20
Jan 11

Automatic Date Links in MediaWiki

I had time between 1:1s today to solve a wiki problem that’s been nagging me. My codes, let me show you them.

Problem: We have meetings.

What’s worse, we persist in having them every week. Being the kind of project we are, we keep agendas and notes from those meetings publicly and invite the community to participate (does your browser? Great!)

What you want, then, is for each week’s meeting notes to link to next week’s and last week’s, like such:

And so, we do. But those links have to be hand-edited every week. Indeed, the pages for various meeting notes have earnest, heart-wrenching pleas in HTML comments, like

<!– REPLACE YYYY-MM-DD with the previous and next week’s year-month-date –>

No one should have to live like that.

Solution: ParserFunctions

Our mediawiki install includes the ParserFunctions extension, which has a whole bag of tricks. One of these tricks is {{#time}}. #time lets you produce various kinds of time/date strings, to wit:

{{#time: Y-m-d }}

Particularly nice, though, is that you can specify relative times, e.g.

{{#time: Y-m-d|+1 week}}

The relative syntax is so flexible, in fact, that I can utter this monstrosity:

[[Platform/{{#time: Y-m-d|tuesday last week}}|« previous week]]

to link to last week’s notes from a given page!

Still with me? Because there’s one snag left. The above works for people who have a static front page with this week’s info, and only ever want to link one week back. But those relative dates are relative to now — what if I want each link in the chain to link to the week prior?

No problem — our pages are named according to their dates, so just make the link relative to that, instead:

[[Platform/{{#time: Y-m-d | {{SUBPAGENAME}} -1 week}}|« previous week]]

Presto.

The things you learn while waiting for a phone call. If you want to get really exciting, you can do all this in transclusion tags, to have last week’s notes automatically added to this week, but that’s left as a terrifyingly-recursive exercise for the reader.

What’s your favourite mediawiki hack?

(PS – Full credit to Melissa for giving me the idea in the first place. I am naught but the implementor.)


13
Jan 11

It’s Almost Ready

Shipping great software to lots of people is hard. At Mozilla we talk about shipping only “when it’s ready,” and the devotion our community has to Firefox users, and to shipping them a high quality product, is unlike anything I’ve seen elsewhere. We answer to no one but you.

“When it’s ready” doesn’t mean we can take our time, though. Firefox 4 is good for the web, good for our users, and puts the heat on other vendors to up their own game. We need to ship it ASAP – we want release candidates in weeks, not months. And that means a hard look at our blocker list.

Blocker bugs have a rank order. If you can’t have all of them, there are some you’d want more than others, even though every single one of them is a bug we want to fix. That’s healthy. Building software means making those calls. Each bug is evaluated against whether it’s worth holding back the thousands of fixes that have already made it into the Firefox 4 tree. At this point, very few bugs are worth holding back that much awesome.

Hard vs. Soft Blocking1

To that end, then, if you watch bugzilla, you’ve seen blocker bugs sprouting one of two new whiteboard labels:

  • [hardblocker] – These bugs prevent us from shipping. We’ll hold the release for the very last one of them. A hard blocker is a failure of a core part of our release criteria, e.g. a crash, a memory leak, a performance hit, a security issue, a UI breakage that can’t be recovered from, an incompatibility we can’t stomach.
  • [softblocker] – These bugs are things we want to fix as soon as possible, but can ship with if the hard blockers are done. They can be fixed in maintenance releases if needed, or in Firefox 5 which, remember, is not so very far away. Soft blockers might include visual polish, strange edge cases, optional aspects of new specs, or opportunistic performance wins.

Hard blockers trump everything. That doesn’t mean they are the only things that will get fixed – indeed we hope and expect many of our soft blockers to make it in as well. We didn’t clear their blocking flags, they are still legit work items and have landing pre-approval. Soft blockers are what beltzner calls the “opportunity space” – the work that lifts the quality and delight of the product. But we have to make the hard calls, and soft blockers are second priority to shipping. People paid to work on Firefox will be focusing exclusively on hard blockers, first.

The hard blocker list is currently at 143. When it hits 0, we can ship. Let’s kill it dead.

[1] Inevitably, when we do a pass like this, someone will want to digress into a thread about nomenclature. “Why are they blockers if they don’t block?” “Are there hard soft blockers, or soft hard blockers?” I love the creativity of our community, but I think it’s a distraction right now, and I’d suggest to you that we have more interesting problems to solve in the next little while!


30
Nov 10

NSID 2010

After 5 years, perhaps it needs no introduction.

NSID 2009 Mosaic

In his (excellent) book Bowling Alone, Putnam argues that the inner circle of your life, family and close friends, act as a stabilizing function, they resist change. When the change is something self-destructive, this is a healthy and helpful thing, your family and friends remind you of who you are and bring you back. But when you want to try something different, that conservative force can become a barrier, and Putnam notes that in these cases looser social bonds become critical: people who know you, but don’t feel a need to keep you the same, who can enjoy and encourage your experimentation. (Ze has more to say about this exact passage, here).

NSID doesn’t judge. No Shaving in December is a tradition built on the idea that, once a year, it’s fun to see what your friends look like when they let themselves get skeezy. Don’t give them a hard time, join in! Put down the razors and trimmers and trappings of everyday modernity, and let yourself start to look really unmaintained. It’s freeing. It’s sometimes surprising. And hell, it might make you more trustworthy.

We have:

  • a flickr pool (Get those day 0 images in, please – we need comparables for your eventual shagnificence.)
  • hashtags: #nsid or #nsid2010 if you prefer timeliness
  • an aggregator

What more could you want?

NSID for Charity

The NSID community has always been full of kind spirits. I know this because each year, they ask me if our month of madness can be associated with a charitable cause in some way, to give the suffering of our spouses and sometimes ourselves a greater sense of purpose. I love that idea, and so as I did last year, I invite you to make a donation (US/CDN) to the Michael J Fox foundation for Parkinson’s Research. They have impressed me as a smart, well run charity acting to fight a disease that robs people of their ability to perform many of the basic tasks in life, like shaving, that we can toss aside for giggles.

A donation is not in any way a requirement for participation in NSID. For some people it helps motivate them to stay loyal to the cause, for others it helps them keep their significant others at bay, but it’s a decision I leave with you.

Either way – It’s November 30th – get that last shave in and start uploading those photos.


22
Nov 10

First Impressions from China

Great Wall in FogChina is different.

When I got back from my recent trip to visit Mozilla Online in Beijing, I heard myself saying that often, but it’s very nearly a content-free statement. Of course China is different. A better, albeit clumsier, way to express things is:

The Chinese web is not the web we are used to.

“We” Mozilla, “We” the Western tech world, “We” the builders of the web. China is going about things differently, and they’re bringing more than a billion people online with them. The folks at Mozilla online understand this and were exceedingly patient and generous with their time helping me begin to do so as well.

Here’s one way of thinking about that difference: Continue reading →


13
Aug 10

6 Months

ExpectantIt’s been 6 months since I wrote you this. 6 months. And in that tiny little amount of time, you have turned into a person. It’s hard for me to guess which things you’ll find interesting later in life if you’re reading this letter, and you’re moving so quickly right now that, by next week, it will all be different.

You’re adorable. Daddies are known to lack objectivity on this point, but I have it on good, impartial authority that you are an absolute delight. You smile when I come home at night, you smile when someone picks you up, you smile almost any time mommy speaks. You have learned how to splash in the bath, you shove basically everything into your mouth, and you’ve become ticklish. You are mere seconds away from learning to crawl – already getting into position but then not quite knowing what to do and faceplanting out of desperation. Sometimes you use the faceplants to drag yourself forward. You’re an odd duck. I love that.

You’re also terrifying. You don’t sit still, you roll directly for the edge of whatever surface we put you on, you bonk into stereo cabinets head first. The other day, in the bath, you managed to dump a cup full of water down your throat before I could stop you, sputtered, and for a second that lasted 3 years, you looked like you weren’t breathing. Don’t do that any more, okay?

You’ve rewritten us. Every time I see a parent with a kid, especially a dad with a daughter, I sort of nod, like we’re part of the same club now. I’ve always liked kids, but now I spot every one of them, everywhere I go, and make sure there’s a parent nearby watching them. I’ve noticed that I’ll often be swaying gently back and forth when I’m standing around, regardless of whether I’m holding you, or some groceries, or nothing at all. I’ve noticed other parents doing it, too.

I’ve taken 1,387 pictures of you since you were born, posted 76 of them publicly, and forced taxi drivers, coffee shop baristas, and every single one of my coworkers to admire them. I think that’ll probably slow down a little, if only because you’ll start to lose patience with me, but it’s hard to resist capturing every moment, especially with the speed you keep growing.

Your mom and I are very fortunate to have a lot of love in our lives. Family, friends, coworkers – there’s a lot of love to go around. But I was not ready, I was not ready for the way you would multiply that. You are a tiny, ticklish, ever-blonder force to be reckoned with, Lily, and I don’t even know how to imagine what the next 6 months will hold.

Love,

Daddy


05
Aug 10

The SSL Observatory

Oh ho, lookit what the EFF went and did!

The EFF SSL Observatory is a project to investigate the certificates used to secure all of the sites encrypted with HTTPS on the Web. We have downloaded a dataset of all of the publicly-visible SSL certificates, and will be making that data available to the research community in the near future.

This is exciting. I knocked together a less ambitious version of this last year, but the EFF guys are doing it like grown-ups, and are getting some interesting data.

Numbers-wise, they’re in the right ballpark, as far as I can tell. Their numbers (1-2m CA-signed certs) coarsely match ones I’ve seen from private sources. I’ve heard from a few CAs that public-crawl estimates tend to err 50-80% low since they miss intranet dark matter, but at least the EFF is tracking other public-crawls. Given that their collection tools and data are going to be made public, that’s a really big deal. Previously, I haven’t been able to get this kind of data without paying for it or collecting it myself. If the database is actively maintained and updated, this will be a great resource for research.

Their analysis of CA certificate usage is also interesting. I’d like to see more work done, here, and in particular I’d like to see how CA usage breaks down between the Mozilla root store and others. We spend considerable effort managing our root store, and recently removed a whole pile of CA certificates that were idle. In some places, the paper seems to make the claim that fully half of trusted CAs are never used, but in other places, the number of active roots they count outnumbers our entire root program. I understand why they blurred the line for the initial analysis, but it would be swell to see it broken out.

As they mention, there are legit reasons for root certs to be idle, particularly for future-proofing. We have several elliptic curve roots, and some large-modulus RSA roots, which are waiting for technology to catch up before they become active issuers while giving CAs a panic switch in the case of an Interesting Mathematical Result — that feels okay to me. On the other hand, if there are certs which are just redundant, it would be great to know, so that we can have that conversation with the relevant CAs, and understand the need to keep the cert active.

This is exactly what I hoped would come of my crawler last year, but they’ve done a much more thorough job. We’ve seen an uptick in research interest in SSL over the last few years. Having a high quality data source to poke when testing a hunch is going to make it easier to spot trends, positive or otherwise. Interesting work, folks; keep it going!


13
Jul 10

Kathleen, a FAQ

Q: Kathleen who?

Kathleen Wilson works for the Mozilla Corporation, and manages our queue of incoming certificate authority requests. She coordinates the information we need from the CAs, shepherds them through our public review process and, if approved, files the bugs to get them into the product.

Q: Holy crap! One person does all of that? Is she superhuman?

It has been proven by science. She is 14% unobtainium by volume.

Q: That’s really awesome, but I am a terrible, cynical person and require ever-greater feats of amazing to maintain any kind of excitement.

She came in to a root program with a long backlog and sparse contact information, and has reduced the backlog, completely updated our contact information, and is now collecting updated audit information for every CA, to be renewed yearly.

Q: Hot damn! She’s like some kind of awesome meta-factory that just produces new factories which each, in turn, produce awesome!

I know, right? She has also now removed several CAs that have grown inactive, or for which up to date audits cannot be found. They’ll be gone as of Firefox 3.6.7. They’re already gone on trunk.

Q: Wait, what?

Yeah – you can check out the bug if you like. I’m not positive, but I think this might represent one of the first times that multiple trust anchors have ever been removed from a shipping browser. It’s almost certainly the largest such removal.

Q: I don’t know what to say. Kathleen completes Mozilla. It is inconceivable to me that there could be anything more!

Inconceivable, yes. And yet:

  1. She’s also made what I believe to be the first comprehensive listing of our root, with signature algorithms, moduli, expiry dates, &c.
  2. In her spare time, she’s coordinating with the CAs in our root program around the retirement of the MD5 hash algorithm, which should be a good practice run for the retirement of 1024-bit RSA (and eventually, in the moderately distant but forseeable future, SHA-1).
  3. She has invented a device that turns teenage angst into arable land suitable for agriculture.

Fully 2 of the above statements are true!

Q: All I can do is whimper.

Not true! You can also help! Kathleen ensures that every CA in our program undergoes a public review period where others can pick apart their policy statements or issuing practices and ensure that we are making the best decisions in terms of who to trust, and she’d love you to be a part of that.

Q: I’ll do it! Thanks!

No, thank you. That wasn’t a question.


20
Apr 10

105 – Why I Bird

Yesterday my life list passed 100 birds. This makes me happy; I’ll try to explain why.

Beltzner asked me once why I liked birds so much. I told him I didn’t, not particularly. I like nature. But if you go out for a walk in nature, you’re apt to come across a rodent or two, maybe an interesting mammal like a fox or deer, and you’re going to see at least 20 to 30 different kinds of birds. Bird knowledge is high return on investment, and gives lots of opportunity for practice. Knowing… I don’t know… voles, seems less immediately rewarding.

As for keeping track of them, I only started that last fall after a trip to Florida that was particularly packed with “life birds” (birds I’d never seen in the wild.) It may delight you to know that keeping track, “listing” as it’s called, is not without controversy. There are rules, if you enjoy such things, and there are a variety of local, regional, continental and world lists to work from. There are also, because of course there would be, reactionary elements within the bird watching world who are anti-list. There are lines drawn along the axis of listing that separate “birders” from “bird watchers” in ways that any Trekkie (or Trekker) will find immediately familiar.

I mostly don’t go in for all that. I record every bird I see in the wild; that’s it. For now I keep the list to North America, though I might start a world list at some point. I don’t record a bird until I’m confident of the ID, and I add a little ‘P’ in the margin for those where I managed to snag a good photo. Among (ahem) serious North American birders, my 105 is child’s play. 250 is the price of admission, 400 is typical of serious hobbyists, and 700 is a target once thought impossible but now reached regularly by people with the ability to fly to the Aleutian Islands to sneak in some Eurasian migrants while still technically in North America. I’m not likely to go in for all that, either.

Still, it’s rewarding for me to keep track. It motivates me to seek out habitats I haven’t visited before, and it lets me flag certain birds with extra import. It helps me notice detail on the birds that, I think, makes me a better photographer. Mostly, it gets me out of the house and into nature with a camera – that’s reason enough.

For posterity, then, my list to date (in Peterson’s order). Big thanks to Barry, my mentor in all things bird, for getting me this far.
Continue reading →