mozilla

Mozilla Nederland LogoDe Nederlandse
Mozilla gemeenschap

Kartikaya Gupta: Google-free android usage

Mozilla planet - zo, 19/10/2014 - 05:42

When I switched from using a BlackBerry to an Android phone a few years ago it really irked me that the only way to keep my contacts info on the phone was to also let Google sync them into their cloud. This may not be true universally (I think some samsung phones will let you store contacts to the SD card) but it was true for phone I was using then and is true on the Nexus 4 I'm using now. It took a lot of painful digging through Android source and googling, but I successfully ended up writing a bunch of code to get around this.

I've been meaning to put up the code and post this for a while, but kept procrastinating because the code wasn't generic/pretty enough to publish. It still isn't but it's better to post it anyway in case somebody finds it useful, so that's what I'm doing.

In a nutshell, what I wrote is an Android app that includes (a) an account authenticator, (b) a contacts sync adapter and (c) a calendar sync adapter. On a stock Android phone this will allow you to create an "account" on the device and add contacts/calendar entries to it.

Note that I wrote this to interface with the way I already have my data stored, so the account creation process actually tries to validate the entered credentials against a webhost, and the the contacts sync adapter is actually a working one-way sync adapter that will download contact info from a remote server in vcard format and update the local database. The calendar sync adapter, though, is just a dummy. You're encouraged to rip out the parts that you don't want and use the rest as you see fit. It's mostly meant to be a working example of how this can be accomplished.

The net effect is that you can store contacts and calendar entries on the device so they don't get synced to Google, but you can still use the built-in contacts and calendar apps to manipulate them. This benefits from much better integration with the rest of the OS than if you were to use a third-party contacts or calendar app.

Source code is on Github: staktrace/pimple-android.

Categorieën: Mozilla-nl planet

Kalpa Welivitigoda: Light Level Meter | Firefox OS App

Mozilla planet - za, 18/10/2014 - 08:50
Light Level Meter [1], is a Firefox OS app developed by myself to demonstrate the use of Mozilla WebAPI [2]. The app measures the ambient light level in lux [3] and present in realtime. It records the max and min values and plots the variation of the light level over time.

I've made use of DeviceLightEvent [4] to get the current ambient light level from the light level detector in the device (I have tested it with Keon [5]). The real time chart is implemented using Smoothie Charts [6] which is a simple, easy to use javascript charting library for streaming data.

Measurement of ambient light level has many uses. One is that it could be used to adjust the light level of electronic visual displays that are there in many of the devices we use today such as mobile phones and tablets. By such adjustments based on the ambient light level, we could save energy while delivering a comfortable reading experience to the user.

Another use of measuring ambient light level is in electrical lighting design. For example, the light level recommended for reading is different from that is recommended for hand tailoring. Recommended light levels in building designing in Sri Lanka can be found in page 38 of "Code of Practice for Energy Efficient Buildings in Sri Lanka" [7].

Source code of Light Level Meter [8].

[1] https://marketplace.firefox.com/app/light-level-meter
[2] https://wiki.mozilla.org/WebAPI
[3] http://en.wikipedia.org/wiki/Lux
[4] https://developer.mozilla.org/en-US/docs/Web/API/DeviceLightEvent
[5] http://en.wikipedia.org/wiki/GeeksPhone_Keon
[6] http://smoothiecharts.org/
[7] http://www.energy.gov.lk/pdf/Building%20CODE.pdf
[8] https://github.com/callkalpa/callkalpa.github.io/tree/master/LightLevelMeter
Categorieën: Mozilla-nl planet

Erik Vold: Jetpack Pro Tip - Using JPM on Travis

Mozilla planet - za, 18/10/2014 - 02:00

First, enable Travis on your repo.

Then, Add the following .travis.yml file to the repo:

This will download Firefox 36.0a1 (which at the moment needs to be manually updated..), installs jpm, then runs jpm test -v on your JPM based Firefox add-on.

Examples Add-ons Third Party NPM Modules
Categorieën: Mozilla-nl planet

Asa Dotzler: Private Browsing Coming Soon to Firefox OS

Mozilla planet - vr, 17/10/2014 - 20:38

This week, the team landed code changes for Bug 832700 – Add private browsing to Firefox OS. This was the back end implementation in Gecko and we still have to determine how this will surface in the front end. That work is tracked at Bug 1081731 - Add private browsing to Firefox OS in Gaia.

We also got a couple of nice fixes to one of my favorite new features, the still experimental “app grouping” feature for the Firefox OS home screen. The fixes for Bug 1082627 and Bug 1082629 ensure that the groups align properly and have the right sizes. You can enable this experimental feature in settings -> developer -> homescreen -> app grouping.

There’s lots going on every day in Firefox OS development. I’ll be keeping y’all up to date here and on Twitter.

 

 

Categorieën: Mozilla-nl planet

Frédéric Harper: I’m leaving Mozilla, looking for a new challenge

Mozilla planet - vr, 17/10/2014 - 20:20
//flic.kr/p/nDrPAL

Copyright: Eva Blue https://flic.kr/p/nDrPAL

January 1st will be my last day as a Senior Technical Evangelist at Mozilla. I truly believe in the Mozilla’s mission, and I’ll continue to share my passion for the open web, but this time, as a volunteer. From now on, I’ll be on the search for a new challenge.

I want to thank my rock star team for everything: Havi Hoffman, Jason Weathersby, Robert Nyman, and Christian Heilmann. I also want to thank Mark Coggins for his strong leadership as my manager. It was a real pleasure to work with you all! Last, but not least, thanks to all Mozillians, and continue the good work: let’s keep in touch!

What’s next

I’m now reflecting on what will be next for me, and open to discussing all opportunities. Having ten years as a software developer, and four years as a technical evangelist in my backpack, here are some ideas, in no particular order, I have in mind:

  • Principal Technical Evangelist about a product/service/technology I believe in;
  • General manager of a startup accelerator program;
  • CTO of a startup.

I have no issue to travel extensively: I was on the road one-third of last year – speaking in more than twelves countries. I may not have an issue to move depending on the offer, and country. I like to share my passion on stage – more than 100 talks in the last three years. Also, my book on personal branding for developers will be published at Apress before the end of the year.

I like technology, but I’m not a developer anymore, and not looking to go back in a developer role. I may also be open to a non-technical role, but it need to target other of my passions like startups. For the last five years, I’ve been working at home, with no schedule, just end goals to reach. I can’t deal with micro-management, so I need some freedom to be effective. No matter what will be next, it need to be an interesting challenge as I have a serial entrepreneur profile: I like to take ideas, and make them a reality.

You can find more about my experience on my LinkedIn profile. If you want to grab a coffee or discuss any opportunities, send me an email.


--
I’m leaving Mozilla, looking for a new challenge is a post on Out of Comfort Zone from Frédéric Harper

Related posts:

  1. I’m joining Mozilla It was a bold move to leave Microsoft without knowing...
  2. I’m leaving Microsoft, looking for a new opportunity For two years, and a half, I was a proud...
  3. One year at Mozilla On July 15th last year, I was starting a new...
Categorieën: Mozilla-nl planet

David Boswell: Mozillians of the world, unite!

Mozilla planet - vr, 17/10/2014 - 16:48

When i got involved with Mozilla in 1999, it was clear that something big was going on. The mozilla.org site had a distinctly “Workers of the world, unite!” feel to it. It caught my attention and made me interested to find out more.

600px-1998_site2_cropped

The language on the site had the same revolutionary feel as the design. One of the pages talked about Why Mozilla Matters and it was an impassioned rallying cry for people to get involved with the audacious thing Mozilla was trying to do.

“The mozilla.org project is terribly important for the state of open-source software. [...] And it’s going to be an uphill battle. [...] A successful mozilla.org project could be the lever that moves a dozen previously immobile stones. [...] Maximize the opportunity here or you’ll be kicking yourself for years to come.”

With some minor tweaks, these words are still true today. One change: we call the project just Mozilla now instead of mozilla.org. Our mission today is also broader than creating software, we also educate people about the web, advocate to keep the Internet open and more.

Photo of a Maker Party in India by  Kaustav Das Modak

Photo of a Maker Party in India by Kaustav Das Modak

Another change is that our competition has adopted many of the tactics of working in the open that we pioneered. Google, Apple and Microsoft all have their own open source communities today. So how can we compete with companies that are bigger than us and are borrowing our playbook?

We do something radical and audicious. We build a new playbook. We become pioneers for 21st century participation. We tap into the passion, skills and expertise of people around the world better than anyone else. We build the community that will give Mozilla the long-term impact that Mitchell spoke about at the Summit.

mitchell_summit

Mozilla just launched the Open Standard site and one of the first articles posted is “Struggle For An Open Internet Grows“. This shows how the challenges of today are not the same challenges we faced 16 years ago, so we need to do new things in new ways to advance our mission.

If the open Internet is blocked or shut down in places, let’s build communities on the ground that turn it back on. If laws threaten the web, let’s make that a public conversation. If we need to innovate to be relevant in the coming Internet of Things, let’s do that.

Building the community that can do this is work we need to start on. What doesn’t serve our community any more? What do we need to do that we aren’t? What works that needs to get scaled up? Mozillians of the world, unite and help answer these questions.


Categorieën: Mozilla-nl planet

Firefox Hello is Mozilla's more open, plugin-free take on voice and video chat - PCWorld

Nieuws verzameld via Google - vr, 17/10/2014 - 16:21

CNET

Firefox Hello is Mozilla's more open, plugin-free take on voice and video chat
PCWorld
With Firefox Hello, Mozilla is trying to remove the proprietary shackles from online voice and video chat. The new service lets Firefox Beta users chat with anyone regardless of what browser the other person is using. As long as that browser supports ...
Firefox Hello adds video chat to Mozilla's browserCNET
Firefox Hello is Mozilla's answer to SkypeTechRadar UK
Mozilla's new Firefox Hello feature lets users conduct video, audio calls for freeTechSpot
Gigaom -Telecompaper (subscription) -Ordoh
alle 28 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Software-update: Mozilla Firefox 34.0 bèta - Tweakers

Nieuws verzameld via Google - vr, 17/10/2014 - 13:37

Software-update: Mozilla Firefox 34.0 bèta
Tweakers
Mozilla Firefox 2013 logo (75 pix) Zoals we inmiddels van Mozilla gewend zijn, is kort na het uitkomen van een stabiele versie van webbrowser Firefox de eerste bètarelease van de volgende versie alweer verschenen. In versie 34, die als alles goed gaat ...

Categorieën: Mozilla-nl planet

Mozilla voegt videochat toe aan Firefox - ZDNet.be

Nieuws verzameld via Google - vr, 17/10/2014 - 11:22

Mozilla voegt videochat toe aan Firefox
ZDNet.be
Het is geen geheim dat Mozilla voorstander is van het open web. Het eigen mobiele besturingssysteem Firefox OS is gebaseerd op open webstandaarden en ook de Firefox-browser krijgt steeds meer functionaliteit op basis van open webtechnologie.

Categorieën: Mozilla-nl planet

Mozilla voegt videochat toe aan Firefox - ZDNet.be

Nieuws verzameld via Google - vr, 17/10/2014 - 11:20

Mozilla voegt videochat toe aan Firefox
ZDNet.be
Het is geen geheim dat Mozilla voorstander is van het open web. Het eigen mobiele besturingssysteem Firefox OS is gebaseerd op open webstandaarden en ook de Firefox-browser krijgt steeds meer functionaliteit op basis van open webtechnologie.

Categorieën: Mozilla-nl planet

Daniel Stenberg: curl is no POODLE

Mozilla planet - vr, 17/10/2014 - 10:28

Once again the internet flooded over with reports and alerts about a vulnerability using a funny name: POODLE. If you have even the slightest interest in this sort of stuff you’ve already grown tired and bored about everything that’s been written about this so why on earth do I have to pile on and add to the pain?

This is my way of explaining how POODLE affects or doesn’t affect curl, libcurl and the huge amount of existing applications using libcurl.

Is my application using HTTPS with libcurl or curl vulnerable to POODLE?

No. POODLE really is a browser-attack.

Motivation

The POODLE attack is a combination of several separate pieces that when combined allow attackers to exploit it. The individual pieces are not enough stand-alone.

SSLv3 is getting a lot of heat now since POODLE must be able to downgrade a connection to SSLv3 from TLS to work. Downgrade in a fairly crude way – in libcurl, only libcurl built to use NSS as its TLS backend supports this way of downgrading the protocol level.

Then, if an attacker manages to downgrade to SSLv3 (both the client and server must thus allow this) and get to use the sensitive block cipher of that protocol, it must maintain a connection to the server and then retry many similar requests to the server in order to try to work out details of the request – to figure out secrets it shouldn’t be able to. This would typically be made using javascript in a browser and really only HTTPS allows this so no other SSL-using protocol can be exploited like this.

For the typical curl user or a libcurl user, there’s A) no javascript and B) the application already knows the request it is doing and normally doesn’t inject random stuff from 3rd party sources that could be allowed to steal secrets. There’s really no room for any outsider here to steal secrets or cookies or whatever.

How will curl change

There’s no immediate need to do anything as curl and libcurl are not vulnerable to POODLE.

Still, SSLv3 is long overdue and is not really a modern protocol (TLS 1.0, the successor, had its RFC published 1999) so in order to really avoid the risk that it will be possible exploit this protocol one way or another now or later using curl/libcurl, we will disable SSLv3 by default in the next curl release. For all TLS backends.

Why? Just to be extra super cautious and because this attack helped us remember that SSLv3 is old and should be let down to die.

If possible, explicitly requesting SSLv3 should still be possible so that users can still work with their legacy systems in dire need of upgrade but placed in corners of the world that every sensible human has since long forgotten or just ignored.

In-depth explanations of POODLE

I especially like the ones provided by PolarSSL and GnuTLS, possibly due to their clear “distance” from browsers.

Categorieën: Mozilla-nl planet

Daniel Stenberg: curl and POODLE

Mozilla planet - vr, 17/10/2014 - 09:29

Once again the internet flooded over with reports and alerts about a vulnerability using a funny name.

Categorieën: Mozilla-nl planet

Justin Dolske: Sans Flash

Mozilla planet - vr, 17/10/2014 - 03:20

I upgraded to a new MacBook about a week ago, and thought I’d use the opportunity to try living without Flash for a while. I had previously done this two years ago (for my last laptop upgrade), and I lasted about a week before breaking down and installing it. In part because I ran into too many sites that needed Flash, but the main reason was that the adoption and experience of HTML5 video wasn’t great. In particular, the HTML5 mode on YouTube was awful — videos often stalled or froze. (I suspect that was an issue on YouTube’s end, but the exact cause didn’t really matter.) So now that the Web has had a few additional years to shift away from Flash, I wanted to see if the experience was any better.

The short answer is that I’m pleased (with a few caveats). The most common Flash usage for me had been the major video sites (YouTube and Vimeo), and they now have HTML5 video support that’s good. YouTube previously had issues where they still required the use of Flash for some popular videos (for ads?), but either they stopped or AdBlock avoids the problem.

I was previously using Flash in click-to-play mode, which I found tedious. On the whole, the experience is better now — instead of clicking a permission prompt, I find myself just happy to not be bothered at all. Most of the random Flash-only videos I encountered (generally news sites) were not worth the time anyway, and on the rare occasion I do want to see one it’s easy to find an equivalent on YouTube. I’m also pleased to have run across very few Flash-only sites this time around. I suspect we can thank the rise of mobile (thanks iPad!) for helping push that shift.

There are a few problem sites, though, which so far I’m just living with.

Ironically, the first site I needed Flash for was our own Air Mozilla. We originally tried HTML5, but streaming at scale is (was?) a hard problem, so we needed a solution that worked. Which meant Flash. It’s unfortunate, but that’s Mozilla pragmatism. In the meantime, I just cheat and use Chrome (!) which comes with a private copy of Flash. Facebook (and specifically the videos people post/share) were the next big thing I noticed, but… I can honestly live without that too. Sorry if I didn’t watch your recent funny video.

I will readily admit that my Web usage is probably atypical. I’ve rarely play online Flash games, which are probably close to video usage. And I’m willing to put up with at least a little bit of pain to avoid Flash, which isn’t something fair to expect of most users.

But so far, so good!

[Coincidental aside: Last month I removed the Plugin Finder Service from Firefox. So now Firefox won't even offer to install a plugin (like Flash) that you don't have installed.]


Categorieën: Mozilla-nl planet

Asa Dotzler: Firefox OS 2.0 Pre-release for Flame

Mozilla planet - vr, 17/10/2014 - 00:15

About 4,000 of y’all have a Flame Firefox OS reference phone. This is the developer phone for Firefox OS. If you’re writing apps or contributing directly to the open source Firefox OS project, Flame is the device you should have.

The Flame shipped with Firefox OS 1.3 and we’re getting close to the first major update for the device, Firefox OS 2.0. This will be a significant update with lots of new features and APIs for app developers and for Firefox OS developers. I don’t have a date to share with y’all yet, but it should be days and not weeks.

If you’re like me, you cannot wait to see the new stuff. With the Flame reference phone, you don’t have to wait. You can head over to MDN today and get a 2.0 pre-release base image, give that a whirl, and report any problems to Bugzilla. You can even flash the latest 2.1 and 2.2 nightly builds to see even further into the future.

If you don’t have a Flame yet, and you’re planning on contributing testing or coding to Firefox OS or to write apps for Firefox OS, I encourage you to get one soon. We’re going to be wrapping up sales in about 6 weeks.

Categorieën: Mozilla-nl planet

Asa Dotzler: I’m Back!

Mozilla planet - do, 16/10/2014 - 23:34

PROTIP: Don’t erase the Android phone with your blog’s two-factor authentication setup to see if you can get Firefox OS running on it unless you are *sure* you have printed out your two-factor back-up codes. Sort of thinking you probably printed them out is not the same thing as being sure :-)

Thank you to fellow Tennessean, long-time Mozillian, and WordPress employee Daryl Houston for helping me get my blog back.

Categorieën: Mozilla-nl planet

Daniel Stenberg: FOSS them students

Mozilla planet - do, 16/10/2014 - 23:01

On October 16th, I visited DSV at Stockholm University where I had the pleasure of holding a talk and discussion with students (and a few teachers) under the topic Contribute to Open Source. Around 30 persons attended.

Here are the slides I use, as usual possibly not perfectly telling stand-alone without the talk but there was no recording made and I talked in Swedish anyway…

Contribute to Open Source from Daniel Stenberg
Categorieën: Mozilla-nl planet

Julien Vehent: Mitigating Poodle SSLv3 vulnerability on a Go server

Mozilla planet - do, 16/10/2014 - 22:16

If you run a Go server that supports SSL/TLS, you should update your configuration to disable SSLv3 today. The sample code below sets the minimal accepted version to TLSv1, and reorganizes the default ciphersuite to match Mozilla's Server Side TLS guidelines.

Thank you to @jrconlin for the code cleanup!

package main

import (
    "crypto/rand"
    "crypto/tls"
    "fmt"
)

func main() {
    certificate, err := tls.LoadX509KeyPair("server.pem", "server.key")
    if err != nil {
        panic(err)
    }
    config := tls.Config{
        Certificates:             []tls.Certificate{certificate},
        MinVersion:               tls.VersionTLS10,
        PreferServerCipherSuites: true,
        CipherSuites: []uint16{
            tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
            tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
            tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
            tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
            tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
            tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
            tls.TLS_RSA_WITH_AES_128_CBC_SHA,
            tls.TLS_RSA_WITH_AES_256_CBC_SHA,
            tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
            tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA},
    }
    config.Rand = rand.Reader

    netlistener, err := tls.Listen("tcp", "127.0.0.1:50443", &config)
    if err != nil {
        panic(err)
    }
    newnetlistener := tls.NewListener(netlistener, &config)
    fmt.Println("I am listening...")
    for {
        newconn, err := newnetlistener.Accept()
        if err != nil {
            fmt.Println(err)
        }
        fmt.Printf("Got a new connection from %s. Say Hi!\n", newconn.RemoteAddr())
        newconn.Write([]byte("ohai"))
        newconn.Close()
    }
}

Run the server above with $ go run tls_server.go and test the output with cipherscan:

$ ./cipherscan 127.0.0.1:50443
........
Target: 127.0.0.1:50443

prio  ciphersuite                  protocols              pfs_keysize
1     ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2                ECDH,P-256,256bits
2     ECDHE-RSA-AES128-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
3     ECDHE-RSA-AES256-SHA         TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
4     AES128-SHA                   TLSv1,TLSv1.1,TLSv1.2
5     AES256-SHA                   TLSv1,TLSv1.1,TLSv1.2
6     ECDHE-RSA-DES-CBC3-SHA       TLSv1,TLSv1.1,TLSv1.2  ECDH,P-256,256bits
7     DES-CBC3-SHA                 TLSv1,TLSv1.1,TLSv1.2

Certificate: UNTRUSTED, 2048 bit, sha1WithRSAEncryption signature
TLS ticket lifetime hint: None
OCSP stapling: not supported
Server side cipher ordering
Categorieën: Mozilla-nl planet

When brands become media: Mozilla launches an online magazine called Open ... - Gigaom

Nieuws verzameld via Google - do, 16/10/2014 - 19:42

Gigaom

When brands become media: Mozilla launches an online magazine called Open ...
Gigaom
If you were to visit the Open Standard homepage without knowing it's from from Mozilla, you would see a fairly typical magazine-style layout with feature stories about a variety of topics, including mobile phone security and NSA leaker Edward Snowden, ...

Categorieën: Mozilla-nl planet

Software-update: Mozilla SeaMonkey 2.30 - Tweakers

Nieuws verzameld via Google - do, 16/10/2014 - 19:04

Software-update: Mozilla SeaMonkey 2.30
Tweakers
Mozilla SeaMonkey logo (75 pix) Mozilla heeft versie 2.30 van SeaMonkey uitgebracht. SeaMonkey is de voortzetting van de voormalige Mozilla Application Suite en bestaat uit een webbrowser en programma's om te e-mailen en nieuws te lezen. Er is ook ...

Categorieën: Mozilla-nl planet

Mozilla and Telefónica Partner to Simplify Voice and Video Calls on the Web

Mozilla Blog - do, 16/10/2014 - 18:44
Mozilla is extending its relationship with Telefonica by making it easier than ever to communicate on the Web. Telefónica has been an invaluable partner in helping Mozilla develop and bring Firefox OS to market with 12 devices now available in … Continue reading
Categorieën: Mozilla-nl planet

Pagina's