buried under the day to day work of making Firefox happen that we lose sight of what kind of impact we're making out there. Sometimes we get so caught up with grand plans for how to get Firefox into the hands of more people that we forget what's really working for us.
Sometimes a random blog post can be a good reminder.
Thanks, Fred, for all that code :) More importantly, though, thanks for making Mozilla a more interesting and exciting project. We'll miss your full-time contributions. If you kick as much ass in school as you did on Remora, you're going to have the world at your feet. Good luck. Take care. Stay in touch.
Anyone else seeing anything like this? if so, or if not, please let me know in comments or an email. Thanks.
During the run up to Firefox 2, we released beta builds and release candidates for wide testing and feedback as part of a community beta program. Anyone who downloaded and installed these pre-release versions of Firefox became part of this beta program and was automatically updated to the Firefox 2 final release.
To ensure continued improvement in the quality of Firefox 2, we are now applying the same program to our security and stability release process for Firefox 2. Starting within the next 24 hours, everyone who participated in the beta process will be offered a pre-release version of the next security and stability update.
For Twitter users out there, you might want to check out the nifty Firefox extension that gives you Twittering capability right from the Firefox addressbar. It's called, unsurprisingly, Twitterbar.
I'm sure most of you have seen this, but for those of you who haven't, if you'd like to take advantage of Firefox 2's awesome built-in spellcheck service while still using the rich text formatting of WordPress, you can go get FFSpell, a nifty plugin that will make everything just work.
If you, like me, need to stay in touch with people in other timezones, you're gonna appreciate the FoxClocks extension. It's quite simple, but amazingly useful.
No, it's not the name of a new Apple product :-) I don't often drool over new tech but this is pretty f'ing sweet.
I think I got the link from beltzner, not positive though.
I know that a lot of you all think of yourselves as pretty normal computer users. I sometimes forget and fall back on that assumption too. It takes something like this to remind me:
RSS, which stands for Really Simple Syndication, is another way to get your daily dose of [this ABC News site,] The Blotter. By using an RSS reader in your Web browser of choice -- whether it be Yahoo! or Google -- you can view a feed from The Blotter that will include headlines, summaries and links to full reports.This, coming from one of the U.S.'s premier television and news networks, is not some fluke. We still have a long way to go in developing a language that "regular people" can understand.To subscribe, go to your personalized Web browser (i.e. Yahoo!, Google, etc.) and then go to the Blotter. In some browsers, such as Firefox, the RSS symbol lights up when you are on the Blotter page. Click on it to subscribe. In others, like Yahoo!, click on "Add Content" and follow you browser's instructions to receive a constant feed of new Blotter stories.
So next time you hear someone say that Mozilla is "dumbing it down", remember that most regular people still don't get it, even as we work our butts off to make the tools of the Web more familiar and accessible.
The good folks over at AllPeers have opened up the code (under the same tri-license combo as Firefox).
From the first I saw of the team over at AllPeers, I thought they were going about things the right way. Rather than forking Firefox and trying to add their value the way the Flock team did, AllPeers built a very sophisticated extension that works on top of Firefox.
Today, my early evaluation seems even more justified. They are a cool team that's trying to make cool software and thinking hard about what is "the right thing" in this open source ecosystem.
I wish them all the luck in building a community around AllPeers and I can't wait to see what people can do building on top of AllPeers on top of Firefox.
update: and I have to add that they're off to a pretty good start with lots of easy to find and easy to use "getting involved" documentation. Go team AllPeers!
It took me a bit longer to get caught up after the vacation but I'm completely back now and you all can expect a return to regular blogging.
What A Drag
Today I learned something new about Firefox. You know when you're trying to select text inside of a link and you end up clicking the link, dragging the link, or selecting more text than you actually want (by starting your selection outside of the link.) Well, there's a better way. It turns out that you can hold down the alt key during your selection and it will select as if it was text and not a link.
Unfortunately, this is a Windows-only solution. On my Mac, the alt key leads to a download and on a Linux/metacity setup tested, it drags the window.
So, what's to be done. I propose that we change this behavior so that it's not dependent on a modifier key. Modifier keys suffer in terms of discoverability and, as we've seen in this particular case, collisions with other features on some important platforms.
Currently, in Firefox, when you click and drag, it defaults to a drag and drop behavior.
I believe that text links, which are both text-like and button-like, should default to text-like behavior when performing a click and drag. That would allow easy selection, and copy and paste.
What, then, about the need for drag and drop. Well, I actually think this is a less common task than text selection and, drag and drop of links so my first thought was just use the switch the default and modifier key behaviors. But drag and drop probably is useful and making it less discoverable seems wrong too -- moving that behavior to the modifier key would be just as problematic as it was for selection. What we need here is a new model.
A first pass at this new model could be some kind of visual "handle" for the link that would signal to users that it could be grabbed and dragged off somewhere. On mouse-over, a favicon-like image could overlay one end of the link. We're already trying to train users in this behavior in the address field so extending it to URLs in content seems a reasonable approach. A user could easily move the pointer over to that handle, click to grab it, and drag it where ever.
This would free up the default click and drag inside a link for selection. We'd probably want to require the drag be more than a few pixels so that we don't treat sloppy clicking as selection, but I'll bet we already do something similar for avoiding accidental drags.
Does this sound useful? Am I missing some existing solution that makes both selection and d&d more discoverable and easier to accomplish?
Is there anyone out there looking for an extension project? If so, and this sounds interesting, let me know in comments or drop me an email.
