Thursday, August 6, 2015

A FirefoxOS powered internet of things

I've been meaning to write this post for a long time now. It is about the topic of a series of talks I gave at the beginning of the summer. The last one was at #devtalks was also recorded so you can enjoy it here + slides.

A few days ago, one of my favourite kickstarter projects, Matchstick, announced that they were unable to complete the project, and refunding everyone's pledges. I am very saddened by this decision, considering this was a
project I really believed in. The founders suggest that this occurred because it was unable to implement DRM in time for a release. Why they couldn't ship it without DRM and update it later, or just forget the DRM and deliver what they promised is a question they haven't answered. This of course hasn't stopped Panasonic from launching their FirefoxOS powered TV.

However, this post isn't about DRM, or about Matchstick. It's about the potential of Firefox OS powered devices.

Firefox OS has had a bumpy ride during the past few years. It only started as a concept in 2011, so you could say it's still pretty early for the project. The first version of the OS came out in 2013, but in the mobile industry 2 years is a lifetime (the lifetime of your average phone at least).

As both user and developer, my impression of Firefox OS phones is that they're pretty nice. They're not missing any relevant features, performance is quite good, and its hackability is amazing. The only reason everyone is not using it is that almost everyone is using something else. Inertia is very difficult to overcome.

Still, hackability is an immensely powerful feature, and it makes Firefox OS great for prototyping new devices. That prototyping can turn into a marketable device very easily, and it allows you to quickly ship new features on top of an existing platform.

This is where JanOS - the main topic in my talks - comes in. It's a Firefox OS distro, with no apps. The entire app management that Firefox OS does is a burden for you when you want to have full control of the device. So what Jan OS gives you is a system app, with all of the permissions, none of the restrictions, and a blank canvas on which to implement whatever functionality you want.

A few weeks ago I had the great opportunity of meeting the man behind JanOS, +Jan Jongboom, at a recent Mozilla meeting. You can watch his talk about the project here.

On top of freeing you from all of the restrictions imposed by the operating system (app permissions, resource management), JanOS also provides some cool APIs you might like in some circumstances, such as raw access to the filesystem, or executing binary applications (non-JavaScript) using a JS API. What more could you want?

I am curious to see how many devices running Firefox OS come out in the following years. But I'm more interested in what people can do with it. It's awesome for wearable devices, things with a limited amount of RAM, things with sensors that you feel should be webby. It's awesome for building a surveillance camera, or a phone answering machine, or a GPS tracker using an old phone you just had lying around.

I am also excited about Google's Weave protocol (part of project Brillo). It's essentially a JSON based protocol you can use to communicate between IoT devices. The project is just getting started, but the fact that it's webby is really great. Only good things can come of that. And it means that you can use Firefox OS to build devices that play together well with Google's ecosystem.

There's a lot to be said about IoT, Firefox OS, JanOS and everything else in that group, but words are cheap. I've been meaning for a while to build an answering machine/call forwarder, but hadn't had the time to. I'll try to do so in the next 2 months and put the code on github. That should be fun!

Saturday, May 23, 2015

DevTools, Firefox OS and wearable devices

Recently, I had the opportunity to give talks at two amazing events. I will try to summarize the experience, as well as share the same content here.

The first event was Mobile:Next, where I had a bunch of fun. For some reason, my laptop wouldn't work with the projector there, so I had to use some other laptop. It was both good and bad. For one, I was able to setup everything I needed to give a technical demo, in just 10 minutes. That really shows you the ease with which you can get into developing for Firefox OS.
The atmosphere was really really nice. People were quite friendly, and I feel I managed to get my point across to all people.

The most recent event was at BucharestJS. Given that these people were either JS developers, or people interested in JS, it felt like preaching to the choir. These people did JS better than I ever could, and still I was able to show them a bunch of new things about DevTools and even JavaScript ( most of them didn't know about ASM.js ) Here too I had a bit of a hiccup with the demo, where the Firefox OS Simulator failed to load. (My fault. Apparently I can't use it on release Firefox, after using it on Nightly).

So, let's get into the content:

First off, I talked about Firefox OS, and the way it works. I didn't get too much into it. The real stars of Firefox OS are the WebAPIs. These are the things developers care about. How do I do things?

The demo is a really great way of showing people how it works. Moreover, a bunch of people have no idea of the power that lies in the DevTools. On of the great features is Valence which allows you to debug other browsers, such as Chrome on Desktop, or Safari on iOS. (this is something most developers didn't know)

After the demo I went into how the apps work. As opposed to iOS and Android, apps for Firefox OS are web apps, so the really powerful feature is that you don't have to download an app from an app store, to be able to use it. Web pages and Apps would work largely the same way.
Of course, those don't always work when we don't have an internet connection. For that we need packaged apps. These are basically packaged web pages, that are downloaded so you can use offline, whether it's games, dictionaries, camera apps, etc.
One special group of these is privileged apps, which are packaged apps with certain permissions, so they can use various more powerful APIs.
The last group is certified apps, which are apps developed by Mozilla or partners. Certified APIs can only be used by developer apps through WebActivities

The best thing about Firefox OS apps is that it doesn't pin you to a certain app ecosystem. You don't have to distribute your app through the Marketplace. You can just host it on your own web server, and even sell your app, without any involvement from Mozilla, without the user having to take any risk or check a "allow apps from untrusted sources" box.

However, one of the incentives to distribute your app through the Marketplace is that you can use Firefox as a runtime for your apps. If you go to the marketplace on Android, or desktop, the app will be downloaded and packaged as a native app (Android, Windows, whatever), and then you can use it just as you would a native app. It will still be using Firefox as an engine, but it will lack Firefox's UI, and you will be able to uninstall it just as you would a normal application.

The next part of my presentation was largely based on Jan Jongboom's project, JanOS. It's a great project, as it solves one of the major hurdles to starting your own wearable device project - Cost! If you just do the obvious thing, and go for RaspberryPi, but if you need a screen, a battery, wires and a couple of sensors, it can easily cost you upwards of 100$.
Meanwhile, the cheapest FirefoxOS phone packs all those components, and more, and costs only 25$.
Moreover, if you strip it down to the essentials, its a bit smaller than a credit card, making it great for a wearable device prototype.

The really cool thing about this is JanOS, which is a stripped down version of FirefoxOS, without all of the apps, and UI, just a simple web page and all the JavaScript bindings and premissions you might need.

There are several simple things you can do with it right after you flash it, such as the doorbell demo. It involves the phone's proximity sensor, and a Bluetooth speaker. I didn't have a speaker, to I set it to vibrate when you triggered the proximity sensor, then I disconnected it from the computer, and passed it into the audience to play with it.
Of course, there's a bunch of cooler stuff you can do with it. You could use it as a security camera, or as an answering machine, or as an alarm, or as a webcam.
There are a lot of possibilities!

And JanOS comes with a bit of goodies on the side - 2 APIs that allow you to run native commands on the phone, and to directly access the filesystem.

Recently a bunch of companies have emerged that build their devices on Firefox OS. Such as Matchstick, Panasonic's UHD TVs running Firefox OS, or even something like the Monohm Runcible. The reason to use it is that it's a great platform, which requires very few resources, and which you can easily adapt to your own needs.

This was basically my talk. I also had a few slides prepared to address questions from the audience. One of these was for the performance question - Asm.JS addresses performance very well. The way this works, is the emscripten compiler transforms your C/C++ code, into a very optimized subset of JavaScript. This allows the JavaScript engine to run it really really fast, while browsers that don't support ASM.js will still be able to run it, albeit at a slower speed. This page lists a bunch of great demos - Dead trigger proved to be a hit with the audience.

I also included a few tips for the audience interested in porting existing apps to Firefox OS. Mainly, if you already have a web application, or an app built with Apache Cordova/Phone Gap, your job should be super easy. If your app is very Android/iOS specific, you might a difficult road ahead of you.

These were a couple of great events. I hope I managed to reach the audience, and clarify all that they needed to start developing for the web.


If you read this blog post and have any questions about Mozilla, Firefox OS, the web or anything... comment, or send me a tweet or email. I'll do my best to anwer.

Thursday, December 11, 2014

How to fix the Pocket addon for Firefox

[Update2: Pocket eventually got updated, and my fixes and workarounds were no longer needed, so I deleted the repo. Me bugging them about it could have had something to do with it, but probably didn't. Either way, I'm glad they fixed it.]

[Update: Due to a request from I no longer provide the source code or binaries to the addon on Github. I have changed the Makefile to pull the broken extension from the web, and patch it locally (without hosting any code).]

Pocket (formerly ReadItLater) is a great tool that allows you to bookmark webpages and download them in order to read them later (get it?).

However, the Firefox addon is no longer supported, and a tiny change in the JavaScript engine has caused it to stop working. Hence BUG 1068790.

The JavaScript change is basically that variables declared using let are no longer accessible outside the block they were declared in. Fixing the addon turned out to be super easy. Just find-and-replace all 'let ' instances with 'var '.

Problem solved. I put the code on github so everyone can see how easy it is, and even packaged it for people who aren't so technical.

Keep rocking the open web!

Monday, October 20, 2014

My movies of choice

Movies have always been a big part of my life. I can honestly say a large part of my personality, my likes and dislikes and my overall attitude towards life can be at least partly attributed to the movies I've seen.

A few years ago I decided to start a list on IMDb, to try to determine how many movies I've watched my whole life. That list is up to around 600 movies right now, and it's not even close to finished. There are many movies I forgot to put on the list, and many movies I still haven't watched.

I've clearly spent a few months of my life watching movies (part of them I watched more than once, some of them I watched up to 20-30 times). And I haven't even counted the hours I spent watching Friends, Scrubs, Futurama, Stargate, House, and the list goes on. And I also watched countless hours of stand-up.

Was that time wasted? Yes, and no. As I said, I've learned a lot from movies, about culture, history and language. Things I would miss about myself if I were to suddenly forget them. A lot of good movies, but I also think I wasted a bunch of time with some of them. No, not the bad ones

No, movies aren't good or bad, it's more a matter of preferences and state of mind. The movies that I find to be worth watching are the ones that change something about me, that touch something in my heart or mind and stay with me for months. The departed was a movie that didn't impress me much. I found it pointless. Not to say that the direction or acting wasn't good, they were. The hurt locker though... I still wish I could get back the time I wasted watching it.

My favourite movies? For a long time it was Phone Book. Then Equilibrium. Inception also rated very high in my book. There's a huge list of movies I loved (maybe I'll blog my top 10-50 sometime in the future).

One of the best movies I've seen last year was About Time. Incredibly hilarious and bitter-sweet movie, that ended on an optimistic note that strongly resonated with the way I like to live my life.


Sunday, October 12, 2014

Firefox OS at IMWorld 2014

This past week I had the wonderful opportunity of attending Internet & Mobile World Bucharest, as part of the team promoting Firefox OS. We were stationed at the future corner (along with someone demoing the Google Glass, and producers of drones and 3D printers). It was an awesome but exhausting experience. What blew my mind was the public interest in Firefox OS.

IMWorld was mostly a business event. Companies trying to sell stuff to people looking to sell other things to the same companies. We stood out as one of the few companies not selling anything. We demoed Flame phones, and the Infocus New Tab. We talked to people ranging from CEOs to app developers to regular folks interested in a personal phone.

Interest in the phones was tremendous. Developers were excited that they could integrate Firefox OS into their existing PhoneGap process, use WebIDE in the browser to start development, and by the fact that their applications could run on Android or Windows or Mac without changing a single line of code.

Regular smartphone users were really excited by the availability of common applications they use, by the easy to use interface and by the prospects of buying such a phone.

We also promoted the Matchstick HDMI stick which is currently on Kickstarter. I have high hopes for that one.

Anyway, upon discussing with hundreds of people excited about the work we're doing and eager to use and support for our products, I am more confident than ever that we will succeed in our goals. Firefox OS looked like a long shot when it was first announced, another nice-idea mobile project that would never see the light of day. A couple of years later, with over a dozen devices on the market, selling in more than 20 countries, people are starting to pay attention and are baffled by the fact that you can make a difference in the current mobile landscape. I can't wait to see the next few years of Firefox OS.

(Update) Thanks to +Stefania Ioana Chiorean +Gabriel Ivanica +Marcela Oniga +Andreea Popescu +Alex Lakatos for doing an awesome job at the booth, and +Christian Heilmann for a great talk.

Also, thanks to the people at the booth next to ours, Mode360, who did a 360 degree scan of our phone and mascot.

Wednesday, October 1, 2014

Upstream Challenge 2014 wrap up

This weekend marked the end of the 2014 edition of Upstream Challenge, an awesome competition aimed at getting more students to contribute to Open Source projects. I figured I'd lay down some thoughts about how it went.

This year we had around 340 submissions, ranging from one line patches, to pull requests containing dozens of commits. By number of submissions, the projects that received a significant number of contributions (more than 20) were Marble KDE, WoUSO, libcmis, Linux Kernel, privly and digiKam. Having rated a bunch of them in this competition revealed them to be very well written, and very significant to each project.

I'm also a bit disappointed that despite my efforts to get people to contribute to Firefox, only 3 patches were entered in the competition. (2 other contributions were made, but students either didn't care or didn't want to submit them to this competition). The lesson I've learned from this is that it's better to find a couple of students really passionate about a project, and focus your energy on them, rather than try to inspire dozens to make a leap of faith and dedicate their precious time to a project they may or may not care about.

[ As a side note, one of the students I mentored last year completed a very successful internship at Mozilla this summer. ]

So, what did go well in the competition? 
* Well, this year the awards were a bit more evenly distributed. The first place in each track got an Amazon Fire HDX tablet, second prize was a Pebble smart watch, and third place was a Raspberry Pi.
* We got a lot of quality patches in Open Source projects.
* The competition had a lot of visibility among students, even though only 19 entered any patches in the competition.
* More projects than last year.

What could have been better?
* The procedure for entering new projects and patches in the competition was still a bit cumbersome, and required using the mailing list.
* Evaluating the patches could have been more transparent. Although I feel it was fair, the quality and impact criteria were a bit loosely defined.
* A system of entering, describing and reviewing your own patches would have been really awesome (maybe next time)
* We should have had much many more events promoting the competition.
* The person who designed the website changed the license of the source code, so the website got crippled just after the event.

What next?
We are starting to plan for next year's event.

I would like to thank +Valentin Ilie +Razvan Deaconescu +Daniel Baluta +Marius Ungureanu for their effort and dedication in organizing this competition, as well as Mozilla and Intel for sponsoring it.

Thursday, September 4, 2014

6 Months @ Mozilla

Exactly six months ago I started working as a remote contractor for Mozilla. The only way I can describe it? AWESOME! And not awesome as in "This burger is awesome". Awesome as in "Wow, I'm working with some of the greatest engineers in the world on something that will make the world a better place!".

So, first of all, what did I work on these past 6 months? 

  Per app offline for Firefox OS (786419):
This was a large chunk of my time. It involves providing a way to set each individual Firefox OS app offline while the entire operating system is still able to connect to the internet. It is very close to shipping, but I keep finding bugs and weird ways it interacts with other code.

  Resource Timing (1002855):
I took over this bug from one of last year's interns. At the moment resource timing is preffed off in Firefox (dom.enable_resource_timing), waiting for bug 936814 to be fixed. It was really interesting to work on this, especially since I managed to identify a bug in the spec.

  URL parser
I got to fix several bugs in the way Firefox parsed URLs, especially in the way IPv6 URLs were considered - bug 960014. This was a lot of fun. I got to dive into some pretty old code, and change it a bit. There is more work to be done on this, and hopefully we will soon be able to do it in a smarter way, by using a lexical analyzer.

  Captive portal detection (Wiki)
This is a really difficult thing to get right. Captive portals (the login window you get redirected to at hotels) can do a bunch of really nasty things, such as injecting content into HTTP pages, provide bad TLS certificates and behave in really odd ways. Having Firefox detect such cases, and make it easier to login into a captive portal while preserving your open tabs would be great. At the moment I got sidetracked by other things, but this is one of the big things I'll keep working on in the near future.

  Leaky websockets (983243)
A race condition in the WebSocket code made it possible for a TCP socket to leak, and stay alive until the browser was closed. Since the socket was normally closed at shutdown, it couldn't be picked up by our automated tests, so figuring out the problem was tricky, but it proved to be a worthy foe, and an interesting learning opportunity.

There are just some of the most recent or note worthy things I worked on. I don't even remember most of them, but the really cool thing is that my bugzilla report for the past 6 months is publicly available, for anyone to look at.

Apart from the awesome work, there are other perks of being a remote engineer for Mozilla. I mostly work during the night and early morning. It's a habit I picked up at university, an I'm extremely happy I'm not constrained by a 9-5 work schedule. Also, the fact that my office is roughly 15 seconds away from my bed, and that there's no required work attire, safes me tons of time that I can spend more productively.

Interesting fact: I've constantly felt like a n00b for the past half year. And it's really hard not to be one, when surrounded by some of the smartest people in the world, true legends that have helped build the web. I can only hope that being around them will rub off, and thank my colleagues for all their help and advice in the mean time.

Another great thing is that I have a say about what I work on. My preferences, interests and skill are always taken into account when assigning tasks, and although I'm relatively new here, I still feel that my opinions are valued.

Even though it's growing to be quite a big company, it still feels like a startup. With employees all over the world, thousands of volunteers, a strong commitment to Open Source and the Open Web, it feels like the greatest workplace in the world. And it probably is.

Monday, August 18, 2014

Firefox OS is a developer's best friend

Up until recently I wasn't able to appreciate the full potential of a Firefox OS phone. I only looked at it as a consumer product, a cheap way for people in developing countries to get access to the internet. I had never considered its potential as a tool for hackers and developers.

So here is my use case: I own 2 prepaid SIMs for which I regularly run over my internet quota. Vodafone has a promotion where it offers you 2Mb for every call you give or receive, that is over one minute long. The problem is, I don't really talk for more than 20 minutes each month. So, as the bright engineer that I am, I've come up with a plan. Since I have unlimited calls between my two prepaid SIMs, why not have them call each other, and farm some megabytes.

Here is where Firefox OS comes in. It's insanely easy for me to script together some code that would call a number, wait for 60 seconds, end the call and call again.

function start() {
    navigator.mozTelephony.dial('07XXXXXXXX'); // Call the phone number
    setTimeout(stop, 63*1000); // Stop the call in 63 seconds

function stop() {
    navigator.mozTelephony.calls[0].hangUp(); // Hang up
    setTimeout(start, 3*1000); // Call back again in another 3 seconds


I just opened the App Manager, and pasted the code into the Usage app console. Then I left it running for about one night, and got around 1.5 Gb of traffic. (The max I can get is 2.5 Gb) Pretty nice, right? One of the problems in this setup, is that I needed to download an app on my Android phone, to answer incoming calls automatically. I went with AutoAnswer, but wasn't really happy with the permission settings the app required. This is another way Firefox OS kicks Android's app. It has a way better permissions system, where each app asks for each permission, and can still function if you don't allow it.

So there it is. With less than 10 lines of code, I was able to make use of the phone's capabilities in a very cool way. That was way easier and much more fun than anything I could do with my Raspberry Pi. Soon, with the launch of a device that costs around 25$, it will be even cheaper than a RPi. And I can only imagine what I could do with the the available camera and wireless capabilities.

Saturday, August 2, 2014

Captive Portal detection in Firefox

I haven't posted something on the blog in a while, so I thought I'd post something about my current work at Mozilla.

I'm currently working on better captive portal detection in Firefox. You might correctly point out that there is no such detection at the moment. The feature does exist, but it's only enabled on Firefox OS. My job going forward will be to port this functionality over to Firefox, and to implement several enhancements.

My first step was to gather all of the bugs and relevant info into a wiki page. The good news is that most of the groundwork is already there. The design for this feature has already been done (incidentally, by another Valentin working at Mozilla), and my job is to implement the capabilities that Necko needs to provide to other components.

In order to test captive portal, I needed to set up one for myself - working at my local McDonald's is not an option :) Fortunately, this feature is part of the Tomato firmware which is also available for my Asus N10U router. Yay!

Next up, making captive portal detection available to desktop Firefox. The feature is implemented in captivedetect.js. The basic idea is that it tries to load a page from a predefined URL, and check the response against an expected value. If the values differ, or if we get a redirect, the odds are that we are inside a captive portal.

On FirefoxOS the captive portal detection is used in the NetworkManager, which is a Gonk service which isn't going to be of much use on desktop. So I just stuck a captive portal request inside nsIOService, to see if it works. After finding and fixing a couple of typos in captivedetect.js (How can you not love JavaScript for this?), it turns out that this works pretty well. I was able to observe notifications whenever the browser got a captive portal page and when the user logged in to that page, and was able to access any page on the web. So really
good news.

Going forward, I need to figure out how the captive portal fits with the rest of Necko, what I need for the UI, how do we handle secure connections, and many other issues. Also, Tomato doesn't seem to hijack secure connections, as other captive portals do, but I'm going to figure this out when I get to it.

Wednesday, June 11, 2014

How to fix video piracy using PopcornTime

A couple of years ago I had the opportunity to live in the US for a few months, and to try out Netflix. My opinion? Pure genius. It gave you a friendly UI, a huge choice of content and an affordable price. It's no wonder that it's so popular in the US, with more than 30% of the country's internet traffic being on Netflix.

Sure, there are a bunch of issues with Netflix, such as requiring the Silverlight plug-in, not having Game of Thrones in its collection and many others. Most people complain about it not being available in every country.

All are valid complaints, and most are due to the movie studios trying to control the way you consume video content.

In the past few months Popcorn Time, an Open Source application, has managed to take what Netflix is doing to the next level. Even though it's still basically video piracy, Popcorn Time combines the usability of Netflix with the versatility and speed of the torrent protocol allowing anyone to watch a movie in HD with just a click of the mouse. It really is the Napster of our time.

Naturally, this has spooked a lot of the entertainment industry execs. But I feel they should get in on that action. I don't think the world is divided into pirates and paying customers. I think it's divided between customers and potential customers. After all, most of the people I go to the movies with, are also illegal downloaders.  And it's not like they don't afford to purchase the content online (some do), it's just that most official channels are too difficult to use.

So how could this be fixed using Popcorn Time? By Forking it!
It's an open source project, so anyone can build their own version of it, even film studios. Next, implement a simple login mechanism. Torrent trackers are able to use an API key, so that the user is authenticated. Make it a monthly subscription, costing at most 10$ a month (more than that would deter people from using the paid/official version of Popcorn).
Next step would be differentiation. Why would people use the paid version instead of the free version of Popcorn time? The answer would be content. Stick everything you've got in there, from interviews, behind the scenes shots, to coupons for the local cinema. Don't even bother with DRM, as that accomplishes nothing.

I am willing to bet there is an audience for this sort of thing. The costs to implement it? Less than $20000 for the hardware needed to seed all the content, and half a dozen engineers to work on the software. It would probably be done in 2 or 3 weeks. Potential for profit? Millions!

However, I have a feeling that this is never going to happen (never as in not soon). The video industry is still stuck in the past, and the lawyers don't care that from an engineering point of view it's fool-proof, and that their profits can only grow in this scenario. $10 is not much to pay for this kind of convenience, but sadly I'll never be able to say "Shut up and take my money".

Saturday, May 17, 2014

DRM? No biggie

On the 14th of May, Mozilla made a controversial announcement. It will soon start implementing the EME spec, which implies that Firefox users might soon be able to watch DRM protected video content.

The announcement comes as a blog post by Mitchell Baker with the title DRM and the Challenge of Serving Users. It is accompanied by Andreas Gal's post on Mozilla Hacks in which he further explains the decision and sheds some light on the technical details of the implementation.

I have recently read many good articles about it: The Guardian, Leo McArdle, Stuard Langridge and many others. I have also previously blogged about this topic: My views on DRM in HTML.

Here is my reaction to the announcement.

I am strongly opposed to DRM. It is a flawed concept. It's easily crackable. It's more of a hassle for people who pay for their content, because otherwise you don't have to deal with it. It can't be implemented with open source. It's just a stupid idea in general.

I am however optimistic about Mozilla's plans to implement this. How is that possible? Well, the plans for the implementation are really good. This isn't going to be your regular DRM, a piece of binary code that has full control over your system while you have no idea what it's doing. The Content Decryption Module (CDM) will only be able to do that: Decrypt content.

Let's go over the architecture a little. After you first install Firefox, it will download Adobe's CDM binary. It will be saved somewhere without being enabled or even executable. The first time the user accesses a website with DRMed content, he will be asked if he wants to enable the module. If he grants permission, then from that point he will be able to watch encrypted video.

As I said, the CDM has no access to your system. It will be running in a sandbox which restricts its capabilities, and all it will do will be to get encrypted data from Firefox and pass it back decrypted video content. Moreover, Firefox will protect your privacy. While most DRM implementations provide the content distributor with a device ID, allowing it to follow you across the web. Firefox will generate different IDs for every website, thus protecting your privacy.
Also, the sandbox will be open source and auditable by security experts. The NPAPI plugin architecture we have at the moment is much less secure than that. If everything is implemented properly, all of the privacy and security concerns anyone might have will be rendered null.

Some of the people against this plan point out that DRM in HTML is against all of the principles Mozilla stands for. It's true, DRM is a concept that stands against openness, but that ship has sailed. With the support of Google, Apple and Microsoft, EME is going to be part of the web whatever Mozilla does. H264 was the exact same story. We held out as long as we could, but in the end the users are the ones calling the shots. The users want to see video, and if they can't do it with Firefox, they will switch. Instead of a petition calling for Mozilla to not implement EME, how about a petition saying people will only watch DRM-less video. If 200K people sign that petition, I'd say the war is over and we won.

A lot of people see this as Mozilla loosing the fight and surrendering. I see it as Mozilla joining the war. It means that we are finally willing to play the content industry's game and see how far that takes us. It means our users will use our platform to watch content. It means we can push studios into new technologies and have the data to back it up.

So, if you ever want to watch Netflix, this is your safest choice. If you are completely against EME, that's also OK, because you don't ever have to use it, and no closed-source code will ever run on your PC. And if you don't agree, don't be a troll, but try to think of new ways of how we can avoid DRM. We are in this together.

Keep rocking the open web.

Thursday, March 20, 2014

Firefox & Upstream Challenge

While Firefox is a common household name for a lot of people, Upstream Challenge isn't. So let me clarify.

Upstream Challenge is a competition encouraging Romanian (for the moment) students to contribute to Open Source projects. The motivation behind the competition is that this sort of activity greatly increases a student's technical skills and engagement, but it might also represent a significant contribution for the chosen Open Source project.

Just like in previous years, we hope that Firefox will attract a significant number of contributions. However, finding your way into a big project might be a difficult task for most, so let this be your orientation into contributing to Firefox.

For a long time, the instructions for newcomers were just a disorganized wiki page, but thanks to the efforts of +Brian R. Bondy we now have which offers detailed video tutorials with all you need to get you started. The quality and importance of the tutorials cannot be overstated. Even seasoned volunteers might have something to learn from it.

You can still find textual instructions on MDN:

OK. So now you've completed all of the tutorials (or not), you'll want to start coding. The finding-a-bug tutorial explains how to do this. However, some of you might want to start with something easier. The easiest things you can do is to fix spelling and coding style issues in the code. Just file a bug and attach the patch. These are really easy to do, and get reviewed a lot faster. (This is probably true for other projects as well). One level more difficult is to fix packing issues with C++ structs in Firefox.  Nathan wrote a great article about this. Also, you can always dive right in with good-first-bugs or any bug of your own choosing.

So good luck, and happy coding!

Tuesday, March 4, 2014

Doing good is part of our code

And starting today I am one of the people writing that code. It is more than a saying, but a belief that goes down to the core of every engineer, and every volunteer helping drive the web forward. There are no shareholders and no "customers". Only the users and the web.

I am joining the networking team, a small group of people that are very dear to me. I was an intern on this same team a couple of years ago, and during that time I came to appreciate how awesome all of them are. Right now I am the youngest on the team, the n00b, but I've got a lot to learn, and very talented people to learn from.

"Flame on!"

Saturday, February 8, 2014

My first FOSDEM with Mozilla

Past weekend I had the great honor and opportunity of being a volunteer for this year's FOSDEM at the Mozilla booth. Needless to say it was a great experience.

The most interesting thing at the Mozilla booth were the Firefox OS phones. People had also seen them one year ago, back when the OS was still buggy and unreliable. A handful of people mentioned they had crashed the phone themselves and that the keyboard was unreliable. I'm happy to say, things have improved a lot since then. At the booth, we had 6-7 Geeksphone Keon phones, and on Sunday we added a Peak to the lot. They had version 1.3 of the OS loaded, even though that one is still in Beta. The public reaction was great!

I can probably say that I talked to several hundred people last weekend. Most of them were very interested in what Firefox OS had to offer, and a few questions were constantly repeated:

What's so special about it?
Well, every app on it is build with HTML, CSS and JavaScript. What this means, is that the code written for Firefox OS is the most portable code you can possibly write. It will work on Linux, Windows or Mac, on Android, iOS or Windows Phone. Not only that, but since web technologies are almost always backwards compatible, your app should keep running correctly for a very long time.

When will I be able to buy it?
Actually, Firefox OS phones are already available for purchase. It has been released in several countries, and if you happen to be in a different country you can buy one online from eBay for about $90 ( Geeksphone is currently out of stock ).

What are the specs of the phone?
The phones we had at the booth were mostly Keons. They come with a 1Ghz Snapdragon processor, and 512Mb or RAM. The Peak packs a dual core 1.2 Ghz processor and a bigger screen size.
Specs for the other phones can be found at the following links: ZTE OpenLG Fireweb, Alcatel One Touch Fire.

Can I flash Firefox OS to my own phone?
It depends on the phone you have. For example the Samsung Galaxy S2 and Nexus S, along with other devices, can be flashed with a build of Firefox OS according to these instructions. You could also try porting Firefox OS to a device you own. The community also has some details of the process on XDA.

Why would I choose a Firefox OS phone, and not Android?
Price. It's developed in the open. It's updated more often. You aren't locked in into a walled garden when you buy an app. Apps are developed with web technologies. It is made by a non-profit.

How do I start developing an app?
You just need some basic JavaScript skills. You can start developing using the Firefox OS simulator. (Go to Developer Tools, App Manager and see instructions on how to download it). Also, check out AppMaker - a very simple graphical tool to get you started.

Of course not all questions were great. Someone asked: Why do you have to use JavaScript since it's not Open Source? Uh... actually JavaScript is an open standard. The language was invented by Brendan Eich, Mozilla's CTO.  Firefox has an open source implementation of Javascript. Why do the phones have only one button? Uh... because they do? This is a design choice, one that is also shared by the iPhone, and several other phones. Flash it to an Android phone if you think otherwise.

All in all, this was an awesome FOSDEM. I barely had time to go by the other booths, and only got the chance to catch two of the talks in the Mozilla room, and the closing talk of FOSDEM.
I'd like to thank my fellow mozillians helping out at the booth, especially +Benoit Leseul and +Brian King for coordinating our efforts towards a great FOSDEM.

Sunday, December 1, 2013

My views on DRM in HTML

It's been a long time since my last post, and one issue has been bugging me for a while. Last month at the Mozilla Summit I attended a discussion related to the inclusion of DRM in HTML5 through the new EME draft.

The discussion was lead by Andreas Gal (VP of Engineering) and Gervase Markham (Governator at Mozilla).

In case you don't know what EME implies, you might want to read Henri Sivoen's blog post explaining it all.

First of all, I need to say that all of the opinions expressed in my post are personal, and probably not shared by any company I might be affiliated with. Also, the events I relate might not be completely accurate, as it's been some time since then.

So, here it begins. I am generally opposed to DRM. I see no reason it should exist. Why would the contents of my hard-drive be controlled by someone else but myself? I also feel that DRM does not work as a way of controlling what and how users watch media content. However, according to some, DRM does work, but not how you might expect. "DRM's purpose is to give content providers control over software and hardware providers, and it is satisfying that purpose well."

So, the talk started by Gerv giving us a summary of the topic, more specifically that the W3C is currently considering a proposal by Google, Microsoft and Netflix for including EME (Encrypted Media Extensions) in HTML. This would allow content providers to server encrypted media to users. The W3C is also accepting formal comments on the draft from its members, and Mozilla could potentially submit one.

Also, as mentioned by Amelia Andersdotter, Pirate Party member of the European Parliament, the EFF submitted a formal objection to the draft, but this was mostly met with silence from the W3C and its members. Amelia suggested that the EFF's objection might have a greater impact if supported by Mozilla.

At one point, I took the liberty to ask whether the W3C was looking for technical objections from its members, or if legal and philosophical objections were also accepted. As questions related to the W3C were deferred to Henri Sivoen, he replied that it was only accepting technical objections to the draft.

Henri has in fact commented on the W3C mailing lists (not sure if this counts as an objection) that the draft is clearly underspecified and it would be impossible to be implemented in an interoperable way as it is dependant on a CDM module that is not specified in the standard, nor could it be implemented as open source software (because that would defeat its purpose). Apparently, the proponents of the draft try to cheat around the interoperability requirement by having a "clear key" mode, that is not actually intended for production use.

As another mozillian noted, we are pretty much fighting a loosing battle. In fact, Google and Microsoft already have working implementations of EME, and they are using it on Netflix at the moment. The way Google does this is by having parts of Chrome that are not open source. What these players are doing right now, with the backing of Hollywood is they're trying to use their influence in the industry to standardize DRM in HTML. As you might expect, this would have a devastating impact on the internet as we know it.

The discussion at the Summit lasted for about an hour and a half. People expressed some very interesting points of view.
Amelia noted that DRM in HTML would restrict some very important rights of regular people, like the ability to save a backup copy of their content.
Andreas said that it would be close to impossible to implement the standard as Open Source, as the code could be easily changed to defeat its purpose, and that the Hollywood content providers would never sign off on it.
Gerv remarked that Mozilla's stance on this issue should be carefully considered. On one hand, Mozilla is against DRM as it profoundly damages the web, but on the other hand rejecting W3C's proposal might be just as bad. IE and Chrome already have it, and the ability to play restricted content is clearly a competitive advantage. Rejecting the draft might take EME out of the W3C, into a working group in which Mozilla doesn't have a saying.
Although not present in Brussels during the Summit, Brendan Eich (Mozilla's CTO) posted his thoughts on DRM on his blog (PS. Read post comments) One alternate to DRM for distribution of media content that Brendan supports is watermarking. It does seem to be better than DRM, but its adoption largely depends on the content providers.

So in the end, it seems that Mozilla is against DRM in HTML5, but I doubt it will make a formal objection to the W3C. Meanwhile, since the standardization process can take multiple years, the hope is that other ways of distributing copyrighted content will catch on, and the draft will die a lonely death.

My opinion?  This is a critical moment for the web. DRM would be a huge step back for the web, and Mozilla should be against it. It's true that in order to fight for the open web Mozilla must be relevant as a player in the browser market, but a "me too" approach isn't going to keep the game going. We know the right thing to do concerning this issue, so hopefully Mozilla isn't going to pass over the chance to do it, or we will probably live to regret it. The only other hope I have is that recent technical breakthroughs will make EME irrelevant.

That's just my opinion. Please take the time to form your own.

Thursday, September 26, 2013

ROSEdu Summer of Code

This summer I had the awesome opportunity to be a mentor for ROSEdu Summer of Code. The program is a spoof of the more widely known Google Summer of Code, but it essentially does the same thing. It gives young students the opportunity to work on an open source project for the summer, while getting paid to do it, and with a mentor to guide them through the process.

My trainees for the summer were +Robert Bîndar and +Catalin Iordache, both students at University POLITEHNICA of Bucharest. Robert just finished his first year and Catalin his second. They both worked on Mozilla Firefox at developing the Networking Dashboard, a diagnostics tool for networking related issues. It is currently available on the Nightly and Aurora channels, by typing about:networking in the URL bar.

Things worked out really well. They ended up fixing several bugs and greatly improved the networking dashboard. An overview of their activity over the summer can be seen here and here.
 While not all of their patches have been merged in mozilla-central yet, their coding work has just begun. One thing I can say for sure is that Mozilla Firefox has just won two capable and passionate developers.

If you want more specifics about their work until now, you can visit the RSoC blog:

Tuesday, May 21, 2013

Upstream Challenge

For the past few months I had the honour to be part of +ROSEdu's +Upstream Challenge. This was the second edition of the competition which is meant to encourage students to contribute to Open Source projects and get involved in the communities that surround them. The results were quite pleasing with 253 contributions being made to 17 projects by 23 students.

Mozilla was also part of the competition having received around 35 contributions,  23 of which were made by +Mihnea Dobrescu-Balaur.

I would like to thank each and every student who contributed to an Open Source project and gave their time in order to make the world(-wide-web) a better place.

The contributions are listed here, grouped by contributor.

Sunday, May 12, 2013

RoMoz 2013

My involvement with Mozilla during the past few years has increased in many ways. Last month's  Romanian Mozilla Community meeting has been an incredible experience which has convinced me that I need to do even more.

The meetup was in Cluj, the home town of most of our Romanian members. I can barely imagine the logistics of organising such an event, so I must congratulate our hosts for the incredible job they did.

The meeting was a bit shorter than I would have hoped. There were many issues that we needed to discuss and I feel we touched on the most important, but more time would have been great. Our community has been divided on some topics lately, and while important issues aren't going to be fixed in a couple of days, I think we got the ball rolling.

This was our first national meeting ever. Even though I had met about half of our members before it was great so see them all together, and it gave me great hope for the future.

My feelings are that our community is only going to grow from now on. I will be dedicating the rest of the year to establishing a small developer community in Bucharest, with the hopes of giving back to the project which has brought us all together.

Mozilla FTW

Thursday, April 4, 2013

Mozilla and Me

A few days ago was Mozilla's 15 birthday. Not bad for a company that deals in Open Source software. As a celebration, Mozilla volunteers shared their story with the #webstory tag on twitter. Considering I'm not a big twitter guy, I think a blog post will do.

My first interaction with Mozilla was through Firefox. I was a user since version 1, or even earlier if my memory serves me right. By 2008, when I started university I was already a tried and tested user. However, I had no idea of what Mozilla actually stood for. I then attended a presentation by +Alina Mierlus and +Toni Hermoso Pulido about the Mozilla community and I was hooked. It became my community with the values I supported. Soon enough I started hosting events, became a Mozilla Rep and a small contributor.

My hope is that it won't end here. I have big plans to support Mozilla until the end. I know of no other company that does so much to fight for its users' rights. And I see only good things in Mozilla's future. Stay tuned for more.

Check out 15 awesome Mozilla facts:

Wednesday, April 3, 2013

Programming for kids

It's been some time since I registered this blog, but I've never had any time to write even one blog post. Maybe it's time that changed. So I start my first post with my opinion on programming, and the fact that today's children don't learn nearly enough of it.

First of all, let me take you through my own experience. The first time I wrote a program I was maybe 10 years old. I had an interesting piece of hardware, that was marketed as a "Pre-PC". It had a a 40x2 characters black and white display, a keyboard, and a few buttons where you selected your "game". It didn't do that much. But the best part of it was that one game... that I had no idea what it did at first. For every line I wrote, it replied "SYNTAX ERROR".

A few months passed before I picked up the manual, a nice glossy touch to it. That's where I found a 30 page tutorial of BASIC, complete with the ASCII table and a few very interesting snippets. For the next few months, I would spend about 20 minutes every day with it. It was pretty great. But then, at Christmas, a cool PC awaited in my room, so the BASIC stopped.

I hadn't realized how much impact those few minutes had on me. I never did any other form programming until high-school, when we started with Pascal. It was nothing like BASIC, but unlike my classmates, I already had a basic understanding of imperative programming. It was also useful when I did assembly programming, at university. Somehow it was much easier to compare it to BASIC than any other programming language I knew. Constructing loops was something I was already used to, and the goto instruction was like an old friend.

I am still struck by how much influence this had on me and I can't help thinking that if I hadn't stopped programming, I would be a much better software developer today. I'm also thinking about the newer generations, and what an opportunity we have with them.

If you think about what programming was 15-20 years ago, and what it is today, you can only imagine what it's going to look like in another 20 years. But most likely it's going to be completely different than anything that you could think of. Programming languages, artificial intelligence, algorithms, UIs... These kids should start learning now.

Of course, not every kid will grow up to be a programmer. And I don't think that every kid should. But I feel there are absolutely no downsides to knowing how to code.

So, how young should they start? I think as young as 4-5 years old. And not effective programming. Just concepts. Inheritance, recursion, basic design. Programming should be as basic as math. Every child should know how to write a basic app, and implement a simple algorithm. It might give them the edge, and most of all, it might actually make the entire world a lot better.

So, should it be every child? What about the kids that want to be doctors, or actors? I can think of a lot of cases where a doctor might want to write some code. And regarding actors, I think none of them would mind coding instead of waiting tables until they get their big break.

Hope this makes a good point. If so, please teach your kids how to code. It will make the world a lot better.