Arabic Mozilla“حسابات فَيَرفُكس” الآن باللغة العربية


تم الإنتهاء من توطين مشروع ” حسابات فيرفكس” وإصلاح معظم مشاكل RTL الموجودة بواجهة المستخدم. حيث يمكنكم الآن تجربة النسخة النهائية من إصدار ”

تم الإنتهاء من توطين مشروع ” حسابات فيرفكس” وإصلاح معظم مشاكل RTL الموجودة بواجهة المستخدم. حيث يمكنكم الآن تجربة النسخة النهائية من إصدار “https://accounts.firefox.com

لا تتردد في تصحيح الأخطاء إن وجدت فهذا مشروع مفتوح المصدر ويحتاج إلى آراءكم ومساهماتكم.
ملاحظة: تحتاج إلى الإصدار العربي من متصفح فيرفكس للإطلاع على الإصدار الجديد من مشروع حسابات فيرفكس.
روابط مهمة: 
لمتابعة التراجم والمساهمة في توطين المشروع: https://pontoon.mozilla.org/ar/firefox-accounts
للإبلاغ عن مشاكل RTL الموجودة بواجهة المستخدم: https://github.com/mozilla/fxa-content-server/issues?utf8=%E2%/issues?9C%93&q=RTLhh
3
21

Arabic Mozillaأفضل الإضافات التي ننصحك بها لمتصفح فيرفكس

ماذا يمكنك أن تفعل بفيرفكس ؟، أظن أن فيرفكس علينا أن نطلق عليه إسم نظام تشغيل حتى وهو متصفح، ذلك أنه يمكنه القيام بالكثير من الأشياء ربما تجعلك تستغني عن الكثير من التطبيقات يمكنه تشغيل: ملفات Mp3، ملفات الفيديو، ملفات pdf، يمكنك أن تجعله منصة تنزيل الفيديو، أن تبرمج داخله، أن تكتب والكثير من الأشياء التي يقوم بها ولكن هل تعتبر هذه النهاية؟، لا، من خلال إضافات فيرفكس ستجعل فيرفكس يصل إلى أقصى قدرة له، في هذا المقال سأستعرض لكم أفضل الإضافات التي أستخدمها.

موقع إضافات فيرفكس

إضافة anonymox

أحيانا تحتاج لتغيير الإي بي الخاص بك ( عنوانك على الأنترنات أو من أين تتصفح ) من أجل الحصول ربما على بعض الخدمات الغير متوفرة ببلدك أو ربما هناك مشكل في سرفر الشركة المحلية التي تقدم لك خدمة الإنترنات. مع هذه الإضافة إصلاح المشاكل التي ذكرتها لك حيث تستطيع إختيار تغيير تواجدك على الإنترنات إلى العديد من البلدان، حيث في النسخة المجانية منها يمكنك التغيير إلى أمريكا، بريطانيا، هولندا وهناك أكثر من هذا في النسخة المدفوعة.
للحصول على الإضافة: إضغط هنا

 

إضافة DownThemAll

تعتبر هذه الإضافة بديلا لبرنامج idm المدفوع، ولكن هذه الإضافة مجانية بالكامل، حيث تعتبر مدير تنزيل رائع، تتوفر أيضا بالإضافة إمكانية تنزيل كل ما تحتويه الصفحة بضغطة زر. كل هذا مجانا وبدون مشاكل البحث عن الكراك أو البحث عن سريال مجاني كما يحدث
للحصول على الإضافة: إضغط هنا

 

إضافة Lightbeam من موزيلا
تعتبر موزيلا رائدة في حماية الخصوصية والحماية من التتبع، إضافة Lightbeam طورت لأجل هذا، حيث تستطيع مشاهدة المواقع التي تتبعك من خلال واجهة رسومية تعتمد على الأشكال الهندسية البسيطة مع ربطها مع بعض، حيث مثلا لو دخلت إلى موقع ما وكان هذا الموقع يحمل إشهارات جوجل أدسنس فهذا الموقع لديه تتبع من جوجل لذلك ستقوم الإضافة بعمل الموقع الذي دخلت إليه على شكل دائرة وجوجل ستضعها في مثلث وستربط بينهما بخط، كما يمكنك أيضا مشاهدة ذلك على شكل جدول بيانات، أظن أن هذه الإضافة أذكى إضافات مشاهدة التتبع حيث يمكنك وقف التتبع وكما يوجد تصنيف لتحديد من هم الطرف الثالث، مثلا لو كان الموقع الذي دخلت له هو الموقع المراد فجوجل الذي وضعت إشهاراتها في ذلك الموقع تعتبر طرف ثالث ويمكنك خظرها.
للحصول على الإضافة: إضغط هنا

 

إضافة Privacy Settings للتحكم الشامل بالخصوصية

في فيرفكس يمكنك التحكم بشكل كامل في المتصفح ولكن هذا قد يكون صعبا على المبتدئين لذلك مع هذه الإضافة ستستطيع التحكم في كل شيء تقريبا وذلك بشكل بسيط ومن خلال أقفال الفتح والغلق وبشكل بسيط. والشيء الرائع أنها تتوفر على منصات سطح المكتب والأندرويد.
للحصول على الإضافة: إضغط هنا

 

إضافة uBlock Origin لحظر الإعلانات

فقدت إضافة أد بلوكس بعض المستخدمين لأنها في تسريبات يقال أنها قامت بعمل تعاقدات مع بعض شركات الإشهارات لذلك لن تمنع الإضافة بعض الإعلانات من الظهور ولكن مع هذه الإضافة كل الإعلانات ستختفي لذلك تعتبر بديلا لإضافة أد بلوكس الشهيرة.
للحصول على الإضافة: إضغط هنا


إضافة Safe preview

تريد التأكد ما إذا كان الموقع الذي ستزوره به فيروسات أو لا، تمكنك هذه الإضافة من التأكد من ذلك من خلال عمل فحص للموقع من خلال عدة مواقع أمن رقمي.
للحصول على الإضافة: إضغط هنا

 

إضافة Stylish

يبدوا لك شكل الفيسبوك مزعجا؟ هذه الإضافة تمكنك من تغيير شكل أي موقع تريد إلى أشكال أخرى تتوفر على موقعها الرسمي كما يمكنك بناء رؤيتك الخاصة بك، للمتخصصين هذه الإضافة تقوم بالتعديل على css المواقع بحيث تفرض الخصائص التي تضعها على الموقع لعرضها وترك الخصائص الخاصة به جانبا.
للحصول على الإضافة: إضغط هنا

 

إضافة Stylish Sync

هذه الإضافة شقيقة الإضافة السابقة حيث وجدت هذه الإضافة لعمل مزامنة مع باقي الأجهزة التي تعمل بفيرفكس سطح المكتب، بالمعنى أنه لو قمت بعمل تعديلات على موقع ما ثم أردت أن تنقل التعديلات إلى جهاز آخر هذه الإضافة تتكامل مع حسابات فيرفكس وتقوم بنقل البيانات ( مزامنة ) إلى الجهاز الآخر.
للحصول على الإضافة: إضغط هنا

 

إضافة Video DownloadHelper

تريد تنزيل أي فيديو من أي موقع ( ما عدا يوتوب ) هذه الإضافة تعطيك هذه القدرة، حيث عند تحميل صفحة ما تقوم هذه الإضافة بتتبع الميديا فيها ولو وجدت فيديو ستضعه في تصنيفها ( فكرة مهمة هنا تقنيا أنت عندما تشاهد الفيديو فالفيديو ينزل لجهازك ثم تشاهده لذلك أنت تأخذ وقتا في تحميل الفيديو، فالفيديو يتم تحميله لجهازك – فكرة للتعلم فقط – ).
للحصول على الإضافة: إضغط هنا

 

إضافة 1-Click YouTube Video Downloader

قلنا في الإضافة السابقة أنها لا تعمل مع اليوتوب فقط، ولكن لدينا الحل لهذا المشكل مع هذه الإضافة. تستطيع تحميل أي فيديو من اليوتوب وبأي صيغة متوفرة من خلال نقرة واحدة.
للحصول على الإضافة: إضغط هنا

 

إضافة Adblock Plus Pop-up Addon

شقيقة أد بلوكس وهذه الإضافة متخصصة في منع النوافذ المنبثقة من الظهور، رغم أنه يمكنك أن تفعل خاصية داخل فيرفكس بحيث تمنع المواقع من توجيهك إلى مواقع أخرى إتجه إلى هذا المسار:
  • Firefox > Options/Preferences > Advanced > General : Accessibility : [ ] “Warn me when web sites try to redirect or reload the page”
للحصول على الإضافة: إضغط هنا

 

إضافة BetterPrivacy

حصلت هذه الإضافة أفضل إضافة بشهر جويلية 2016 حيث تمكنك من التحكم الكامل بالكوكيز ( الكوكيز ملفات صغيرة تحمل معلومات تشاركها مع المواقع من أجل تجربة مستخدم أفضل ).
للحصول على الإضافة: إضغط هنا

 


لديك مشكل ؟ تحتاج للمساعدة، ضع تعليقا وسنساعدك.

The Mozilla BlogWhy I’m joining Mozilla’s Board, by Helen Turvey

Today, I’m very honored to join Mozilla’s Board.

Firefox is how I first got in contact with Mozilla. The browser was my first interaction with free and open source software. I downloaded it in 2004, not with any principled stance in mind, but because it was better, faster, more secure and allowed me to determine how I used it, with add-ons and so forth.

Helen Turvey joins the Mozilla Foundation Board

Helen Turvey joins the Mozilla Foundation Board

My love of open began, seeing the direct implications for philanthropy, for diversity, moving from a scarcity to abundance model in terms of the information and data we need to make decisions in our lives. The web as a public resource is precious, and we need to fight to keep it an open platform, decentralised, interoperable, secure and accessible to everyone.

Mozilla is community driven, and it is my belief that it makes a more robust organisation, one that bends and evolves instead of crumbles when facing the challenges set before it. Whilst we need to keep working towards a healthy internet, we also need to learn to behave in a responsible manner. Bringing a culture of creating, not just consuming, questioning, not just believing, respecting and learning, to the citizens of the web remains front and centre.

I am passionate about people, and creating spaces for them to evolve, grow and lead in the roles they feel driven to effect change in. I am interested in all aspects of Mozilla’s work, but helping to think through how Mozilla can strategically and tactically support leaders, what value we can bring to the community who is working to protect and evolve the web is where I will focus in my new role as a Mozilla Foundation Board member.

For the last decade I have run the Shuttleworth Foundation, a philanthropic organisation that looks to drive change through open models. The FOSS movement has created widely used software and million dollar businesses, using collaborative development approaches and open licences. This model is well established for software, it is not the case for education, philanthropy, hardware or social development.

We try to understand whether, and how, applying the ethos, processes and licences of the free and open source software world to areas outside of software can add value. Can openness help provide key building blocks for further innovation? Can it encourage more collaboration, or help good ideas spread faster? It is by asking these questions that I have learnt about effectiveness and change and hope to bring that along to the Mozilla Foundation Board.

The Mozilla BlogHelen Turvey Joins the Mozilla Foundation Board of Directors

Today, we’re welcoming Helen Turvey as a new member of the Mozilla Foundation Board of Directors. Helen is the CEO of the Shuttleworth Foundation. Her focus on philanthropy and openness throughout her career makes her a great addition to our Board.

Throughout 2016, we have been focused on board development for both the Mozilla Foundation and the Mozilla Corporation boards of directors. Our recruiting efforts for board members has been geared towards building a diverse group of people who embody the values and mission that bring Mozilla to life. After extensive conversations, it is clear that Helen brings the experience, expertise and approach that we seek for the Mozilla Foundation Board.

Helen has spent the past two decades working to make philanthropy better, over half of that time working with the Shuttleworth Foundation, an organization that provides funding for people engaged in social change and helping them have a sustained impact. During her time with the Shuttleworth Foundation, Helen has driven the evolution from traditional funder to the current co-investment Fellowship model.

Helen was educated in Europe, South America and the Middle East and has 15 years of experience working with international NGOs and agencies. She is driven by the belief that openness has benefits beyond the obvious. That openness offers huge value to education, economies and communities in both the developed and developing worlds.

Helen’s contribution to Mozilla has a long history: Helen chaired the digital literacy alliance that we ran in UK in 2013 and 2014; she’s played a key role in re-imagining MozFest; and she’s been an active advisor to the Mozilla Foundation executive team during the development of the Mozilla Foundation ‘Fuel the Movement’ 3 year plan.

Please join me in welcoming Helen Turvey to the Mozilla Foundation Board of Directors.

Mitchell

You can read Helen’s message about why she’s joining Mozilla here.

Background:

Twitter: @helenturvey

High-res photo

Arabic Mozillaأحصل على تجارب موزيلا في فيرفكس قبل صدورها بإستخدام testpilot

فيرفكس المتصفح الذي يطوره مجتمع موزيلا العالمي، فيرفكس هو متصفح مفتوح المصدر، بدون الحديث عن ميزات المتصفح الكثيرة سنتحدث اليوم عن ميزة جديدة ومميزة تمكنك من الحصول على النظرات المستقبلية التي يفكر بها المجتمع نحو موزيلا فيرفكس، ما أقصده تحديدا هو الأفكار التي يمكن أن تطبق أو لا يمكن على فيرفكس كمتصفح.
أولا عليك الحصول على إضافة تقوم بتركيبها مع المتصفح لتثبيت الأفكار بطريقة منفصلة حيث يمكنك حذفها بكبسة زر إن لم تعجبك، رغم أنني متأكد خاصة لمن هم مرضى مثلي بالتجارب أنها ستعجبك. قبل كل شيء يجب أن يكون لديك متصفح فيرفكس ويجب أن تكون به الآن لتطبيق ما سيأتي، ثانيا إنتقل لهذه الصفحة: 

testpilot.firefox.com

1

سيظهر لك الموقع مثل الصورة في الأعلى ، ( سيتم ترجمة الموقع بشكل تدريجي مع الوقت وهو من بين مهام مجتمع موزيلا بالعربية ).
عند الدخول للموقع وأنت تستخدم متصفح فيرفكس وتريد تثبيت أداة test pilot وهي الأداة الخاصة بالتجارب، إضغط فقط على install the Test Pilot add-on  وسيتم تثبيت الإضافة الخاصة بالتجارب، ( يمكننا ترجمة عبارة test pilot إلى  ’ طيار التجارب ‘ ). بينما لو دخلت بمتصفح آخر سيطلب منك تنزيل فيرفكس.
2

يتم تثبيتها

3

تم تثبيتها بنجاح والآن سيطلب منك البريد الإلكتروني الخاص بك لإستخدامه فيما بعد في الحصول على جديد الأفكار أو نتائج أي ماذا سيحدث، فمجتمع موزيلا هو مجتمع منفتح حيث مكنك المشاركة بتقديم رأيك بخصوص المنتوجات التي توضع فأنت وأنا والكثيرون هم من يبنون فيرفكس المستقبلي لأنه منا إلينا وهذا هو المفهوم المبدئي للبرامج المفتوحة المصدر.

4
بعد أن تقوم بالتثبيت ستظهر لك الإضافة في الجهة العلوية، ففي حالة إستخدامك فيرفكس باللغة العربية ستظهر لك الإضافة في الجهة العلوية اليسرى بينما لو كنت تستخدم إصدارا باللغة الإنجليزية ستظهر لك الإضافة بالجهة العلوية اليمنى.
الآن بعد أن قمت بتثبيت الإضافة يمكنك تجريب الأفكار من خلال الضغط على أيقونة الأداة / الإضافة ثم ستنزل لك قائمة تحتوى على عناصر مثل ( Min Vid، Page shot .. ) كل ما عليك فعله هو النقر على العنصر الذي تريد تجربته ثم تقوم بتفعيله وسينزل ثم يتم تثبيته أوتوماتيكيا. سيتم توضيح ذلك في الصور التالية:
5
مثلا ضغطت على أول عنصر ففتحت الصفحة الموجودة في الصورة، ثم سأضغط على Enable Activity Stream وسيتم تفعيلها حيث بتوجهك لصفحة جديدة ستجد هذا التحديث وActivity stream فكرة ستغير فيما سيعرض عند فتح صفحة جديدة ، حيث سيتم وضع تاريخ التصفح بشكل مميز، عليك تجربت هذا لترى ذلك.
6
7
بعد تفعيل إحدى العناصر أو دعني أسميها الأفكار سيتم تقديم شرح بسيط لها ليوضح لك الجديد الذي ستحصل عليه وطريقة إستخدامه.
8

لو عدت ونقرت على أيقونة الأداة في الأعلى بعد تفعيل الفكرة، سترى أنه تم تفعيل العنصر وستوضع إشارة خضراء أمامه دلالة على ذلك.
الآن بعض الأسئلة المهمة:
كيف أقوم بحذف فكرة قمت بتثبيتها؟
فقط إنقر على أيقونة أداة test pilot ثم إنقر على العنصر المراد إيقافه وستتوجه إلى صفحة العنصر ثم قم بالضغط على disable.
ماذا لو أردت أن أرسل تعليقا أو رأيي بخصص عنصر؟
 لو أردت إرسال رأيك بخصوص عنصر ما، إضغط أولا على أيقونة test pilot ثم إضغط على العنصر الذي تريد أن ترسل عنه رأيك ستفتح لك الصفحة، إضغط بعد ذلك على Give feedback ثم ستفتح لك صفحة جديدة تحتوى على فورم، قم بملأه وإضغط إرسال.
ملاحظات:
- سيتم تحديث المقال بعد تحديث الموقع وتوطينه إلى اللغة العربية.
- سيتم إنتاج فيديو يوضع العملية بشكل أفضل فأن ترى ذلك بشكل متحرك يبدوا رائعا.
- يمكنك متابعة جديد test pilot من خلال صفحتها على تويتر.
- للمطورين الذين يبحثون عن معلومات أكثر يمكنك الدخول إلى هذه الصفجة https://github.com/mozilla/testpilot.
في آخر هذه الكلمات، إن كنت تحتاج مساعدة ما، أكتب تعليقا في الأسفل، أرسل رسالة أو إفعل ما يحلو لك D:

Mozilla IndiaMaker Fest 2017, Ahmedabad – Call for Participation

Hey Mozillians!

We are so thrilled to announce that Mozilla India is partnering with the India’s largest Maker Festival, Maker Fest 2017 for the 4th consecutive year. The call for participation is open for all Mozillians.

Mozilla India had partnered with Maker Fest
2017, to map and empower a community of educators and creative people who
share a passion to innovate, evolve and change the learning landscape. This
year, Makerfest is back with an upgraded
awesomeness with a 150+ Makers, 50 workshops, 25 awesome speakers and
30,000+spectators.
booth

About Maker Fest :
Maker Fest is the Indian continuation of Maker Faire hosted across America, Europe, Africa and Japan, among others. Maker Faire, which launched in California, USA in 2006, now hosts hundreds of thousands attendees twice a year across California and New York. It is the amalgamation of festivals celebrating the innovators and an art show with all the booths for inventors and demonstrations and workshops for attendees. Creators, artists and hobbyist across the country are invited to present their contemporary applications of ideas using the vast ocean of art, science and technology. Also, it is non-commercial and free for the public to attend. http://www.makerfest.com/

Please note that we are on limited resources and sponsorship is available
for limited Mozillians. This event will be well documented. If you can’t
attend in person, there still will be many ways to participate and shape
the program-  Don’t  worry! As this is a open event, anyone interested can
join the event on their own.
Note: that the deadline to apply for the event is on or
before December 10th.
Cheers,
Mozilla India.

Air MozillaParticipation Demos - Q4/2016

Participation Demos - Q4/2016 Find out what Participation has been up to in Q4 2016

Mozilla Add-ons BlogDecember’s Featured Add-ons

Firefox Logo on blue background

Pick of the Month: Enhancer for YouTube

by Maxime RF
Watch YouTube on your own terms! Tons of customizable features, like ad blocking, auto-play setting, mouse-controlled volume, cinema mode, video looping, to name a few.

“All day long, I watch and create work-related YouTube videos. I think I’ve tried every video add-on. This is easily my favorite!”

Featured: New Tab Override

by Sören Hentzschel
Designate the page that appears every time you open a new tab.

“Simply the best, trouble-free, new tab option you’ll ever need.”

Nominate your favorite add-ons

Featured add-ons are selected by a community board made up of add-on developers, users, and fans. Board members change every six months. Here’s further information on AMO’s featured content policies.

If you’d like to nominate an add-on for featuring, please send it to amo-featured@mozilla.org for the board’s consideration. We welcome you to submit your own add-on!

Open Policy & AdvocacyRemember when we Protected Net Neutrality in the U.S. ?

We may have to do it again. Importantly, we can and we will.

President-Elect Trump has picked his members of the “agency landing team” for the Federal Communications Commission. Notably, two of them are former telecommunications executives who weren’t supportive of the net neutrality rules ultimately adopted on February 25, 2015. There is no determination yet of who will ultimately lead the FCC – that will likely wait until next year. However, the current “landing team” picks have people concerned that the rules enacted to protect net neutrality – the table stakes for an open internet – are in jeopardy of being thrown out.

Is this possible? Of course it is – but it isn’t quite that simple. We should all pay attention to these picks – they are important for many reasons – but we need to put this into context.

The current FCC, who ultimately proposed and enacted the rules, faced a lot of public pressure in its process of considering them. The relevant FCC docket on net neutrality (“Protecting and Promoting the Open Internet”) currently contains 2,179,599 total filings from interested parties. The FCC also received 4 million comments from the public – most in favor of strong net neutrality rules. It took all of our voices to make it clear that net neutrality was important and needed to be protected.

So, what can happen now? Any new administration can reconsider the issue. We hope they don’t. We have been fighting this fight all over the world, and it would be nice to continue to count the United States as among the leaders on this issue, not one of the laggards. But, if the issue is revisited – we are all still here, and so are others who supported and fought for net neutrality.

We all still believe in net neutrality and in protecting openness, access and equality. We will make our voices heard again. As Mozilla, we will fight for the rules we have – it is a fight worth having. So, pay attention to what is going on in these transition teams – but remember we have strength in our numbers and in making our voices heard.

image from Mozilla 2014 advocacy campaign and petition

image from Mozilla 2014 advocacy campaign and petition

The Mozilla BlogWhy I’m joining Mozilla’s Board, by Julie Hanna

Today, I’m joining Mozilla’s Board. What attracts me to Mozilla is its people, mission and values. I’ve long admired Mozilla’s noble mission to ensure the internet is free, open and accessible to all. That Mozilla has organized itself in a radically transparent, massively distributed and crucially equitable way is a living example of its values in action and a testament to the integrity with which Mozillians have pursued that mission. They walk the talk. Similarly, having had the privilege of knowing a number of the leaders at Mozilla, their sincerity, character and competence are self-evident.

Julie Hanna, new Mozilla Corporation Board members

Julie Hanna, new Mozilla Corporation Board member (Photo credit: Chris Michel)

(photo credit: Chris Michel)

The internet is the most powerful force for good ever invented. It is the democratic air half our planet breathes. It has put power into the hands of people that didn’t have it. Ensuring the internet continues to serve our humanity, while reaching all of humanity is vital to preserving and advancing the internet as a public good.

The combination of these things are why helping Mozilla maximize its impact is an act with profound meaning and a privilege for me.

Mozilla’s mission is bold, daring and simple, but not easy. Preserving the web as a force for good and ensuring the balance of power between all stakeholders – private, commercial, national and government interests – while preserving the rights of individuals, by its nature, is a never ending challenge. It is a deep study in choice, consequence and unintended consequences over the short, medium and long term. Understanding the complex, nuanced and dynamic forces at work so that we can skillfully and collaboratively architect a digital organism that’s in service to the greater public good is by its very nature complicated.

And then there’s the challenge all organizations face in today’s innovate or die world – how to stay agile, innovative, and relevant, while riding the waves of disruption. Not for the faint of heart, but incredibly worthwhile and consequential to securing the future of the internet.

I prescribe to the philosophy of servant leadership. When it comes to Board service, my emphasis is on the service part. First and foremost, being in service to the mission and to Mozillians, who are doing the heavy lifting on the front lines. I find that a mindset of radical empathy and humility is critical to doing this effectively. The invisible work of deep listening and effort to understand what it’s like to walk a mile in their shoes. As is creating a climate of trust and psychic safety so that tough strategic issues can be discussed with candor and efficiency. Similarly, cultivating a creative tension so diverse thoughts and ideas have the headroom to emerge in a way that’s constructive and collaborative. My continual focus is to listen, learn and be of service in the areas where my contribution can have the greatest impact.

Mozilla is among the pioneers of Open Source Software. Open Source Software is the foundation of an open internet and a pervasive building block in 95% of all applications. The net effect is a shared public good that accelerates innovation. That will continue. Open source philosophy and methodology are also moving into other realms like hardware and medicine. This will also continue. We tend to overestimate the short term impact of technology and underestimate its long term effect. I believe we’ve only begun catalyzing the potential of open source.

Harnessing the democratizing power of the internet to enable a more just, abundant and free world is the long running purpose that has driven my work. The companies I helped start and lead, the products I have helped build all sought to democratize access to information, communication, collaboration and capital on a mass scale. None of that would have been possible without the internet. This is why I passionately believe that the world needs Mozilla to succeed and thrive in fulfilling its mission.

This post was re-posted on Julie’s Medium channel.

SUMO BlogWhat’s Up with SUMO – 1st December

Greetings, SUMO Nation!

This is it! The start of the last month of the year, friends :-) We are kicking off the 12th month of 2016 with some news for your reading pleasure. Dig in!

Welcome, new contributors!

If you just joined us, don’t hesitate – come over and say “hi” in the forums!

Contributors of the week

Don’t forget that if you are new to SUMO and someone helped you get started in a nice way you can nominate them for the Buddy of the Month!

SUMO Community meetings

Community

Platform

Social

  • Reminder: Army of Awesome (as a “community trademark”) is going away. Please reach out to the Social Support team or ask in #sumo for more information.
  • Remember, you can contact Sierra (sreed@), Elisabeth (ehull@), or Rachel (guigs@) to get started with Social support. Help us provide friendly help through the likes of @firefox, @firefox_es, @firefox_fr and @firefoxbrasil on Twitter and beyond :-)

Support Forum

  • If you see Firefox users asking about the “zero day exploit”, please let them know that “We have been made aware of the issue and are working on a fix.  We will have more to say once the fix has been shipped.” (some media context here)
  • A polite reminder: please do not delete posts without an explanation to the poster in the forums, it can be frustrating to both the author and the user in the thread – thank you!

Knowledge Base & L10n

Firefox

  • for iOS
    • Firefox for iOS 6.0 coming up your way before the end of this year, we hear! :-)

…and that’s it for today! So, what are you usually looking forward to about December? For me it would be the snow (not the case any more, sadly) and a few special dishes… Well, OK, also the fun party on the last night of the year in our calendar! Let us hear from you about your December picks – tell us in the forums or in the comments!

The Mozilla BlogJulie Hanna Joins the Mozilla Corporation Board of Directors

Today, we are very pleased to announce the latest addition to the Mozilla Corporation Board of Directors – Julie Hanna. Julie is the Executive Chairman for Kiva and a Presidential Ambassador for Global Entrepreneurship and we couldn’t be more excited to have her joining our Board.

Throughout this year, we have been focused on board development for both the Mozilla Foundation and the Mozilla Corporation boards of directors. We envisioned a diverse group who embodied the same values and mission that Mozilla stands for. We want each person to contribute a unique point of view. After extensive conversations, it was clear to the Mozilla Corporation leadership team that Julie brings exactly the type of perspective and approach that we seek.

Born in Egypt, Julie has lived in various countries including Jordan and Lebanon before finally immigrating to the United States. Julie graduated from the University of Alabama at Birmingham with a B.S. in Computer Science. She currently serves as Executive Chairman at Kiva, a peer-peer lending pioneer and the world’s largest crowdlending marketplace for underserved entrepreneurs. During her tenure, Kiva has scaled its reach to 190+ countries and facilitated nearly $1 billion dollars in loans to 2 million people with a 97% repayment rate. U.S. President Barack Obama appointed Julie as a Presidential Ambassador for Global Entrepreneurship to help develop the next generation of entrepreneurs. In that capacity, her signature initiative has delivered over $100M in capital to nearly 300,000 women and young entrepreneurs across 86 countries.

Julie is known as a serial entrepreneur with a focus on open source. She was a founder or founding executive at several innovative technology companies directly relevant to Mozilla’s world in browsers and open source. These include Scalix, a pioneering open source email/collaboration platform and developer of the most advanced AJAX application of its time, the first enterprise portal provider 2Bridge Software, and Portola Systems, which was acquired by Netscape Communications and become Netscape Mail.

She has also built a wealth of experience as an active investor and advisor to high-growth technology companies, including sharing economy pioneer Lyft, Lending Club and online retail innovator Bonobos. Julie also serves as an advisor to Idealab, Bill Gross’ highly regarded incubator which has launched dozens of IPO-destined companies.

Please join me in welcoming Julie Hanna to the Mozilla Board of Directors.

Mitchell

You can read Julie’s message about why she’s joining Mozilla here.

Background:

Twitter: @JulesHanna

High-res photo (photo credit: Chris Michel)

Air MozillaConnected Devices Weekly Program Update, 01 Dec 2016

Connected Devices Weekly Program Update Weekly project updates from the Mozilla Connected Devices team.

The Mozilla BlogState of Mozilla 2015 Annual Report

We just released our State of Mozilla annual report for 2015. This report highlights key activities for Mozilla in 2015 and includes detailed financial documents.

Mozilla is not your average company. We’re a different kind of organization – a nonprofit, global community with a mission to ensure that the internet is a global public resource, open and accessible to all.

I hope you enjoy reading and learning more about Mozilla and our developments in products, web technologies, policy, advocacy and internet health.

 

 

Air MozillaReps Weekly Meeting Dec. 01, 2016

Reps Weekly Meeting Dec. 01, 2016 This is a weekly call with some of the Reps to discuss all matters about/affecting Reps and invite Reps to share their work with everyone.

hacks.mozilla.orgCSS Grid and Grid Highlighter Now in Firefox Developer Edition

CSS Grid has just been uplifted to Firefox 52 Developer Edition (download it here!). With Chrome (and hopefully Safari and Edge) implementations coming shortly, using grid to build websites will soon be possible in release browsers across the board.

Grid allows users to decouple HTML from layout concerns, expressing those concerns exclusively in CSS. It adapts to media queries and different contexts, making it a viable alternative to frameworks such as Twitter’s Bootstrap or Skeleton which rely on precise and tightly coupled class structure to define a content grid.

Reducing the risks of fragility, code bloat, and high maintenance costs inherent in how we currently build on the web, grid really does have the potential to change the way we do layouts. Jen Simmons calls it Real Art Direction for the Web and Rachel Andrew has built Grid by Example to inform, share, and evangelize it. If you’re new to grid, be sure to have a look.

As you can see in the video, the grid highlighter tool will help get you started illustrating the grid in-page as you’re working. Additional tooling is planned for the near future to continually improve working with grid.

To access this tool, make sure you’re running an up-to-date version of DevEdition. Next, open a page that is known to have grid code—we recommend one of these demos for this. Open the Inspector via Developer Inspector. Select an element with the property display: grid;. To toggle grid lines, click the icon next to “grid” which will persist the lines permanently.

The Firefox Developer Tools team have planned a series of improvements to make working with grid easier in the future. You can follow our progress through these bugs:

The metabug for tracking this work is bug 1181227.

SeaMonkeyFace the music…

Hi everyone,

It’s been a hell of a long time since my last update and there are reasons.  Well.. just one.

I wish I bring glad tiddings… but..

I have spent the past three months working on l10n and just recently with the announcement of add-ons changes, I am getting honestly quite frustrated both in my ineptitude in figuring this process and how things are changing around the whole add-on situation, which makes us bundling Inspector and chatZilla all the more harder.

So, having spoken with the council members, we’re doing away with Inspector (DOM-Inspector) and Chatzilla as extensions.  They can be obtained directly from AMO (as someone whose used Inspector and chatzilla bundled, I have no idea about AMO so perhaps someone can chime in).

However, even managing to remove some pertinent vestiges of Inspector and Chatzilla from the build/repack process, I’m still encountering issues with the Modern theme.

I wish there was some easy way out of this and while it’s a temptation to skip 2.46 and go for whatever is next, I feel we’re gonna hit the same problems for the next release anyway, so might as well bite the bullet now.

Yes, I understand the frustration with the delay. (FOR CRYING OUT LOUD! 2.40 TO 2.46? )  And I do appreciate everyone’s patience with us as we deal with these problems.

It’s now December and soon… 2017.  I am still hammering my head against this proverbial l10n-steel-adamantium wall of craziness.  I’m hoping I have this sudden Eureka moment or that I find the kryptonium that will weaken this l10n monster and I get things released before the New Years.

Again. Thanks for everyone’s patience.  It’s been a steep climb while banging my head against the cliff-face.  *Awesome*.  <yes. sarcasm.>

:ewong

Web Application SecurityFixing an SVG Animation Vulnerability

At roughly 1:30pm Pacific time on November 30th, Mozilla released an update to Firefox containing a fix for a vulnerability reported as being actively used to deanonymize Tor Browser users.  Existing copies of Firefox should update automatically over the next 24 hours; users may also download the updated version manually.

Early on Tuesday, November 29th, Mozilla was provided with code for an exploit using a previously unknown vulnerability in Firefox.  The exploit was later posted to a public Tor Project mailing list by another individual.  The exploit took advantage of a bug in Firefox to allow the attacker to execute arbitrary code on the targeted system by having the victim load a web page containing malicious JavaScript and SVG code.  It used this capability to collect the IP and MAC address of the targeted system and report them back to a central server.  While the payload of the exploit would only work on Windows, the vulnerability exists on Mac OS and Linux as well.  Further details about the vulnerability and our fix will be released according to our disclosure policy.

The exploit in this case works in essentially the same way as the “network investigative technique” used by FBI to deanonymize Tor users (as FBI described it in an affidavit).  This similarity has led to speculation that this exploit was created by FBI or another law enforcement agency.  As of now, we do not know whether this is the case.  If this exploit was in fact developed and deployed by a government agency, the fact that it has been published and can now be used by anyone to attack Firefox users is a clear demonstration of how supposedly limited government hacking can become a threat to the broader Web.

Air MozillaThe Joy of Coding - Episode 82

The Joy of Coding - Episode 82 mconley livehacks on real Firefox bugs while thinking aloud.

Mozilla VR BlogWebVR coming to Servo: Architecture and latency optimizations

WebVR coming to Servo: Architecture and latency optimizations

We are happy to announce that the first WebVR patches are landing in Servo.

For the impatients: You can download a highly experimental Servo binary compatible with HTC Vive. Switch on your headset and run servo.exe --resources-path resources webvr\room-scale.html

The current implementation supports the WebVR 1.2 spec that enables the API in contexts other than the main page thread, such as WebWorkers.

We’ve been working hard on an optimized render path for VR to achieve smooth FPS and the required less than 20ms of latency to avoid motion sickness. This is the overall architecture:

WebVR coming to Servo: Architecture and latency optimizations

Rust-WebVR Library

The Rust WebVR implementation is a dependency-free library providing both the WebVR spec implementation and the integration with the vendor specific SDKs (OpenVR, Oculus …). Having it decoupled on its own component comes with multiple advantages:

  • Fast develop-compile-test cycle. Compilation times are way faster than developing and testing in a full browser.
  • Contributions are easier because developers don’t have to deal with the complexity of a browser code base.
  • It can be used on any third party project: Room scale demo using vanilla Rust.

The API is inspired on the easy to use WebVR API but adapted to Rust design patterns. The VRService trait offers an entry point to access native SDKs like OpenVR and Oculus SDK. It allows to perform operations such as initialization, shutdown, event polling and VR Device discovery:

The VRDevice trait provides a way to interact with Virtual Reality headsets:

The integration with vendor specific SDKs (OpenVR, Oculus…) are built on top of the VRService and VRDevice traits. OpenVRService, for instance interfaces with Valve’s OpenVR API. While the code is written in Rust, native SDKs are usually implemented in C or C++. We use Rust FFI and rust-bindgen to generate Rust bindings from the native C/C++ header files.

MockService implements a mock VR device that can be used for testing or developing without having a physical headset available. You will be able to get some code done in the train or while attending a boring talk or meeting ;)

VRServiceManager is the main entry point to the rust-webvr library. It handles the life cycle and interfaces to all available VRService implementations. You can use cargo-features to register the default implementations or manually register your own ones. Here is an example of initialization in a vanilla Rust app:

WebVR integration in Servo

Performance and security are both top priorities in a Web browser. DOM Objects are allowed to use VRDevices but they neither own them or have any direct pointers to native objects. There are many reasons for this:

  • JavaScript execution is untrusted and the input data might be malicious . That’s why the entire JavaScript thread must be isolated to its own sandboxed process.
  • There could be many parallel JavaScript contexts requesting access to the same native VRDevice instance which could lead to data race conditions.
  • WebVR Spec enforces privacy and security guidelines. For example a secondary tab is not allowed to read VRDisplay data or stop a VR presentation while the user is having a VR experience in the current tab.

The WebVRThread is a trusted component that fulfills all the performance and security requirements. It owns native VRDevices, handles their life cycle inside Servo and acts a doorman for untrusted VR requests from DOM Objects. Thanks to using Rustlang the implementation is guaranteed to be safe because ownership and thread safety rules are checked at compile-time. As other Servo components traits are splitted into a separate subcomponent to avoid cyclic dependencies in Servo.

In a nutshell, the WebVRThread waits for VR Commands from DOM objects and handles them in its trusted thread. This guarantees that there are not data racing conditions when receiving parallel requests from multiple JavaScript tabs. The back and forth communication is done using IPC-Channels. Here is how the main loop is implemented:

Not all VR Commands are initiated in the DOM. The WebVR spec defines some events that are fired when a VR Display is connected, disconnected, activated... The WebVR Thread polls this events from time to time and sends them to JavaScript. This is done using an Event Polling thread which wakes up the WebVRThread by sending a PollEvents message.

The current implementation tries to minimize the use of resources. The event polling thread is only created when there is at least one live JavaScript context using the WebVR APIs and shuts down it when the tab is closed. The WebVR thread is lazy loaded and only initializes the native VRServices the first time a tab uses the WebVR APIs. The WebVR implementation does not introduce any overhead on browser startup or tab creation times.

VRCompositor Commands (integration with WebRender)

WebRender handles all the GPU and WebGL rendering work in Servo. Some of the native VR SDK functions need to run in the same render thread to have access to the OpenGL context:

  • Submitting pixels for each eye to the headset uses a OpenGL texture which can only be read by the driver from the render thread of the WebGL Context.
  • Vsync and Sync poses calls must be done in the same render thread where the pixels are sent.

WebVRThread can’t run functions in the WebGL render thread. Webrender is the only component allowed to run functions in the WebGL render thread. The VRCompositor trait is implemented by the WebVRThread using shared VRDevice instance references. It sets up the VRCompositorHandler instance into Webrender when it’s initialized.

A VRDevice instance can be shared via agnostic traits because Webrender is a trusted component too. Rust’s borrow checker enforces multithreading safety rules making very easy to write secure code. A great thing about the language is that it’s also flexible, letting you circumvent the safety rules when performance is the top priority. In our case we use old school raw pointers instead of Arc<> and Mutex<> to share VRdevices between threads in order to optimize the render path by reducing the levels of indirection and locks. Multithreading won’t be a concern in our case because:

  • VRDevice implementations are designed to allow calling compositor functions in another thread by using the Send + Sync traits provided in Rustlang.
  • Thanks to the security rules implemented in the WebVRThread, when a VRDisplay is in a presenting loop no other JSContext is granted access to the VRDisplay. So really there aren’t multithreading race conditions.

To reduce latency we also have to minimize ipc-channel messages. By using a shared memory implementation Webrender is able to call VRCompositor functions directly. VR render calls originated from JavaScript like SubmitFrame are also optimized to minimize latency. When a JavaScript thread gains access to present to a headset, it receives a trusted IPCSender instance that allows to send messages back and forth to the Webrender channel without using WebVRThread as an intermediary. This avoids potential "JavaScript DDoS" attacks by design like a secondary JavaScript tab degrading performance by flooding the WebVRThread with messages while the JavaScript tab that is presenting to the headset.

These are the VR Compositor commands that an active VRDisplay DOM object is able to send to WebRender through the IPC-Channel:

You might wonder why a vector of bytes used to send the VRFrameData. This was a design decision to decouple Webrender and the WebVR implementation. This allows for a quicker pull request cycle and avoids dependency version conflicts. Rust-WebVR and WebVRThread can be updated, even adding new fields to the VRFrameData struct without requiring further changes in Webrender. IPC-Channel messages in Servo need to be serialized using serde-serialization, so the array of bytes is used as forward-serialization solution. Rust-webvr library implements the conversion from VRFrameData to bytes using a fast old school memory transmute memcpy.

DOM Objects (Inside Servo)

DOM Objects are the ones that communicate JavaScript code with native Rust code. They rely on all the components mentioned before:

  • Structs defined in rust-webvr are used to map DOM data objects: VRFrameData, VRStageParameters, VRDisplayData and more. There are some data conversions between raw Rust float arrays and JavaScript typed arrays.
  • WebVRThread is used via ipc-channels to perform operations such as discovering devices, fetching frame data, requesting or stopping presentation to a headset.
  • The optimized Webrender path is used via ipc-channels when the WebVRThread grants present access to a VRDisplay.

The first step was to add WebIDL files files in order to auto generate some bindings. Servo requires a separate file for each object defined in WebVR. Code auto generation takes care of a lot of the boilerplate code and lets us focus on the logic specific to the API we want to expose to JavaScript.

A struct definition and trait methods implementation are required for each DOMObject defined in WebIDL files. This is what the struct for the VRDisplay DOMObject looks like:

A struct implementation for a DOMObject needs to follow some rules to ensure that the GC tracing works correctly. It requires interior mutability. The JS<DOMObjectRef> holder is used to store GC managed values in structs. On the other hand, Root<DOMObjectRef> holder must be used when dealing with GC managed values on the stack. These holders can be combined with other data types such as Heap, MutHeap, MutNullableHeap, DOMRefCell, Mutex and more depending on your nullability, mutability and multithreading requirements.

Typed arrays are used in order to share efficiently all the VRFrameData matrices and quaternions with JavaScript. To maximize performance and avoid Garbage Collection issues we added new Rust templates to create and update unique instances of typed arrays. These templates automatically call the correct SpiderMonkey C functions based on the type of a rust slice. This is the API:

The render loop at native headset frame rate is implemented using a dedicated thread. Every loop iteration syncs pose data with the headset, submits the pixels to the display using a shared OpenGL texture and waits for Vsync. It’s optimized to achieve very low latency and a stable frame rate. Both the requestAnimationFrame call of a VRDisplay in the JavaScript thread and the VRSyncPoses call in the Webrender thread are executed in parallel. This allows to get some JavaScript code executed ahead while the render thread is syncing the VRFrameData to be used for the current frame.

WebVR coming to Servo: Architecture and latency optimizations

The current implementation is able to handle the scenarios where the JavaScript thread calls GetFrameData before the render thread finishes pose synchronization. In that case JavaScript thread waits until the data is available. It also handles the case when JavaScript doesn’t call GetFrameData. When that happens it automatically reads the pending VRFrameData to avoid overflowing the IPC-Channel buffers.

To get the best out of WebVR render path, GetFrameData must be called as late as possible in your JavaScript code and SubmitFrame as soon as possible after calling GetFrameData.

Conclusion

It's been a lot of fun seeing Servo WebVR implementation take shape from the early stage without a WebGL backend until it's able to run WebVR samples at 90 fps and low latency. We found Rustlang to be a perfect language for simplifying the development of a complex parallel architecture while matching the high performance, privacy and memory safety requirements in WebVR. In addition Cargo package manager is great and makes handling optional features and complex dependency trees very straightforward.

For us the next steps will be to implement the GamePad API extensions for tracked controllers and integrate more VR devices while we continue improving the WebVR API performance and stability. Stay tuned!

The Mozilla BlogThe Glass Room: Looking into Your Online Life

It’s that time of year! The excitement of Black Friday carries into today – CyberMonday – the juxtaposition of the analog age and the digital age. Both days are fueled by media and retailers alike and are about shopping. And both days are heavily reliant on the things that we want, that we need and what we think others want and need. And, all of it is powered by the data about us as consumers. So, today – the day of electronic shopping – is the perfect day to provoke some deep thinking on how our digital lives impact our privacy and online security. How do we do this?

One way is by launching “The Glass Room” – an art exhibition and educational space that teaches visitors about the relationship between technology, privacy and online security. The Glass Room will be open in downtown New York City for most of the holiday shopping season. Anyone can enter the “UnStore” for free to get a behind the scenes look at what happens to your privacy online. You’ll also get access to a crew of “InGeniouses” who can help you with online privacy and data tips and tricks. The Glass Room has 54 interactive works that show visitors the relationship between your personal data and the technology services and products you use.

glass-room

This is no small task. Most of us don’t think about our online security and privacy every day. As with our personal health it is important but presumed. Still, when we don’t take preventative care of ourselves, we are at greater risk for getting sick.

The same is true online. We are impacted by security and privacy issues everyday without even realizing it. In the crush of our daily lives, few of us have the time to learn how to better protect ourselves and preserve our privacy online. We don’t always take enough time to get our checkups, eat healthily and stay active – but we would be healthier if we did. We are launching The Glass Room to allow you to think, enjoy and learn how to do a checkup of your online health.

We can buy just about anything we imagine on CyberMonday and have it immediately shipped to our door. We have to work a little harder to protect our priceless privacy and security online. As we collectively exercise our shopping muscles, I hope we can also think about the broader importance of our online behaviors to maintaining our online health.

If you are in New York City, please come down to The Glass Room and join the discussion. You can also check out all the projects, products and stories that The Glass Room will show you to look into your online life from different perspectives by visiting The Glass Room online.

 

hacks.mozilla.orgVisualize animations easing in DevTools

The easing (or timing function) of an animation is what dictates the way it progresses through time.

For example, a linear easing means that an animation runs at the same speed throughout its duration. This means that if an element isn’t moving at first and then starts to move, it will do so instantly, as if it didn’t even need to accelerate. Often, web developers choose other easings that look more natural, more life-like. There are a few built-in ones like ease, ease-in, ease-out and ease-in-out and it’s even possible to create your own using the cubic-bezier() function.

It’s worth noting that the Inspector panel in Firefox already allows you to edit animations easing in its CSS rules view.

Starting with Firefox 52 the animation inspector panel now displays animations easing directly within its timeline:

timeline-easing

This is very useful to get more information about animations at a glance.

There is also a handy tooltip that appears when hovering over animations. It contains all the timing information you might need for a given animation: including its easing, as well as durations, iterations, delays, direction, etc.

timing-tooltip

Here are various examples of how easing is represented in the timeline:

  • An animation that repeats 3 times, with an ease-in-out easing:
    ease-in-out-3-iterations
  • An infinite animation, with linear easing:
    linear-infinite
  • An animation that repeats 5 times, with an alternate direction, ease easing and forwards filling:
    ease-alternate

And here is a video illustrating several types of easing in the animation inspector panel:

About delays

There are 2 types of delays you can use in animations: delay and end-delay.

The latter can only be used with animations created with the Web Animations API. End-delay is useful to synchronize several animations, e.g. when you want one animation to start exactly 1s after the first has ended.

Both the delay and end-delay can be positive or negative.

The animation inspector now also represents those delays visually. Here are a few examples:

  • Positive delay:
    positive-delay
  • Positive end-delay:
    positive-end-delay
  • Negative delay:
    negative-delay
  • Negative end-delay:
    negative-end-delay

Effect easing vs. keyframe easing

There are 2 ways to apply easing to an animation: either across the whole iteration of an animation, affecting all properties alike (effect easing), or between keyframes and only affecting the properties specified on those keyframes (keyframe easing).

CSS animations only allow for keyframe easing and this confuses a lot of people. Nearly everyone assumes that animation-timing-function does effect easing but it does keyframe easing instead. However, animations created using the Web Animations API can use both types of easing.

Right now, the animation inspector only displays effect easing. This means that even if you define a CSS animation with a non-linear animation-timing-function, the timeline will display a linear progression.

Bug 1309468 will address this and make keyframe easing visible in the animation inspector too. We welcome your thoughts and constructive feedback in the comments section here, or send a tweet to @FirefoxDevTools.

QMOFirefox 51 Beta 3 Testday Results

Hi everyone!

Last Friday, November 25th, we held Firefox 51 Beta 3 Testday.  It was a successful event (please see the results section below) so a big Thank You goes to everyone involved.

First of all, many thanks to our active contributors: Krithika MAPMoin Shaikh, M A Prasanna, Steven Le Flohic, P Avinash Sharma, Iryna Thompson.

Bangladesh team: Nazir Ahmed Sabbir, Sajedul Islam, Maruf Rahman, Majedul islam Rifat, Ahmed Safa,  Md Rakibul Islam, M. Almas Hossain, Foysal Ahmed, Nadim Mahmud, Amir Hossain Rhidoy, Mohammad Abidur Rahman Chowdhury, Mahfujur Rahman Mehedi, Md Omar Faruk sobuj, Sajal Ahmed, Rezwana Islam Ria, Talha Zubaer, maruf hasan, Farhadur Raja Fahim, Saima sharleen, Azmina AKterPapeya, Syed Nayeem Roman.

India team:  Vibhanshu Chaudhary, Surentharan.R.A, Subhrajyoti Sen, Govindarajan Sivaraj, Kavya Kumaravel, Bhuvana Meenakshi.K, Paarttipaabhalaji, P Avinash Sharma, Nagaraj V, Pavithra R, Roshan Dawande, Baranitharan, SriSailesh, Kesavan S, Rajesh. D, Sankararaman, Dinesh Kumar M, Krithikasowbarnika.

Secondly, a big thank you to all our active moderators.

Results:

We hope to see you all in our next events, all the details will be posted on QMO!

SUMO BlogWhat’s Up with SUMO – 24th November

Greetings, SUMO Nation!

Great to be read by you once more :-) Have you had a good November so far? One week left! And then… one month left until 2017 – time flies!

Welcome, new contributors!

  • …yes, autumn and winter are the slowest months for us, in case you haven’t noticed :-) But, all of you who are already on board keep things rolling!

If you just joined us, don’t hesitate – come over and say “hi” in the forums!

Contributors of the week

Don’t forget that if you are new to SUMO and someone helped you get started in a nice way you can nominate them for the Buddy of the Month!

SUMO Community meetings

  • LATEST ONE: 23rd of November – you can read the notes here and see the video at AirMozilla.
  • NEXT ONE: happening on the 30th of November!
  • If you want to add a discussion topic to the upcoming meeting agenda:
    • Start a thread in the Community Forums, so that everyone in the community can see what will be discussed and voice their opinion here before Wednesday (this will make it easier to have an efficient meeting).
    • Please do so as soon as you can before the meeting, so that people have time to read, think, and reply (and also add it to the agenda).
    • If you can, please attend the meeting in person (or via IRC), so we can follow up on your discussion topic during the meeting with your feedback.

Community

Platform

Social

Support Forum

  • A reminder that Firefox 50 is out, so you may notice a spike in user questions, as usual around a release. Keep rocking and being helpful! You can find the release notification here.
  • The SUMO Release Report for Firefox 50 is coming up soon, thanks to Rachel – start thinking about the highlights you’d like to add to it.

Knowledge Base & L10n

  • Over 400 edits in the KB in all locales in the last week – thank you so much, Editors & Reviewers!
  • Congrats to our new Locale Leader for Russian, Harry and the new Reviewers: Aleksandr and Victor!
  • Please watch the Platform video for more insight on how l10n is going to work after the migration. The link is up there, in the “Platform” section. If you have any questions or comments, the feedback document is there for you.

Firefox

  • for Desktop
    • The forum thread for version 50 is here (thanks to Philipp).
    • As for Android, the Desktop version will get updated mid-December. Stay tuned for more details.
    • Firefox Focus hit the ground running on November 17th all around the world, apart from Germany, Austria, and Switzerland, where it’s coming… soon!

That’s it for today, dear SUMO People :-) We hope to see you soon around the site and online in general… Keep rocking the helpful web and don’t forget there’s a lot of greatness out there. Go open & go wild!

 

Air MozillaReps Weekly Meeting Nov. 24, 2016

Reps Weekly Meeting Nov. 24, 2016 This is a weekly call with some of the Reps to discuss all matters about/affecting Reps and invite Reps to share their work with everyone.

Mozilla Add-ons BlogAdd-ons in 2017

A little more than a year ago we started talking about where add-ons were headed, and what the future would look like. It’s been busy, and we wanted to give everyone an update as well as provide guidance on what to expect in 2017.

Over the last year, we’ve focused as a community on foundational work building out WebExtensions support in Firefox and addons.mozilla.org (AMO), reducing the time it takes for listed add-ons to be reviewed while maintaining the standards we apply to them, and getting Add-ons ready for e10s. We’ve made a number of changes to our process and products to make it easier to submit, distribute, and discover add-ons through initiatives like the signing API and a revamped Discovery Pane in the add-ons manager. Finally, we’ve continued to focus on communicating changes to the developer community via direct outreach, mailing lists, email campaigns, wikis, and the add-ons blog.

As we’ve mentioned, WebExtensions are the future of add-ons for Firefox, and will continue to be where we concentrate efforts in 2017. WebExtensions are decoupled from the platform, so the changes we’ll make to Firefox in the coming year and beyond won’t affect them. They’re easier to develop, and you won’t have to learn about Firefox internals to get up and running. It’ll be easier to move your add-ons over to and from other browsers with minimal changes, as we’re making the APIs compatible – where it makes sense – with products like Opera, Chrome, and Edge.

By the end of 2017, and with the release of Firefox 57, we’ll move to WebExtensions exclusively, and will stop loading any other extension types on desktop. To help ensure any new extensions work beyond the end of 2017, AMO will stop accepting any new extensions for signing that are not WebExtensions in Firefox 53. Throughout the year we’ll expand the set of APIs available, add capabilities to Firefox that don’t yet exist in other browsers, and put more WebExtensions in front of users.

There’s a lot of moving parts, and we’ll be tracking more detailed information – including a timeline and roadmap – on the WebExtensions section of the Mozilla Wiki. If you’re interested in getting involved with the add-on community and WebExtensions, we have a few ways you can do that. We’re looking forward to the next year, and will continue to post updates and additional information here on the Add-ons blog.

For more information on Add-ons and WebExtensions, see:

Note: Edited to better identify specifics around Firefox 53

Air MozillaThe Joy of Coding - Episode 81

The Joy of Coding - Episode 81 mconley livehacks on real Firefox bugs while thinking aloud.

Air MozillaMozilla IOT Meetup Nov. 22, 2016

Mozilla IOT Meetup Nov. 22, 2016 A monthly meetup in London for IOT and connected devices enthusiasts.

hacks.mozilla.orgNew Responsive Design Mode: RDM Lands in Firefox Dev Tools

Firefox Developer Tools now includes a completely redesigned Responsive Design Mode (RDM for short) that’s just landed in Firefox Developer Edition, thanks to hard work from the DevTools team.

In a mobile-first world, it’s essential to prioritize performance for low-bandwidth and offline mobile experiences and design progressive web apps that can deliver across a range of devices. We aim to design developer tools that prioritize empathy for users and developers. That’s why we’ve put so much effort into the Responsive Design Mode.

We want to make it easier for developers to build web experiences that load and respond on screens of all different sizes and support a multitude of browsers, platforms, and device types. RDM is a significant upgrade to the Firefox tools themselves, reflecting our commitment to people who build for the web.

To access the RDM tool, make sure you’re running an up-to-date version of DevEdition. Next, open any web page to view  the Responsive Design Mode via Developer Responsive Design Mode.

There’s a lot in this new tool, and many new features still to come. Check out the video walk-through to see the tool in action with all of its features enumerated, including:

  • Popular device emulation
  • Network throttling
  • Touch-event emulation
  • Ability to set DPR (device pixel ratio) of devices
  • Screenshotting devices at certain sizes

Firefox Developer Tools already has a series of improvements planned for the next release of Responsive Design Mode, including:

Mozilla Add-ons Blogwebextensions-examples and Hacktoberfest

Hacktoberfest is an event organized by DigitalOcean in partnership with GitHub. It encourages contributions to open source projects during the month of October. This year the webextensions-examples project participated.

“webextensions-examples” is a collection of simple but complete and installable WebExtensions, that demonstrate how to use the APIs and provide a starting point for people writing their own WebExtensions.

We had a great response: contributions from 8 new volunteers in October. Contributions included 4 brand-new complete examples:

So thanks to DigitalOcean, to the add-ons team for helping me review PRs, and most of all, to our new contributors:

SUMO BlogSUMO Show & Tell: A Small Fox on a Big River

Hey there, SUMO Nation!

It is with great joy that I present to you a guest post by one of the most involved people I’ve met in my (still relatively short) time at SUMO. Seburo has been a core contributor in the community from his first day on board, and I can only hope we get to enjoy his presence among us in the future. He is one of those people whose photo could be put under “Mozillian” in the encyclopedias of this world… But, let’s not dawdle and move on to his words…

This is the outline of a presentation given at the London All-Hands as part of a session where the SUMO contributors had the opportunity to talk about the work that they have been involved in.

Towards the end of 2015, I noticed that we were getting an increasing number of requests on the SUMO Support Forum questioning how users could put Firefox for Android (Fennec, the small fox of this tale) on their Amazon Kindle Fire tablet (the big river).  At first it was just one or two questions, but the more I saw the more I realised that there were some key facts driving the questions:

  • We know that users like using Firefox for Android on their mobile devices.  It enables them to use Firefox as their user agent on the web when they are away from their laptop or desktop.
  • We know that people like using Android, possibly the worlds most popular operating system.  People recognise and take comfort from the little green Android logo when they see it alongside a device they wish to purchase and they appreciate the ease of use and depth of support at a lower price point than its competitors.
  • With a little research, it became clear why people have the Kindle Fire tablet – the price point.  In the UK at the time it was retailing for £60, almost half the price of a comparative device from the big name brand leader.

What was confusing and confounding users was that having purchased a device at a great price, that uses an operating system they know, they could not find Firefox for Android in the Amazon app store.  SUMO does not support such a configuration, but with the number of questions coming through, I realised that there must be something we could do.

I started helping some users side load Firefox for Android onto their devices and through answering questions I soon found myself using a fairly standard text that users found solved their problem.  As I refined it, it made sense for this to be included within the SUMO Knowledge Base, the user facing guide to using Mozilla software. But before I could do this, there was one key issue for which I needed the help of the truly amazing Firefox Mobile team…which version of Firefox for Android to use.

Whilst Firefox and Firefox Beta are seen as the best product versions, I was advised they they would only get updates through Google Play – not ideal if the user in on the Amazon variant of Android.  I was advised that Aurora was the version to use as it would get important security updates and pointed in the direction of the site where it could be downloaded from.  In addition to this, the Firefox Mobile team helped shape some of the language I was going to use and helped check my draft article (I did say that they are amazing…!).

The article was uploaded to SUMO for approval and further to this, went live for users to see. The article has proven to be popular with users and I understand has been pickup up by some of the SUMO L10n teams, broadening its reach (it is even linked to from an MDN article).

Whilst there is no change to our support of the Kindle platform (the article carries a “health warning” to that effect), I think of this work as a great example of how several different teams, both staff and contributors, can come together to help find a user focussed solution.

Thank you for sharing your story, Seburo. An inspiring tale of initiating on a positive change that affects many users and makes Firefox more available as a result.

Do you have a story you would like to share with us? Let us know in the comments!

Mozilla Add-ons BlogWebExtensions in Firefox 52

Firefox 52 landed in Developer Edition this week, so we have another update on WebExtensions for you. WebExtensions are becoming the standard for add-on development in Firefox.

API Parity

The sessions API was added to Firefox, with sessions.getRecentlyClosed and sessions.restore APIs. These allow you to query for recently closed tabs and windows and then restore them.

The topSites API was added to Firefox. This allows extensions to query the top sites visited by the browser.

The omnibox API was added to Firefox. Although in Firefox the omnibox is called the Awesome Bar, we’ve kept the naming the same so that extensions can easily port between Chrome and Firefox. The API allows extensions to register a unique keyword for providing their own suggestions to the Awesome Bar. The extension will be able to provide suggestions whenever its registered keyword is typed into the Awesome Bar.

image00

Screenshot of an extension which registered the keyword ‘dxr’ for searching the Firefox source code.

The storage.sync API is now ready for testing, but not yet ready for full deployment. This API relies on a back-end service provided by Mozilla to sync add-on data between devices or re-installs. It is most commonly used to store add-on preferences that should be preserved.

Until the main production service is set up, you can test out storage.sync by making a few preference changes. To sync add-on data, a user will need to be logged into a Firefox Account. There is a limit of 100KB in the amount of data that can be stored. Before data is stored on our server, all data is encrypted in the client. By the time Firefox 52 goes into Beta we plan to have a production service ready to go. At that point we hope to remove the need to set preferences and switch users to the new servers.

Some existing APIs have also been improved. Some of the more significant bugs include:

  • The addition of browser.runtime.onInstalled and browser.runtime.onStartup which are commonly used to initialize data or provide the user with more information about the extension.
  • You can now match and attach content scripts to iframes with about:blank source, which are often used for inserting ads around the web.
  • The manifest file now supports developer information and falls back to the author if appropriate.
  • The commands API now supports _execute_browser_action, which allows you to easily map a command to synthesize a click on your browser action.
  • Bookmark events have been implemented, providing the onRemoved, onMoved, onCreated and onChanged events.

New APIs

Recently, contextual identities were added to Firefox, and these are now exposed to WebExtensions as well, in the tabs and cookie APIs. As an example, the following will query every tab in the current window and then open up a new tab at the same URL with the same contextual identity:

let tabs = browser.tabs.query({currentWindow: true});
tabs.then(tabs => {
  for (let tab of tabs) {
    browser.tabs.create({
      url: tab.url, cookieStoreId:
      tab.cookieStoreId
    });
  }
});

This API is behind the same browser preference that the rest of the contextual identity code is, privacy.userContext.enabled. We expect the API to track that preference for the moment.

You can now suspend and resume requests using the webRequest API. This allows extensions to suspend requests, perform asynchronous checks if necessary, then resume or cancel the request when appropriate, without blocking the parent process.

Out of process extensions

The work to run extensions out of process continues, with multiple changes being made across the APIs to support this. If you are developing an extension using the WebExtensions API then this change should have no effect on you. If you are planning to develop a WebExtensions API, maybe using experiments, or committing into mozilla-central, then please check the documentation for what you need to know.

Examples

The WebExtensions examples repository keeps growing, currently standing at 26 examples. Recent additions include:

All the examples have been altered to use the browser namespace and promises instead of the chrome namespace. The MDN documentation has also been updated to reflect this change.

Web-ext

Web-ext is the command line tool for developing WebExtensions quickly and easily. There were versions 1.5 and 1.6 of web-ext released. Significant changes include:

  • sign can now use a proxy.
  • build uses the locale when generating a file name.
  • --firefox-binary has been shortened to --firefox.

New contributors

Over this release, we’ve had our largest influx of new contributors ever. A shout out to all the awesome contributors who have helped make this happen including the following:

For a full list of the changes to Firefox over this period please check out this Bugzilla query.

Air MozillaWebdev Beer and Tell: November 2016

Webdev Beer and Tell: November 2016 Once a month web developers across the Mozilla community get together (in person and virtually) to share what cool stuff we've been working on in...

Air MozillaHfG / Firefox Design Workshop (WS2016)

HfG / Firefox Design Workshop (WS2016) We will have four groups of students from the University of Design in Schwäbisch Gmünd present their work on different Firefox projects this Friday! What...

The Mozilla BlogPrivacy made simple with Firefox Focus

Today we launched Firefox Focus, a brand new iOS browser that puts user privacy first. More than ever before, we believe that everyone on the Internet has a right to protect their privacy. By launching Firefox Focus, we are putting that belief into practice in a big way.

How big? If you download Firefox Focus and start to browse, you will notice a prominent “Erase” button in the upper right-hand corner of the screen. If you tap that button, the Firefox Focus app erases all browsing information including cookies, website history or passwords. Of course, you can erase this on any other browser but we are making it simple here – just one tap away.

Out of sight too often means out of mind. Burying the tools to clear browsing history and data behind clicks or taps means that fewer people will do it. By putting the “Erase” button front and center, we offer users a simple path to healthy online behaviors — protecting their online freedom and taking greater control of their personal data. To further enhance user privacy, Firefox Focus also by default blocks advertising, social and analytics tracking. So, on Firefox Focus, “private” browsing is actually automatic, and erasing your history is incredibly simple.

Of course, we know that for many Web activities people like the functionality that cookies or tracking data provides. Subscribers to the New York Times probably dislike typing a password every time they want to read articles on the site. Most people prefer that their browser autocompletes their commonly used URLs.

That said, sometimes people don’t want to be tracked. We use the internet to research personal topics about our health – cancer or Alzheimer’s, for example. We use the Web to make purchases that are legal but can be sensitive — “hotel reservations in Cancun” or ”engagement rings”. We browse controversial topics that we may not want anyone else to know we are reading about.

This accessibility of information is one of the most powerful aspects of the Web. It is all the more powerful when anonymity is protected.

We at Mozilla believe that protecting one’s privacy should be as simple as a single tap. Firefox Focus is an experiment to see what happens when we make this radically simple. As part of our mission to maintain the health of the Internet, we will continue to try out new ways to promote user privacy. We hope you download Firefox Focus, hit that “Erase” button and see how it works for you.

SUMO BlogWhat’s Up with SUMO – 17th November

Greetings, SUMO Nation!

How have you been? Many changes around and we haven’t been slacking either – we are getting closer to the soft launch of the new community platform (happening next week), so be there when it happens :-) More details below…

Welcome, new contributors!

  • DanielNL
  • … autumn is getting to you all, hm? There is probably more of you, but you haven’t made yourselves known, so all the spotlights are on Daniel this week ;-)

If you just joined us, don’t hesitate – come over and say “hi” in the forums!

Contributors of the week

We salute all of you!

Don’t forget that if you are new to SUMO and someone helped you get started in a nice way you can nominate them for the Buddy of the Month!

SUMO Community meetings

  • LATEST ONE: 16th of November – you can read the notes here and see the video at AirMozilla.
  • NEXT ONE: happening on the 23rd of November!
  • If you want to add a discussion topic to the upcoming meeting agenda:
    • Start a thread in the Community Forums, so that everyone in the community can see what will be discussed and voice their opinion here before Wednesday (this will make it easier to have an efficient meeting).
    • Please do so as soon as you can before the meeting, so that people have time to read, think, and reply (and also add it to the agenda).
    • If you can, please attend the meeting in person (or via IRC), so we can follow up on your discussion topic during the meeting with your feedback.

Community

Platform

Social

Support Forum

Knowledge Base & L10n

Firefox (release week for 50.0!)

Air MozillaConnected Devices Weekly Program Update, 17 Nov 2016

Connected Devices Weekly Program Update Weekly project updates from the Mozilla Connected Devices team.

QMOFirefox 51 Beta 3 Testday, November 25th

Hello Mozillians,

We are happy to announce that next Friday, November 25th, we are organizing Firefox 51 Beta 3 Testday. We’ll be focusing our testing on the WebGL2, FLAC support, Indicator for device permissions and Zoom Indicator features, bug verifications and bug triage. Check out the detailed instructions via this etherpad.

No previous testing experience is required, so feel free to join us on #qa IRC channel where our moderators will offer you guidance and answer your questions.

Join us and help us make Firefox better! See you on Friday!

The Mozilla BlogIntroducing Firefox Focus – a free, fast and easy to use private browser for iOS

Today, we’re pleased to announce the launch of Firefox Focus – a free, fast and easy to use private browser for iOS.

Firefox Focus

Firefox Focus

We live in an age where too many users have lost trust and lack meaningful controls over their digital lives. For some users, it seems as though your web activities can follow you everywhere – across devices, across accounts. To make matters worse, the web can often feel cluttered. That’s why we are introducing Firefox Focus.

For the times when you don’t want to leave a record on your phone. You may be looking for information that in certain situations is sensitive – searches for engagement rings, flights to Las Vegas or expensive cigars, for example. And sometimes you just want a super simple, super fast Web experience – no tabs, no menus, no pop-ups.

Firefox Focus gives you just that.

Firefox Focus is set by default to block many of the trackers that follow you around the Web. You don’t need to change privacy or cookie settings.  You can browse with peace of mind, feeling confident in the knowledge that you can instantly erase your sessions with a single tap – no menus needed.

 

Firefox Focus Erase Button

Firefox Focus Erase Button

Much of what makes mobile web pages slow is the technology used to track users on the web. Because Firefox Focus blocks these trackers, it is likely you’ll notice a performance boost on the many sites that track your behavior. When you occasionally see a site that doesn’t work because it is dependent on tracking, and if you don’t mind that kind of tracking, Firefox Focus makes it easy to open your current site in either Firefox or Safari.

We look forward to your feedback on Firefox Focus.

You can download Firefox Focus from the App Store.

Firefox Focus continues to operate as a Safari content blocker on iOS, and users will be able to take advantage of Tracking Protection on both Safari and Firefox Focus.

Air MozillaMozilla Learning Community Call: Youth Leadership

Mozilla Learning Community Call: Youth Leadership Join Mozilla Learning, Hive Chicago, Hive New York, and other special guests to discuss youth leadership and how we can empower youth to get involved...

Air MozillaThe Joy of Coding - Episode 80

The Joy of Coding - Episode 80 mconley livehacks on real Firefox bugs while thinking aloud.

Air MozillaFailure: The Hard Part About Innovation

Failure: The Hard Part About Innovation As humans conditioned to win and succeed since birth, navigating how to “fail well" is hardly intuitive. What constitutes a "good failure"? And at what...

Air MozillaMozilla Foundation: "Fuel the Movement" Program Review

Mozilla Foundation: "Fuel the Movement" Program Review An overview of the Mozilla Foundation's 2016 progress and 2017 plans to Fuel the Movement for internet health. https://mzl.la/ProgramReviewAgenda

Air MozillaRust and the Future of Systems Programming | Mozilla ♥ Rust

Rust and the Future of Systems Programming | Mozilla ♥ Rust Mozilla has created six videos to tell the world about the Rust programming language, to celebrate the incredible Rust community, and to demonstrate our investment...

hacks.mozilla.orgRust and the Future of Systems Programming

If you’re a regular reader of Hacks, you probably know about Rust, the ground-breaking, community-driven systems programming language sponsored by Mozilla. I covered Rust on Hacks back in July, to note a major milestone for Mozilla, when we shipped Rust in Firefox for the first time.

Meanwhile in Rust-land, the trains keep on rolling, more users are putting Rust in production, and the ecosystem and worldwide community continue growing. And our investment at Mozilla is growing too! There’s been a lot of news and excitement lately about Project Quantum, which leverages the innovations of the Servo web engine, another vibrant open source community sponsored by Mozilla.

So we’ve created a video series to tell the world about Rust, to celebrate the incredible community, and to demonstrate our investment in Rust and its long-term success. Today, we are publishing Rust and the Future of Systems Programming, the first in our six-part series. Visit our Mozilla Tech Medium publication over the next week to view each video as it is released or head over to Mozhacks YouTube to subscribe to the complete series:

Mozilla Add-ons BlogAdd-ons Update – 2016/11

Here’s the state of the add-ons world this month.

The Review Queues

In the past month, 1,732 listed add-on submissions were reviewed:

  • 1,340 (77%) were reviewed in fewer than 5 days.
  • 130 (8%) were reviewed between 5 and 10 days.
  • 262 (15%) were reviewed after more than 10 days.

There are 220 listed add-ons awaiting review.

If you’re an add-on developer and are looking for contribution opportunities, please consider joining us. Add-on reviewers are critical for our success, and can earn cool gear for their work. Visit our wiki page for more information.

Compatibility

The compatibility blog post for Firefox 51 is up, and the bulk validation should be run in the coming weeks. It’s worth pointing out that the Firefox 50 cycle will be twice as long, so 51 won’t be released until January 24th, 2017.

Multiprocess Firefox is now enabled for users without add-ons, and add-ons will be gradually phased in, so make sure you’ve tested your add-on and either use WebExtensions or set the multiprocess compatible flag in your add-on manifest.

As always, we recommend that you test your add-ons on Beta and Firefox Developer Edition to make sure that they continue to work correctly. End users can install the Add-on Compatibility Reporter to identify and report any add-ons that aren’t working anymore.

Recognition

We would like to thank André Bargull, Meet Mangukiya, Jostein Kjønigsen, euleram, saintsebastian, Rob Wu , Andrew Terranova, Prasanth P, and Venkat Ganesan for their recent contributions to the add-ons world. You can read more about their work in our recognition page.

Project TofinoEngineering update on Tofino

We’ve spent several months testing UI concepts, understanding Electron’s relationship with the web, testing some architectural ideas, like…

The Mozilla BlogLatest Firefox launches today

The newest versions of Firefox for desktop and Android are available today. For information on what’s new with today’s release, check out the release notes. Also, keep an eye on this blog, as we have exciting Mozilla and Firefox news to share in the coming weeks.

Download the latest Firefox for desktop and Android and as always, let us know what you think.

Open Policy & AdvocacyTime for a Conversation about Government Hacking

Mozilla and Stanford’s Center for Internet and Society recently hosted the first in a series of discussion events about government hacking. From the San Bernardino case, in which the FBI exploited a security flaw to break into an iPhone, to the Shadow Broker’s leaks involving the public disclosure of NSA hacking tools, government hacking is now constantly in the news. This activity raises a host of challenging questions that our event series is dedicated to tackling.

The first event focused on proposed changes to Federal Rule of Criminal Procedure 41, which will allegedly expand law enforcement’s authority to hack its targets. You can find excerpts of that event below. This event was a wonkfest, so if you want all the details and are prepared to get deep into the weeds, watch the full video here.

Cybersecurity is a shared responsibility. One unique element of this discussion series is that we are pulling together many of the industry, government, and civil society players who share that responsibility. And we have done so, consistent with Mozilla’s commitment to transparency, in an open forum, so everybody can benefit from the expertise on display.

Our next event on November 16th will focus on the process the government uses to determine if and when it should exploit security vulnerabilities to hack its target or disclosure those vulnerabilities to make everybody safer. We’ve assembled an all star panel for this topic. Check out the events page for more detail and to RSVP. If you can’t make it, we’ll share another blog post and video recap here.

Joseph Hall, CDT’s Chief Technology Officer, on online vs offline searches:

FBI Deputy General Counsel Greg Browser provides an overview of the issue:

Richard Salgado, Google’s Director for information security and law enforcement, on reciprocity:

Jennifer Granick, CIS Director of Civil Liberties, summarizing points of agreement:

Air MozillaPrivacy Lab - November 2016 - Privacy Around the World

Privacy Lab - November 2016 - Privacy Around the World At Santa Clara University Location: Santa Clara Law School, The Williman room in the Benson (Student Center) Building

Mozilla L10NFirefox L10n Report – Aurora 52

Hi everyone,
Here’s an outline of what is currently in Aurora this cycle for Firefox 52.

Current Aurora Cycle – Firefox 52

This is an unconventional cycle: it’s 2 cycles combined into one, to work around Holidays at the end of the year. It could be a great occasion to work on missing strings, or focus on testing if your locale is already in good shape.

Key dates for this cycle:

  • Beta (51): localization updates for already shipping locales must be completed before 11 January.
  • Aurora (52): localization updates must be completed before 23 January. That’s the Monday, also known as merge day, before the next release of Firefox.

String breakdown:

  • Firefox Aurora desktop has 330 added strings (61 obsolete). About 48% of the new strings are for Developer Tools. The actual amount of strings you’ll need to translate will be lower, more on that later in the Developer Tools section.
  • Fennec Aurora has 55 new strings (29 obsolete). 5 new strings are Fennec-only (in /mobile).

There are currently no pending requests to uplift patches with strings to Aurora. There is ongoing work on Firefox stub installer that will probably need to land for Firefox 52, and there was a back-out during the weekend (strings landed and were removed for test failures). Given the exceptional length of the cycle, we might have a number of requests higher than usual. As we always do, we’ll carefully evaluate them one by one together with Release Drivers.

For further details on the new features you can check the release notes (they’re usually published a few days after release):

Noteworthy Changes Available in Aurora

These are some of the interesting changes introduced in the last cycle.

Browser

The string disableContainersMsg was fixed without a new iD: Containers Tabs -> Container Tabs

The entire /searchplugins folder was removed as part of Merge Day. Searchplugins are now stored directly in mozilla-central.

Devtools

Several developer tools are still moving strings from .DTD to .properties:

A migration script was run on all locales, excluding those working on l10n-central (eo, es-ES, fr, it, pl, ru), to move strings from the existing DTD files to the new .properties files. 115 strings were moved in the process, reducing the number of missing strings for Firefox desktop to 215.
We also worked together with Pootle’s tech team to make sure that these changes will be imported in the tool.

Strings were automatically moved to netmonitor.properties, boxmodel.properties, font-inspector.properties, inspector.properties (all in /devtools/client). All obsolete DTD files were removed.

The new Debugger is now localizable, even if there are still some hardcoded strings to fix.

Common Issues

We added a new view in Transvision to display empty strings diverging between English and the requested locale. In other words, it displays a string that is empty in English but not in the locale, and a string that is empty in the locale but not in English.

Empty strings are not a rarity in Mozilla products:

  • When creating a sentence with a link, 3 strings are used: before_link + link + after_link. English doesn’t need the part before or after the link, but that’s useful for other languages, so it’s kept empty in English. It’s expected for some locales to have a different behavior than English.
  • There are secondary commandkeys or accesskeys, or special values that are supposed to remain empty for most locales.

Pootle will report these empty strings as untranslated: for the first type of strings you can use the special control displayed under the text area to insert a “zero width non-joiner” character. That doesn’t necessarily work for the second type, so you’re invited to test to avoid introducing strange behaviors.

Related to this special values, there are several locales with wrong values for the following keys.

Intl.charset.detector (toolkit)
Localization comment:
# LOCALIZATION NOTE (intl.charset.detector):
# This preference controls the initial setting for the character encoding
# detector. Valid values are ja_parallel_state_machine for Japanese, ruprob
# for Russian and ukprob for Ukrainian and the empty string to turn detection
# off. The value must be empty for locales other than Japanese, Russian and
# Ukrainian.

Current translations: https://transvision.mozfr.org/string/?entity=toolkit/chrome/global/intl.properties:intl.charset.detector&repo=aurora

isRTL (crashreporter)
# LOCALIZATION NOTE (isRTL):
# Leave this entry empty unless your language requires right-to-left layout,
# for example like Arabic, Hebrew, Persian. If your language needs RTL, please
# use the untranslated English word "yes" as value

Current translations: https://transvision.mozfr.org/string/?entity=toolkit/crashreporter/crashreporter.ini:isRTL&repo=aurora

New Languages

A few new locales were added in Firefox 51 Beta:

  • Georgian (ka) and Kabyle (kab) in Firefox desktop.

These are the new locales shipping in release with Firefox 50:

  • Guaraní (gn) in Firefox for Android.

Congratulation to all the teams involved!

We currently have 5 other locales working on Firefox desktop, and we really look forward to release them in the next versions of Firefox:

  • Latgalian (ltg)
  • Burmese (my)
  • Nepali (ne-NP)
  • Tagalog (tl)
  • Urdu (ur)

The following locales are targeting Firefox 52 to release Firefox for Android:

  • Asturian (ast)
  • Georgian (ka)

If you want to know more about the process of releasing new locales, or if you speak one of these languages and want to know how to help the localization teams, please get in touch with us.

To all localizers: Thanks again for all the time and effort you put in localizing and promoting Firefox in your language.

about:communityFirefox 50 new contributors

With the release of Firefox 50, we are pleased to welcome the 43 developers who contributed their first code change to Firefox in this release, 32 of whom were brand new volunteers! Please join us in thanking each of these diligent and enthusiastic individuals, and take a look at their contributions:

SUMO BlogWhat’s Up with SUMO – 10th November

Greetings, SUMO Nation!

How have you been? Many changes around and we haven’t been slacking either – we are getting closer to the soft launch of the new community platform (happening next week), so be there when it happens :-) More details below…

Welcome, new contributors!

  • alexandre.huat
  • …and probably more of you, but you haven’t made yourselves known, so all the newcomer glory is reserved for Alexandre this week ;-)

If you just joined us, don’t hesitate – come over and say “hi” in the forums!

Contributors of the week

Don’t forget that if you are new to SUMO and someone helped you get started in a nice way you can nominate them for the Buddy of the Month!

SUMO Community meetings

  • LATEST ONE: 9th of November – you can read the notes here and see the video at AirMozilla.
  • NEXT ONE: happening on the 16th of November!
  • If you want to add a discussion topic to the upcoming meeting agenda:
    • Start a thread in the Community Forums, so that everyone in the community can see what will be discussed and voice their opinion here before Wednesday (this will make it easier to have an efficient meeting).
    • Please do so as soon as you can before the meeting, so that people have time to read, think, and reply (and also add it to the agenda).
    • If you can, please attend the meeting in person (or via IRC), so we can follow up on your discussion topic during the meeting with your feedback.

Community

Platform

Social

  • Reminder: email Sierra at sreedATmozilla.com to get a scheduled training date for Respond and get on board as soon as you complete it.
    • All those of you who already rock the social using the new tool – you are legends!
  • It’s the final countdown for the Army of Awesome (the tool, not the people). It will be going away in about a week. Once more, huuuuuuuge thank yous to all of those who used it to great effect!

Support Forum

  • The Flash vulnerability issue has been resolved with the latest update, please take a look at the Bugzilla thread for more details. If you see people reporting Flash issues, please ask them to update to the latest version!
  • Moderators, please take a look at the new staging site (talk to Rachel to get access if you haven’t used it before).
  • If you’re interested in crisis management ideas, contact Rachel to get access to her draft document describing that.
  • No big news from the forums this week, which is good – it means things are progressing (rather) smoothly – thank you all!
  • Don’t forget that the support forum for forum supporters is there for you if you need more help helping others ;-)

Knowledge Base & L10n

Firefox

  • for iOS
    • No news from under the apple tree.

So, next week is (soft) migration week! Get ready to kick the tires of our new ride ;-) We’re all looking forward to a new start there – but with all of you, the best friends we could imagine to take on this adventure together with us. TTFN!

Air MozillaConnected Devices Weekly Program Update, 10 Nov 2016

Connected Devices Weekly Program Update Weekly project updates from the Mozilla Connected Devices team.

Air MozillaReps Weekly Meeting Nov. 10, 2016

Reps Weekly Meeting Nov. 10, 2016 This is a weekly call with some of the Reps to discuss all matters about/affecting Reps and invite Reps to share their work with everyone.

Web Application SecurityEnforcing Content Security By Default within Firefox

Before loading a URI, Firefox enforces numerous content security checks verifying that web content can not perform malicious actions. As a first line of defense for example, Firefox enforces the Same-Origin policy (SOP) which prevents malicious script on one origin from obtaining access to sensitive content on another origin. Firefox’ content security checks also ensure that web content rendering on a user’s desktop or mobile device can not access local files. Additionally Firefox supports and enforces: Cross-Origin Resource Sharing (CORS), Mixed Content Blocking, Content Security Policy (CSP), Subresource Integrity (SRI), and applies many more mitigation strategies to prevent web content from performing malicious actions. We refer the reader to Mozilla’s HTTP Observatory to find more information on the latest content security concepts and how to configure a site safely and securely. Worth mentioning is that over time not only the web evolves but also content security mechanisms necessary to ensure an end user’s security and privacy and hence it’s vital to provide an API that new security features within a browser can rely on.

 

Enforcing Content Security Historically

The name of Firefox’ layout engine is Gecko which reads web content, such as HTML, CSS, JavaScript, etc. and renders it on the user’s screen. For loading resources over the internet, Firefox relies on the network library called Necko. Necko is a platform-independent API and provides functionality for several layers of networking, ranging from transport to presentation layers. For historical reasons, Necko was developed to be available as a standalone client. That separation also caused security checks to happen in Gecko rather than Necko and caused Necko to be agnostic about load context.
opt_in_gecko
As illustrated, Gecko performs all content security checks before resources are requested over the network through Necko. The downside of this legacy architecture is, that all the different subsystems in Gecko need to perform their own security checks before resources are requested over the network. For example, ImageLoader as well as ScriptLoader have to opt into the relevant security checks before initiating a GET request of the image or script to be loaded, respectively. Even though systematic security checks were always performed, those security checks were sprinkled throughout the codebase. Over time, various specifications for dynamically loading content have proven that such a scattered security model is error-prone.

 

Enforcing Content Security By Default

Instead of opting into security checks wherever resource loads are initiated throughout the codebase, we refactored Firefox so content security checks are enforced by default.
opt_out_gecko
As illustrated, we revamped the security landscape of Firefox providing an API that centralizes all the security checks within Necko. Instead of performing ad hoc security checks for each network request within Gecko, our implementation enables Gecko to provide information about the load context so Necko can perform the relevant security checks in a centralized manner. Whenever data (script, css, image,…) is about to be requested from the network, our technique creates and attaches an immutable loadinfo-object to every network request which remains assigned to a network load throughout the whole loading process and allows Firefox to provide the same security guarantees for resource loads that encounter a server-side redirect.
For an in-depth description of our implementation, which will be fully enforced within Firefox (v. 53), we refer the reader to our publication Enforcing Content Security By Default within Web Browsers (DOI 10.1109/SecDev.2016.8) which was presented at the IEEE International Conference on Cybersecurity Development on November 4th, 2016.

Air MozillaThe Joy of Coding - Episode 79

The Joy of Coding - Episode 79 mconley livehacks on real Firefox bugs while thinking aloud.

hacks.mozilla.orgMozilla Push Server now supports topics

In Firefox 44, Mozilla added Web Push capability to the browser. This gives websites the ability to notify users when something important needs to be communicated. For example, you may have a web app that wants to notify users when they receive a WebRTC call, or when a new discussion is initiated in a group chat. Or with a message service, you may want to notify users when they have new messages available.

Dan Callahan covered the details of adding WebPush to your Web Apps in an article on Hacks early this year. You can also get more documentation on the Push API from MDN or take a look at the ServiceWorker Cookbook for examples of how to use Web Push as well as many other service worker scenarios.

While Web Push has many benefits, it does come with some drawbacks. For example, if you notify an offline user of unread messages, when they come back to the browser later, the user may be inundated with many notifications at once.

notifications-notopic

This can be mitigated a bit on certain operating systems, but a better way is now available. The Mozilla Push Service now offers the capability to provide topics for notification messages. This means that any user agent subscribed to the application will only be provided with the last message in a topic when it returns from an offline state. The Push Service replaces all previous push messages with the same topic and only displays the most recent one. In the example referenced above, all the unread messages are grouped into one topic, and when an offline user opens the browser they only get one message from the topic, which is the last one received.

notifications-bytopic

As this is a change to the WebPush specification, to get this to work you will need to modify the server code that actually pushes the messages to the Push Service. Essentially, you must add a header named “Topic” to the push message. Take a look at my test example for topics on github for a simple example. You can see how the header is added in the pusher/main.py file with the following code:

pywebpush.WebPusher(sub_info).send(
    args.msg,
    headers={"topic": topic},
    ttl=args.ttl,
)

If you are using Marco Castelluccio’s NodeJS web-push library, you can add the header in the following way:

webPush.sendNotification(req.body.endpoint, {
         TTL: req.body.ttl,
         payload: req.body.payload,
         userPublicKey: req.body.key,
         userAuth: req.body.authSecret,
         headers: {
             topic: topic
         }
       })

Air MozillaMartes Mozilleros November 8, 2016

Martes Mozilleros November 8, 2016 Reunión bi-semanal para hablar sobre el estado de Mozilla, la comunidad y sus proyectos. Bi-weekly meeting to talk (in Spanish) about Mozilla status, community and...

Air MozillaWebinar: Innovation Challenge Mechanics - Nov. 7th, 2016

Webinar: Innovation Challenge Mechanics - Nov. 7th, 2016 The webinar will answer questions around the Equal Rating Innovation Challenge including what we are looking for as well as how to submit. To ask...

Mozilla IndiaBe the change…

about: responsibility

 

June 22, 2008. I’m doing my MCA in Siliguri, studying on student loan. Saved up some cash to buy a decent camera. It was hard to commit to save up that much, but I really really wanted a camera since I was a child. The afternoon before I’m to actually buy the camera, I called up my dad to tell him about it (not that I’ll listen, if he says it’s a bad idea – I was determined).

My dad picked up the call, listened to me and said, “well, you’re 21 now, you make your choices. I was there to guide you, to prepare you to make the best choices in your life – I’d like to believe I did a decent job at it. If you let us know your decisions, we certainly appreciate that; but you don’t have to ask for permissions anymore”.

I’m not a guy who gets into “deer in the headlights” situations often, but trust me, I was perplexed after the call. I wasn’t used to this… 99% Indian kids aren’t used to this. We don’t make our life choices. Our teachers tell us which college to get in, neighbors tell us which job to get and parents tell us which person to get married to. That works for us and if it doesn’t we can regret about it after few years, and tell our next generation what they should do to avoid it. Outsourcing responsibility to someone more experienced, and obey their orders, and having a good self-impression to them always has been our forte. But what is this?!?

I was so overwhelmed by the sudden trust/responsibilities put on me, that totally ate up my determination and spat out indecisiveness. I ended up not buying the camera.


about: retrospection

 

Back in 2011, when we started the new journey of Mozilla India, for what it is today… it wasn’t easy.

It wasn’t the inauguration of Mozilla community in India; there were already handful few people involved in it and had their own way of operating an open source community. This is not a place to criticize them, nor is my intention, but we barely got active help/support from them.

We were criticized for every action we took, every events we hosted; for how childish we were and how we were destroying the community. We were soft-black-listed in their books and have never been appreciated for our initiatives. Many of us had to go through and ignore the passive-aggression coming our way from the folks, who ideally should be our seniors, mentoring and helping us at it.

Nonetheless, we continued to make progress, and in 3 years we had probably the largest regional open source community in the world (I have no citation, please correct me if there has been a regional FOSS community more than a few thousand active contributor strong).

Were we too proactive and super hyped? Oh yes! Did we make mistakes? Oh hell, we did… truck loads of them. We learned from them, fixed it next time. Rinsed and repeated.

The fear of making mistakes never held us back from trying something new; and at the end of the day, that was the key factor for the radical growth.


about: reflection

 

Fast forwarding to recent times, when many of these “us” are considering to be the new-old folks (or already have been), there’s a prominent void of the new-new folks. People who can take over, people who can be proactive and never hesitate to do something radical.

It’s possible that we have been so much supportive of the activities, and hand-held the new community members, they’ve grown an inherent lean-on factors on these old folks; relying on them, expecting suggestions/permissions from them for every move they make.

If that’s the case, it’s cute and lovely… that this time on, the new members are getting the mentoring they deserve and subconsciously are relying on their informal mentors/hand-holders in the community. But at the same time, it’s possibly hindering the new members to step up and take over the responsibilities.

We lacked the guidance and appreciation, but we were proactive to make our own moves. It’s not about having the willingness to get something done, but actually going ahead and doing it.

Now that we have the old-folks more than willing to support the newcomers, we don’t have enough pro-activeness from the newcomers (either out of respect or out of fear of making mistakes or both).


about: restructure

 

We often don’t realize how special we are, and how normal solutions aren’t as effective for us. We are the largest (again, correct me if I’m wrong) open source community on earth, trying to have an unified structure and governance. In no way we can operate on the same norms of most other regional communities, which are much less riddled with diversity of all sorts, and has much less constraints internally.

Let me try and explain with a bad analogy… Windows/Mac vs Linux.

Windows is much more prone to security vulnerabilities, patching vulnerabilities are hectic service packs that are infrequent and require reboot/downtime and more… And Mac comes with choices already made for you, and defaults set for you, if you try to truly customize particular bits and pieces then… rats! But they give a decent personal user experience.

On the other hand Linux didn’t look nice, in its early days, and wasn’t easy to get it working for a particular system, but by design it was most open to all sorts of possibilities and was much more robust. If you didn’t like the desktop environment, you can change it. And you can tinker with configs/drivers to make stuff work – often without even needing a reboot, and it has only gotten better.

For a normal user, a Windows PC generally serves well. If you introduce them to Linux, their experience might not be as nice (partially for the being “used to” factor, but even apart from that).

But, for a server – a system that needs to be much more robust, has to be more consistent, has to scale up, has to have next to no downtime (and many more other parameters I’ll avoid listing) – shouldn’t you go with Linux?

Back to the point of how special we are… as a very (VERY) large community. There hasn’t been much of work or even research paper to learn from, what makes an open source community so large operate smoothly. I am not kidding.

So a couple of months back, when we designed the restructure guidelines for the community, we acted on giving it a Linux like architecture.

There has been many questions and many people are uncomfortable with the changes, or understanding them. It’s justified.

We focused way too hard to get it as close to a perfect prototype as it can be, but haven’t made it very easy for all to understand well. This blog post is an effort to bridge that gap – this is, “all that you need to know, to understand the restructuring of Mozilla India”.


about: recollect

 

Now, to sum it up (like a movie with seemingly incoherent plots finally coming back together to make sense), for Mozilla India to be a continuously growing successful regional community:

  • there needs to be autonomy at individual level (be the change that you wish to see)
  • proactivity from members to take over responsibilities (don’t wait for tasks given to you)
  • expect guidance from senior members, not their permission (if you believe in something, do it)
  • take feedback, make corrections, document it, do better next time (don’t feel discouraged, if criticized)
  • give feedback, try to help out, document and look out for peer activities (it’s a community, not a competition)
  • if something needs a change, be the first to raise it (the structure allows installing new drivers without needing a reboot ;)

I know this is not complete, comprehensive, most rigorous and perfect explanation of the restructure and the directions… but that’s because it’s not meant to be. This blog post is a shallow 3 feet pool to help you learn swimming. Once you’re ready for it, you can always go have the real coral-reef experience (be sure to take scuba-diving gears with you).

hacks.mozilla.orgCooperative Scheduling with requestIdleCallback

TL;DR: requestIdleCallback support has landed in Firefox Nightly, with plans to ship in Firefox 52.

The messiest aspect of building interactive websites boils down to this: the main thread is the same as the UI thread. Rendering the page and responding to user actions happens in contention with computation, network activity, and manipulation of the DOM. Some of these things can be moved to another thread safely and with relative ease using Workers, but only the main thread can change the DOM and many other web platform features. Historically, there’s been no way for scripts to “play nice” with user interaction and page rendering, leading to choppy frame rates and laggy input.

Obviously, I wouldn’t be writing this post if that were still true!

If you absolutely must perform tasks on the main thread (mutating the DOM or interacting with main-thread-only Web APIs), you can now request the browser provide you with a window of time in which it is safe to do so! Previously, developers have used setTimeout to give the browser room to breathe between periodic actions. At best this only delays a task until the next go-around of the event loop. And it can still cause jank.

In comes requestIdleCallback. Superficially, its basic use is similar to setTimeout or the even more similar setImmediate:

requestIdleCallback(sporadicScriptAction);

However, the browser has much more leeway with which to serve your request. Instead of waiting a specific number of milliseconds or until the next immediate pass of the event loop, requestIdleCallback allows the browser to wait until it identifies an idle period. An idle period may be a few milliseconds between painting individual frames.

Keep in mind, a buttery-smooth 60fps animation leaves only 16ms between frames, much of which might be needed by the browser. So we’re talking only a few milliseconds! Alternately, if there are no animations or other visual changes happening, the browser may elect to allow up to 50ms. If a user interacts with the page, visual feedback that takes less than 100ms feels “instant”. With a maximum of 50ms, there’s plenty of leeway for the browser to service any incoming user events gracefully.

So, your callback may be given a 1ms-10ms window in which to act, or a languid, leisurely 50ms! How will your code know? That’s where requestIdleCallback differs from its antecedents. When your callback is called, it receives information about how much time it has to act:

// we know this action can take longer than 16ms,
// so let's be safe and only do it when we have the time.
function sporadicScriptAction (timing) {
  if (timing.timeRemaining() > 20) {
    // update DOM or what have you
  } else {
    // request another idle period or simply do nothing
  }
}

Your callback will be passed an IdleDeadline object containing a timeRemaining method. timeRemaining() will provide a real-time estimate of how much time is left in the idle period, allowing scripts to determine how much work to do, or whether to do it at all.

What if I Have to Do Stuff?

Cooperative multitasking is a negotiation between parties, and for it to be successful, both sides (browser and script) need to make concessions. If your main-thread action has to happen in a certain time frame (UI updates or other timing-sensitive actions), scripts can request a timeout after which the callback must run:

// Call me when you have time, but wait no longer than 1000ms
requestIdleCallback(neededUIUpdate, { timeout: 1000 });

If an idle period becomes available before the request’s timeout, things will proceed as before. However, if the request reaches the provided timeout and no idle period is available, the callback will run regardless. This is detectable in the callback by checking the didTimeout property of the IdleDeadline object:

function sporadicScriptAction (timing) {
  // will be 0, because we reached the timeout condition
  if (timing.timeRemaining() > 20) {

  } else if (timing.didTimeout) { // will be true

  }
}

Never Mind (Canceling a Call)

As with all scheduled callback mechanisms (setTimeout, setImmediate, setInterval), and requestAnimationFrame), requestIdleCallback returns a handle which can be used to cancel a scheduled function call:

var candyTime = requestIdleCallback(goTrickOrTreating);

// it's November.
cancelIdleCallback(candyTime);

A More Coordinated Web

Just as requestAnimationFrame gave us the tools to coordinate with browser paint, requestIdleCallback provides a way to cooperate with the browser’s overall work schedule. When done correctly, the user won’t even notice that you’re doing work- they’ll just feel a smoother, more responsive website. We can’t go back in time and separate the UI thread from the main thread in JS, but with the right tools, separation of concerns, and planning, we can still build great interactive experiences.