Thursday, December 11, 2014

How to fix the Pocket addon for Firefox

[Update2: Pocket eventually got updated, and my fixes and workarounds were no longer needed, so I deleted the repo. Me bugging them about it could have had something to do with it, but probably didn't. Either way, I'm glad they fixed it.]

[Update: Due to a request from I no longer provide the source code or binaries to the addon on Github. I have changed the Makefile to pull the broken extension from the web, and patch it locally (without hosting any code).]

Pocket (formerly ReadItLater) is a great tool that allows you to bookmark webpages and download them in order to read them later (get it?).

However, the Firefox addon is no longer supported, and a tiny change in the JavaScript engine has caused it to stop working. Hence BUG 1068790.

The JavaScript change is basically that variables declared using let are no longer accessible outside the block they were declared in. Fixing the addon turned out to be super easy. Just find-and-replace all 'let ' instances with 'var '.

Problem solved. I put the code on github so everyone can see how easy it is, and even packaged it for people who aren't so technical.

Keep rocking the open web!

Monday, October 20, 2014

My movies of choice

Movies have always been a big part of my life. I can honestly say a large part of my personality, my likes and dislikes and my overall attitude towards life can be at least partly attributed to the movies I've seen.

A few years ago I decided to start a list on IMDb, to try to determine how many movies I've watched my whole life. That list is up to around 600 movies right now, and it's not even close to finished. There are many movies I forgot to put on the list, and many movies I still haven't watched.

I've clearly spent a few months of my life watching movies (part of them I watched more than once, some of them I watched up to 20-30 times). And I haven't even counted the hours I spent watching Friends, Scrubs, Futurama, Stargate, House, and the list goes on. And I also watched countless hours of stand-up.

Was that time wasted? Yes, and no. As I said, I've learned a lot from movies, about culture, history and language. Things I would miss about myself if I were to suddenly forget them. A lot of good movies, but I also think I wasted a bunch of time with some of them. No, not the bad ones

No, movies aren't good or bad, it's more a matter of preferences and state of mind. The movies that I find to be worth watching are the ones that change something about me, that touch something in my heart or mind and stay with me for months. The departed was a movie that didn't impress me much. I found it pointless. Not to say that the direction or acting wasn't good, they were. The hurt locker though... I still wish I could get back the time I wasted watching it.

My favourite movies? For a long time it was Phone Book. Then Equilibrium. Inception also rated very high in my book. There's a huge list of movies I loved (maybe I'll blog my top 10-50 sometime in the future).

One of the best movies I've seen last year was About Time. Incredibly hilarious and bitter-sweet movie, that ended on an optimistic note that strongly resonated with the way I like to live my life.


Sunday, October 12, 2014

Firefox OS at IMWorld 2014

This past week I had the wonderful opportunity of attending Internet & Mobile World Bucharest, as part of the team promoting Firefox OS. We were stationed at the future corner (along with someone demoing the Google Glass, and producers of drones and 3D printers). It was an awesome but exhausting experience. What blew my mind was the public interest in Firefox OS.

IMWorld was mostly a business event. Companies trying to sell stuff to people looking to sell other things to the same companies. We stood out as one of the few companies not selling anything. We demoed Flame phones, and the Infocus New Tab. We talked to people ranging from CEOs to app developers to regular folks interested in a personal phone.

Interest in the phones was tremendous. Developers were excited that they could integrate Firefox OS into their existing PhoneGap process, use WebIDE in the browser to start development, and by the fact that their applications could run on Android or Windows or Mac without changing a single line of code.

Regular smartphone users were really excited by the availability of common applications they use, by the easy to use interface and by the prospects of buying such a phone.

We also promoted the Matchstick HDMI stick which is currently on Kickstarter. I have high hopes for that one.

Anyway, upon discussing with hundreds of people excited about the work we're doing and eager to use and support for our products, I am more confident than ever that we will succeed in our goals. Firefox OS looked like a long shot when it was first announced, another nice-idea mobile project that would never see the light of day. A couple of years later, with over a dozen devices on the market, selling in more than 20 countries, people are starting to pay attention and are baffled by the fact that you can make a difference in the current mobile landscape. I can't wait to see the next few years of Firefox OS.

(Update) Thanks to +Stefania Ioana Chiorean +Gabriel Ivanica +Marcela Oniga +Andreea Popescu +Alex Lakatos for doing an awesome job at the booth, and +Christian Heilmann for a great talk.

Also, thanks to the people at the booth next to ours, Mode360, who did a 360 degree scan of our phone and mascot.

Wednesday, October 1, 2014

Upstream Challenge 2014 wrap up

This weekend marked the end of the 2014 edition of Upstream Challenge, an awesome competition aimed at getting more students to contribute to Open Source projects. I figured I'd lay down some thoughts about how it went.

This year we had around 340 submissions, ranging from one line patches, to pull requests containing dozens of commits. By number of submissions, the projects that received a significant number of contributions (more than 20) were Marble KDE, WoUSO, libcmis, Linux Kernel, privly and digiKam. Having rated a bunch of them in this competition revealed them to be very well written, and very significant to each project.

I'm also a bit disappointed that despite my efforts to get people to contribute to Firefox, only 3 patches were entered in the competition. (2 other contributions were made, but students either didn't care or didn't want to submit them to this competition). The lesson I've learned from this is that it's better to find a couple of students really passionate about a project, and focus your energy on them, rather than try to inspire dozens to make a leap of faith and dedicate their precious time to a project they may or may not care about.

[ As a side note, one of the students I mentored last year completed a very successful internship at Mozilla this summer. ]

So, what did go well in the competition? 
* Well, this year the awards were a bit more evenly distributed. The first place in each track got an Amazon Fire HDX tablet, second prize was a Pebble smart watch, and third place was a Raspberry Pi.
* We got a lot of quality patches in Open Source projects.
* The competition had a lot of visibility among students, even though only 19 entered any patches in the competition.
* More projects than last year.

What could have been better?
* The procedure for entering new projects and patches in the competition was still a bit cumbersome, and required using the mailing list.
* Evaluating the patches could have been more transparent. Although I feel it was fair, the quality and impact criteria were a bit loosely defined.
* A system of entering, describing and reviewing your own patches would have been really awesome (maybe next time)
* We should have had much many more events promoting the competition.
* The person who designed the website changed the license of the source code, so the website got crippled just after the event.

What next?
We are starting to plan for next year's event.

I would like to thank +Valentin Ilie +Razvan Deaconescu +Daniel Baluta +Marius Ungureanu for their effort and dedication in organizing this competition, as well as Mozilla and Intel for sponsoring it.

Thursday, September 4, 2014

6 Months @ Mozilla

Exactly six months ago I started working as a remote contractor for Mozilla. The only way I can describe it? AWESOME! And not awesome as in "This burger is awesome". Awesome as in "Wow, I'm working with some of the greatest engineers in the world on something that will make the world a better place!".

So, first of all, what did I work on these past 6 months? 

  Per app offline for Firefox OS (786419):
This was a large chunk of my time. It involves providing a way to set each individual Firefox OS app offline while the entire operating system is still able to connect to the internet. It is very close to shipping, but I keep finding bugs and weird ways it interacts with other code.

  Resource Timing (1002855):
I took over this bug from one of last year's interns. At the moment resource timing is preffed off in Firefox (dom.enable_resource_timing), waiting for bug 936814 to be fixed. It was really interesting to work on this, especially since I managed to identify a bug in the spec.

  URL parser
I got to fix several bugs in the way Firefox parsed URLs, especially in the way IPv6 URLs were considered - bug 960014. This was a lot of fun. I got to dive into some pretty old code, and change it a bit. There is more work to be done on this, and hopefully we will soon be able to do it in a smarter way, by using a lexical analyzer.

  Captive portal detection (Wiki)
This is a really difficult thing to get right. Captive portals (the login window you get redirected to at hotels) can do a bunch of really nasty things, such as injecting content into HTTP pages, provide bad TLS certificates and behave in really odd ways. Having Firefox detect such cases, and make it easier to login into a captive portal while preserving your open tabs would be great. At the moment I got sidetracked by other things, but this is one of the big things I'll keep working on in the near future.

  Leaky websockets (983243)
A race condition in the WebSocket code made it possible for a TCP socket to leak, and stay alive until the browser was closed. Since the socket was normally closed at shutdown, it couldn't be picked up by our automated tests, so figuring out the problem was tricky, but it proved to be a worthy foe, and an interesting learning opportunity.

There are just some of the most recent or note worthy things I worked on. I don't even remember most of them, but the really cool thing is that my bugzilla report for the past 6 months is publicly available, for anyone to look at.

Apart from the awesome work, there are other perks of being a remote engineer for Mozilla. I mostly work during the night and early morning. It's a habit I picked up at university, an I'm extremely happy I'm not constrained by a 9-5 work schedule. Also, the fact that my office is roughly 15 seconds away from my bed, and that there's no required work attire, safes me tons of time that I can spend more productively.

Interesting fact: I've constantly felt like a n00b for the past half year. And it's really hard not to be one, when surrounded by some of the smartest people in the world, true legends that have helped build the web. I can only hope that being around them will rub off, and thank my colleagues for all their help and advice in the mean time.

Another great thing is that I have a say about what I work on. My preferences, interests and skill are always taken into account when assigning tasks, and although I'm relatively new here, I still feel that my opinions are valued.

Even though it's growing to be quite a big company, it still feels like a startup. With employees all over the world, thousands of volunteers, a strong commitment to Open Source and the Open Web, it feels like the greatest workplace in the world. And it probably is.

Monday, August 18, 2014

Firefox OS is a developer's best friend

Up until recently I wasn't able to appreciate the full potential of a Firefox OS phone. I only looked at it as a consumer product, a cheap way for people in developing countries to get access to the internet. I had never considered its potential as a tool for hackers and developers.

So here is my use case: I own 2 prepaid SIMs for which I regularly run over my internet quota. Vodafone has a promotion where it offers you 2Mb for every call you give or receive, that is over one minute long. The problem is, I don't really talk for more than 20 minutes each month. So, as the bright engineer that I am, I've come up with a plan. Since I have unlimited calls between my two prepaid SIMs, why not have them call each other, and farm some megabytes.

Here is where Firefox OS comes in. It's insanely easy for me to script together some code that would call a number, wait for 60 seconds, end the call and call again.

function start() {
    navigator.mozTelephony.dial('07XXXXXXXX'); // Call the phone number
    setTimeout(stop, 63*1000); // Stop the call in 63 seconds

function stop() {
    navigator.mozTelephony.calls[0].hangUp(); // Hang up
    setTimeout(start, 3*1000); // Call back again in another 3 seconds


I just opened the App Manager, and pasted the code into the Usage app console. Then I left it running for about one night, and got around 1.5 Gb of traffic. (The max I can get is 2.5 Gb) Pretty nice, right? One of the problems in this setup, is that I needed to download an app on my Android phone, to answer incoming calls automatically. I went with AutoAnswer, but wasn't really happy with the permission settings the app required. This is another way Firefox OS kicks Android's app. It has a way better permissions system, where each app asks for each permission, and can still function if you don't allow it.

So there it is. With less than 10 lines of code, I was able to make use of the phone's capabilities in a very cool way. That was way easier and much more fun than anything I could do with my Raspberry Pi. Soon, with the launch of a device that costs around 25$, it will be even cheaper than a RPi. And I can only imagine what I could do with the the available camera and wireless capabilities.

Saturday, August 2, 2014

Captive Portal detection in Firefox

I haven't posted something on the blog in a while, so I thought I'd post something about my current work at Mozilla.

I'm currently working on better captive portal detection in Firefox. You might correctly point out that there is no such detection at the moment. The feature does exist, but it's only enabled on Firefox OS. My job going forward will be to port this functionality over to Firefox, and to implement several enhancements.

My first step was to gather all of the bugs and relevant info into a wiki page. The good news is that most of the groundwork is already there. The design for this feature has already been done (incidentally, by another Valentin working at Mozilla), and my job is to implement the capabilities that Necko needs to provide to other components.

In order to test captive portal, I needed to set up one for myself - working at my local McDonald's is not an option :) Fortunately, this feature is part of the Tomato firmware which is also available for my Asus N10U router. Yay!

Next up, making captive portal detection available to desktop Firefox. The feature is implemented in captivedetect.js. The basic idea is that it tries to load a page from a predefined URL, and check the response against an expected value. If the values differ, or if we get a redirect, the odds are that we are inside a captive portal.

On FirefoxOS the captive portal detection is used in the NetworkManager, which is a Gonk service which isn't going to be of much use on desktop. So I just stuck a captive portal request inside nsIOService, to see if it works. After finding and fixing a couple of typos in captivedetect.js (How can you not love JavaScript for this?), it turns out that this works pretty well. I was able to observe notifications whenever the browser got a captive portal page and when the user logged in to that page, and was able to access any page on the web. So really
good news.

Going forward, I need to figure out how the captive portal fits with the rest of Necko, what I need for the UI, how do we handle secure connections, and many other issues. Also, Tomato doesn't seem to hijack secure connections, as other captive portals do, but I'm going to figure this out when I get to it.

Wednesday, June 11, 2014

How to fix video piracy using PopcornTime

A couple of years ago I had the opportunity to live in the US for a few months, and to try out Netflix. My opinion? Pure genius. It gave you a friendly UI, a huge choice of content and an affordable price. It's no wonder that it's so popular in the US, with more than 30% of the country's internet traffic being on Netflix.

Sure, there are a bunch of issues with Netflix, such as requiring the Silverlight plug-in, not having Game of Thrones in its collection and many others. Most people complain about it not being available in every country.

All are valid complaints, and most are due to the movie studios trying to control the way you consume video content.

In the past few months Popcorn Time, an Open Source application, has managed to take what Netflix is doing to the next level. Even though it's still basically video piracy, Popcorn Time combines the usability of Netflix with the versatility and speed of the torrent protocol allowing anyone to watch a movie in HD with just a click of the mouse. It really is the Napster of our time.

Naturally, this has spooked a lot of the entertainment industry execs. But I feel they should get in on that action. I don't think the world is divided into pirates and paying customers. I think it's divided between customers and potential customers. After all, most of the people I go to the movies with, are also illegal downloaders.  And it's not like they don't afford to purchase the content online (some do), it's just that most official channels are too difficult to use.

So how could this be fixed using Popcorn Time? By Forking it!
It's an open source project, so anyone can build their own version of it, even film studios. Next, implement a simple login mechanism. Torrent trackers are able to use an API key, so that the user is authenticated. Make it a monthly subscription, costing at most 10$ a month (more than that would deter people from using the paid/official version of Popcorn).
Next step would be differentiation. Why would people use the paid version instead of the free version of Popcorn time? The answer would be content. Stick everything you've got in there, from interviews, behind the scenes shots, to coupons for the local cinema. Don't even bother with DRM, as that accomplishes nothing.

I am willing to bet there is an audience for this sort of thing. The costs to implement it? Less than $20000 for the hardware needed to seed all the content, and half a dozen engineers to work on the software. It would probably be done in 2 or 3 weeks. Potential for profit? Millions!

However, I have a feeling that this is never going to happen (never as in not soon). The video industry is still stuck in the past, and the lawyers don't care that from an engineering point of view it's fool-proof, and that their profits can only grow in this scenario. $10 is not much to pay for this kind of convenience, but sadly I'll never be able to say "Shut up and take my money".

Saturday, May 17, 2014

DRM? No biggie

On the 14th of May, Mozilla made a controversial announcement. It will soon start implementing the EME spec, which implies that Firefox users might soon be able to watch DRM protected video content.

The announcement comes as a blog post by Mitchell Baker with the title DRM and the Challenge of Serving Users. It is accompanied by Andreas Gal's post on Mozilla Hacks in which he further explains the decision and sheds some light on the technical details of the implementation.

I have recently read many good articles about it: The Guardian, Leo McArdle, Stuard Langridge and many others. I have also previously blogged about this topic: My views on DRM in HTML.

Here is my reaction to the announcement.

I am strongly opposed to DRM. It is a flawed concept. It's easily crackable. It's more of a hassle for people who pay for their content, because otherwise you don't have to deal with it. It can't be implemented with open source. It's just a stupid idea in general.

I am however optimistic about Mozilla's plans to implement this. How is that possible? Well, the plans for the implementation are really good. This isn't going to be your regular DRM, a piece of binary code that has full control over your system while you have no idea what it's doing. The Content Decryption Module (CDM) will only be able to do that: Decrypt content.

Let's go over the architecture a little. After you first install Firefox, it will download Adobe's CDM binary. It will be saved somewhere without being enabled or even executable. The first time the user accesses a website with DRMed content, he will be asked if he wants to enable the module. If he grants permission, then from that point he will be able to watch encrypted video.

As I said, the CDM has no access to your system. It will be running in a sandbox which restricts its capabilities, and all it will do will be to get encrypted data from Firefox and pass it back decrypted video content. Moreover, Firefox will protect your privacy. While most DRM implementations provide the content distributor with a device ID, allowing it to follow you across the web. Firefox will generate different IDs for every website, thus protecting your privacy.
Also, the sandbox will be open source and auditable by security experts. The NPAPI plugin architecture we have at the moment is much less secure than that. If everything is implemented properly, all of the privacy and security concerns anyone might have will be rendered null.

Some of the people against this plan point out that DRM in HTML is against all of the principles Mozilla stands for. It's true, DRM is a concept that stands against openness, but that ship has sailed. With the support of Google, Apple and Microsoft, EME is going to be part of the web whatever Mozilla does. H264 was the exact same story. We held out as long as we could, but in the end the users are the ones calling the shots. The users want to see video, and if they can't do it with Firefox, they will switch. Instead of a petition calling for Mozilla to not implement EME, how about a petition saying people will only watch DRM-less video. If 200K people sign that petition, I'd say the war is over and we won.

A lot of people see this as Mozilla loosing the fight and surrendering. I see it as Mozilla joining the war. It means that we are finally willing to play the content industry's game and see how far that takes us. It means our users will use our platform to watch content. It means we can push studios into new technologies and have the data to back it up.

So, if you ever want to watch Netflix, this is your safest choice. If you are completely against EME, that's also OK, because you don't ever have to use it, and no closed-source code will ever run on your PC. And if you don't agree, don't be a troll, but try to think of new ways of how we can avoid DRM. We are in this together.

Keep rocking the open web.

Thursday, March 20, 2014

Firefox & Upstream Challenge

While Firefox is a common household name for a lot of people, Upstream Challenge isn't. So let me clarify.

Upstream Challenge is a competition encouraging Romanian (for the moment) students to contribute to Open Source projects. The motivation behind the competition is that this sort of activity greatly increases a student's technical skills and engagement, but it might also represent a significant contribution for the chosen Open Source project.

Just like in previous years, we hope that Firefox will attract a significant number of contributions. However, finding your way into a big project might be a difficult task for most, so let this be your orientation into contributing to Firefox.

For a long time, the instructions for newcomers were just a disorganized wiki page, but thanks to the efforts of +Brian R. Bondy we now have which offers detailed video tutorials with all you need to get you started. The quality and importance of the tutorials cannot be overstated. Even seasoned volunteers might have something to learn from it.

You can still find textual instructions on MDN:

OK. So now you've completed all of the tutorials (or not), you'll want to start coding. The finding-a-bug tutorial explains how to do this. However, some of you might want to start with something easier. The easiest things you can do is to fix spelling and coding style issues in the code. Just file a bug and attach the patch. These are really easy to do, and get reviewed a lot faster. (This is probably true for other projects as well). One level more difficult is to fix packing issues with C++ structs in Firefox.  Nathan wrote a great article about this. Also, you can always dive right in with good-first-bugs or any bug of your own choosing.

So good luck, and happy coding!

Tuesday, March 4, 2014

Doing good is part of our code

And starting today I am one of the people writing that code. It is more than a saying, but a belief that goes down to the core of every engineer, and every volunteer helping drive the web forward. There are no shareholders and no "customers". Only the users and the web.

I am joining the networking team, a small group of people that are very dear to me. I was an intern on this same team a couple of years ago, and during that time I came to appreciate how awesome all of them are. Right now I am the youngest on the team, the n00b, but I've got a lot to learn, and very talented people to learn from.

"Flame on!"

Saturday, February 8, 2014

My first FOSDEM with Mozilla

Past weekend I had the great honor and opportunity of being a volunteer for this year's FOSDEM at the Mozilla booth. Needless to say it was a great experience.

The most interesting thing at the Mozilla booth were the Firefox OS phones. People had also seen them one year ago, back when the OS was still buggy and unreliable. A handful of people mentioned they had crashed the phone themselves and that the keyboard was unreliable. I'm happy to say, things have improved a lot since then. At the booth, we had 6-7 Geeksphone Keon phones, and on Sunday we added a Peak to the lot. They had version 1.3 of the OS loaded, even though that one is still in Beta. The public reaction was great!

I can probably say that I talked to several hundred people last weekend. Most of them were very interested in what Firefox OS had to offer, and a few questions were constantly repeated:

What's so special about it?
Well, every app on it is build with HTML, CSS and JavaScript. What this means, is that the code written for Firefox OS is the most portable code you can possibly write. It will work on Linux, Windows or Mac, on Android, iOS or Windows Phone. Not only that, but since web technologies are almost always backwards compatible, your app should keep running correctly for a very long time.

When will I be able to buy it?
Actually, Firefox OS phones are already available for purchase. It has been released in several countries, and if you happen to be in a different country you can buy one online from eBay for about $90 ( Geeksphone is currently out of stock ).

What are the specs of the phone?
The phones we had at the booth were mostly Keons. They come with a 1Ghz Snapdragon processor, and 512Mb or RAM. The Peak packs a dual core 1.2 Ghz processor and a bigger screen size.
Specs for the other phones can be found at the following links: ZTE OpenLG Fireweb, Alcatel One Touch Fire.

Can I flash Firefox OS to my own phone?
It depends on the phone you have. For example the Samsung Galaxy S2 and Nexus S, along with other devices, can be flashed with a build of Firefox OS according to these instructions. You could also try porting Firefox OS to a device you own. The community also has some details of the process on XDA.

Why would I choose a Firefox OS phone, and not Android?
Price. It's developed in the open. It's updated more often. You aren't locked in into a walled garden when you buy an app. Apps are developed with web technologies. It is made by a non-profit.

How do I start developing an app?
You just need some basic JavaScript skills. You can start developing using the Firefox OS simulator. (Go to Developer Tools, App Manager and see instructions on how to download it). Also, check out AppMaker - a very simple graphical tool to get you started.

Of course not all questions were great. Someone asked: Why do you have to use JavaScript since it's not Open Source? Uh... actually JavaScript is an open standard. The language was invented by Brendan Eich, Mozilla's CTO.  Firefox has an open source implementation of Javascript. Why do the phones have only one button? Uh... because they do? This is a design choice, one that is also shared by the iPhone, and several other phones. Flash it to an Android phone if you think otherwise.

All in all, this was an awesome FOSDEM. I barely had time to go by the other booths, and only got the chance to catch two of the talks in the Mozilla room, and the closing talk of FOSDEM.
I'd like to thank my fellow mozillians helping out at the booth, especially +Benoit Leseul and +Brian King for coordinating our efforts towards a great FOSDEM.