The Final Draft of GPLv3 is now available. Looking again at my comments:
That's not too bad. Of the practical/legal ones, I'm particularly pleased about the improvements to 5d), the clause about preserving notices, which now has much less of a whiff of a restriction on modification.
One of the 2 unfixed bugs is perhaps questionable, but I continue to think the other one is serious, and I had an acknowledgement that it would be looked into. I will be following up with the FSF to see why it wasn't addressed. I've resubmitted the other issues to their comment tool.
Congratulations to the SeaMonkey project who, with the fixing of bug 328887, have ported SeaMonkey to run on top of the new XUL toolkit used by Firefox and Thunderbird.
When it was decided to end-of-life the Mozilla Suite 2 years ago, and a group of volunteers formed to start the SeaMonkey project, there was a certain amount of scepticism in some quarters that they would succeed. There was a great deal of work to be done, with the move to toolkit being a very large piece of that - but vital if the project were to have a long term future, rather than being a dead-end fork on top of ageing and unmaintained core code.
With SeaMonkey at version 1.1.1, and now with the new-toolkit-based SeaMonkey 2 in the pipeline, I think we can safely say that those doubts have proved groundless. My warmest congratulations to the entire team. I hope Mozpad (Hey! Cute kitten!), which has formed in similar circumstances, has similar success.
LUGRadio Live is the Linux/free software community conference attached to the usually excellent (although sadly over-profane) LUGRadio podcast. This year, it's in Wolverhampton, UK on the 7th/8th July.
I am speaking, along with many others; my talk is entitled "How To Win Every Argument". To find out what that means, you'll need to be there. There are also BOFs, demos, exhibitors, lightning talks and a live show recording.
It's always a good laugh, so if you are in the UK and don't have a wedding or other major uncancellable event that weekend, come on down.
Spammers have started attaching copies of their pills 'n' porn 'n' pump 'n' dump pages to Bugzillas, and using the resulting attachment URLs in spam, to get around domain blacklists. The versions attached have an obfuscated JS redirect in them which takes the user to the main spammer site. Example.
How do we combat this while giving the least inconvenience to legitimate users?
We can distinguish genuine users from "unknowns" by saying that anyone with any sort of permission bit (e.g. canconfirm, editbugs) is a genuine user. But that doesn't help the first-time bug filer. A ban on uploading attachments for them is very intrusive - they may have a screenshot or logfile or something they want to include.
The obvious fix is to say "OK, if you upload an attachment with any MIME type rendered by the browser which can contain script, we'll switch the type to text/plain; then a triager can come and put it back if they agree the upload is genuine." Neat and simple.
However, that founders because of IE's words-fail-me content sniffing, which will happily render HTML served as text/plain, because it thinks it knows better than you. Grr. Snarl.
Not-as-good plan B is to invent our own MIME types, application/x-bugzilla-upload-text and
application/x-bugzilla-upload-binary, which was set on all uploads from non-permissioned people by default. When actually serving the content, we'd detect IE and serve Content-Disposition: attachment (to force download), and for anyone else we'd use text/plain or application/octet-stream, as appropriate.
Anyone got any better ideas?
For the past few weeks, we've been discussing various ideas relating to the Location Bar in mozilla.dev.apps.firefox. Dão Gottwald has been doing a great job keeping up with the suggestions, and implementing them in the excellent LocationBar2 extension.
Having done the prototyping, and a UI review with Jonathan Nightingale and Mike Beltzner, we now propose that we do the following two independent things, as a start:
We want to make the URL bar totally trusted, and that means not allowing sites to control parts of it to spoof locks or things like that. We can either remove it entirely or replace it with a generic page icon/folder icon/whatever under our control.
I note that mockups posted recently for the Places UI use this icon for a menu, and so we may need to negotiate as to what happens.
If the URL bar is focussed or hovered over, the colour switches back to black throughout. This should be possible using CSS only. The "greyed-out" colour is a pref; people who don't like this feature can set it to "black".
Public Suffix (also called Effective TLD) is the part of the URL not owned by a registrant. E.g. ".com", ".co.uk", "hokkaido.co.jp". 2 is the default for a pref; we think this is the right number, but want real world experience. So Public Suffix + 2 is e.g. http://www.mozilla.org, http://www.ibank.barclays.co.uk/foo/bar/login.do, http://www.fred.blogspot.com/archive/2007/04/06/mypost.
This will look basically like Ka-Ping Yee's mockup.
We may also do other things from the LocationBar2 UI experiments. However, these two things are where we want to start, and then we can look at further changes.
I'd like to finish by pointing out that it seems to me that the process we've just gone through is a textbook example of how open source development and UI prototyping should work in our world. We had loads of cool ideas, implemented them in an extension, kicked them around a lot in discussion, realised some were too radical, and have now come out with a considered proposal. This rocks. Thank you to everyone who took part.
A lot of the same stuff as the last status report, due to only working three days last week :-(
Dear Lazyweb,
I'd really like a bulk upload tool for Google MyMaps. It might even use the new KML/GeoRSS Overlays feature, or something like that. I want to prepare some sort of file of addresses, and upload it, and have them all geocoded and added to the map. Adding 300 points by hand is too much hassle.
Many thanks,
Gerv
Ladies and Gentlemen of the class of '97... wear sunscreen.If I could offer you only one tip for the future, sunscreen would be IT.
The long term benefits of sunscreen have been proved by scientists whereas the rest of my advice has no basis more reliable than my own meandering experience.
This might be an interesting data point for SEO watchers. I was recently emailed by an advertising agency, offering me payment for a link to one of their clients, since "their product is quite relevant to your theme". After a few exchanges, I established that they were in the medical/insurance sector, and the fee would be £50/$100 (I didn't attempt to negotiate upwards). Another back and forth elicited that the client would have been Norwich Union. (Oops, is that a rel='nofollow' I spy there? Sorry, chaps.)
While I was curious, that's not really something I would ever do. After all, my Yes should be Yes and my No should be No; I shouldn't and wouldn't endorse products I didn't have or companies of which I am not a customer, because my Yes would be a "Don't Know".
But it's interesting. Given that presumably you need quite a few links to establish good PageRank, £50 like a fair amount of money. And it's slightly odd, given that the front page of gerv.net has a PR of only 5, and this blog has one of 7. Those aren't all that good, are they?
I should probably have asked what the link text would have been, to find out what term they were trying to promote themselves for. Ah, well.
Serbia has become chair of the Council of Europe (the EU's main human rights watchdog) despite recently being found to have violated the Convention on Genocide for hiding General Radko Mladic. Zimbabwe has become chair of the Commission on Sustainable Development at the UN, despite having an inflation rate of 2,200% per year and agricultural exports halving in the last three years.
What's next? North Korea joining the UN Security Council? These bodies are making themselves a laughing stock because it's Buggin's turn.
P.S. Check this out on the Council of Europe website:
Member States
The Council of Europe has a genuine pan-European dimension:
- 47 member countries
- 1 applicant country: Belarus; Belarus ' special guest status has been suspended due to its lack of respect for human rights and democratic principles.
So it's only OK to shield genocidal maniacs once you're safely a member?
I just had dinner with Chris Messina.
Well, not actually, but it rather felt like it. Instead, I spent 50 minutes watching his video monologue on the way he sees the future of the Mozilla project and Firefox. But it felt very much like he was bending my ear over a quesadilla at La Fiesta.
Blaise Pascal said (in French) "I made this letter very long, because I did not have time to make it shorter." This quote came to mind as I listened to Chris. Before I get to the content, I can't avoid making a few comments on the form.
What better way to make sure as few people pay attention to you as possible? Instead of a short, thought-out, coherent and logically progressive text document, which can be skimmed, re-read, digested, quoted and commented upon, we got a 50-minute twisty ramble through a collection of disconnected ideas. The ramble probably took him less time, but it takes all of us far more. And the more time it takes people to get your point, the fewer will do so. When two people are chatting over a meal, this sort of dialogue is fine. But is it really the optimum way to present your concern to a wide audience?
If this is the way Web 2.0 communicates, then give me Web 1.0 any day.
Also, he starts off saying how important it is that the web be kept open against Microsoft, Adobe and Sun. Er, remind me what technology you are asking me to use to view your video, again?
OK, rant over :-) On to the content. Chris is a great guy, always full of ideas, and he made some good points, but a lot of the different things he said seemed contradictory. Quotes or paraphrases (it would take far too long to skim back through 50 minutes of video for his exact words - see rant above) follow:
Those aside, there's one misunderstanding that I think underlies a lot of what he said, which is that he suggested that we are paying too much attention to the browser instead of the platform. But that's a false dichotomy - the browser (and the open web) is the platform. Others are far more qualified to comment on this than me, but which is more likely to succeed - if we go up against Silverlight, Flex and JavaFX with XUL, as just one more competitor in a group of single-vendor solutions, or if we go up against them with the Web - HTML5, JavaScript, CSS, canvas, SVG, Ogg and open standards?
Shaver talks about the web vs. closed systems, and also addresses Chris's point about tools, in a very timely blog post.
I also think there's a point about focus. If we listened to Chris, the Mozilla Foundation would be launching a free municipal MozillaWiFi service (in which city?), a version of Google Code (but what about MozDev?), a division to write "awesome web applications", doing political lobbying for net neutrality (we're a 501(c)3; as I understand it, we can't), improving the tools for writing XUL applications as well as focussing on improving the XUL platform and continuing to produce Firefox. Clearly Chris is not a man short of ideas, but it reminds me of the boss who said "But why can't we focus our resources across the board?".
I can see he's obviously frustrated with something, but my suggestion would be that, if he wants people to pay attention to his concerns, he needs to think them through better and write them down.
On my recent trip to America, at the extra security checks near the gate at Heathrow, I ran into trouble with the new, patently ridiculous security question.
"Do you have anything in your bag which could be used as a weapon?"
The immediately obvious response was "By whom?". We got into a rather fractious debate with me refusing to say "No", thereby speaking for the improvised killing capabilities, or otherwise, of every other passenger on the plane, and him warning me that I was in danger of being "considered a threat", and that I should "stop joking".
In the end, I agreed to say No to the question "Do you have anything in your bag which could be deemed a weapon?". And, of course, as revenge the guy followed me and made sure I was picked out for extra-special bag search and screening.
However, what if I was a trained Marine, Para or SAS operative, able to strangle people with headphone cords, bludgeon them to death with my laptop or choke them to death on my water bottle? I would have to either take no luggage whatsoever, or say "Yes", at which point I wouldn't be permitted to fly.
This new question is dumb. They might as well ask "Are you planning to hijack the plane?" What is sad is that lots of people, even some who realise the implications of what's being asked, will say "No" just to get past it.
Later, when leaving San Francisco for Toronto, some dude felt my crotch in a really quite intimate fashion because I set off the metal detector alarm. I said "Some day soon, we'll be going through these things naked", and one guard said "Well, that would make it a lot easier." It's salami tactics... People would be in open revolt if they'd introduced all this stuff at once.
(A little bit late...)