May 08

About Larry

Blue LarryI’ve been meaning to write a post like this for a while, and maybe I still will, but in the meantime Deb has done a great job of introducing the world to Larry.  Her writing is enviably clearer than my own, so you should go check it out right now.

I bet she’d love it if you gave her some digg love, too.

[Killing comments on this one to reduce forking/repetition – take ’em to digg or debb]

Mar 08

#4BC421 : Hulkcredible

Colour CloudThis is a pretty cool idea.

  1. Randomly generate a bunch of colours.
  2. Use Mechanical Turk to get names for them all
  3. Play

I really like the things that mechanical turk makes possible, now that people are getting more next-level experimental with it.

I also really like that the folks who did this one have an interactive explorer page for the data, and make the raw data set available as well.

In other “Graphics on the Web” news: heehee.

Feb 08

State of the Malware Nation

It’s a couple weeks old, I know, but for anyone who hasn’t seen it, Google’s Online Security Blog has linked to a draft article produced by some of their malware researchers about the trends they’ve observed in malware hosting and distribution.  Aside from a troubling pre-occupation with CDF graphs, it’s a really interesting look at the way malware networks are spread through the internet.

I found this snippet interesting:

We also examined the network location of the malware distribution servers and the landing sites linking to them. Figure 8 shows that the malware distribution sites are concentrated in a limited number of /8 prefixes. About 70% of the malware distribution sites have IP addresses within 58.* — 61.* and 209.* — 221.* network ranges.

Our results show that all the malware distribution sites’ IP addresses fall into only 500 ASes. Figure 9 shows the cumulative fraction of these sites across the 500 ASes hosting them (sorted in descending order by the number of sites in each AS).  The graph further shows the highly nonuniform concentration of the malware distribution sites— 95% of these sites map to only 210 ASes.

But I think this is the big takeaway:

Malware Landing Site Distribution

Because malware is being distributed via ad networks more and more, it’s no longer safe to assume that you’ll be okay if you just avoid the seedy parts of the net.  And because it’s no longer requiring user interaction in a lot of cases, the old-school “don’t run executables from random websites” best practice might not be enough either.  To stay on top of things, you are going to want to be running a browser that is as hardened as we can make it, and that also incorporates active checking of known malware sites.

And lookit, the Firefox 3 beta is right over here.

Jan 08

We also do ice cream

Melissa, our PR gal, recently wrote a pretty awesome post about a pretty awesome kid.  You should go read it.  Go.

It really gave us a lift and, immediately, several of us here in the office (today is code freeze for FF3 Beta 3 so yes, we are still in the office) agreed that we needed an about:icecream URL in the browser.

Ryan beat me to it.  It’s now a Firefox 3 add-on.


Dec 07

What happens when your job is also a hobby?

I took a vacation day yesterday, since I had a bunch of appointments piling up, and figured it would be best to just blitz.  In the evening, I was sort of fiddling around, and built this:

PDB v1

It’s probably only interesting to people who find performance monitoring interesting, but I like having it around, even in its very rough condition.  I would love to include the Talos graphs in there, since Talos data is a lot more relevant than the oldschool tests, particularly around pageload.  Nevertheless, it beats clicking a hundred different links off the tinderbox waterfall, and it was a fun excuse to play with a tiny bit of jQuery too.

Johnath’s Performance Dashboard – Trunk

[PS – NSID Day 12 – pretty damned shaggy.  Itch might be subsiding though!]

Nov 07

It’s On.

Firefox RacerAs announced Very Early In The Morning (EST) today, Firefox 3 Beta 1 is now live.

There is some appropriately scary text there about not downloading it unless you are a developer or a tester, and that’s good text to have, because we wouldn’t want people treating this like a final release BUT it’s pretty awesome, and if you don’t mind living a little bit on the edge, you should check it out.

There are a ton of changes, and as I’ve said here before, a lot of them are subtle.  I want very much to point out a bunch of them, but I also don’t, because I want to know what unprimed minds think of it.  I’ll leave it up to you – if you want to see a (non-exhaustive) list of the kinds of changes we’ve made, you can check the release notes.  If you don’t, skip straight to the announcement and grab a copy.

Once you’re on the beta, you’ll get updates as new betas come out, just like you do with Firefox 2 when we release security and stability updates.  Running the betas and letting us know what you think is a great way to help the project, even if you’ve never tried programming.  You’re a human and a web user, that’s as much expertise as we need.

Aug 07

Airport Security 2 for 1!

nedrichards' playmobil photoTwo interesting (if longish) articles lately on airport/airplane security:

1. A pilot on airline security

2. An interview between Bruce Schneier (Security Dude) and Kip Hawley (Head TSA Dude)

Both are, I think, interesting reading; and both avoid the Designated Stupid Zones (“Airport security is useless” and “Whatever it takes to Fight Terror”) at the polar ends of the debate.

Neither of these articles is directly related to Mozilla, but enough of my co-workers travel regularly that I’m gonna tag it that way anyhow, so that it shows up on planet – where our blogs all hang out and play together while we’re at work.

[Special thanks to nedrichards for the photo – I’m keeping this one around.]

Aug 07

SSL Infoporn

mac_steve infoporn600,000.  According to Netcraft, there are about 600,000 SSL sites out there on the public internet, and we just recently tipped over that arbitrary, but pleasantly round, number.

I’m not sure why, but when I tell people this (people, that is, who have any hope of being interested in such things; a small, biased, statistically indefensible sample,) they are surprised.  I think mostly they expect the number to be higher.  And in actual fact, it probably is, at least a little bit.  I am reasonably certain, without even looking into them, that Netcraft’s methods are more prone to type-2 errors – false negatives – than they are to false positives.  Nevertheless, it’s probably the right order of magnitude.  There are almost certainly less than a million, for instance.

Netcraft doesn’t publish any numbers it may gather about the ratio, in that group, between DV, OV, and EV certs, but the informal vibe I get leads me to believe that there are around 2000 EV certs out there at the moment.  Given that several of these have gone to extremely high traffic domains, though, that number probably under-represents their network significance.

I bring these numbers up here because they seem to surprise people, and surprises are generally more instructive than confirmations.  In the last couple weeks, a fair number of surprising numbers have flitted across my radar, so I figured I would rehash a couple here, with no particular (conscious) effort to weave a narrative into them beyond, “hey look, infoporn!” Continue reading →