jk5854/flickr cc

Web developers make the open web go.

For Mozilla, that means that if we want to see the open web succeed, we need to help web developers build it. When we talk to them about building for the web, most of what they want to talk about is web features – CSS improvements, new HTML5 goodness, content magic like geolocation and orientation events. We invest a lot in making those things awesome, but they are only part of the answer.

The other thing that web developers talk about is tools. Specifically, when we talk to them about tools they ask for two things:

1. Mozilla should invest in Firebug. The Firebug and Firefox communities should be working together to fix bugs, not working around them. Firefox releases should ship with a compatible Firebug out of the gate, not weeks or months later.
2. Mozilla should be leading in developer tools. Before Firebug, View Source and DOM Inspector were the state of the art. Now other browsers are copying Firebug and shipping their tools by default, and the question is where the tools are going to go next. We should be a strong voice there, and back it up with code.

For #1: got it. Loud and clear. Firefox 3.6 shipped with a compatible Firebug from day 1, due in no small part to the contributions of Mozilla employees paid to work on Firebug. Jan “Honza” Odvarko has been fixing bugs and building out features left and right, and Rob Campbell has helped drive the project, and made sure that Firefox dependencies get attention. We don’t want to try to take Firebug over; it has its own, healthy community. We are much more active participants than we used to be, though.

#2 is harder. What tools do web developers need that don’t yet exist? Which tools would be broadly useful, and which ones niche? What can Mozilla bring to the table, as the developer of a browser, to make the design & development experience better/easier/faster/funner? We’re trying to figure that out, we’re working on some early ideas that I’ll write about in subsequent posts, but I’d also like to hear what you think is missing.

Building developer tools into Firefox will mean a lot of exploration, and a lot of new code – that’s scary, but the benefits are huge. In the short term, this work will rekindle the conversation about developer tools, and get us all thinking outside of the existing boxes for a few minutes. In the long term, it should make life better for web devs and tool authors; everybody wins.

Web devs are smart, it’s no coincidence that #1 and #2 above pull in the same direction: make Firefox the best platform for web development and tool building. We all want web authors to have an awesome, empowered experience and I think working together in this way is the best play we have for continuing to build that.

There’s a lot you don’t know about how you came into this world, little girl, and I plan to tell you all about it. I’m not holding on to details too well right now, though, so I thought I’d write some of it down, just in case.

First – the practical stuff. You were born at 5:44pm, February 13th. You weighed 8lbs, 6oz, which is on the heavy side of normal, and measured 22″ long which is on the long side of normal. Your head was 37cm in circumference, which is on the big side of normal, and it took Mommy 24 hours of labour to deliver you (your love for consistency held fast: this, too, is normal, but longish). You were positioned face up (“sunny side up,” said your doctor) which is normal, though more difficult. You needed some vacuum help (normal, though more difficult) and then some forceps (normal, though more difficult). You had a bit of jaundice which kept us at the hospital for another day (normal, though more difficult). In every way that you could, you tried to tell us that you were bigger than life, and you were right.

There’s more you don’t know, though. You don’t know that daddy cried when you were born or that he’s thinking about crying now as he writes this. You don’t know that we’ve been working on you since 2007. You don’t know about your mommy and daddy beating a regular path to the fertility clinic before work most mornings; mommy getting bloodwork and ultrasounds on day 3, 10, 12, 14, 15 and 16 of every month – for nearly 2 years; or that the month you did show up was the one month we had no treatments at all, because mommy’s body needed a break. You don’t know that you weren’t our first positive pregnancy test.

But you’re here now, and we are happier than we’ve ever been. We can barely stay awake, we jump every time you make a noise, but we are awfully smitten with you. We haven’t had many visitors because it’s all still a bit overwhelming, but when visitors do show up, we are the proudest parents, showing you off. We barely recognize your daddy any more – he impulse buys onesies with dinosaurs on the front, and today he boiled nipples.

I can’t wait to tell you all about the world, and about your arrival, and about what an amazing woman your mommy is. I can’t wait to introduce you to the incredible village that has risen up around you and supported us three since the beginning. I can’t wait, but I’m going to try because I don’t want this to go any faster than it has to.

I love you, Lily Margaret Nightingale.

Daddy

Scam-Detective: A reader has asked me to talk to you about face to face scams. Were you ever involved in meeting a victim, or was all of your contact by email?

John: I never met a victim, but I was involved in a couple of Wash-Wash scams.

Scam-Detective: Wash Wash scams? What does that involve?

John: We would tell the victim that we had a trunk full of money, millions of dollars. One victim met some of my associates in a hotel in Amsterdam, where he was shown a box full of black paper. He was told that the money had been dyed black to get through customs, and that it could be cleaned with a special chemical that was very expensive. My associates showed him how this worked with a couple of $100 bills from the top of the box, which they rinsed with some liquid to remove the black dye. Of course the rest of the bills were only black paper, but the victim saw real money. He handed over $27,000 (about £17,000) to buy the chemicals and was told to return to the hotel later that day to pick up the cash. Of course when he came back, there was nobody there. He couldn’t report it to anybody because if it had been real it would have been illegal, so he would have gotten himself into trouble.

Part 1, Part 2, Part 3.

We build tools in Firefox like stale-plugin warnings and malware blocking to help protect our users, to neuter the technological attacks they may encounter on the web. But we also try, and need to keep trying, to build tools that inform our users so that they can make better decisions. Our phishing warnings and certificate errors try to do this, but mostly by scaring users away from specific attack situations. I hope we’ll continue to build tools like Larry which try to give people some affirmative context as well, to lend some nuance to their sense of place online. I want us to help our users know when they’re on Main Street, and when they’re in an alley.

I know: People get conned in the real world, too, and certainly no browser UI is going to save you from an email-based scam. Stories like this, though, are just specific instances of what I believe to be a more universal principle:

the biggest security risk most people face is misplaced trust

John: Some of the blame has to go to the victims. They wanted the money too because they were greedy. Lots of times I would get emails telling me that they wanted more money than I was offering because of the money they were having to send. They could afford to lose the money.

Scam-Detective: John, I think you have been basically honest with me so far. Please don’t stop that now. You know as well as I do that not all of your victims were motivated by greed. I have seen plenty of scam emails that talk about dying widows who want to give their money to charity, or young people who are in refugee camps and need help to get out. You targetted vulnerable, charitable people as well as greedy businessmen, didn’t you? You didn’t care whether they could afford it or not, did you?

John: Ok, you are right. I am not proud of it but I had to feed my family.

If you have ideas for how we can help users place their trust online more deliberately and carefully: please comment here, or build an addon, or file a bug.

It’s also essential to the way we manage our project at scale, though, and enough of our project’s history and daily activity lives there that understanding it is not really optional. Certain edge cases aside, you can’t really be effective in the Mozilla project without at least a passing ability to wade through Bugzilla.

I put together this video to help people who don’t really live in Bugzilla learn how to at least manage themselves. If you’re inclined to thank me for it, thank Deb and Dan instead – they’re the ones that actually made me sit down and finish the job.

Until wordpress stops eating my video tags, you can get the open-web, flash-free, unencumbered-codec goodness here.

If you’re using a browser that doesn’t understand ogg, I’ve put a copy on Vimeo as well:

(Yes, we would.)

Our deliverables had to be submitted by January 15. Others in our (amazing, amazing) community did all the real work, but since I was asked to pick up the coordination and delivery of those pieces, I wanted to talk about them a little.

In broad strokes, Microsoft asked us for 3 things:

1. An icon for the choice screen itself
2. Localized content for each supported locale
3. Administrative pieces that aren’t really interesting here.

First things first, then.

Icon

Firefox Logo Submission

Among the many things for which I take no credit, I take no credit for this. Patrick Finch and Jennifer Boriss worked the logo question up and down. There was market research in more than a dozen countries, there were mechanical turks, and a great deal of analysis from all quarters. Taking the research as a whole, this design led the others by a healthy margin. It beat other background colours*, it beat other styles, and it beat versions that omitted the word “mozilla” to focus harder on the product brand. Design decisions tend to be very personal, but Patrick and Boriss ran this thing like champs, and by the numbers.

[*Curiously, in Italy a version with an orange background did significantly better than the green. We asked if we could provide an icon per locale. No such luck.]

Localized Content

We were also asked to supply a 140-character* product description in each of 23 languages, specifically:

Bulgarian, Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Hungarian, Italian, Latvian, Lithuanian, Norwegian (Bokmal), Polish, Portuguese, Romanian, Slovak, Slovenian, Spanish, Swedish

In what is fast becoming a pattern, I can take no credit for making this happen, either. Patrick (always Patrick) worked with Staś, Seth, and our amazing localizers, and collectively they got it done.

Got it overdone, really. Our team noted that while the EU has 23 “working” languages (and two more that are official EEA languages), we were quite capable of providing several more as well. They also pointed out that there were some surprises in the list supplied – it was similar, but not identical, to the EU working languages list. Maltese and Gaelic had been dropped, Croatian and Norwegian had been added. We offered to supply the missing ones, along with some others, but we heard back that, no, the choice screen will be limited to those 23. You can see our complete submission, here.

[*No, I do not believe that this limit was introduced in order to make them more tweetable. Tip o' the hat to old Friedhelm though.]

Next Steps

Content! We have a little more than a month before the Browser Choice page goes live, and that means the localization and web dev teams (and Patrick…) are pushing to get everything ready for our new visitors. While we get that together, Microsoft will be running QA on the page itself in all 23 languages. We don’t get to QA the pages ourselves, but they have been responsive throughout this process; I trust that any issues they discover with our content will be brought to our attention quickly.

We did confirm that users in locales outside of the 23 requested will be shown the en-GB version of the Browser Choice page, which may give us the ability to wire up the Tell Me More and Download links with additional locale smarts if we want to provide extra information for those users.

So there you have it. We got the first pass done on a tight schedule, and we’ll get the rest in on time, too. At the end of the day, though, I think Mitchell put it best:

While the ballot mechanism represented by the choice screen has received the most attention, Mozilla is most pleased with the core principles Microsoft will be adopting that protect the choices a person has already made. These principles won’t be obvious to a person using Windows. That’s the point — once a person has chosen an alternative browser, IE should not keep reappearing. These principles are expressed in several components of the commitments and together should result in a greater respect for individual human decisions.

Bugzilla History Jetpack

I put together a jetpack to annotate show_bug output with the bug’s activity, so that you can track flag changes, state changes, reviews, &c. The idea was all beltzner’s originally, but I’ll take credit for the half-assed implementation, anyhow.

If you don’t yet have the jetpack engine installed, go get that first. Once you’ve got that, you can grab the bugzilla jetpack itself.

[N.B. Since that's just my generic bugzilla tweaks jetpack, you will get, for no extra charge, the one-liner that removes "Bug " from the start of bug titles, so that the bug number fits better in your tab strip. At some point I'll probably add it to the jetpack gallery without the ride along, but you want it NOW.]

Flic.kr Jetpack

I also fixed flickr so that photo pages which have a flic.kr shortform URL have that URL added just below the photo, for easy copying. It’s also a jetpack. This one I actually added to the gallery, grab it here.

EXIF in Flickr

One more jetpack. I wanted to play with flickr’s awesome, awesome API, and I want EXIF data for flickr photos without a separate page load and I didn’t want it to look very nice. Presto.

Jury-rigged IRC

On the flight home, we had an adhoc wifi network running, which enables 1-on-1 iChat but is no good for multi-party. None of us had an ircd kicking around, so I knocked this together. It mostly works, but I bet you can offer improvements. (yes, nc would have worked here too, but ncat is neat, and does SSL).

Server:
tail -f log1 | ncat -lk 2000 >> log1

Client:
cat - | sed -l "s/^/[`date +%H:%M`] < @johnath> /" | ncat 2000

Extra Credit

1. Before making the history jetpack, I had it mostly working as a bookmarklet in 498 characters. Can you make it tweetable (140 chars)?
2. The history jetpack is scraping the show_activity content instead of using the new REST API. Patches accepted?
3. The EXIF jetpack should do a nicer job of highlighting what matters.
4. Local echo on the chatroom was kind of annoying, we ended up opening two “clients” each – one for typing into, and the other for seeing the unmunged chat stream. Got a better one liner?

For 11 months of every year, we all live our lives integrated– embedded, if you will– with our fellow citizens, hewing to their customs; blending in. For 11 months of the year we rarely even speak of the movement. But not this month.

It’s time for NSID operatives to go live.

First, remember our history. In 2007 I first spoke publicly of the cause, and in 2008 our numbers exploded. No Shaving In December has participants on at least 4 continents, participants of both sexes, and participants of all ages and stations in life. In fact, a recent survey I just made up confirms that every LinkedIn user is, at most, 3 hops away from an NSID participant.

Second, remember our cause. NSID’s not a political movement. It’s a silly, awesome getting-together of people who sort of like to see how they look when they stop shaving for a month. It’s permission to try something different and in that sense, our cause is freedom. Look at the flickr pool; it’s incredible. I love looking at these people I know to be cleanshaven getting all rustic and funky. How could you not want to be a part of this?

Third, remember your strength. Your job too important or high-visibility to stop shaving for a month? Bullshit – John Lilly did interviews with the LA Times mid-NSID like a champ. Your face doesn’t grow a proper beard? Hogwash – Claire’s been doing NSID 3 years running, and Gavin soldiers through “patchiness issues” because his follicles don’t tell him how to live his life, he tells them how to live theirs.

No shaving. 31 days. We tweet using the #nsid hashtag, we document our progress in the flickr pool, and we aggregate it on noshavingindecember.org. I’m proud of all of you – I love this time of year. Are you in?

Epilogue: The Charity Angle

[Everything below is optional. NSID is about freedom, and fun, and if you don't want to be bogged down by deeper sentiment there is no need to do any of this. For some people, this part may actually make it easier to enjoy NSID, though. If that's you, read on.]

NSID is a scruffy, scratchy time in the first few weeks, and that can be hard on pair-bonds. Over the years, the #1 NSID request I’ve gotten is to find a way to make NSID participation a charitable act, to make the suffering of our significant others more noble.

Choosing a charity to pair with NSID isn’t easy, but I think the Michael J Fox Foundation is a good fit. To me, Parkinson’s disease is insidious for the way it steals your independence by stealing your ability to perform simple tasks. Shaving, holding a razor to your face, is something I have the luxury of doing or not doing basically for fun; I like the idea that NSID could help a research foundation trying to cure people of a disease that takes that away. MJFF’s open approach, using ~90% of donations to directly fund Parkinson’s researchers, seems like a solid one to me and, I’ll be honest, it doesn’t hurt either that they will cut both US and Canadian tax receipts.

So here’s how it works. If you want in on this aspect, start your NSID participation with a donation (US/CDN). When conversations come up about the scruff, tell them you’re doing it for charity, get those people to donate, too. And if, at some point, your wife/girlfriend/boyfriend/husband/cat can’t take it any more and insists that you shave, the price of that shave is a matching donation. The more your friends donate to defend your cause, the bigger the matching donation will have to be. And in the worst case, you make it through the month, and MJFF still gets a donation or two they might not otherwise have had. Make sense?

The only catch in all this is that I don’t have a centralized way to track MJFF donations. Let’s use the comments area on this post for that, shall we?

If I told you you could have one-click mac screenshots with automatic scp to a host of your choice and it could have a reasonably bad user experience and no keyboard bindings, well you’d just be all over that, wouldn’t you?

Yes, I know about grabup (and their recent departure), and tinygrab, and all the rest. I’ve used several of them, in fact. What can I say, I wrote this way back when, and still find it gets the job done. If you don’t want to hitch your cart to someone else’s image hosting horse (and associated ad spam/image expiry blah), you’re welcome to it.

It’s a shell script. It takes the screencap, does the scp, and then puts the URL on your clipboard. You’ll need to edit some bits. I find it irksome to run from the command line, so I wrapped it in a 1-liner applescript (do shell script "~/bin/sattap") that I can just click from the dock.

Rob wrote one of these, too. [UPDATE: And now catlee has "ported" sattap to linux.]

Migrate.app

My macbook has the irksome habit, when I disconnect it from the external display and then reconnect it, of leaving all my windows on the tiny little 13″ display and not the hulking 24″ display I just connected, presumably for displaying things.

I borrowed a script from Dudehey on macosxhints to do the heavy lifting and then tweaked it to my particular preferences about which windows stay where. You will disagree with me, and hate this script; in fact, it won’t even work for you. But maybe you can make it work for you, if you care to?

Here it is. Open this in Script Editor – change it however you like, and then Save it somewhere as an Application, throw it on the dock, and hooray.

Rotate Page Bookmarklet

Okay, I don’t actually find this one useful, but it amuses. And you need some amusement.

javascript:document.body.style.MozTransform="rotate(90deg)";void(0);

Go on, try it. (Yes, in Firefox.)

I don’t know if there are people out there who like the way they sound in audio recordings, or look on video. I certainly don’t. I don’t think it’s a self-image issue, either; and I know I’m not alone. My recorded voice lacks the resonance I experience internally, and my recorded image just looks… mouthier (?!) than I imagine myself to be. I don’t even know what that means.

Proposed:

Nightingale’s Corollary to the Uncanny Valley Hypothesis: The depth of one’s psychological attachment to, and familiarity with, one’s own image, amplifies feelings of canny/uncanniness. This can result in greater than average affinity for moderately dissimilar representations (c.f. the popularity of “realistic cartoon avatar” generators, or caricature artists), but also particularly heightened sensitivity to minor dissimilarities.

[Discuss. Cite examples.]

The Point (i.e. Where You Should Have Started Reading)

I bring this up because the inimitable duo of Alix and Rainer recently took some of my scattered ramblings and knit them together into an educational piece on some of the security features in Firefox. I think they did a lovely job:

YouTube

In very much related news, Drew worked with Alix and Rainer to put together a video that talks about some of Firefox’s privacy features. I find it much easier to listen to Drew’s calm, matter of fact, “we did awesome stuff, and want you to know about it” delivery. I suspect you will, as well.

YouTube

In what history will likely judge as a vain attempt to impress him, then, I recently landed bug 513147, deletion of the now antiquated “Properties” dialog that used to be available on right-clicking things like images and links. Not because it was useless (every feature is someone’s baby, and is added for a reason) but because it wasn’t useful enough, to enough people, to justify the cost.

50kb of code in our product that is poorly understood, not often used, and not covered by unit tests is not free. When bugs show up, it takes longer than it should to fix them. If a security bug were to show up (which is always a risk when content mixes with chrome, however remote it may seem) it would be particularly expensive for us to reload that context into our brains to fix it.

Deleting it isn’t free either, of course – there are 4 extensions that build off that dialog that will need to be updated, and there may be some who use it regularly who will be disappointed. But the forces of software (inertia, squeaky wheels, cynicism and inertia) bias so heavily towards keeping code in the tree that we should all try to take clear deletion opportunities when they come up. Not capriciously, not without sensitivity to the impact it can have, but with recognition that the hidden cost to keeping them is also large and… hidden.

It is in the spirit of this sensitivity that we, on the Firefox team, have tagged this bug and others like it: [killthem].  What else do you think should go? (And please, be gentle. Remember, every feature is someone’s baby.)

[Update: Geoff Lankow has taken the code that used to be built in, and made it into an add-on, which is think is fantastic. As I said to him, and as I said above, my assertion has never been that the code was useless, just that it wasn't useful enough to justify its cost in the core product. An add-on is a great place for functionality like that, and I thank Geoff for his work.]