This blog has moved

You can find my new blog on github. Still rough around the edges, but I’m planning to improve this as I go.

The Gecko monoculture

I remember a time, not so very long ago, when Gecko powered 4 or 5 non-Mozilla browsers, some of them on exotic platforms, as well as GPS devices, wysiwyg editors, geographic platforms, email clients, image editors, eBook readers, documentation browsers, the UX of virus scanners, etc, as well as a host of innovative and exotic add-ons. In these days, Gecko was considered, among other things, one of the best cross-platform development toolkits available.

The year is now 2016 and, if you look around, you’ll be hard-pressed to find Gecko used outside of Firefoxen (alright, and Thunderbird and Bluegriffon). Did Google or Apple or Microsoft do that? Not at all. I don’t know how many in the Mozilla community remember this, but this was part of a Mozilla strategy. In this post, I’d like to discuss this strategy, its rationale, and the lessons that we may draw from it.

« Read the rest of this entry »

Dreaming the Internet of Things

One of these days, using the Cloud of OpaqueCompany ™, I will be able to set the colour of my lightbulbs by talking to my TV. Somewhere along the way, my house will become a little bit more energy hungry and a little bit more dependent on the Cloud of OpaqueCompany(tm) . That’s the promise of the Internet of Things. Isn’t that neat? Isn’t that exciting?

Not really. At least, not for me. But, for some reason, whenever I read about that Internet of Things, it is about expensive gadgets that, to me, sounds like Christmas commercials:  marginally useful, designed by marketers for spoilt westerners to be consumed then forgotten before the next Christmas shopping spree.

But this doesn’t have to be.

---

I have spent a little time scratching the surface and trying to determine whether there was something more to this Internet of Things, beside the shopping list. I came back convinced that, once you forget the marketing, this Internet of Things can become a revolution as big as the Personal Computer or the World Wide Web – at least if we let it fall into the right hands.

Say you are the owner or manager of a small commerce, say a restaurant. Chances are that you need a burglar alarm, either because you fear that you are going to be burglarised, or because your insurance requires one. You have two solutions. Either you go to a store and buy some off-the-shelf product, or you contract a company, draw a list of requirements and pay for a custom setup. In either case, you are a consumer, and you are stuck with what you paid for. But needs change. Perhaps the insurance policies now requires you to have an alarm that can call the police automatically. Perhaps neighbours complained about the noise of the alarm and you need to turn it into a silent alarm that rings your cellphone. Perhaps the insurance has changed their policy and now requires you to take pictures of the burglary. Perhaps you have had work done and the small window in the bathroom is now large enough that it could be used to break in. Or water damage has destroyed one of your sensors and you need to replace it, but the model doesn’t exist anymore. Or you are tired of triggering the alarm when you take out the garbage and need to refine the policy. Of your product was linked to a subscription, to call the police on your behalf, but the provider has stopped this service. In any of these cases, you are probably stuck. Because your needs have made you a consumer and you are served only as long as there is a market for your specific need.

Now, consider an alternate universe, in which you just need to walk or drive to the nearest store, buy a few off-the-shelf motion detectors, for the price of a few dollars and simply attach them in your restaurant, where you see fit. They use open standards, so you can install an app to get them to work together, or even better, use your cellphone to script them visually into doing what you need. Do you need to add one or ten, or replace them with different models, or add door-lock sensors? It’s just as easy. Do you need to add a camera? Well, place it and use your cellphone to add that camera to your script. Use your cellphone again and customise the effect, to call the police, or ring your cellphone, or deactivate a single alarm between 11pm and 11.30pm, because that’s when you take out the trash. And if your product is linked to a subscription, because it uses open standards, you can switch provider as needed. In this universe, the Internet of Things has put you in control – not a Cloud, not a silo – and drastically cut your costs and your dependencies.

A few months ago, Mozilla has started pivoting from SmartPhones to the Web of Things – that’s the name we give to Internet of Things done right, with open standards, you in charge, rather than silos and Opaque Cloud ™. I can make no promise that we are going to succeed, but I believe in the huge potential of this Web of Things.

By the way, it doesn’t stop at restaurants. The exact same open standards can help you guard against fires in your house or humidity in your server room. Or crowdsourcing flood detection in cities exposed to flash floods or automating experiments in a physics lab. Or watching your heartbeat or listening to your snores. Or determining which part of the village farm needs to be irrigated in priority or which part of the sewers need most attention.

Some of these problems already have commercial solutions. But what about your next problem, the one that hasn’t attracted the attention of any company large enough to produce devices specifically for you?

Here is to the Web of Things. Let’s make sure that it falls into the right hands.

Daech expliqué à moi-même

Comme toute la France, j’essaye encore de comprendre ce qui s’est passé le 13 novembre. Non pas qu’il s’agisse d’une réelle surprise, mais quand même. Contrairement à quelques charlatans à la mode, je ne prétendrai pas avoir réussi à comprendre, mais voici quelques notes que j’ai prises au fur et à mesure de mes lectures et réflexions.

Daech et le cynisme

• Daech est initialement une organisation irakienne. Les cadres de Daech sont des anciens cadres Baasistes, c’est-à-dire des hommes de main du régime de Saddam Hussein (source : Courrier International, numéro spécial, 19 novembre 2015).
• De mémoire, le régime de Saddam Hussein était très occidentalisé, plus ou moins fasciste et totalement laïc. Il n’a cessé d’être allié avec les USA que lorsqu’il a envahi le Koweït, pour des raisons purement économiques et stratégiques.
• Les frontières revendiquées par Daech coïncident avec les puits de pétrole de la région beaucoup plus qu’avec les lieux saints.
  • Ce qui précède me fait réfléchir. Les cadres de Daech sont-ils vraiment des islamistes ou l’Islam n’est-il pour eux qu’un outil de pouvoir ?
• Au moins en Syrie, Daech recrute presque uniquement des étrangers. Apparemment, Daech n’arrive pas à recruter les populations locales. Apparemment, les étrangers sont aussi plus faciles à contrôler, puisqu’ils sont coupés de leur famille et de leurs proches et qu’ils ont du mal à retourner chez eux (source : CI).
• En Syrie et en Irak, Daech est en guerre contre tout le monde, qu’il s’agisse de groupes non-religieux (le régime de Bachar el Assad, l’Armée Syrienne Libre, les Unités de Protection du Peuple, la Coalition Arabe Syrienne), chrétiens (le Conseil Militaire Syriaque) ou islamistes (le Hezbollah, le Front Islamique, l’Ansar el-Charia – proche d’Al-Qaïda). Contrairement à Daech, ces groupes sont constitués essentiellement de populations locales.
• Daech semble gérer ses territoires comme des territoires occupés, avec une police d’occupation, des collaborateurs, etc. (source : New York Times).
  • Vu comme cela, et vu de loin, je trouve que Daech ressemble plus à une force extérieure, qui vise à imposer une idéologie importée, à piller les ressources naturelles et historiques, sans compter l’esclavage. Bref, j’aurais tendance à décrire Daech comme une forme de colonialisme.

Daech et ses voisins

• Daech se présente comme la rébellion contre le régime Syrien de Bachar el Assad. Comme mentionné plus haut, Daech est en fait en guerre contre tout le monde, à commencer par les autres rebelles (source : Wikipedia).
• Le régime de Bachar el Assad combat les autres groupes rebelles de toutes ses forces, mais aurait jusqu’ici plutôt laissé Daech tranquille, car Daech est un ennemi utile : il pratique et encourage la torture et le viol, la violence aveugle contre les populations civiles, la destruction de monuments historiques, le terrorisme contre les régimes occidentaux, et fait tout son possible pour que le monde entier soit au courant. En termes de communication, Daech est donc ce qui est arrivé de mieux au régime depuis que Bachar el Assad est au pouvoir. (source : Je n’arrive plus à retrouver)
• En ce moment, l’ennemi militaire principal de Daech est le YPG (Unités de Protection du Peuple), constituées essentiellement de populations locales kurdes. Traditionnellement, les Kurdes sont plutôt musulmans, mais le YPG de gauche, affirme l’égalité hommes-femmes, et propose un régime démocratique fédéral et laïc.
• Si le YPG gagne, les Kurdes auront certainement un pays indépendant, et réclameront certainement le rattachement du Kurdistan Turc. La Turquie, qui est pourtant alliée avec Israël contre le régime de Bachar el Assad, lutte donc contre le YPG.
• Le YPG est allié contre Daech avec le Conseil Militaire Syriaque (populations locales chrétiennes, dont certaines ont été récemment chassées de Turquie), la Coalition Arabe Syrienne (populations locales arabes) et la Brigade Internationale de Libération.
• Daech considère qu’il faut détruire totalement la population yézidi (kurdes), car elle pratique une religion pré-islamique ou hétérodoxe islamique (selon les sources). Apparemment, la torture et l’esclavage sexuel sont une manière acceptable de détruire les yézidi. (source : propagande Daech).

Daech et le monde

• Le régime Iranien considère Daech comme un ennemi, créé de toutes pièces par l’Occident pour lutter contre le régime Syrien (source : CI).
• Al-Qaïda, organisation qui prône pourtant un califat, rejette Daech (source : Le Monde)
• Les Frères Musulmans, qu’on ne peut accuser ni, d’être laïcs ni d’être pacifistes, décrivent Daech comme “Un groupe connu par ses atrocités”.
• Le Grand Mufti d’Arabie Saoudite décrit Daech comme “l’ennemi numéro 1 de l’Islam” (source : Libération).
• Une douzaine de groupes Jihadistes à travers le monde se seraient ralliés à Daech (source : Wikipedia).
• Apparemment, les imams de France considèrent l’Islam de Daech non pas comme une interprétation extrémiste de l’Islam, mais plutôt comme une religion totalement distincte (source : des gens qui fréquentent des mosquées).
• La seule intervention de Daech dans le conflit Israélo-Palestinien a consisté à attaquer le Hamas et le Jihad Islamique Palestinien, bref des musulmans (source : ma mémoire, confirmée par Wikipedia).
• À ma connaissance, aucune intervention de Daech dans le monde n’a visé à protéger ou aider des musulmans locaux  (source : ma mémoire, confirmée par Wikipedia).

Daech et le recrutement

• Au moins en France, les recruteurs de Daech ont pour instructions d’éviter les mosquées. Apparemment, leur interprétation du Coran est en contradiction totale avec les interprétations modernes, et n’importe quel imam est capable de le démontrer aux fidèles. En plus de cela, la plupart des imams français sont républicains, et risqueraient d’appeler immédiatement la police (source : je n’arrive pas à retrouver).
• Daech contrôle les images qui sortent de son territoire. Daech est le seul régime qui a tendance à exagérer ses propres exactions et à en faire un argument de recrutement. (source : CI)
  • Mon intuition est que Daech cherche à surfer sur des fantasmes de violence dans le style des jeux vidéos et des productions hollywoodiennes.

Conclusions

Pas de conclusions pour le moment. Je revisiterai ce billet si j’en atteins.

En attendant, méfions-nous des charlatans.

Designing the Firefox Performance Monitor (2): Monitoring Add-ons and Webpages

In part 1, we discussed the design of time measurement within the Firefox Performance Monitor. Despite the intuition, the Performance Monitor had neither the same set of objectives as the Gecko Profiler, nor the same set of constraints, and we ended up picking a design that was not a sampling profiler. In particular, instead of capturing performance data on stacks, the Monitor captures performance data on Groups, a notion that we have not discussed yet. In this part, we will focus on bridging the gap between our low-level instrumentation and actual add-ons and webpages, as may be seen by the user.

« Read the rest of this entry »

Designing the Firefox Performance Stats Monitor, part 1: Measuring time without killing battery or performance

For a few versions, Firefox Nightly has been monitoring the performance of add-ons, thanks to the Performance Stats API. While we are waiting for the greenlight to let it graduate to Firefox Aurora, as well as investigating a few lingering false-positives, and while v2 is approaching steadily, it is time for a brain dump on this toolbox and its design.

The initial objective of this monitor is to be able to flag both add-ons and webpages that cause noticeable slowdowns, so as to let users disable/close whatever is making their use of Firefox miserable. We also envision more advanced uses that could let us find out if features of webpages cause slowdowns on specific OS/hardware combinations.

« Read the rest of this entry »

What have I done since last July?

School year 2014-2015 is ending. It’s time for a brief report.

« Read the rest of this entry »

Living in a Go Faster, post-XUL world

A long time ago, XUL was an extraordinary component of Firefox. It meant that front-end and add-on developers could deliver user interfaces in a single, mostly-declarative, language, and see them adapt automatically to the look and feel of each OS. Ten years later, XUL has become a burden: most of its features have been ported to HTML5, often with slightly different semantics – which makes Gecko needlessly complex – and nobody understands XUL – which makes contributions harder than they should be. So, we have reached a stage at which we basically agree that, in a not-too-distant future, Firefox should not rely upon XUL anymore.

But wait, it’s not the only thing that needs to change. We also want to support piecewise updates for Firefox. We want Firefox to start fast. We want the UI to remain responsive. We want to keep supporting add-ons. Oh, and we want contributors, too. And we don’t want to lose internationalization.

Mmmh… and perhaps we don’t want to restart Firefox from bare Gecko.

All of the above are worthy objectives, but getting them all will require some careful thought.

So I’d like to put together a list of all our requirements, against which we could evaluate potential solutions, re-architectures, etc. for the front-end:

High-level

• Get rid of the deprecated (XUL) bits of Gecko in a finite time.
• Don’t break Firefox [1].

User-oriented goals

• Firefox should start fast.
• The UI should not suffer from jank.
• The UI should not cause jank.
• Look and feel like a native app, even with add-ons.
• Keep supporting internationalization.
• Keep supporting lightweight themes.
• Keep supporting acccessibility.

Contributor/dev-oriented goals

• Use technologies that the world understands.
• Use technologies that are useful to add-on authors.
• Support piece-wise, restart-less front-end updates.
• Provide an add-ons API that won’t break.
• Code most of the front-end with the add-ons API.

[1] I have heard this claim contested. Some apparently suggest that we should actually break Firefox and base all our XUL-less, Go Faster initiatives on a clean slate from e.g. Browser.html or Servo. If you wish to defend this, please step forward 🙂

Does this sound like a correct list for all of you?

Re-dreaming Firefox (3): Identities

Gerv’s recent post on the Jeeves Test got me thinking of the Firefox of my dreams. So I decided to write down a few ideas on how I would like to experience the web. Today: Identities. Let me emphasise that the features described in this blog post do not exist.

Sacha has a Facebook account, plus two Gmail accounts and one Microsoft Live identity. Sacha is also present on Twitter, both with a personal account, and as the current owner of his company’s account. Sacha also has an account on his bank, another one on Paypal, and one on Amazon. With any browser other than Firefox, Sacha’s online life would be a bit complicated.

For one thing, Sacha is logged to several of these accounts most of the time. Sacha has been told that this makes him easy to track, not just when he’s on Facebook, but also when he visits blogs, or news sites, or even shopping sites, but really, who has time to log off from any account? With any other browser, or with an older version of Firefox, Sacha would have no online privacy. Fortunately, Sacha is using Firefox, which has grown pretty good at handling identities.

Indeed, Firefox knows the difference between Facebook’s (and Google’s, etc.) main sites, for which Sacha may need to be logged, and the tracking devices installed on other sites through ads, or through the Like button (and Google +1, etc.), which are pure nuisances. So, even when Sacha is logged on Facebook, his identity remains hidden from the tracking devices. To put it differently, Sacha is logged to Facebook only on Facebook tabs, and only while he’s using Facebook in these tabs. And since Sacha has two GMail accounts, his logging on each account doesn’t interact with the other account. This feature is good not only for privacy, but also for security, as it considerably mitigates the danger of Cross-Site Scripting attacks. Conversely, if a third-party website uses Facebook as an identity provider, Firefox can detect this automatically, and handle the log-in.

Privacy doesn’t stop there. Firefox has a database of Terms of Service for most websites. Whenever Firefox detects that Sacha is entering his e-mail address, or his phone number, or his physical address, Firefox can tell Sacha if he’s signing up for spam or telemarketing – and take measures to avoid it. If Sacha is signing up for spam, Firefox can automatically create an e-mail alias specific to this website, valid either for a few days, or forever. If Sacha has a provider of phone aliases, Firefox can similarly create a phone alias specific to the website, valid either for a few days, or forever. Similarly, if Sacha’s bank offers temporary credit card numbers, Firefox can automatically create a single-transaction credit card number.

Firefox offers an Identity Panel (if we release this feature, it will, of course, be called Persona) that lets Sacha find out exactly which site is linked to which identity, and grant or revoke authorizations to log-in automatically when visiting such sites, as well as log in or out from a single place. In effect, this behaves as a Internet-wide Single Sign On across identities. With a little help, Firefox can even be taught about lesser known identity providers, such as Sacha’s company’s Single Sign On, and handle them from the same panel. That Identity Panel also keeps track of e-mail aliases, and can be used to revoke spam- and telemarketing-inducing aliases in just two clicks.

Also, security has improved a lot. Firefox can automatically generate strong passwords – it even has a database of sites which accept accept passphrases, or are restricted to 8 characters, etc. Firefox can also detect when Sacha uses the same password on two unrelated sites, and explain him why this is a bad idea. Since Firefox can safely and securely share passwords with other devices and back them up into the cloud, or to encrypted QR Codes that Sacha can safely keep in his wallet, Sacha doesn’t even need to see passwords. Since Firefox handles the passwords, it can download every day a list of websites that are known to have been hacked, and use it to change passwords semi-automatically if necessary.

Security doesn’t stop there. The Identity Panel knows not only about passwords and identity providers, but also about the kind of information that Sacha has provided to each website. This includes Sacha’s e-mail address and physical address, Sacha’s phone number, and also Sacha’s credit card number. So when Firefox finds out that a website to which Sacha subscribes has been hacked, Sacha is informed immediately of the risks. This extends to less material information, such as Sacha’s personal blog of vacation pictures, which Sacha needs to check immediately to find out whether they have been defaced.

What now?

I would like to browse with this Firefox. Would you?

Re-dreaming Firefox (2): Beyond Bookmarks

Gerv’s recent post on the Jeeves Test got me thinking of the Firefox of my dreams. So I decided to write down a few ideas on how I would like to experience the web. Today: Beyond Bookmarks. Let me emphasize that the features described in this blog post do not exist.

« Look, here is an interesting website. I want to read that content (or watch that video, or play that game), just not immediately. » So, what am I going to do to remember that I wish to read it later:

1. Bookmark it?
2. Save it to disk?
3. Pocket it?
4. Remember that I saw it and find it in my history later?
5. Remember that I saw it and find it in my Awesome Bar later?
6. Hope that it shows up in the New Tab page?
7. Open a tab?
8. Install the Open Web App for that website?
9. Open a tab and put that tab in a tab group?

Wow, that’s 9 ways of fulfilling the same task. Having so many ways of doing the same thing is not a very good sign, so let’s see if we can find a way to unify a few of these abstractions into something more generic and powerful.

Bookmarking is saving is reading later

What are the differences between Bookmarking and Saving?

1. Bookmarking keeps a URL, while Saving keeps a snapshot.
2. Bookmarks can be used only from within the browser, while Saved files can be used only from without.

Merging these two features is actually quite easy. Let’s introduce a new button, the Awesome Bookmarks which will serve as a replacement for both the Bookmark button and Save As.

• Clicking on the Awesome Bookmarks icon saves both the URL to the internal database and a snapshot to the Downloads directory (also accessible through the Downloads menu).
• Opening an Awesome Bookmark, whether from the browser or from the OS both lead the user to (by default) the live version of the page, or (if the computer is not connected) to the snapshot.
• Whenever visiting a page that has an Awesome Bookmark, the Awesome Bookmark icon changes color to offer the user the ability to switch between the live version or the snapshot.
• The same page can be Awesome Bookmarked several times, offering the ability to switch between several snapshots.

By switching to Awesome Bookmarks, we have merged Saving, Bookmarking and the Read it Later list of Pocket. Actually, since Firefox already offers Sync and Social Sharing, we have just merged all the features of Pocket.

So we have removed collapsed items from our list into one.

Bookmarks are history are tiles

What are the differences between Bookmarks and History?

1. History is recorded automatically, while Bookmarks need to be recorded manually.
2. History is eventually forgotten, while Bookmarks are not.
3. Bookmarks can be put in folders, History cannot.

Let’s keep doing almost that, but without segregating the views. Let us introduce a new view, the Awesome Pages, which will serve as a replacement for both Bookmarks Menu and the History Menu.

This view shows a grid of thumbnails of visited pages, iOS/Android/Firefox OS style.

• first the pages visited most often during the past few hours (with the option of scrolling for all the pages visited during the past few hours);
• then the Awesome Bookmarks (because, after all, the user has decided to mark these pages)/Awesome Bookmarks folders (with the option of scrolling for more favourites);
• then, if the user has opted in for suggestions, a set of Awesome Suggested Tiles (with the option of scrolling for more suggestions);
• then the pages visited the most often today (with the option of scrolling for the other pages visited today);
• then the pages visited most often this week (with the option of scrolling for the other pages visited this week);
• …

By default, clicking on an Awesome Bookmark (or history entry, or suggested page, etc.) for a page that is already opened switches to that page. Non-bookmarked pages can be turned into Awesome Bookmarks trivially, by starring them or putting them into folders.

An Awesome Bar at the top of this Awesome Pages lets users quickly search for pages and folders. This is the same Awesome Bar that is already at the top of tabs in today’s Firefox, just with the full-screen Awesome Pages replacing the current drop-down menu.

Oh, and by the way, this Awesome Pages is actually our new New Tab page.

By switching to the Awesome Pages, we have merged:

• the history menu;
• the bookmarks menu;
• the new tab page;
• the awesome bar.

Bookmarks are tabs are apps

What are the differences between Bookmarks and Tabs?

1. Clicking on a bookmark opens the page by loading it, while clicking on a tab opens the page by switching to it.

That’s not much of a difference, is it?

So let’s make a few more changes to our UX:

• Awesome Bookmarks record the state of the page, in the style of Session Restore, so clicking on an Awesome Bookmark actually restores that page, whenever possible, instead of reloading it;
• The ribbon on top of the browser, which traditionally contains tabs, is actually a simplified display of the Awesome Pages, which shows, by default, the pages most often visited during the past few hours;
• Whether clicking on a ribbon item switches to a page or restores it is an implementation detail, which depends on whether the browser has decided that unloading a page was a good idea for memory/CPU/battery usage;
• Replace Panorama with the Awesome Page, without further change.

So, with a little imagination (and, I’ll admit, a little hand-waving), we have merged tabs and bookmarks. Interestingly, we have done that by moving to an Apps-like model, in which whether an application is loaded or not is for the OS to decide, rather than the user.

By the way, what are the differences between Tabs and Open Web Apps?

1. Apps can be killed by the OS, while Tabs cannot.
2. Apps are visible to the OS, while Tabs appear in the browser only.

Well, if we decide that Apps are just Bookmarks, since Bookmarks have been made visible to the OS in section 1., and since Bookmarks have just been merged with Tabs which have just been made killable by the browser, we have our Apps model.

We have just removed three more items from our list.

What’s left?

We are down to one higher-level abstraction (the Awesome Bookmark) and one view of it (the Awesome Page). Of course, if this is eventually released, we are certainly going to call both Persona.

This new Firefox is quite different from today’s Firefox. Actually, it looks much more like Firefox OS, which may be a good thing. While I realize that many of the details are handwavy (e.g. how do you open the same page twice simultaneously?), I believe that someone smarter than me can do great things with this preliminary exploration.

I would like to try that Firefox. Would you?