Mozilla Nederland LogoDe Nederlandse

Abonneren op feed Mozilla planet
Planet Mozilla -
Bijgewerkt: 16 uur 2 min geleden

Adam Lofting: A ‘free’ online learning experience

do, 05/03/2015 - 23:56

2862656849_f0fa5c78bf_oI’ve blogged about various experiences of online learning I’ve taken part in over the years and wanted to reflect on the most recent one. Coursera’s three week Introduction to Ableton Live.

Learning more about learning is one of my personal goals this year. And I find writing out loud to be useful tool in thinking. So that’s mostly the point of this.

I take these courses mostly because I like learning new things, but also because I’m interested in online learning more generally. How do you most effectively transfer knowledge, skills and motivation via the web, and/or about the web? That question is often on my mind.

Almost all of the projects I work on at Mozilla are somewhere in the education space; directly with Webmaker or Mozilla Learning Networks and tangentially in the topic of volunteer contribution. Contributing to an open source project as complex and distributed as Mozilla is a learning experience in itself, and sometimes requires specific training to even make it possible.

To further frame this particular brain dump, I’m also interested generally in the economics of the web and how this shapes user experiences, and I have strong feelings about the impact of advertising’s underlying messaging and what this does over-time when it dominates a person’s daily content intake. I’m generally wary of the word “Free”. This all gets complex when you work on the web, and even directly on advertising at times. Most of my paycheques have had some pretty direct link to the advertising world, except maybe when I was serving school dinners to very rich children – but that wasn’t my favourite job, despite it’s lack of direct societal quandaries.

Now, to the content…

If you’re like me, you will tend to read notes about a topic like ‘commerce in education’ and react negatively to some of these observations because there are many cases where those two things should be kept as far apart as possible. But I’m actually not trying to say anything negative here. These are just observations.

Observations All roads lead to… $ $ Coursera

My online experience within the Coursera site was regularly interrupted with a modal (think popup) screen asking if I wanted to pay to enrol in the ‘Signature Track’, and get a more official certification. This is Coursera’s business model and understandably their interest. It wasn’t at all relevant to me in my life situation, as I was taking a course about how to play with fun music software in my free time. I don’t often check my own qualifications before I let myself hobby. Not that anyone checked my qualifications before they let me work either, but I digress. Coursera’s tagline says ‘free’, but they want you to pay.


All assignments for the course had to be published to Blend for peer-evalutation, Blend is like Github but for raw audio production tracks rather than source-code. I didn’t know about Blend before the course, and really like it as a concept and how it’s executed and for what it could do for collaborative music making. But I note, it is a business. This course funnels tens of thousands of new users into that business over the course of a few days. There might not be any direct financial trade here (between companies for example), but users are capital in start-up land. And I now receive emails from Blend with advertisements for commercial audio production tools. My eyeballs, like yours, have a value.

$ Berklee College of Music

While hosted on Coursera, the content of this course is by Berklee College of Music. The content they ‘give away’ would traditionally only have been available to paying students. Berklee’s business is selling seats in classes. This course isn’t given away as an act of kindness, it’s marketing. Three weeks is short and therefore the content is ‘light’. Lighter than I was expecting (not that I’m entitled). But halfway through, we receive a promotional email about Berklee’s own online education platform where you could create an account to get access to further ‘free’ videos to supplement the Coursera materials. I found these supplementary videos more useful, and they lead to offers to sign-up for extended paid courses with Berklee Online. For Berklee, this whole excercise is a marketing funnel. Quite possibly it’s the most fun and least offensive marketing funnel you can be dropped into, but it exists to do that job.

$ Erin Barra – Course professor and artist

Now, I write this with genuine sympathy, as I’ve walked the floor at countless venues trying to sell enough music and merch to cover the petrol costs of playing a gig. But this is a commercial element of this learning experience, so I will note it. At many points throughout the three weeks, we had opportunities to buy Erin’s music, t-shirts, and audio production stems (these are like a layer file of an original recording) for consumption and or remixing. I know you have to hustle if you’re making music for a living, but the observation here is that the students of this course are also a marketable audience. Perhaps only because they arrive en-mass and end up slightly faceless. I’m sure it would be weird for most teachers to sell t-shirts in a class-room. It wasn’t particularly weird online, where we’re desensitised to being constantly sold things. And I may have only noticed this because I’m interested in how all these things fit together.

$ Ableton

The course was about learning Ableton Live. A commercial audio production tool. So at some point, the cost of Ableton had to be considered. Ableton offers a free 30 day trial, which works for this course and they kindly (or sensibly) agreed to let people taking the course start a new trial even if they’d used their 30 days already. Good manners like those are good for business. Anyway, I already owned Live 9 Intro (aka the cheap version), and for a three week intro course it does more than enough to learn the basics (I guess that’s why it’s called Intro?). But the course taught and encouraged the use of Live 9 Suite (the EUR599 rather than the EUR79 version). Until some people complained, the use of features in Suite was required to complete the final assignment. Reading between the lines, I doubt there was any deliberate commercial discussion around this planning, but the planning definitely didn’t stem from the question: ‘how can we keep the cost down for these beginners?’. At the end of the course there were discount codes to get 15% off purchasing anything from Ableton. I didn’t use Suite during the course, but I’m playing with it now on my own time and terms, and may end up spending money on it soon.


It’s wonderful, but it’s not Wikipedia. The course opened a lot of doors, but mostly into places where I could spend money, which I am cautious about as a model for learning. It was valuable to me and prompted me to learn more about Ableton Live than I would have done in those three weeks without it. So I’m grateful for it. But I can’t in my heart think of this as a ‘shared public resource’.

For my own learning, I like deadlines. Preferably arbitrary. The fact that these Coursera courses are only available at certain times during the year, really works for me. But I struggle with the logic of this when I think about how best to provide learning material online to as many people as possible. The only MOOC style courses I have finished have been time-bound. I don’t know how many people this is true for though.

People will learn X to earn Y. For me this course was a form of hobby or entertainment, but much learning has a direct commercial interest for students as well as educators. Whether it’s for professional skills development, or building some perceived CV value.

There is no ‘free’ education, even if it says “free” on the homepage. There is always a cost, financial or otherwise. Sometimes the cost is borne by the educator, and sometimes the student. Both models have a place, but I get uncomfortable when one tries to look like the other. And if the world could only have one of these models for all of education I know which one I’d choose. Marketing fills enough of our daily content and claims enough brainprint as it is.


I thought I might find some conclusions in writing this, but that doesn’t always happen. There are a lot of interesting threads here.

So instead of a conclusion, you can have the song I submitted for my course assignment. It was fun to make. And I have this free-but-not-free course to thank for getting it done.

Categorieën: Mozilla-nl planet

Mozilla Community Ops Team: Welcome to the Mozilla Community Ops blog!

do, 05/03/2015 - 22:11
IT Crowd - "I've got something to tell you" "Oh my god" A Re-introduction

We began as a group in late 2011 under the moniker “Mozilla Community IT” to help provide resources to our contributor community websites. We sought to answer this key question:

How can we use technology to empower the Community to promote the Mozilla Mission?

As the IT/Operations world has evolved, so have we. In the past year we’ve worked on supporting resources and projects that are more Ops-focused than traditional IT-focused.  So to better understand what we do, we have re-branded ourselves as Mozilla Community Ops.

Our Mission

We are a global team of sysadmins and ops engineers supporting the Mozilla community and, importantly, mentoring and teaching others with practical technical skills in hosting and running production websites and services, configuration management (Puppet/Chef), monitoring/alerting, and on-call pager.


Our aim, like most modern ops teams, is to provide services others can leverage that will simultaneously help lower the barrier to participation. It shouldn’t require special skills, for instance, to maintain a blog, or to launch and run a web application.

Here are a couple of our current big projects:


Our flagship project is the Mozilla Community Discourse instance.

Discourse began as an experiment into finding communication tools better suited to Mozilla’s growing community. It has many features in common with mailing lists – and in fact can be used exclusively through email, just like a mailing list – as well as more social platforms like Google Groups or Yammer.  If you aren’t familiar with Discourse, please check it out.

A couple of the Discourse sites we are hosting:


We’ll also be posting about Discourse in more detail in future blog posts, including how we are building and maintaining Discourse instances in Amazon AWS.

Multi-Tenant WordPress

Building and maintaining a website/blog is one of the most challenging and time-consuming elements a local community can undertake. It also often has tangible costs. Web design, WordPress themes design, website deployment and basic server administration and operations are often barriers to entry.

Mozilla Community Ops is currently working on building out a scalable multi-tenant WordPress to manage multiple blogs, as well as make them more secure and more highly available.

We’re also working on some less flashy projects, like monitoring and system health. Keep an eye out for future blog posts on these projects, or ask us about it in our Discourse category. Our Discourse category is also the right place to go if you have any other questions about what we’re up to, or want to join in on the fun. If you want to help, just start a new topic introducing yourself and we’ll help point you in the right direction.

Categorieën: Mozilla-nl planet

Armen Zambrano: mozci 0.3.0 - Support for backfilling jobs on treeherder added

do, 05/03/2015 - 17:19
Sometime on treeherder, jobs get coalesced (a.k.a. we run the tests on the most recent revision) in order to handle load. This is good so we can catch up when many pushes are committed on a tree.

However, when a job run on the most recent code comes back failing we need to find out which revision introduced the the regression. This is when we need to backfill up to the last good run.

In this release of mozci we have added the ability to --backfill:
python scripts/ --buildername "b2g_ubuntu64_vm cedar debug test gaia-js-integration-5" --dry-run --revision 2dea8b3c6c91 --backfillThis should be useful specially for sheriffs.

You can start using mozci as long as you have LDAP credentials. Follow these steps to get started:
git clone
python develop (or install)

Release notesThanks again to vaibhav1994 and adusca for their many contributions in this release.

Major changes
  • Issue #75 - Added the ability to backfill changes until last good is found
  • No need to use --repo-name anymore
  • Issue #83 - Look for request_ids from a better place
  • Add interface to get status information instead of scheduling info
Minor fixes:
  • Fixes to make livehtml documentation
  • Make determine_upstream_builder() case insensitive
      Release notes:
      PyPi package:

      Creative Commons License
      This work by Zambrano Gasparnian, Armen is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.
      Categorieën: Mozilla-nl planet

      Mike Conley: The Joy of Coding (Episode 4)

      do, 05/03/2015 - 16:15

      The fourth episode is up! Richard Milewski and I found the right settings to get OBS working properly on my machine, so this weeks episode is super-readable! If you’ve been annoyed with the poor resolution for past episodes, rejoice!

      In this fourth episode, I solve a few things – I clean up a busted rebase, I figure out how I’d accidentally broken Linux printing, I think through a patch to make sure it does what I need it to do, and I review some code!

      Episode Agenda

      Bug 1136855 – Print settings are not saved from print job to print job

      Bug 1088070 – Instantiate print settings from the content process instead of the parent

      Bug 1090448 – Make e10s printing work on Linux

      Bug 1133577 – [e10s] “Open Link in New Tab” in remote browser causes unsafe CPOW usage warning

      Bug 1133981 – [e10s] Stop sending unsafe CPOWs after the findbar has been closed in a remote browser

      Categorieën: Mozilla-nl planet

      Pascal Finette: Here's What's Wrong With Tech

      do, 05/03/2015 - 10:22

      The other day I stumbled across the following headline on The Verge: "Stratos is not just another all-in-one smart card".

      The product described in the article is a "smart" credit card which allows you to combine any three cards (e.g. your personal and business credit card plus your Starbucks loyalty card) in one Stratos card which is hooked up to your phone and allows you to select, with the push of a button, the card you want to use.

      Now don't get me wrong - this is a wonderfully designed product and I can geek out on the engineering marvel it is - putting effectively a mini computer, bluetooth connectivity and a battery into something as small and flat as a credit card.

      But... WTF?!

      Why on earth do we need a smart credit card which replaces all of three normal cards? Is it really such a bother to carry three cards with you? Does it really make such a difference to you that you would spend what-ever-this-thing will cost (and I am sure it won't be cheap)?

      In it's own way the Stratos card is symptomatic with what's wrong with some tech startups: It's tech for the sake of tech. It doesn't solve a real problem but is merely a masturbation in design and features. Why not start with a real need or problem (how about access to clean drinking water for example?) and solve that first before we try to figure out how to cut down the size of our wallet by 2 millimeter?

      Categorieën: Mozilla-nl planet

      The Servo Blog: This Week In Servo 26

      do, 05/03/2015 - 01:00

      This week, we merged 50 pull requests

      Notable additions New contributors Meeting


      Categorieën: Mozilla-nl planet

      Air Mozilla: Quality Team (QA) Public Meeting

      wo, 04/03/2015 - 22:30

      Quality Team (QA) Public Meeting This is the meeting where all the Mozilla quality teams meet, swap ideas, exchange notes on what is upcoming, and strategize around community building and...

      Categorieën: Mozilla-nl planet

      Hannah Kane: An update on the Teach site + some thoughts on iterative development

      wo, 04/03/2015 - 22:27

      It’s been a minute! We’ve just started a new heartbeat, and now we have a giant team working on the Teach site. Our stand-up today looked like The Brady Bunch.

      We’re now entering a stage where we have three strands of work running in parallel:

      1. Engineers are setting up the technical framework for the new site, and are beginning to build out the pages that have been designed
      2. Designers are polishing up the work they’ve done so far (accommodating some last minute requests from me!), and starting on a few new pages and workflows
      3. Members of the Learning Networks team are finalizing copy and content for the various pages

      If every strand can keep moving, we’ll be in good shape for the release at the end of the next heartbeat. Ideally, we’ll get into a rhythm where copy is finalized in the heartbeat *before* the design work, which is done in the heartbeat *before* development, but right now things are overlapping a bit.

      Iterative Dev {It’s been so long since I’ve done an anagram! Here we go: Tea Revived It}

      I’ve been thinking about how to build out this site in a way that reflects the evolving nature of the Learning Networks team work, and specifically the Clubs program. The answer is (always) to be agile.

      It’s often difficult to agree on what should be included in a v1. I think the term “MVP” is one of the most abused terms in software. It is sometimes used to mean “do as little work as possible,” but the definition I like best is, “do as much as is needed to prove or disprove a hypothesis.”

      This definition provides a great framework for determining what to include in a v1. If you can agree on a hypothesis, then every decision can be made by answering the question, “Do we need this to prove the hypothesis?”

      For the Teach site, the hypothesis we’re testing is: “People will use the site to find teaching activities and add their Clubs to the map.”

      So the v1 will seek to prove that. The priority items are a couple static pages that point to our high-quality curriculum modules, a Clubs page with an “Add Your Club” workflow, and some additional static content to flesh out the site.

      Beyond Version One {Anagram: Sobered Onion Envy}

      While  v1 is being created, we also need to start gearing up for the next iteration, which will be focused on building out more advanced tooling for the curriculum (so that we can add to those pages without developer involvement, and incorporate feedback and remix ideas from the community). This is essentially adding a fourth strand to the list above—a kind of “requirements gathering and brainstorming” strand.

      (Side note: I like that the “build, measure, learn” cycle we’ll use to iterate on the site echoes the process we’re using to develop the curriculum with our community. Agile methods all around!)

      Of course, even while using iterative development practices, we still need to keep the big picture in mind. To see the current thinking about future iterations, you can always check out the roadmap. I’m updating it regularly as our needs change, or as they become clearer to me.

      Categorieën: Mozilla-nl planet

      John O'Duinn: “We are ALL Remoties” (Feb2015 edition)

      wo, 04/03/2015 - 22:00

      Since my last blog post on “remoties”, I’ve worked with ProCore, and Haas, UCBerkeley (again!) as well as smaller private discussions with some other companies. Every single time, I continue to find people eager for passionate conversations, and clear “ah-ha!” moments, which I find very encouraging. There’s also plenty of volunteering stories/ideas of what did/didnt work for them in their past. All this helps me continue to hone and refine these slides, which I hope makes them even more helpful to others.

      You can get the latest version of these slides, in handout PDF format, by clicking on the thumbnail image.

      Remoties are clearly something that people care deeply about. Geo-distributed teams are becoming more common in the workplace, and yet the challenges continue to be very real and potentially disruptive. Given how this topic impacts people’s jobs, and their lives, I’m not surprised by the passionate responses, and each time, the lively discussions encourage me to keep working on this even more.

      As always, if you have any questions, suggestions or good/bad stories about working in a remote or geo-distributed teams, please let me know – I’d love to hear them.


      Categorieën: Mozilla-nl planet

      The Servo Blog: This Week In Servo 26

      wo, 04/03/2015 - 21:30

      This week, we merged 50 pull requests

      Notable additions New contributors Meeting


      Categorieën: Mozilla-nl planet

      Air Mozilla: Product Coordination Meeting

      wo, 04/03/2015 - 20:00

      Product Coordination Meeting Weekly coordination meeting for Firefox Desktop & Android product planning between Marketing/PR, Engineering, Release Scheduling, and Support.

      Categorieën: Mozilla-nl planet

      Air Mozilla: The Joy of Coding (mconley livehacks on Firefox) - Episode 4

      wo, 04/03/2015 - 19:00

      The Joy of Coding (mconley livehacks on Firefox) - Episode 4 Watch mconley livehack on Firefox Desktop bugs!

      Categorieën: Mozilla-nl planet

      Jared Wein: Status update – In-content Preferences, part 5

      wo, 04/03/2015 - 17:43


      Firefox 38 has now merged to Aurora (Firefox Developer Edition) and we are a couple weeks into development of Firefox 39 on mozilla-central. At this point, bugs that are fixed on mozilla-central will need to be uplifted to mozilla-aurora to continue to ride the 38 train.

      These are some of the 21 bugs that were fixed since the last update (1/31/2015):

      • Bug 1008171 No focus for elements except textboxes (and buttons, on Windows and Linux) inside in-content preferences
      • Bug 1025719 – openPreferences(panelName) doesn’t open the requested pane if about:preferences is in a yet-to-be-loaded tab
      • Bug 1034296 – Action dropdown in Application pane does not open when session restored
      • Bug 1037225 – Consider keeping browser.preferences.instantApply = false on Windows
      • Bug 1044597 – in-content preferences: resized dialogs should not push buttons into overflow
      • Bug 1047586 – Unable to interact with in-content preferences after changing minimum font size to a very large value
      • Bug 1108302 – Menulists in the in-content preferences have too much padding at the start of their contents
      • Bug 1111353 – No longer displayed check mark in in-content preferences if Text : white, Background : Black and Select “Never” in “Content” > “Colors…” > “Allow pages to choose their own colors, instead of my selections above”

      Since the last update all of the P1-tracked bugs have been fixed. We are tracking the following P2 bugs:
      top_2Bug 1043612 – Persist the size of resizable in-content subdialogs
      top_2Bug 1136645 – InContent prefs – Make focusrings match the spec on Windows and Linux
      top_2Bug 1044600 – in-content preferences: empty dialogs after pressing backspace or the Back button

      Bug 1044600 in the above list should be very close to getting fixed. It has landed and been backed out a couple times due to intermittent failures and leaks, but is making steady progress towards being fixed.

      Gijs and I will be meeting up in less than two weeks in San Francisco to have a “hack week” focusing on the in-content preferences. We’ve gone through the list of bugs in the in-content preferences and put together a subset of 10 bugs that we’ll tackle during the week if they’re not fixed beforehand.

      Big thanks go out to Ian Moody [:Kwan], Gijs, Yash Mehrotra, Richard Marti [:Paenglab], and Tim Nguyen [:ntim] for their help in fixing the 21 bugs.

      Tagged: firefox, in-content-preferences, mozilla, planet-mozilla
      Categorieën: Mozilla-nl planet

      Pete Moore: Weekly review 2015-03-04

      wo, 04/03/2015 - 16:21

      This week, using my new AMQP and HTTP taskcluster go client api library (see recent posts), I’ve written a service, running in heroku, to capture metrics for task cluster.

      Five task cluster pulse queues are monitored to watch for completed tasks and completed task graphs. Then the taskcluster queue API is queried to get task data, such as worker payloads, in order to build up a view of durations taken for the tasks to progress through states until completion. This data is then collected, for pushing to influxdb for real-time query analysis. InfluxDB is similar to graphite.

      In parallel, the hg pushlogs are monitored to get push times for hg changesets, so that we have a view in the end of how long it took from a change being received on the hg server, until a task graph is build, then until it is executed, and then until it completes.

      The publish to InfluxDB is not quite done yet, hope to finish that off shortly.

      The data is persisted using BoltDB during data collection and denormalisation.

      I plan to wrap that up shortly, and then start work on …. the generic worker!

      See bug 1136537 for more details.

      Code lives here:

      It is auto-deployed to heroku using the buildpack after a push to github.

      Categorieën: Mozilla-nl planet

      Robert O'Callahan: Debugging Gecko With Reverse Execution

      wo, 04/03/2015 - 14:11

      Over the last month or so I've added reverse-execution support to rr's gdb interface. This enables gdb commands such as reverse-continue, reverse-next, reverse-finish and reverse-step. These work with breakpoints and watchpoints, so you can do things like

      Breakpoint 1, nsCanvasFrame::BuildDisplayList (this=0x2aaadd7dbeb0, aBuilder=0x7fffffffaaa0, aDirtyRect=..., aLists=...)
      at /home/roc/mozilla-inbound/layout/generic/nsCanvasFrame.cpp:460
      460 if (GetPrevInFlow()) {
      (gdb) watch -l mRect.width
      Hardware watchpoint 2: -location mRect.width
      (gdb) reverse-cont
      Hardware watchpoint 2: -location mRect.width

      Old value = 12000
      New value = 11220
      0x00002aaab100c0fd in nsIFrame::SetRect (this=0x2aaadd7dbeb0, aRect=...)
      at /home/roc/mozilla-inbound/layout/base/../generic/nsIFrame.h:718
      718 mRect = aRect;
      (Here the "New value" is actually the value before this statement was executed, since we just executed backwards past it.)

      Since debugging is about tracing effects to causes, and effects happen after their causes, reverse execution is a big deal. I've just started using it to debug Gecko, and I'm enjoying it immensely! I find myself having to unlearn a lot of my usual debugging tactics; much of what I've learned about debugging up until now is really just workarounds for not having had reverse execution.

      An example from today: working on bug 1082249, I was in a function nsDisplayTableItem::ComputeInvalidationRegion with a geometry variable pointing to an nsDisplayBackgroundGeometry when it should have been a nsDisplayTableItemGeometry. At first I considered various indirect ways to figure out where the nsDisplayBackgroundGeometry came from, but now there's an easy direct way: set a breakpoint on the nsDisplayBackgroundGeometry, make it conditional on this == the current value of geometry, and reverse-continue to see exactly where that specific object was created (in a subclass of nsDisplayTableItem that I hadn't thought of).

      This work is checked into rr master. It's not well tested yet, so a new official rr release is not imminent, but I'd appreciate people trying it out and reporting issues. At least I have been able to use it to get work done today :-).

      Categorieën: Mozilla-nl planet

      Mozilla Release Management Team: Firefox 37 beta1 to beta2

      wo, 04/03/2015 - 11:28

      Instead of the classical 6 weeks, the 37 cycle is going to be only 5 weeks.

      In this beta 2, we continued the work started during the 36 cycle. We landed fixes for MSE or image processing. We also took most of the stability fixes which will ship with 36.0.1.

      • 82 changesets
      • 130 files changed
      • 2459 insertions
      • 1610 deletions

      ExtensionOccurrences cpp48 h25 js17 java7 jsm6 xml4 html4 ini3 json2 css2 build2 xhtml1 webidl1 jsx1 in1 idl1 hgtags1

      ModuleOccurrences layout25 dom25 browser24 netwerk10 mobile10 toolkit9 image9 js6 testing5 xulrunner1 widget1 security1 accessible1

      List of changesets:

      Margaret LeibovicBug 1073775 - Pass default engine from JS to Java, instead of making assumptions based on engine list order. r=liuche a=sylvestre - 21ec3b2d3da5 Jean-Yves AvenardBug 1132796: Revert incorrect change unfixing Bug 1132825. r=jya a=lmandel - 82ef773ccb71 Mark BannerBug 1114713 - Fix intermittent test failures by removing a event-cycling setTimeout call. r=mikedeboer, a=test-only - 153da3594a3e Seth FowlerBug 1130707 - Make decode-on-draw-only image notifications more robust. r=tn, a=lmandel - b5f695706683 Michael ComellaBug 1133770 - Display the selected tab in the tab strip on device rotation. r=mhaigh, a=lizzard - eb261fd50770 Michael ComellaBug 1133770 - Use Refreshable interface instead of TabStrip in BrowserApp to allow builds on API 9. r=mhaigh, a=lizzard - e7319d343f20 Michael ComellaBug 1134192 - Add ActivityUtils.isFullScreen. r=mfinkle, a=lizzard - f18e2aecea6d Michael ComellaBug 1134192 - Prevent the options menu from opening in fullscreen mode. r=mfinkle, a=lizzard - b23a690fa325 Mike ConleyBug 1136855 - Send a message from the content script when printing has finished so the parent can save print settings. r=Mossop, a=sledru. - 4a73e4bc3ee5 Mark BannerBug 1137469 - If an uncaught exception occurs whilst processing an action, the dispatcher can fail, rendering parts of Loop inactive. r=mikedeboer,a=sledru - c0698821db6c Joel MaherBug 1134824 - Update talos on trunk to gain fixes for e10s, mainthreadio, etc. r=wlach, a=test-only - 193fb1410c0d Ben TurnerBug 1121519 - Fix racy test. r=jgraham, a=test-only - 6454e62689f1 Bob OwenBug 1129369 - Part 1: Turn on DEP_NO_ATL_THUNK process-level mitigation for the GMP sandbox. r=tabraldes, a=lmandel - 56d34ca3b983 Bob OwenBug 1129369 - Part 2: Turn on BOTTOM_UP_ASLR process-level mitigation for the GMP sandbox. r=tabraldes, a=lmandel - fa0645acfc44 Bob OwenBug 1129369 - Part 3: Turn on MITIGATION_STRICT_HANDLE_CHECKS process-level mitigation for the GMP sandbox. r=tabraldes, a=lmandel - 8fd533be98aa Timothy NikkelBug 1132427 - Make sure that the first frame refresh area for an animated image gets updated based on the refresh area of all subsequent frames, not just the second. r=jrmuizel, a=lmandel - 0d4ecc5c742c Timothy NikkelBug 1132427 - Add test. a=lmandel - 97f402db19a4 Henry HuBug 1132358 - Save and restore mIterGenCnt. Keep it consistent with mIter. r=mcmanus, a=lmandel - 386a573b4fc0 Sotaro IkedaBug 1133426 - Care about new CompositorChild and CompositorParent re-creation. r=jrmuizel, a=lmandel - 4564e0e22a37 Gijs KruitboschBug 1107695 - Make one-off buttons accessible. r=florian, f=MarcoZ, a=lsblakk - 4fc445cb5642 Jean-Yves AvenardBug 1136576 - Properly align source buffer starts with current decoder. r=cajbir, a=lsblakk - 5a0ed5076b4f Richard NewmanBug 1137259 - Don't send Campaign:Set for distribution referrer intents. r=mfinkle, a=lsblakk - 432de8008403 Michael ComellaBug 1135796 - Update ActivityUtils to use proper API levels. r=rnewman, a=lsblakk - 7ede0abc5a1c Matt WoodrowBug 1132757 - Don't crash if we call WMFVideoMFTManager after we've initiated shutdown. r=cpearce, a=lsblakk - 2aa1ca037446 Tim NguyenBug 1105704 - Fix UI issues with SSL error reporting. r=dao, a=lmandel - 4b6bec5f7ff7 Jean-Yves AvenardBug 1131433 - Show codec/container type in MSE logs. r=cajbir, a=lmandel - 963bd7dabda0 Jean-Yves AvenardBug 1134064 - Part 1: Don't hold on reader when we stop needing it. r=mattwoodrow, a=lsblakk - 2e539009f86e Jean-Yves AvenardBug 1134064 - Part 2: Drop current reader when seeking outside range. r=mattwoodrow, a=lsblakk - 5f400332977d Jean-Yves AvenardBug 1134064 - Part 4: Fix racing condition should data get evicted. r=mattwoodrow, a=lsblakk - c92f6beaa505 Jean-Yves AvenardBug 1134064 - Part 5: Evict from TrackBuffer's current decoder. r=cajbir, a=lsblakk - d461222b1a07 Jean-Yves AvenardBug 1096089 - Part 3: Add trimming support from beginning of source buffer. r=cajbir, a=lsblakk - 4c92b1dcb67f Jean-Yves AvenardBug 1096089 - Make end argument an unrestricted double as per spec. r=cajbir, r=bholley, a=lsblakk - dd1511c04aad Patrick McManusBug 1133177 - Network logging and cleanups (part 1). r=hurley, a=lmandel - f321e120f8e1 Patrick McManusBug 1133177 - https tunnel of h1 without pconn inside h2 session stall. r=hurley, a=lmandel - 1c270f40087a Michael ComellaBug 1132720 - Hide the dialog on animation end to prevent flicker on Activity.finish(). r=margaret, a=lmandel - 9fb3cc1f7ff6 Alessio PlacitelliBug 1128500 - Put |HiddenFrame| from CustomizationTabPreloader.jsm in HiddenFrame.jsm. r=ttaubert, a=lmandel - 3d6eaf96ca69 Alessio PlacitelliBug 1128500 - Make CustomizationTabPreloader.jsm use HiddenFrame.jsm. r=ttaubert, a=lmandel - cae785163094 Robert StrongBug 1044443 - Release off main thread crash in nsXPCWrappedJS::Release() via nsUpdateProcessor::~nsUpdateProcessor(). r=bbondy, a=lmandel - 8ac02f8d22e5 Matthew NoorenbergheBug 1126756 - Listen for |message-manager-disconnect| instead of |TabClose| to teardown UITour. r=Unfocused, a=lmandel - 9ff796be0d67 Alessio PlacitelliBug 1128564 - Whitelist Self Repair ( origin for UITour. r=MattN, a=lmandel - de7488acda8a Alessio PlacitelliBug 1111022 - Load self-support page in a hidden tab. r=ttaubert, a=lmandel - 41fd4a4df8ac Alessio PlacitelliBug 1111022 - Tests for the SelfSupport backend. r=gfritzsche, a=lmandel - e7a0f9cd3482 Alessio PlacitelliBug 1111022 - Changes UITour.jsm to work with windowless browsers. r=MattN, a=lmandel - f8c1586998ef Alessio PlacitelliBug 1111022 - Add a test to make sure UITour works with no tabs/windowless browsers. r=MattN, a=lmandel - 9b32fd0a9844 Alessio PlacitelliBug 1111022 - Fix the accessibility test_docload.html test failing with hidden windows. a=lmandel - 87d76aead804 Jordan SantellBug 1135752 - Add tracking params in the dev edition doorhanger promo URL. r=jwalker, a=lsblakk - abb350df1154 Michael ComellaBug 1056002 - Backout changeset c56275d516ec. r=mfinkle, a=lsblakk - e8a752491ccc Jean-Yves AvenardBug 1133633 - Part 1: Add logging reporting if we are using HW accelerated decode. r=rillian, a=lmandel - 85e3bc280be6 Stephen PohlBug 1130682 - Add homepage URL for Adobe EME. r=dolske, a=lmandel - 1ba1e8df6e2f Stephen PohlBug 1129721 - Add license URL for Adobe EME. r=dolske, a=lmandel - 7bbbe05d19d4 Ryan VanderMeulenBug 1131433 - Re-add accidentally-removed GetMediaSourceLog() declaration. a=bustage - 25ae310c7cfd Ryan VanderMeulenBug 1131433 - Re-add another accidentally-removed GetMediaSourceLog() declaration. a=bustage - e32cd39a1917 Wes KocherBug 1131433 - Further fixes to SourceBufferDecoder.cpp a=bustage - 20ea789e69df J. Ryan StinnettBug 1128027 - Clean up protocol.js pools after connection close. r=bgrins a=lsblakk - 021aac3d7804 J. Ryan StinnettBug 1128027 - Repair sourceeditor test after protocol.js cleanup change. r=bgrins a=lsblakk - 4c02cca13dbe J. Ryan StinnettBug 1128027 - Inspector destroy error was holding document alive. r=bgrins a=lsblakk - 569e2110f0ff J. Ryan StinnettBug 1128027 - Record protocol.js request headers for debugging. r=bgrins a=lsblakk - b82653e56ec9 J. Ryan StinnettBug 1128027 - Rework Console tests that click links. r=bgrins a=lsblakk - 012e92feffe6 Richard Newman# - cea5c7cdfa13 J. Ryan StinnettBackout 012e92feffe6 (Bug 1128027). r=bgrins a=lsblakk - eed281422403 J. Ryan StinnettBackout b82653e56ec9 (Bug 1128027). r=bgrins a=lsblakk - 85ca6f646762 J. Ryan StinnettBackout 569e2110f0ff (Bug 1128027). r=bgrins a=lsblakk - 21120474140d J. Ryan StinnettBackout 4c02cca13dbe (Bug 1128027). r=bgrins a=lsblakk - 6f6ec57ce6b9 J. Ryan StinnettBackout 021aac3d7804 (Bug 1128027). r=bgrins a=lsblakk - e49cd895e078 Matt WoodrowBug 1136984 - Always call DrainComplete in response to Drain, even if it wasn't called on the active decoder. r=cpearce a=lmandel - 5a7e83327249 Matt WoodrowBug 1136984 - Use correct units for comparing timestamps in TrackBuffer::RangeRemoval. r=jya a=lmandel - 09b2c7fed10f Andrea MarchesiniBug 1125940 - File should not unlink FileImpl. r=khuey, a=lmandel - c16968de534c Matthew NoorenbergheBug 1124888 - Record the effect of the saved formSubmitURL on autofilling login forms. r=dolske, a=lmandel - 191548235ce3 Hannes VerschoreBug 1130679 - Disable optimization due to fuzzer failures. r=nbp, a=lmandel - ae07b3862c27 Andy PuschBug 1124884 - Clear search history in Firefox Search after using 'Clear Private Data' in Firefox. r=margaret, a=lmandel - 12b0612ba016 Timothy NikkelBug 1134293 - Report the bounds of a tree body as needing component alpha and support disable component alpha in the text it might draw if asked. r=roc, a=lmandel - a12ea2668d1c Timothy NikkelBug 1102896 - Save and restore the subpixel AA settings of the draw target when drawing an inactive layer manager so they don't get clobbered. r=mattwoodrow, a=lmandel - bc3e9b98d90f Steve FinkBug 1133909 - Fix hazards revealed by adding in new GCPointers. r=terrence, a=lmandel - 3a352baeeca4 Mike de BoerBug 1137141 - Fix for making the Loop contacts tab show and/ or hide when the user logs in or out of FxA. r=Standard8, a=sledru - d5def3938b6e Mike de BoerBug 1137141 - Extend Loop toolbarbutton tests to check for correct panel states upon opening. r=Standard8, a=sledru - 824656d7ad0d Seth FowlerBug 1128769 (Part 1) - Propagate the imgIContainer::Draw result through the nsLayoutUtils::PaintBackground* functions. r=tn a=lmandel - 759ad062242f Seth FowlerBug 1128769 (Part 2) - Check if we invalidated for a sync decode and never painted before invalidating for sync decoding again. r=tn a=lmandel - 69da299d5e49 Seth FowlerBug 1128769 (Part 3) - Record the last draw result when drawing CSS backgrounds and use it to decide whether to sync decode. r=tn a=lmandel - d80f4050e348 Seth FowlerBug 1128769 (Part 4) - Record the last draw result when drawing CSS tables and use it to decide whether to sync decode. r=tn a=lmandel - 782bd163aeed Seth FowlerBug 1128769 (Part 5) - Record the last draw result for various less common frame types and use it to decide whether to sync decode. r=tn a=lmandel - 498290d95f1c Seth FowlerBug 1128769 (Part 6) - Remove imgIContainer::IsDecoded and all remaining callers. r=tn a=lmandel ba=lmandel - 7b3c7ba30dfe Ben HearsumBug 1138924: fix win64's xulrunner mozconfig. r=rail, a=bustage - e8ec4e64fe84

      Categorieën: Mozilla-nl planet

      Doug Belshaw: Hive Toronto privacy badges

      wo, 04/03/2015 - 11:15

      Hive Toronto privacy badges

      I really like these badges, part of work carried out by Hive Toronto and funded by the Office of the Privacy Commissioner of Canada.

      I’m an advisor to the project, but most of the hard work is being done by Karen Smith. The badges are informed (of course!) by the Privacy competency of Mozilla’s Web Literacy Map.

      Each of the badges links to activities that help learners get to grips with the various aspects of privacy. As these have been created using Webmaker’s Thimble tool it’s straightforward to remix them for your own use!

      Categorieën: Mozilla-nl planet

      Robert O'Callahan: What Is The Endgame Of Weak Computer Security?

      wo, 04/03/2015 - 10:20

      Could we reach a state where most hardware and software is compromised by third parties at its creation, because the hardware and software you need to develop more hardware and software has already been compromised by those third parties? I think we could. Apart from all the challenges we already face, the "Internet Of Things" may make it extremely difficult to isolate potentially vulnerable systems from the Internet. Imagine an environment saturated with poorly secured devices capable of monitoring RF side channels, for a start.

      So far I've seen little evidence of systematic attempts to compromise software at source. Perhaps the organizations with the capability do it undetectably, but you would expect some less-competent actors to try it and be exposed. The best explanation I've heard is that people aren't trying to do this because currently it's cheaper to find vulnerabilities in other ways. Hopefully that won't always be true.

      If we get into that everything-compromised state, would we know? Would there be a single winner, able to use its unlimited reach to undermine and outflank its competitors? Or would there be multiple winners, with every system containing an entire ecosystem of backdoors and subversion? How could we get out of that state? Would the bugginess of computer systems turn out to be a blessing or a curse?

      Categorieën: Mozilla-nl planet

      Andy McKay: In defense of email

      wo, 04/03/2015 - 09:00

      Email has a tough time these days. It seems every week a new startup arrives trying to fix the problem. People aim for "inbox zero" with some sort of fanaticism. But here's the thing, I think email is great (most of the time).

      In the last few weeks I've been asked to give feedback in spreadsheets, etherpads, Google docs, video conferencing meeting and email. Of them all, I'll vote for email and here's why:

      • email is accessible to people regardless of timezone
      • it is more friendly to people whose first language is not English (or whatever the main thread language is)
      • it allows thoughtful, measured responses
      • it allows people time to research before giving a response
      • it gives the people the ability to respond on their schedule
      • it allows people who are not extroverted to get their say in, for example: meetings are often dominated by extroverts or people to whom some level of power is vested
      • it notifies you when there is a response from someone
      • you can see the responses in context
      • email provides a recorded history of the decision
      • it scales to a large number of people
      • you don't need to be invited

      That's not to say it's perfect. There are so many problems with email. Trolls, over cc'ing, the lack of visual and verbal cues, threads dissolving into chaos, rabbit holing on issues and so on. It's not a perfect tool.

      But then again neither are the other tools. I would argue that in a global open project the benefits of email out weight most other tools. Here's David Humphrey on video conferencing:

      I'll go further and suggest that in global, open projects, the idea that we can schedule a "call" with interested and affected parties is necessarily flawed. There is no time we can pick that has us all, in all timezones, able to participate. We shouldn't fool ourselves: such a communication paradigm is necessarily geographically rooted; it includes people here, even though it gives the impression that everyone and anyone could be here. They aren't. They can't be. The internet has already solved this problem by privileging asynchronous communication. Video is synchronous.

      David Humphrey

      Here's what happens if you send a message in Slack:

      So there is a tool that understands the problems. Email is a good asynchronous communication mechanism. Flawed in how it's used sometimes, but a good choice for many things and one I'm trying to use more in the future.

      Categorieën: Mozilla-nl planet

      Aaron Klotz: Attached Input Queues on Firefox for Windows

      wo, 04/03/2015 - 01:28

      I’ve previously blogged indirectly about attached input queues, but today I want to address the issue directly. What once was a nuisance in the realm of plugin hangs has grown into a more serious problem in the land of OMTC and e10s.

      As a brief recap for those who are not very familiar with this problem: imagine two windows, each on their own separate threads, forming a parent-child relationship with each other. When this situation arises, Windows implicitly attaches together and synchronizes their input queues, putting each thread at the mercy of the other attached threads’ ability to pump messages. If one thread does something bad in its message pump, any other threads that are attached to it are likely to be affected as well.

      One of the biggest annoyances when it comes to knowledge about which threads are affected, is that we are essentially flying blind. There is no way to query Windows for information about attached input queues. This is unfortunate, as it would be really nice to obtain some specific knowledge to allow us to analyze the state of Firefox threads’ input queues so that we can mitigate the problem.

      I had previously been working on a personal side project to make this possible, but in light of recent developments (and a tweet from bsmedberg), I decided to bring this investigation under the umbrella of my full-time job. I’m pleased to announce that I’ve finished the first cut of a utility that I call the Input Queue Visualizer, or iqvis.

      iqvis consists of two components, one of which is a kernel-mode driver. This driver exposes input queue attachment data to user mode. The iqvis user-mode executable is the client that queries the driver and outputs the results. In the next section I’m going to discuss the inner workings of iqvis. Following that, I’ll discuss the results of running iqvis on an instance of Firefox.

      Input Queue Visualizer Internals

      First of all, let’s start off with this caveat: Nearly everything that this driver does involves undocumented APIs and data structures. Because of this, iqvis does some things that you should never do in production software.

      One of the big consequences of using undocumented information is that iqvis requires pointers to very specific locations in kernel memory to be accomplish things. These pointers will change every time that Windows is updated. To mitigate this, I kind of cheated: it turns out that debugging symbols exist for all of the locations that iqvis needs to access! I wrote the iqvis client to invoke the dbghelp engine to extract the pointers that I need from Windows symbols and send those values as the input to the DeviceIoControl call that triggers the data collection. Passing pointers from user mode to be accessed in kernel mode is a very dangerous thing to do (and again, I would never do it in production software), but it is damn convenient for iqvis!

      Another issue is that these undocumented details change between Windows versions. The initial version of iqvis works on 64-bit Windows 8.1, but different code is required for other major releases, such as Windows 7. The iqvis driver theoretically will work on Windows 7 but I need to make a few bug fixes for that case.

      So, getting those details out of the way, we can address the crux of the problem: we need to query input queue attachment information from win32k.sys, which is the driver that implements USER and GDI system calls on Windows NT systems.

      In particular, the window manager maintains a linked list that describes thread attachment info as a triple that points to the “from” thread, the “to” thread, and a count. The count is necessary because the same two threads may be attached to each other multiple times. The iqvis driver walks this linked list in a thread-safe way to obtain the attachment data, and then copies it to the output buffer for the DeviceIoControl request.

      Since iqvis involves a device driver, and since I have not digitally signed that device driver, one can’t just run iqvis and call it a day. This program won’t work unless the computer was either booted with kernel debugging enabled, or it was booted with driver signing temporarily disabled.

      Running iqvis against Firefox

      Today I ran iqvis using today’s Nightly 39 as well as the lastest release of Flash. I also tried it with Flash Protected Mode both disabled and enabled. (Note that these examples used an older version of iqvis that outputs thread IDs in hexadecimal. The current version uses decimal for its output.)

      Protected Mode Disabled FromTID ToTID Count ac8 df4 1

      Looking up the thread IDs:

      • df4 is the Firefox main thread;
      • ac8 is the plugin-container main thread.

      I think that the output from this case is pretty much what I was expecting to see. The protected mode case, however, is more interesting.

      Protected Mode Enabled FromTID ToTID Count f8c dbc 1 794 f8c 3

      Looking up the thread IDs:

      • dbc is the Firefox main thread;
      • f8c is the plugin-container main thread;
      • 794 is the Flash sandbox main thread.

      Notice how Flash is attached to plugin-container, which is then attached to Firefox. Notice that transitively the Flash sandbox is effectively attached to Firefox, confirming previous hypotheses that I’ve discussed with colleagues in the past.

      Also notice how the Flash sandbox attachment to plugin-container has a count of 3!

      In Conclusion

      In my opinion, my Input Queue Visualizer has already yielded some very interesting data. Hopefully this will help us to troubleshoot our issues in the future. Oh, and the code is up on GitHub! It’s poorly documented at the moment, but just remember to only try running it on 64-bit Windows 8.1 for the time being!

      Categorieën: Mozilla-nl planet