mozilla

Mozilla Nederland LogoDe Nederlandse
Mozilla gemeenschap

Pete Moore: Weekly review 2014-08-27

Mozilla planet - wo, 27/08/2014 - 15:43

Highlights from this week

1. Play Store - armv6

The main goal of the last week has been to enable fennec builds on esr31 branch. Last week I updated the build process to use a different mechanism to generate the version code in the play store for armv6 apks generated from the esr31 branch. This week has been about enabling these builds and release builders.

This work is tracked in Bug 1040319 – Ensure that Fennec builds from mozilla-esr31 have a buildID to allow for armv6/Android 2.2 users to update to mozilla-esr31 apks.

2. Working with contributors

I’ve been working with kartikgupta0909 this week on IRC - hoping he is going to fix Bug 1020613 - vcs sync should only push tags/heads that have changed since last successful push for us.

I added metadata to bugs, and created a bugzilla search for them to appear in, which I linked to from our contributions wiki page (and I created a sublink to RelEng contributions page from our main Release Engineering page).

3. Other

Regular type support work, which can be seen in bugs below.

Goals for next week:

  • Return to l10n work
  • Prepare for RelEng arch meeting in September

Bugs I created this week:

Other bugs I updated this week:

Categorieën: Mozilla-nl planet

Julien Vehent: Postgres multicolumn indexes to save the day

Mozilla planet - wo, 27/08/2014 - 15:16

I love relational databases. Well designed, they are the most elegant and efficient way to store data. Which is why MIG uses Postgresql, hosted by Amazon RDS.

It's the first time I use RDS for anything more than a small website. I discover its capabilities along the way.  Over the past few days, I've been investigating performance issues. The database was close to 100% CPU, and the number of DB connections maintained by the Go database package was varying a lot. Something was off.

I have worked as a junior Oracle & Postgres DBA in the past. In my limited experience, database performances are almost always due to bad queries, or bad schemas. When you wrote the queries, however, this is what you blame last, after spending hours looking for a bug in any other components outside of your control.

Eventually, I re-read my queries, and found one that looked bad enough:

// AgentByQueueAndPID returns a single agent that is located at a given queueloc and has a given PID func (db *DB) AgentByQueueAndPID(queueloc string, pid int) (agent mig.Agent, err error) { err = db.c.QueryRow(`SELECT id, name, queueloc, os, version, pid, starttime, heartbeattime, status FROM agents WHERE queueloc=$1 AND pid=$2`, queueloc, pid).Scan( &agent.ID, &agent.Name, &agent.QueueLoc, &agent.OS, &agent.Version, &agent.PID, &agent.StartTime, &agent.HeartBeatTS, &agent.Status) if err != nil { err = fmt.Errorf("Error while retrieving agent: '%v'", err) return } if err == sql.ErrNoRows { return } return }The query locates an agent using its queueloc and pid values. Which is necessary to properly identify an agent, except that neither queueloc nor pid have indexes, resulting in a sequential scan of the table:
mig=> explain SELECT * FROM agents WHERE queueloc='xyz' AND pid=1234; QUERY PLAN -------------------------------------------------------------- Seq Scan on agents (cost=0.00..3796.20 rows=1 width=161) Filter: (((queueloc)::text = 'xyz'::text) AND (pid = 1234)) (2 rows)
This query is called ~50 times per second, and even with only 45,000 rows in the agents table, that is enough to burn all the CPU cycles on my RDS instance.

Postgres supports multicolumn indexes. The fix is simple enough: create an index on the columns queueloc and pid together.

mig=> create index agents_queueloc_pid_idx on agents(queueloc, pid); CREATE INDEX

Which results in an immediate, drastic, reduction of the cost of the query, and CPU usage of the instance.


mig=> explain SELECT * FROM agents WHERE queueloc='xyz' AND pid=1234; QUERY PLAN --------------------------------------------------------------------------------------- Index Scan using agents_queueloc_pid_idx on agents (cost=0.41..8.43 rows=1 width=161) Index Cond: (((queueloc)::text = 'xyz'::text) AND (pid = 1234)) (2 rows)

migdbcpuusage.png

Immediate performance gain for a limited effort. Gotta love Postgres !

Categorieën: Mozilla-nl planet

Doug Belshaw: Soliciting feedback on v1.1 of the Web Literacy Map

Mozilla planet - wo, 27/08/2014 - 14:50

The Web Literacy Map constitutes the skills and competencies that Mozilla and its community of stakeholders believe to be necessary to read, write and participate effectively on the web.

Sea

The Web Literacy Map currently stands at v1.1 but as I blogged recently, a lot has happened since we launched the first version at MozFest last year! That’s why we’re planning to update it to v2.0 by early January 2015.

I’ll be connecting with key people over the coming weeks to ask for a half-hour (recorded) conversation which will then be shared with the community. In the meantime we’d appreciate your feedback. Here’s what Atul Varma had to say:

So I feel like the weblit map is cool as it is, but as has been discussed previously, there are a number of areas that are important but cross-cut through existing competencies, rather than necessarily constituting their own competencies by themselves… what if we created a set of lenses through which the competencies could be viewed?

There’s a couple of ways you can give your feedback:

Leaving your name means we can follow up with questions if necessary (for clarification, etc.) I look forward to hearing what you have to say! All opinions are welcome. Pull no punches. :-)

Questions? I’m @dajbelshaw on Twitter or you can email me: doug@mozillafoundation.org

Categorieën: Mozilla-nl planet

Daniel Stenberg: Going to FOSDEM 2015

Mozilla planet - wo, 27/08/2014 - 11:01

Yeps,

I’m going there and I know several friends are going too, so this is just my way of pointing this out to the ones of you who still haven’t made up your mind! There’s still a lot of time left as this event is taking place late January next year.

I intend to try to get a talk to present this time and I would love to meet up with more curl contributors and fans.

fosdem

Categorieën: Mozilla-nl planet

Byron Jones: happy bmo push day!

Mozilla planet - wo, 27/08/2014 - 09:11

the following changes have been pushed to bugzilla.mozilla.org:

  • [1058479] move the “mozilla employees” warning on bugzilla::admin next to the submit button
  • [1058481] git commits should link to commitdiff not commit
  • [1056087] contrib/merge-users.pl fails if there are no duplicate bug_user_last_visit rows
  • [1058679] new bug API returning a ref where bzexport expects bug data
  • [1057774] bzAPI landing page gives a 404
  • [1056904] Add “Mentored by me” to MyDashboard
  • [1059085] Unable to update a product’s group controls: Can’t use string (“table”) as an ARRAY ref while “strict refs” in use
  • [1059088] Inline history can be shown out-of-order when two changes occur in the same second

discuss these changes on mozilla.tools.bmo.


Filed under: bmo, mozilla
Categorieën: Mozilla-nl planet

Mozilla plans permission toggles in Firefox OS - CNET

Nieuws verzameld via Google - wo, 27/08/2014 - 03:50

Mozilla plans permission toggles in Firefox OS
CNET
20140223_Firefox_OS_Spreadtrum_004_610x395.jpg A prototype of the Firefox OS-powered Cloud FX phone. A future version of the operating system will include app permission controls. Stephen Shankland/CNET. Mozilla promises that a future version of ...
Firefox OS to outdo Android on granular application permissionsPC World Magazine
Latest Firefox mobile OS to feature improved app controlComputer Dealer News

alle 11 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Monica Chew: Firefox 32 supports Public Key Pinning

Mozilla planet - wo, 27/08/2014 - 03:41
Public Key Pinning helps ensure that people are connecting to the sites they intend. Pinning allows site operators to specify which certificate authorities (CAs) issue valid certificates for them, rather than accepting any one of the hundreds of built-in root certificates that ship with Firefox. If any certificate in the verified certificate chain corresponds to one of the known good certificates, Firefox displays the lock icon as normal.

Pinning helps protect users from man-in-the-middle-attacks and rogue certificate authorities. When the root cert for a pinned site does not match one of the known good CAs, Firefox will reject the connection with a pinning error. This type of error can also occur if a CA mis-issues a certificate.
Pinning errors can be transient. For example, if a person is signing into WiFi, they may see an error like the one below when visiting a pinned site. The error should disappear if the person reloads after the WiFi access is setup.



Firefox 32 and above supports built-in pins, which means that the list of acceptable certificate authorities must be set at time of build for each pinned domain. Pinning is enforced by default. Sites may advertise their support for pinning with the Public Key Pinning Extension for HTTP, which we hope to implement soon. Pinned domains include addons.mozilla.org and Twitter in Firefox 32, and Google domains in Firefox 33, with more domains to come. That means that Firefox users can visit Mozilla, Twitter and Google domains more safely. For the full list of pinned domains and rollout status, please see the Public Key Pinning wiki.

Thanks to Camilo Viecco for the initial implementation and David Keeler for many reviews!
Categorieën: Mozilla-nl planet

Gervase Markham: Email Account Phishers Do Manual Work

Mozilla planet - di, 26/08/2014 - 21:37

For a while now, criminals have been breaking into email accounts and using them to spam the account’s address book with phishing emails or the like. More evil criminals will change the account password, and/or delete the address book and the email to make it harder for the account owner to warn people about what’s happened.

My mother recently received an email, purportedly from my cousin’s husband, titled “Confidential Doc”. It was a mock-up of a Dropbox “I’ve shared an item with you” email, with the “View Document” URL actually being http://proshow.kz/excel/OLE/PPS/redirect.php. This (currently) redirects to http://www.affordablewebdesigner.co.uk/components/com_wrapper/views/wrapper/tmpl/dropbox/, although it redirected to another site at the time. That page says “Select your email provider”, explaining “Now, you can sign in to dropbox with your email”. When you click the name of your email provider, it asks you for your email address and password. And boom – they have another account to abuse.

But the really interesting thing was that my mother, not being born yesterday, emailed back saying “I’ve just received an email from you. But it has no text – just an item to share. Is it real, or have you been hacked?” So far, so cautious. But she actually got a reply! It said:

Hi <her shortened first name>,
I sent it, It is safe.
<his first name>

(The random capital was in the original.)

Now, this could have been a very smart templated autoresponder, but I think it’s more likely that the guy stayed logged into the account long enough to “reassure” people and to improve his hit rate. That might tell us interesting things about the value of a captured email account, if it’s worth spending manual effort trying to convince people to hand over their creds.

Categorieën: Mozilla-nl planet

Mozilla announces $36 Intex Cloud FX smartphone for India - CBC.ca

Nieuws verzameld via Google - di, 26/08/2014 - 20:22

Economic Times

Mozilla announces $36 Intex Cloud FX smartphone for India
CBC.ca
The phone runs Firefox OS, a Linux-based mobile operating system made by the non-profit organization Mozilla, which is best known for its Firefox web browser. Firefox has been mainly targeting the developing world, especially Latin America, with low ...
This Is The $33 Smartphone For India That Could Ruin Samsung's Android ...Business Insider
Mozilla's $33 smartphone for India could ruin Samsung's android businessEconomic Times
Mozilla Launches $33 Smartphone in IndiaHeadlines & Global News

alle 8 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Mozilla comes up with $33 smartphone in India - The Daily Star

Nieuws verzameld via Google - di, 26/08/2014 - 20:01

Mozilla comes up with $33 smartphone in India
The Daily Star
Mozilla, a company best known for its Firefox browser, has launched a new low-cost smartphone in India that will retail for 1,999 rupees ($33; £19.90). The phone is only for sale on India's online shopping site, Snapdeal. The Intex Cloud FX runs on ...

Categorieën: Mozilla-nl planet

Mozilla stapt in groeimarkt India met spotgoedkope smartphone - z24

Nieuws verzameld via Google - di, 26/08/2014 - 19:18

Mozilla stapt in groeimarkt India met spotgoedkope smartphone
z24
“Meer dan zeventig procent van de bellers in India gebruikt nog een traditioneel mobieltje, en naar wij begrijpen zijn kosten en bruikbaarheid een drempel om over te stappen naar een smartphone”, zegt Jane Hsu, hoofd productontwikkeling van Mozilla, ...

en meer »
Categorieën: Mozilla-nl planet

Mozilla stapt in groeimarkt India met spotgoedkope smartphone - z24

Nieuws verzameld via Google - di, 26/08/2014 - 19:18

Mozilla stapt in groeimarkt India met spotgoedkope smartphone
z24
“Meer dan zeventig procent van de bellers in India gebruikt nog een traditioneel mobieltje, en naar wij begrijpen zijn kosten en bruikbaarheid een drempel om over te stappen naar een smartphone”, zegt Jane Hsu, hoofd productontwikkeling van Mozilla, ...

Categorieën: Mozilla-nl planet

Alex Vincent: An insightful statement from a mathematics course

Mozilla planet - di, 26/08/2014 - 17:39

I’m taking a Linear Algebra course this fall.  Last night, my instructor said something quite interesting:

“We are building a model of Euclidean geometry in our vector space. Then we can prove our axioms of geometry (as theorems).”

This would sound like technobabble to me even a week ago, but what he’s really saying is this:

“If you can implement one system’s basic rules or axioms in another system, you can build a model of that first system in the second.”

Programmers and website builders build models of systems all the time, and unconsciously, we build on top of other systems. Think about that when you write JavaScript code: the people who implement JavaScript engines are building a model for millions of people to use that they’ll never meet. I suppose the same could be said of any modern programming language, compiler, transpiler or interpreter.

The beauty for those of us who work in the model is that we (theoretically) shouldn’t need to care what platform we run on. (In practice, there are differences, which is why we want platforms to implement standards, so we can concentrate on using the theoretical model we depend on.)

On the flip side, that also means that building and maintaining that fundamental system we build on top of has to be done very, very carefully.  If you’re building something for others to use (and chances are, when you’re writing software, you’re doing exactly that), you really have to think about how you want others to use your system, and how others might try to use your system in ways you don’t expect.

It’s really quite a profound duty that we take on when we craft software for others to use.

Categorieën: Mozilla-nl planet

Chris AtLee: Gotta Cache 'Em All

Mozilla planet - di, 26/08/2014 - 16:21
TOO MUCH TRAFFIC!!!!

Waaaaaaay back in February we identified overall network bandwidth as a cause of job failures on TBPL. We were pushing too much traffic over our VPN link between Mozilla's datacentre and AWS. Since then we've been working on a few approaches to cope with the increased traffic while at the same time reducing our overall network load. Most recently we've deployed HTTP caches inside each AWS region.

Network traffic from January to August 2014 The answer - cache all the things! Obligatory XKCD Caching build artifacts

The primary target for caching was downloads of build/test/symbol packages by test machines from file servers. These packages are generated by the build machines and uploaded to various file servers. The same packages are then downloaded many times by different machines running tests. This was a perfect candidate for caching, since the same files were being requested by many different hosts in a relatively short timespan.

Caching tooltool downloads

Tooltool is a simple system RelEng uses to distribute static assets to build/test machines. While the machines do maintain a local cache of files, the caches are often empty because the machines are newly created in AWS. Having the files in local HTTP caches speeds up transfer times and decreases network load.

Results so far - 50% decrease in bandwidth

Initial deployment was completed on August 8th (end of week 32 of 2014). You can see by the graph above that we've cut our bandwidth by about 50%!

What's next?

There are a few more low hanging fruit for caching. We have internal pypi repositories that could benefit from caches. There's a long tail of other miscellaneous downloads that could be cached as well.

There are other improvements we can make to reduce bandwidth as well, such as moving uploads from build machines to be outside the VPN tunnel, or perhaps to S3 directly. Additionally, a big source of network traffic is doing signing of various packages (gpg signatures, MAR files, etc.). We're looking at ways to do that more efficiently. I'd love to investigate more efficient ways of compressing or transferring build artifacts overall; there is a ton of duplication between the build and test packages between different platforms and even between different pushes.

I want to know MOAR!

Great! As always, all our work has been tracked in a bug, and worked out in the open. The bug for this project is 1017759. The source code lives in https://github.com/mozilla/build-proxxy/, and we have some basic documentation available on our wiki. If this kind of work excites you, we're hiring!

Big thanks to George Miroshnykov for his work on developing proxxy.

Categorieën: Mozilla-nl planet

Mozilla aims to break Indian mobile market with $33 smartphone - The Drum

Nieuws verzameld via Google - di, 26/08/2014 - 13:39

Mozilla aims to break Indian mobile market with $33 smartphone
The Drum
Internet browser group Mozilla has followed in Google's footsteps by releasing a mobile device - with one difference; its smartphone will cost merely $33 - as it looks to capitalise on the growing Indian market. The 'Intel Cloud FX' will be exclusively ...

Google Nieuws
Categorieën: Mozilla-nl planet

This Is The $33 Smartphone For India That Could Ruin Samsung's Android ... - Business Insider

Nieuws verzameld via Google - di, 26/08/2014 - 11:12

Business Insider

This Is The $33 Smartphone For India That Could Ruin Samsung's Android ...
Business Insider
The low-end smartphone market has long been seen by Mozilla as the perfect place for it to gain traction with its range of smartphones. In an interview with the Wall Street Journal, Jane Hsu, Mozilla's director of product, explained that "More than 70 ...

en meer »Google Nieuws
Categorieën: Mozilla-nl planet

Mozilla launches Intex Cloud FX £20 smartphone, in India - Pocket-lint.com

Nieuws verzameld via Google - di, 26/08/2014 - 10:17

Pocket-lint.com

Mozilla launches Intex Cloud FX £20 smartphone, in India
Pocket-lint.com
Mozilla, famed for creating the Firefox browser, has announced a smartphone that it will sell in India for 1,999 rupees which is around £20. The Intex Cloud FX's runs on Mozilla's operating system, making it the first in Asia to sports the OS. It will ...

Google Nieuws
Categorieën: Mozilla-nl planet

Byron Jones: happy bmo push day!

Mozilla planet - di, 26/08/2014 - 09:49

the following changes have been pushed to bugzilla.mozilla.org:

  • [1058274] The input field for suggested reviewers when editing a component needs ‘multiple’ to be true for allowing for more than one username
  • [1051655] mentor field updated/reset when a bug is updated as a result of a change on a different bug (eg. see also, duplicate)
  • [1058355] bugzilla.mozilla.org leaks emails to logged out users in “Latest Activity” search URLs

discuss these changes on mozilla.tools.bmo.


Filed under: bmo, mozilla
Categorieën: Mozilla-nl planet

Mozilla's first low-cost smartphone on sale in India - BBC News

Nieuws verzameld via Google - di, 26/08/2014 - 08:50

BBC News

Mozilla's first low-cost smartphone on sale in India
BBC News
Mozilla, a company best known for its Firefox browser, has launched a new low-cost smartphone in India that will retail for 1,999 rupees ($33; £19.90). The phone is only for sale on India's online shopping site, Snapdeal. The Intex Cloud FX runs on ...
Mozilla Unveils $33 Intex Cloud FX SmartphoneWall Street Journal (blog)
Mozilla launches low-cost Firefox OS phone in IndiaCNET
Mozilla taps India market with $33 smartphoneCNBC
The Next Web -Bloomberg
alle 264 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Mozilla's first low-cost smartphone on sale in India - BBC News

Nieuws verzameld via Google - di, 26/08/2014 - 08:45

BBC News

Mozilla's first low-cost smartphone on sale in India
BBC News
Mozilla, a company best known for its Firefox browser, has launched a new low-cost smartphone in India that will retail for 1,999 rupees ($33; £19.90). The phone is only for sale on India's online shopping site, Snapdeal. The Intex Cloud FX runs on ...

en meer »
Categorieën: Mozilla-nl planet

Pagina's