Mozilla Firefox

Rezaul Huque Nayeem has been involved with Mozilla since 2013. He is from Mirpur, Dhaka, Bangladesh where he is an undergraduate student of Computer science and Engineering at the Daffodil International University. He loves to travel countrywide and ... [More] hangout with friends. In his spare time, he volunteers for some social organizations. Rezaul Huque Nayeem is from Bangladesh in south Asia. Hi Nayeem! How did you discover the Web? I discovered the web when I was kid, one day (2000/2001) in my uncle’s office I heard something about Email and Yahoo. That was the first time and I learned little bit about the internet on that day. I remember that I was very amazed when I downloaded a picture. How did you hear about Mozilla? In 2012 one of my friends told me about Mozilla and its mission. He told me how to contribute in many pathways in Mozilla. How and why did you start contributing to Mozilla? I started contributing to Mozilla on 20 march, 2015 by QA Marathon Dhaka. On that day my mentor Hossain Al Ikram showed me how to contribute to Mozilla by doing QA. He teached me how to test any feature on Firefox, how to verify bugs or do triage. From that day I love doing QA. Day by day I met many awesome mozillians and was helped by them. I love to contribute with them in a global community. I also like the way Mozilla works for making better web. Have you contributed to any other Mozilla projects in any other way? I did some localization on Firefox OS and MDN. I contributed in MLS (Mozilla Location Service). I also participated in many Web Maker focused events. What’s the contribution you’re the most proud of? I feel proud to contribute to QA. By doing QA now i can find bugs and help to get them fixed. That’s why now many people can use a bug free browser. And it also teaches me how to work with a community and make me active and industrious. Please tell us more about your community. Is there anything you find particularly interesting or special about it? The community I work with is Mozilla Bangladesh QA Community, a functional community of Mozilla Bangladesh where we are focused in contributing in QA. It is the biggest QA community and growing day by day. There is about 50 + active contributors who regularly participates in Test days, Bug Verification days and Bug triage days. Last year, we verified more than 700 bugs. We have more than 10 community mentors to help contributors. In our community every member is so much friendly and helpful. It’s a very active and lovely community. What’s your best memory with your fellow community members? Every online and offline event was very exciting for me. But Firefox QA Testday, Dhaka (4.dec.2015) was the best memorable event with my community for me. It was really an awesome offline daylong event. You had worked as a Firefox Student Ambassador. Do you have any event that you want to share? I organized two events on my institutional campus, Dhaka Polytechnic Institute. One was a Webmaker event and another one was for MozillaBD Privacy Talk. Both was thrilling for me, as I was leading those events. What advice would you give to someone who is new and interested in contributing to Mozilla? I will tell him that, first you have to decide what you really want to do? If you work with a community, then please do not contribute for yourself, do it for your community. If you had one word or sentence to describe Mozilla, what would it be? Mozilla is the One who really wants to make web free for people What exciting things do you envision for you and Mozilla in the future? I envision that Mozilla will give much effort on connecting devices so that world would get some exciting gear. [Less]

Rezaul Huque Nayeem has been involved with Mozilla since 2013. He is from Mirpur, Dhaka, Bangladesh where he is an undergraduate student of Computer science and Engineering at the Daffodil International University. He loves to travel countrywide and ... [More] hangout with friends. In his spare time, he volunteers for some social organizations. Rezaul Huque Nayeem is from Bangladesh in south Asia. Hi Nayeem! How did you discover the Web? I discovered the web when I was kid, one day (2000/2001) in my uncle’s office I heard something about Email and Yahoo. That was the first time and I learned little bit about the internet on that day. I remember that I was very amazed when I downloaded a picture. How did you hear about Mozilla? In 2012 one of my friends told me about Mozilla and its mission. He told me how to contribute in many pathways in Mozilla. How and why did you start contributing to Mozilla? I started contributing to Mozilla on 20 march, 2015 by QA Marathon Dhaka. On that day my mentor Hossain Al Ikram showed me how to contribute to Mozilla by doing QA. He teached me how to test any feature on Firefox, how to verify bugs or do triage. From that day I love doing QA. Day by day I met many awesome mozillians and was helped by them. I love to contribute with them in a global community. I also like the way Mozilla works for making better web. Have you contributed to any other Mozilla projects in any other way? I did some localization on Firefox OS and MDN. I contributed in MLS (Mozilla Location Service). I also participated in many Web Maker focused events. What’s the contribution you’re the most proud of? I feel proud to contribute to QA. By doing QA now i can find bugs and help to get them fixed. That’s why now many people can use a bug free browser. And it also teaches me how to work with a community and make me active and industrious. Please tell us more about your community. Is there anything you find particularly interesting or special about it? The community I work with is Mozilla Bangladesh QA Community, a functional community of Mozilla Bangladesh where we are focused in contributing in QA. It is the biggest QA community and growing day by day. There is about 50 + active contributors who regularly participates in Test days, Bug Verification days and Bug triage days. Last year, we verified more than 700 bugs. We have more than 10 community mentors to help contributors. In our community every member is so much friendly and helpful. It’s a very active and lovely community. What’s your best memory with your fellow community members? Every online and offline event was very exciting for me. But Firefox QA Testday, Dhaka (4.dec.2015) was the best memorable event with my community for me. It was really an awesome offline daylong event. You had worked as a Firefox Student Ambassador. Do you have any event that you want to share? I organized two events on my institutional campus, Dhaka Polytechnic Institute. One was a Webmaker event and another one was for MozillaBD Privacy Talk. Both was thrilling for me, as I was leading those events. What advice would you give to someone who is new and interested in contributing to Mozilla? I will tell him that, first you have to decide what you really want to do? If you work with a community, then please do not contribute for yourself, do it for your community. If you had one word or sentence to describe Mozilla, what would it be? Mozilla is the One who really wants to make web free for people What exciting things do you envision for you and Mozilla in the future? I envision that Mozilla will give much effort on connecting devices so that world would get some exciting gear. [Less]

Jacob Hoffman-Andrews (of Let’s Encrypt): “I tried signing up for certspotter alerts for a domain and got a timeout on the signup page.” Andrew Ayer (of CertSpotter): “Oh, dear. Which domain?” Jacob Hoffman-Andrews: “hoffman-andrews.com” Andrew Ayer: ... [More] “Do you have a lot of certs for that domain?” Jacob Hoffman-Andrews: “Oh yeah, I totally do!” Andrew Ayer: “How many?” Jacob Hoffman-Andrews: “A couple of hundred thousand.” Andrew Ayer: “Yeah, that would do it…” [Less]

Celebrating Mother Language Day In Open Source Mozilla volunteer Deepak Upendra interviews in Telugu language, taken with permission of those being interviewed. (Photo by Dyvik Chenna,CC BY-SA 4.0) With a goal to reach, and listen to diverse and ... [More] authentic voices, the insights phase of our plan for a Diversity and Inclusion strategy for Participation has, so far, been an inspired journey of learning. To mark International Mother Language Day, and to celebrate the theme of building sustainable futures we wanted to share our research work for D&I at Mozilla. It became apparent very early into our research, that we needed to prioritize the opportunity for people to be interviewed in their first-languages, and together with a small and passionate team of multi-lingual interviewers we have been doing just that — so far in French, Spanish, Albanian, Hindi, Telugu, Tamil and Malayalam. With a designed process including best practices, and an FAQ — and leveraging a course we developed last year called ‘Interviewing Users for Mozilla’ we’ve been able to mobilize even beyond our core group. To better tell the story of our work, we interviewed some of our interviewers about their experiences: Liza Durón, Interviews in Spanish Liza is a Full Stack Marketer and Ethnographer from Mexico who volunteers here time at Mozilla in many areas, including as Club Captain for Mexico’s Mozilla Club. On barriers faced by non-English speakers in open communities: “People slow down their participation because they don’t fully understand English, so they don’t want to make mistakes or to be “ridiculous” if they say something wrong. Which is nonsense because we’re an open community and it is supposed that we are able to explain everyone if they need so. People tend to be frustrated at not being able to communicate themselves widely and that’s when tolerance is diminished, we judge ourselves internally and we decide to turn away from overcoming those barriers and asking for support. “ On how people can bridge the linguistic barriers in Open Source: Every task they do, document it in their first language and their in English. If we only care about doing it in Spanish, it won’t figure globally and if we only do it in English, it will only be available for more people. Kristi, Interviews in Albanian Kristi is chairwoman of Open Labs Hackerspace in Tirana, Albania, a Mozilla Tech Speaker and current Outreachy Intern at Mozilla. On why first language research is important: I have witnessed that interviews in first language People are so free to express and the results are even more real and it’s clearer to understand. On how this method of research can lead to greater D&I in communities like Mozilla: (by embedding translators in community spaces/events) More people will be included since they will feel more comfortable to be part of the community and won’t have to say : “I can not attend I don’t understand what they say and I can not speak English.” Bhagyashree Padalkar, Speaks Marathi, Interviews in Hindi Bhagyashree is a Data Scientist, actively involved with the Fedora Operations and Diversity Team and Outreachy Intern at Mozilla. She is working on both data analysis and first-language interviews with our D&I team. On biggest barriers non-English speakers face in the open source world in general, and Mozilla in particular: (Even though I am a confident English Speaker) I feel like I have to think twice before I speak up because any small mistake I make would not only make me more vulnerable to next, but also make the community members feel that I am not capable enough — or in some cases, even cloud their impressions of other Indians. On the experience of interviewing in first-language: I can definitely say that this research will help in identifying critical issues and barriers non-native English speakers face while contributing to FOSS. Overall, while conducting first language interviews, I have felt contributors able to connect more easily when speaking in their native language as this reduces their pressure a lot, makes them think a lot less about technical things like finding the right words to express themselves in English and helps the process feel more like a friendly conversation than a grilling round of interview. The results of first-language interviews are proving an important opportunity to learn more about the experience of our community, but also how to better at include non-English speakers in future. Thank you to all of our interviews, and community members taking time to talk with us. And happy Mother Language Day! Save Save Share [Less]

Understanding critical issues and barriers in FOSS for non-English speakersMozilla volunteer Dyvik Chenna (not in photo) interviews in Telugu language with note-taker Deepak Upendra, taken with permission of those being interviewed. (Photo by Dyvik ... [More] Chenna,CC BY-SA 4.0)With a goal to reach, and listen to diverse and authentic voices, the insights phase of our plan for a Diversity and Inclusion (D&I) strategy for Participation has, so far, been an inspired journey of learning. To mark International Mother Language Day, and to celebrate the theme of building sustainable futures we wanted to share our research work for D&I at Mozilla.It became apparent very early into our research, that we needed to prioritize the opportunity for people to be interviewed in their first-languages, and together with a small and passionate team of multi-lingual interviewers we have been doing just that — so far in French, Spanish, Albanian, Hindi, Telugu, Tamil and Malayalam. With a designed process including best practices, and an FAQ — and leveraging a course we developed last year called ‘Interviewing Users for Mozilla’ we’ve been able to mobilize even beyond our core group.To better tell the story of our work, we interviewed some of our interviewers about their experiences:Liza Durón, Interviews in Spanish Liza is a Full Stack Marketer and Ethnographer from Mexico who volunteers here time at Mozilla in many areas, including as Club Captain for Mexico’s Mozilla Club.On barriers faced by non-English speakers in open communities:“People slow down their participation because they don’t fully understand English, so they don’t want to make mistakes or to be “ridiculous” if they say something wrong. Which is nonsense because we’re an open community and it is supposed that we are able to explain everyone if they need so. People tend to be frustrated at not being able to communicate themselves widely and that’s when tolerance is diminished, we judge ourselves internally and we decide to turn away from overcoming those barriers and asking for support. “On how people can bridge the linguistic barriers in Open Source:Every task they do, document it in their first language and their in English. If we only care about doing it in Spanish, it won’t figure globally and if we only do it in English, it will only be available for more people.Kristi, Interviews in Albanian Kristi is chairwoman of Open Labs Hackerspace in Tirana, Albania, a Mozilla Tech Speaker and current Outreachy Intern at Mozilla.On why first language research is important:I have witnessed that interviews in first language People are so free to express and the results are even more real and it’s clearer to understand.On how this method of research can lead to greater D&I in communities like Mozilla:(by embedding translators in community spaces/events) More people will be included since they will feel more comfortable to be part of the community and won’t have to say : “I can not attend I don’t understand what they say and I can not speak English.”Bhagyashree Padalkar, Speaks Marathi, Interviews in Hindi Bhagyashree is a Data Scientist, actively involved with the Fedora Operations and Diversity Team and Outreachy Intern at Mozilla. She is working on both data analysis and first-language interviews with our D&I team.On biggest barriers non-English speakers face in the open source world in general, and Mozilla in particular:(Even though I am a confident English Speaker) I feel like I have to think twice before I speak up because any small mistake I make would not only make me more vulnerable to next, but also make the community members feel that I am not capable enough — or in some cases, even cloud their impressions of other Indians.On the experience of interviewing in first-language:I can definitely say that this research will help in identifying critical issues and barriers non-native English speakers face while contributing to FOSS. Overall, while conducting first language interviews, I have felt contributors able to connect more easily when speaking in their native language as this reduces their pressure a lot, makes them think a lot less about technical things like finding the right words to express themselves in English and helps the process feel more like a friendly conversation than a grilling round of interview.The results of first-language interviews are proving an important opportunity to learn more about the experience of our community, but also how to better at include non-English speakers in future. Thank you to all of our interviewers, and community members for taking time to talk with us. And happy Mother Language Day!Celebrating Mother Language Day In Open Source was originally published in Mozilla Open Innovation on Medium, where people are continuing the conversation by highlighting and responding to this story. [Less]

It’s that time again when I get to announce a new Firefox/Toolkit peer. Shane has been involved with Mozilla for longer than I can remember and recently he has been doing fine work on webextensions including the new sidebar API. As usual we probably ... [More] should have made Shane a peer sooner so this is a case of better late than never. I took a moment to tell Shane what I expect of all my peers: Respond to review requests promptly. If you can’t then work with the patch author or me to find an alternate reviewer. Only review things you’re comfortable with. Firefox and Toolkit is a massive chunk of code and I don’t expect any of the peers to know it all. If a patch is outside your area then again work with the author or me to find an alternate reviewer. Please congratulate Shane in the usual way, by sending him lots of patches to review! [Less]

It’s been a while. How are you? Modernize infrastructure: We finally closed the 9-year-old bug requesting that we redirect all HTTP traffic to hg.mozilla.org to HTTPS! Many thanks to everyone who helped ensure that automation and other tools ... [More] continued to work normally. Not every day you get to close bugs that are older than my kids. https://bugzilla.mozilla.org/show_bug.cgi?id=450645 The new TreeStatus page (https://mozilla-releng.net/treestatus) was finally released by garbas with a proxy in place of old url. Improve Release Pipeline: Initial work on Uplift dashboard has been done by bastien and released to production by garbas. https://shipit.mozilla-releng.net/release-dashboard Releng had a workweek in Toronto to plan how release promotion will work in a TaskCluster world. With the uplift for Firefox 52 rapidly approaching (see Release below), we came up with a multi-phase plan that should allow us to release the Linux and Android versions of Firefox 52 from TaskCluster, with the Mac and Windows versions still being created by buildbot. Improve CI Pipeline: Alin and Sebastian disabled Windows 10 tests on our CI. Windows 10 tests will be reappearing later this year once we move datacentres and acquire new hardware to support them. https://bugzilla.mozilla.org/show_bug.cgi?id=1330999 Andrei and Relops converted some Windows talos machines to run Linux64 to reduce wait times on this platform. https://bugzilla.mozilla.org/show_bug.cgi?id=1337452 There are some upcoming deadlines involving datacentre moves that, while not currently looming, are definitely focusing our efforts in the TaskCluster migration. As part of the aforementioned workweek, we targeted the next platform that needs to migrate, Mac OS X. We are currently breaking out the packaging and signing steps for Mac so that they can be done on Linux. That work can then be re-used for l10n repacks *and* release promotion. Operational: Since most of our Linux64 builds and tests have migrated to TaskCluster, Alin was able to shut down many of our Linux buildbot masters. This will reduce our monthly AWS bill and the complexity of our operational environment. https://bugzilla.mozilla.org/show_bug.cgi?id=1335435 Hal ran our first “hard close” Tree Closing Window (TCW) in quite a while on Saturday, February 11 (https://bugzilla.mozilla.org/show_bug.cgi?id=1324148). It ran about an hour longer than planned due to some strange interactions deep in the back end, which is why it was a “hard close.” The issue may be related to occasional “database glitches” we have seen in the past. This time IT got some data, and have raised a case with our load balancer vendor. Release: We are deep in the beta cycle for Firefox 52, with beta 8 coming out this week. Firefox 52 is an important milestone release because it signals the start of another ESR cycle. See you again soon! [Less]

For the past several months, the U.S. Copyright Office has been collecting comments on a part of the Digital Millennium Copyright Act (DMCA), specifically related to intermediary liability and safe harbors. Under the current law, internet companies ... [More] – think, for example, of Facebook, or Reddit, or Wikimedia – are able to offer their services without legal exposure if a user uploads content in violation of copyright law, as long as they follow proper takedown procedures upon being informed of the action. Last year, we filed comments in the first round of this proceeding, and today, we have made a second submission in response to the Copyright Office’s request for additional input. Across our filings and other engagement on this issue, we identify major concerns with some of the proposals being considered – changes that would greatly harm content creators, the public and intermediaries. Some of the proposals seem to be more about manipulating copyright law to achieve another agenda, these filings need to be rejected. Mandating content blocking technology is a bad idea – bad for users, bad for businesses, and not effective at addressing the problem of copyright infringement. We’re fighting this issue not only in the United States, but also in Europe, because it goes against the letter and the spirit of copyright law, and poses immense risk to the internet’s benefits for social and economic activity. Separately, we believe automated systems, currently in place on sites such as YouTube, are very ineffective at assessing fair use and copyright infringement, as they can’t consider context. We are making suggestions to ease or eliminate the burden of those automated systems on those acting within the law. Ultimately, to achieve its constitutional purpose and deliver ultimate benefit for people and for the internet, copyright practice must recognize that members of the general public are no longer just consumers, but creators. Copyright issues relating to creator’s artistic inputs are often far more important than any copyright interest in their creative output. The greatest risk of tinkering with the safe harbor setup today is interfering with the fulfillment of the public’s desire to create, remix and share content. In contrast, recognizing and protecting that interest creates the greatest opportunity for positive policy change. We continue to be optimistic about the possibility of seeing such change at the end of this consultation process.   [Less]

As mentioned previously here on my blog, my FOSDEM 2017 talk ended up opening up the code for my own OAuth2 login server which I created following my earlier post on the login systems question. The video from the talk is now online at the details ... [More] page of the talk (including downloadable versions if you want them), my slides are available as well. The gist of it is that I found out that using a standard authentication protocol in my website/CMS systems instead of storing passwords with the websites is a good idea, but I also didn't want to report who is logging into which website at what point to a third party that I don't completely trust privacy-wise (like Facebook or Google). My way to deal with that was to operate my own OAuth2 login server, preferably with open code that I can understand myself. As the language I know best is PHP (and I can write pretty clean and good quality code in that language), I looked for existing solutions there but couldn't find a finished one that I could just install, adapt branding-wise and operate. I found a good library for OAuth2 (and by extension OpenID Connect) in oauth2-server-php, but the management of actual login processes and creating the various end points that call the library still had to be added, and so I set out to do just that. For storing passwords, I investigated what solutions would be good and in the end settled for using PHP's builtin password_hash function including its auto-upgrade-on-login functionalities, right now that means using bcrypt (which is decent but not fully ideal), with PHP 7.2, it will move to Argon2 (which is probably the best available option right now). That said, I wrote some code to add an on-disk random value to the passwords so that hacking the database alone will be insufficient for an offline brute-force attack on the hashes. In general, I tried to use a lot of advice from Mozilla's secure coding guidelines for websites, and also made sure my server passes with A+ score on Mozilla Observatory as well as SSL Labs, and put the changes for that in the code as much as possible, or example server configurations in the repository otherwise, so that other installations can profit from this as well. For sending emails and building up HTML as DOM doucuments, I'm using helper classes from my own php-utility-classes and for some of the database access, esp. schema upgrades, I ended up including doctrine DBAL. Optionally, the code is there to monitor traffic via Piwik. The code for all this is now available at https://github.com/KaiRo-at/authserver. It should be relatively easy to install on a Linux system with Apache and MySQL - other web servers and databases should not be hard to add but are untested so far. The main README has some rudimentary documentation, but help is needed to improve on that. Also, all testing is done by trying logins with the two OAuth2 implementations I have done in my own projects, I need help in getting a real test suite set up for the system. Right now, all the system supports is the OAuth2 "Authorization Code" flow, it would be great to extend it to support OIDC as well, which php-server-php can handle but the support code for it needs to be written. Branding can easily be adapted for the operator running the service via the skin support (my own branding on my installation builds on that as well), and right now US English and German are supported by the service but more can easily be added if someone contributes them. And last but not least, it's all under the MPL2 license, which I hope enables people easily to contribute - I hope including yourself! [Less]

Hello Mozillians! As you may already know, last Friday – February 17th – we held a new Testday event, for Firefox 52 Beta 7. Thank you all for helping us making Mozilla a better place – P.Avinash Sharma, Vuyisile Ndlovu, Athira Ananth, Ilse Macías ... [More] and Iryna Thompson, Surentharan R.A., Subash.M, vinothini.k, R.krithika sowbarnika, Dhinesh Kumar, Fahima Zulfath A, Nagaraj.V, A.Kavipriya, Rajesh, varun tiwari, Pavithra.R, Vishnu Priya, Paarttipaabhalaji, Kavya, Sankararaman and Baranitharan. From Bangladesh team: Nazir Ahmed Sabbir, Maruf Rahman, Md.Majedul islam, Md. Raihan Ali, Sabrina joadder silva, Afia Anjum Preety, Rezwana Islam Ria, Rayhan, Md. Mujtaba Asif, Anmona Mamun Monisha, Wasik Ahmed, Sajedul Islam, Forhad Hossain, Asif Mahmud Rony, Md Rakibul Islam. Results: – several test cases executed for the Graphics. – 5 bugs verified: 637311, 1111599, 1311096, 1292629, 1215856. – 2 new bugs filed: 1298395, 1340883. Again thanks for another successful testday We hope to see you all in our next events, all the details will be posted on QMO!   [Less]