Starting this week, some visitors may notice something new on the MDN Web Docs site, the comprehensive resource for information about developing on the open web.

We are launching an experiment on MDN Web Docs, seeking direct support from our users in order to accelerate growth of our content and platform. Not only has our user base grown exponentially in the last few years (with corresponding platform maintenance costs), we also have a large list of cool new content, features, and programs we’d like to create that our current funding doesn’t fully cover.

In 2015, on our tenth anniversary (read about MDN’s evolution in the 10-year anniversary post), MDN had four million active monthly users. Now, just three years later, we have 12 million. Our last big platform update was in 2013. By asking for, and hopefully receiving, financial assistance from our users – which will be reinvested directly into MDN – we aim to speed up the modernization of MDN’s platform and offer more of what you love: content, features, and integration with the tools you use every day (like VS Code, Dev Tools, and others), plus better support for the 1,000+ volunteers contributing content, edits, tooling, and coding to MDN each month.

Currently, MDN is wholly funded by Mozilla Corporation, and has been since its inception in 2005. The MDN Product Advisory Board, formed in 2017, provides guidance and advice but not funding. The MDN board will never be pay-to-play, and although member companies may choose to sponsor events or other activities, sponsorship will never be a requirement for participation. This payment experiment was discussed at the last MDN board meeting and received approval from members.

Starting this week, approximately 1% of MDN users, chosen at random, will see a promotional box in the footer of MDN asking them to support MDN through a one-time payment.

Banner placement on MDN

Clicking on the “Support MDN” button will open the banner and allow you to enter payment information.

Payment page on MDN

If you don’t see the promotional banner on MDN, and want to express your support, or read the FAQ’s, you can go directly to the payment page.

Because we want to keep things fully transparent, we’ll report how we spend the money on a monthly basis on MDN, so you can see what your support is paying for. We hope that, through this program, we will create a tighter, healthier loop between our audience (you), our content (written for and by you), and our supporters (also, you, again).

Throughout the next couple months, and into 2019, we plan to roll out additional ways for you to engage with and support MDN. We will never put the existing MDN Web Docs site behind a paywall. We recognize the importance of this resource for the web and the people who work on it.

The post A New Way to Support MDN appeared first on Mozilla Hacks - the Web developer blog.

https://hacks.mozilla.org/2018/10/a-new-way-to-support-mdn/

>>> import bleach
>>> bleach.clean('This is terrible.')
'This is terrible.<sarcasm></sarcasm>'

>>> import bleach
>>> bleach.clean('This is terrible.')
'This is terrible.<sarcasm>'

http://bluesock.org/~willkg/blog/dev/bleach_3_0_0.html

History

Around 2015 a couple of projects had started using ESLint in mozilla-central. In the last quarter of 2015, there was a big push to enable ESLint for browser/ and toolkit/ – the two main directories containing the javascript source behind Firefox.

Since then, we have come a long way. We have commands and hooks for developers to use, checks during the review phase, and automatic tests that run against our review tools and our continuous integration branches. Not only that, but we’ve also expanded our coverage to more directories, and expanded the amount of rules that are enabled.

As we’ve done this work, we’ve caught lots of bugs in the code or in our tests (there’s much more than just those links). Some of those have been small, some have been user facing issues. There are also now the countless potential bugs that we don’t get to see where ESLint catches issues for us before they even hit the core source trees. All this helps to save developer time and leaves more for fixing bugs and implementing new features.

Where to next?

There are several things high on the list that we should have as the next, future goals:

1. Finish enabling ESLint on all our JavaScript code in mozilla-central

We are already covering the vast majority of production code in mozilla-central, however there are still a lot of unit tests that aren’t covered. Increasing linting coverage here will help to ensure these are functioning as we expect.

There’s always a few things it won’t make sense for, e.g. third-party imports, or the occasional piece of preprocessed code, but I think we should strive towards 100% coverage where we sensibly can.

2. Harmonize our rules

Whilst we have a core set of rules, various directories are overriding and extending the rules. We should aim for having the majority of rules being the same everywhere, with additional rules being only occasional (e.g. experimental).

This will make it far easier for developers working across modules to be able to work in a consistent style, and help spread the useful rules across the tree.

Example rules that fall into this category: mozilla/var-only-at-top-level, block-scoped-var, no-shadow, no-throw-literal, no-unused-expressions, yoda

3. Improve developer tools

For me, I find most use for ESLint when it is integrated into my editor. However, there’s various other occasions where we’re not doing quite enough to make it easy for developers, e.g. automatically installing hooks, or setting up editor support automatically.

These help developers to catch issues earlier whilst the developer is still focussed on the patch, reducing context switching. We should be getting these working as seamlessly as possible.

4. Improve automatic fixing

Currently the automatic fixing doesn’t work fully if you run it across the whole tree (you can run it in segments), we should fix it to help make applying new rules globally a lot easier.

We need your help!

• Find a problem with ESLint that is stopping you using it efficiently? Please file a bug. Alternately, come talk to me about issues that are slowing you down or getting in the way.
• Reasonably regularly I file mentored bugs for enabling new directories or rules, which are great to get you started. However, if you’re interested in working with me on getting larger chunks going, please let me know (in the comments or ping Standard8 on IRC).
• Anything I’ve missed or discussions points? Please add a comment.

Thank you

I’d like to say a big thank you to all those that have helped bring ESLint to where it is today. Special thanks go to Dave Townsend for his encouragement and many reviews.

There’s many more people that have been involved from the various teams that work on Firefox, as well as first-time contributors – too many to name, so thank you all!

https://www.thebanners.uk/standard8/2018/10/03/whats-next-for-eslint-on-firefox-source-code/

class ExampleIfRule(Rule):

    def register_triggers(self):
        return (self.Philips_HUE_01,)

    def action(self, *args):
        if self.Philips_HUE_01.on:
            self.Philips_HUE_02.on = True
            self.Philips_HUE_03.on = True
            self.Philips_HUE_04.on = True 

class ExampleWhileRule(Rule):

    def register_triggers(self):
        return (self.Philips_HUE_01,)

    def action(self, the_triggering_thing, the_changed_property_name, the_new_value):
        if the_changed_property_name == 'on':
            self.Philips_HUE_02.on = the_new_value
            self.Philips_HUE_03.on = the_new_value
            self.Philips_HUE_04.on = the_new_value

class BondedBulbsRule(Rule):

    def register_triggers(self):
        return (
            self.Philips_HUE_01,
            self.Philips_HUE_02,
            self.Philips_HUE_03,
            self.Philips_HUE_04,
        )

    def action(self, the_triggering_thing, the_changed_property_name, the_new_value):
        for a_thing in self.triggering_things.values():
            setattr(a_thing, the_changed_property_name, the_new_value)

class HeartBeat(TimeBasedTrigger):
    def __init__(
        self,
        name,
        period_str
        # duration should be a integer in string form with an optional
        #    H, h, M, m, S, s, D, d  as a suffix to indicate units - default S
    ):
        super(HeartBeat, self).__init__(name)
        self.period = self.duration_str_to_seconds(period_str)

    async def trigger_dection_loop(self):
        logging.debug('Starting heartbeat timer %s', self.period)
        while True:
            await asyncio.sleep(self.period)
            logging.info('%s beats', self.name)
            self._apply_rules()

the_rainbow_of_colors = deque([
    '#ff0000',
    '#ffaa00',
    '#aaff00',
    '#00ff00',
    '#0000ff',
    '#aa00ff'
])


class RainbowRule(Rule):

    def initial_state(self):
        self.participating_bulbs = (
            self.Philips_HUE_01,
            self.Philips_HUE_02,
            self.Philips_HUE_03,
            self.Philips_HUE_04,
            self.Philips_HUE_05,
            self.Philips_HUE_06,
        )

        for a_bulb, initial_color in zip(self.participating_bulbs, the_rainbow_of_colors):
            a_bulb.on = True
            a_bulb.color = initial_color

    def register_triggers(self):
        self.heartbeat = HeartBeat('the heart', "2s")
        return (self.heartbeat, )

    def action(self, *args):
        the_rainbow_of_colors.rotate(1)
        for a_bulb, new_color in zip(self.participating_bulbs, the_rainbow_of_colors):
            a_bulb.color = new_color

http://www.twobraids.com/2018/10/the-things-gateway-pythonic-rule-system.html

Today is German Unity Day, Germany’s National Day. Half of my team live in Berlin, so I vaguely knew they wouldn’t be around… but I’d likely have forgotten if not for a lovely tradition of “Holiday Inbound” emails at Mozilla.

Mozilla is a broadly-distributed organization with employees in dozens of countries worldwide. Each of these countries have multiple days off to rest or celebrate. It’s tough to know across so many nations and religions and cultures exactly who will be unable to respond to emails on exactly which days.

So on the cusp of a holiday it is tradition in Mozilla to send a Holiday Inbound email to all Mozilla employees noting that the country you’re trying to reach can’t come to the phone right now, so please leave a message at the tone.

More than just being a bland notification some Mozillians take the opportunity to explain the history and current significance of the event being celebrated. I’ve taken a crack at explaining the peculiarly-Canadian holiday of Christmas (pronounced [kris-muhs]) in the past.

Sometimes you even get some wonderful piece of alternate history like :mhoye’s delightful, 50% factual exploration of the origins of Canadian Labour Day 2016.

I delight in getting these notifications from our remotees and offices worldwide. It really brings us closer together through understanding, while simultaneously highlighting just how different we all are.

Maybe I should pen a Holiday Inbound email about Holiday Inbound emails. It would detail the long and fraught history of the tradition in a narrative full of villains and heroes and misspellings and misunderstandings…

Or maybe I should just try to get some work done while my German colleagues are out.

:chutten

https://chuttenblog.wordpress.com/2018/10/03/distributed-teams-regional-holidays/

Firefox is shipped using a train model. Without going into too much details, this means that we maintain several channel in parallel (Nightly, Beta, Release and ESR). Normal changes happen in Nightly. When a change needs to be cherry-picked from Nightly to another branch, the process is called “Uplift”.

Uplifting is a key tool in the Firefox release management world. When developers want to apply a patch from Nightly to another branch, they will use Bugzilla, answering some questions in a textarea. Then, release managers will make a risk assessment to accept or reject the uplift. As an example, release managers will see the following comment:

The release and quality management team is plugging more and more automation (and Machine Learning in the future) in Bugzilla, and the freeform textarea was making it more difficult (also because developers are free to do anything they want with the prefilled text, even deleting fields). For this reason, we are moving to a typical form directly in the Bugzilla interface. The change, developed by Kohei who is volunteering as a Bugzilla UX designer, has been deployed yesterday (October 2nd)

A screenshot is a better explanation than words:

Once submitted, the comment will be displayed just like before!

We are planning to move to a similar system for tracking and release notes requests.

As always, don’t hesitate to share feedback to release-mgmt@mozilla.com

https://release.mozilla.org/tooling/bugzilla/2018/10/03/uplift-form.html

happy bmo push day – mojolicious edition

As previously announced at FOSDEM 2018 and then re-announced at MojoConf, bugzilla.mozilla.org is now running on Mojolicious “A next generation web framework for the Perl programming language”

This release incorporates 28 changes and the Mojolicious migration is the least interesting to the end-user, but it is pretty important in terms of being able to deliver rich experiences moving forward.

As…

View On WordPress

https://mozilla-bteam.tumblr.com/post/178683739218

The HTTP Referrer Value

Navigating from one webpage to another or requesting a sub-resource within a webpage causes a web browser to send the top-level URL in the HTTP referrer field. Inspecting that HTTP header field on the receiving end allows sites to identify where the request originated which enables sites to log referrer data for operational and statistical purposes. As one can imagine, the top-level URL quite often includes user sensitive information which then might leak through the referrer value impacting an end users privacy.

The Referrer Policy

To compensate, the HTTP Referrer Policy allows webpages to gain more control over referrer values on their site. E.g. using a Referrer Policy of “origin” instructs the web browser to strip any path information and only fill the HTTP referrer value field with the origin of the requesting webpage instead of the entire URL. More aggressively, a Referrer Policy of ‘no-referrer’ advises the browser to suppress the referrer value entirely. Ultimately the Referrer Policy empowers the website author to gain more control over the used referrer value and hence provides a tool for website authors to respect an end users privacy.

Expanding the Referrer Policy to CSS

While Firefox has been supporting Referrer Policy since Firefox 50 we are happy to announce that Firefox will expand policy coverage and will support Referrer Policy within style sheets starting in Firefox 64. With that update in coverage, requests originating from within style sheets will also respect a site’s Referrer Policy and ultimately contribute a cornerstone to a more privacy respecting internet.

For the Mozilla Security and Privacy Team,
  Christoph Kerschbaumer & Thomas Nguyen

The post Supporting Referrer Policy for CSS in Firefox 64 appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2018/10/02/supporting-referrer-policy-for-css-in-firefox-64/

From Saturday, September 22 to Monday, September 24, more than twenty people met in London to work on improving accessibility on MDN Web Docs — both the content about accessibility and the accessibility of the site itself. While much remains to be done, the result was a considerable refresh in both respects.

Attendees at Hack on MDN listen to a lightning talk by Eva Ferreira. Photo by Adrian Roselli.

Hack on MDN events

Hack on MDN events evolved from the documentation sprints for MDN that were held from 2010 to 2013, which brought together staff members and volunteers to write and localize content on MDN over a weekend. As implied by the name, “Hack on MDN” events expand the range of participants to include those with programming and design skills. In its current incarnation, each Hack on MDN event has a thematic focus. One in March of this year focused on browser compatibility data.

The Hack on MDN format is a combination of hackathon and unconference; participants pitch projects and commit to working on concrete tasks (rather than meetings or long discussions) that can be completed in three days or less. People self-organize to work on projects in which a group can make significant progress over a long weekend. Lightning talks provide an unconference break from projects.

Accessibility on MDN Web Docs

Making websites accessible to a wide range of users, including those with physical or cognitive limitations, is a vital topic for creators on the web. Yet information about accessibility on MDN Web Docs was sparse and often outdated. Similarly, the accessibility of the site had eroded over time. Therefore, accessibility was chosen as the theme for the September 2018 Hack on MDN.

Hack on MDN Accessibility in London

The people who gathered at Campus London (thanks to Google for the space), included writers, developers, and accessibility experts, from within and outside of Mozilla. After a round of introductions, there was a “pitch” session presenting ideas of projects to work on. Participants rearranged themselves into project groups, and the hacking began. Adrian Roselli gave a brief crash course on accessibility for non-experts in the room, which he fortunately had up his sleeve and was able to present while jet-lagged.

At the end of each morning and afternoon, we did a status check-in to see how work was progressing. On Sunday and Monday, there were also lightning talks, where anyone could present anything that they wanted to share. Late Sunday afternoon, some of us took some time out to explore some of the offerings of the Shoreditch Design Triangle, including playing with a “font” comprised of (more or less sit-able) chairs.

Glenda Sims, Estelle Weyl, Janet Swisher and Adrian Roselli pose with metal letter-shaped chairs spelling “HACK” and “MdN”. Photo by Dan Rubin.

Outcomes

One project focused on updating the WAI-ARIA documentation on MDN Web Docs, using a new ARIA reference page template created by Estelle Weyl. Eric Bailey, Eric Eggert, and several others completed documentation on 27 ARIA roles, including recommending appropriate semantic HTML elements to use in preference to an ARIA role. The team even had remote contributors, with Shane Hudson writing about the ARIA alert role.

A number of participants worked on adding sections on “Accessibility concerns” to relevant HTML, CSS, and JavaScript pages, such as the element, display property, and the Animation API.

Other efforts included:

• Glenda Sims updated the articles about the Web Content Accessibility Guidelines (WCAG) for version 2.1 of that standard, and updated the tutorial on What is accessibility?.
• Eva Ferreira wrote an article on using media queries for accessibility, and translated a number of accessibility-related articles into Spanish.
• Adrian Roselli prototyped alternatives to MDN’s use of the title attribute, which is well-known to be problematic for accessibility.
• Hidde de Vries completely rewrote and updated the article on accessibility information for UI designers and developers, and opened a pull request to add accessible text to social icons on MDN.
• Bruce Lawson reviewed, updated, and consolidated several general articles about accessibility, including the ARIA landing page, keyboard-navigable JavaScript widgets, and an overview of accessible web applications and widgets.
• Marco Zehe blogged about reasons not to use ARIA menus.
• Stephanie Hobson submitted several pull requests to improve the usability of the MDN Web Docs site for users of screen readers, such as moving the link to each section heading after the heading text, and moving the close button for menus to the top of the menu.
• Josh Mize opened a pull request to increase contrast for blue and link-color to meet WCAG AA guidelines.
• Jean-Yves Perrier prototyped a schema for compatibility data regarding browser and screen reader combinations.

Also, a fun time was had and the group enjoyed working together. Check the #HackOnMDN tag on Twitter for photos, “overheard” quotes, nail art by @ninjanails and more. Also see blog posts by Adrian Roselli and Hidde de Vries for their perspectives and more details.

What’s next?

There is plenty of work left to make MDN’s accessibility content up-to-date and useful. The list of ARIA roles, states, and properties is far from complete. More reference pages need “accessibility concerns” information added. The accessibility of the MDN Web Docs site still can be improved. As a result of the enthusiasm from this event, discussions are starting about doing a mini-hack in connection with an upcoming accessibility conference.

If you find issues that need to be addressed, please file a bug against the site or the content. Better yet, get involved in improving MDN Web Docs. If you’re not sure where to begin, visit the MDN community forum to ask any questions you might have about how to make MDN more awesome (and accessible). We’d love to have your help!

The post Hack on MDN: Better accessibility for MDN Web Docs appeared first on Mozilla Hacks - the Web developer blog.

https://hacks.mozilla.org/2018/10/hack-on-mdn-better-accessibility-for-mdn-web-docs/

When we first launched Firefox Focus, we wanted to quickly deliver a streamlined private browsing experience for your mobile device. Since then, we’ve been pleasantly surprised by how many people use Focus for more than just private browsing and we’ve made Focus better with a thoughtful set of features based on what our users are telling us. Custom tabs, tracker counter, full screen mode and so much more have been the result. Today, we’re pleased to announce another big update with another much-requested feature, a design refresh, and an exciting change to the underlying technology behind Focus for Android.

Learn more: search suggestions and home screen tips

Missed one of the feature releases? No problem! Now, we’re going to present the core functionalities of Firefox Focus on the start screen to give an overview of the whole range of possibilities your privacy browser has to offer – in a clear and unobtrusive way, not interrupting the usage at all and automatically refreshing after each click on the Erase button.

Just open the browser and you’ll see helpful feature recommendations in your preferred language on the Firefox Focus start screen (Android). For iOS users, the feature is currently available in English language.

Search suggestions are a key part of web search that can make searching more convenient.  Easily activate the feature by opening the app settings > “Search” > select the checkbox “Get search suggestions”.

We’re aware that privacy is a top priority for many Firefox Focus users and you might not want to share what you’re typing in the address bar with your search provider. So, the feature is turned “off” by default and we let you choose whether or not you want to turn it on. Why? Because that’s our style!

 Find what you’re looking for quickly – with search recommendations.

Siri Shortcuts for iOS users

In addition to home screen tips, iOS users will receive another much asked feature with today’s release: Siri Shortcuts. Siri is one of the more popular features on iOS devices and we’re all about ease for our users. So, in order to improve the Firefox Focus for iOS user experience further, you’ll now be able to set and open a favorite website, erase and open Firefox Focus, as well as erase in the background via shortcuts.

In line with updated designs

Style is key to today’s Firefox Focus release: the browser’s visual design is now completely optimized for the recently released Android Pie. New icons, a customized URL bar and a simplified settings menu make it easier to use and provide for a consistent user experience.

But no need for iOS users to feel left out: the new Firefox Focus has a fresh look for iOS 12.

Presentation matters: the new Firefox Focus comes with an updated design system, optimized for Android Pie (left) and iOS 12 (right).

A new engine for the Firefox Android browsers

While the new app design is obviously an eye-catcher, we’ve also made a groundbreaking change to the underlying Firefox Focus framework that’s not visible at first glance – but will make a huge difference in future releases. Focus is now based on GeckoView, Mozilla’s own mobile engine, making it a pioneer among our Android apps.

Switching to GeckoView will give Focus the benefits of Gecko’s Quantum improvements and enables Mozilla to implement unique privacy-enhancing features in the future, such as reducing the potential of third party collection. For now, you won’t notice much, but you’ll be helping us create the next generation of Firefox browsers just by using Focus, and we’ll return the favor by giving our Focus users unique features that other browsers on Android simply won’t be able to offer.

We’ll make sure to keep you updated on the progress as well as all new developments around Firefox Focus on this blog and are looking forward to your feedback! For now, if you’d like to learn more about the future of our privacy browser, please have a look at this post on the Mozilla Hacks Blog.

Get Firefox Focus now

The latest version of Firefox Focus for Android and iOS is now available for download on Google Play, in the App Store and now also in the Samsung store.

The post New Firefox Focus comes with search suggestions, revamped visual design and an under-the-hood surprise for Android users appeared first on The Mozilla Blog.

https://blog.mozilla.org/blog/2018/10/02/new-firefox-focus-comes-with-search-suggestions-revamped-visual-design-and-an-under-the-hood-surprise-for-android-users/

https://quality.mozilla.org/2018/10/firefox-63-beta-10-testday-results/

https://blog.nightly.mozilla.org/2018/10/02/these-weeks-in-firefox-issue-46/

Pick of the Month: Default Bookmark Folder

by Teddy Gustiaux
Do you keep multiple bookmark folders? This extension makes it simple to add new bookmarks to specific folders.

“So useful and powerful. I no longer have to change bookmark locations every time!”

Featured: Search Site WE

by DW-dev
Perform website-specific searches.

“Fast, very cool & useful.”

Featured: Dark Reader

by Alexander Shutov
Turn the entire web dark. This extension inverts bright colors to make all websites easier on the eyes.

“This is hands down the best looking dark theme extension for Firefox that I have tried.”

Featured: Vertical Tabs Reloaded

by Croydon
Arrange your open tabs in an orderly vertical stack.

“This is great. Vertical tabs should be the standard nowadays.”

Featured: Text MultiCopy

by erosman
Save multiple snippets of text to paste and organize later.

“So very useful and it works flawlessly.”

Featured: Cookiebro

by Nodetics
Simple yet powerful cookie management. Automatically deletes unwanted cookies, while sparing those on your whitelist.

“I really like that Cookiebro recognizes session cookies, so deleting unwanted cookies will still keep you logged in on most sites.”

If you’d like to nominate an extension for featuring, please send it to amo-featured [at] mozilla [dot] org for the board’s consideration. We welcome you to submit your own add-on!

The post October’s Featured Extensions appeared first on Mozilla Add-ons Blog.

https://blog.mozilla.org/addons/2018/10/01/octobers-featured-extensions-2/

This article first appeared on October 1st, 2018 in the Times of India print edition.

The Aadhaar judgment holds important lessons (and warnings) for how courts and the polity should respond to the technological vision of the state. The task before the Supreme Court was to evaluate the constitutionality of a specific choice and design of technology made by the government. Note that this choice, of a single biometric identifier for each resident linked to a centralised database, was made almost a decade ago. And decisions about this project have largely evolved within the closed quarters of the executive, including the one to roll it out, and the subsequent call to link Aadhaar to essential services. All this was done without any statutory backing, until its hurried passage as a money bill in 2016.

As one reads through the decision of the three judges that formed the majority opinion, it becomes clear that there are limits to this delayed judicial scrutiny of a technology-driven project that has already reached scale (over 99% of the population is already enrolled). While the judgment does well to impose limits on its scope, it disappoints in its reluctance to engage with its underlying technical and evidentiary claims, and the application of weak legal standards.

Take the issue framed by the majority opinion as “whether the Aadhaar project has the tendency to create a surveillance state.” The judges offer a very cursory analysis of security safeguards already in place, accepting UIDAI’s claim that the database is “sufficiently secure” and “strongly regulated”. The contrary evidence put forth by the petitioners is largely ignored, including the fact that 49,000 Aadhaar enrolment agencies have been blacklisted for fraud by UIDAI itself.

They do not engage with multiple news reports of recent security breaches, reasoning that this evidence came after the hearings concluded, but noting that these too have been “emphatically denied by the UIDAI.” They conclude that the project cannot be shelved “only (based) on apprehensions.” So while concerns of unrealised (or imperceptible) state surveillance are treated as anxieties that must be soothed, UIDAI is rewarded with the benefit of doubt to not overstep the limits it has set for itself.

On the other hand Justice Chandrachud, who dissents from the majority, pulls us out of this false fait accompli and finds the project to be wholly unconstitutional. He reframes the question in terms of power and asks how the technological architecture of Aadhaar, specifically its use of biometric data and the ability to link distinct databases, could alter the power relationship between citizen and the state. Not only does he differ in his factual analysis of the surveillance capability of Aadhaar as it appears today, he also takes seriously possible future risks to individual liberty.

The court separately considers the issue of whether the Aadhaar project violates the fundamental right to privacy. While the judges all accept that Aadhaar enabled some degree of state intrusion into the privacy of individuals, they differ on whether such intrusion could pass the test of proportionality. Asserted most recently in the case of Puttaswamy vs Union of India, this test is by no means straightforward. In an analysis that eventually rests on weak factual and legal foundations the majority judgment in the Aadhaar case only adds further ambiguity.

On facts, they find that Aadhaar collects “minimal data”, simply because information like names and photos are already routinely collected by a variety of services. This misunderstands a fundamental precept of data privacy. There is risk associated with collecting sensitive information like biometrics in the first place. However, there is potential for even greater harm when an individual’s personal data is linked with other datasets and used across contexts. Given this finding of “minimal data” use, they conclude that individuals have no “reasonable expectation of privacy” in such data, and therefore the intrusion is proportionate. It is worth noting that in the Puttaswamy judgment, Justice Nariman categorically rejected this legal standard, reasoning that our right to privacy cannot be reduced only to the subjective notion of what an individual may “reasonably expect”, and instead, that the law must in fact set out how our privacy should be protected.

The infirmities of the majority’s judgment aside, it seems there is a broader issue with courts being forced to constantly catch-up with technological choices, resigned to scrutinise them in hindsight and to lessen the blow with safeguards. With Aadhaar, this need not have been the case. The rollout of this project should have been preceded by rigorous evidence, independent evaluation of technical and security claims, and scrutiny by the public and Parliament. The ability to highlight errors in software design or in implementation depends on the degree to which systems are open to external audit. A project that has affected every resident of this country and has largely grown through coercion (and for the poor, more harshly than others), should have been open and accountable by design.

Aadhaar might be the largest example of a technology-driven decision system in India, and the first to be legally adjudicated, but both globally and in India such systems are increasingly finding their way into various spheres of government, including criminal justice, healthcare and employment. We must be prepared to ask difficult questions of both the technical claims and the political and economic motivations that drive such proposals.

This article first appeared on October 1st, 2018 in the Times of India print edition. Available here.

The post Indian Supreme Court rules on Aadhaar: Delayed scrutiny appeared first on Open Policy & Advocacy.

https://blog.mozilla.org/netpolicy/2018/10/01/indian-supreme-court-rules-on-aadhaar-delayed-scrutiny/

http://bluesock.org/~willkg/blog/mozilla/socorro_2018q3.html

https://danielpocock.com/stelvio-mortirolo-simplon-tiramisu

I gave a talk about Rust and WebAssembly for SFHTML5’s “All About WebAssembly” meetup. You can find the slide deck here. Use your arrow keys to cycle through the slides. Video recording embedded below.

You can watch the other (great!) talks from the meetup in this playlist.

http://fitzgeraldnick.com/2018/10/01/sfhtml5-rust-and-wasm-talk.html

Following on the heels of our submission to the U.S. Federal Trade Commission last month, we have submitted a written filing to the European Commission Directorate-General for Competition, as part of a public consultation in advance of the Commission’s forthcoming January 2019 conference on competition challenges in the digital era. In our filing, we focus on two specific, related issues: the difficulty of measuring competitive harm in a data-powered and massively vertically integrated digital ecosystem, and the role played by interoperability (in particular, through technical interfaces known as APIs) in powering the internet as we know it.

Mozilla’s Internet Health Report 2018 explored concentration of power and centralization online through a spotlight article, “Too big tech?” The software and services offered by a few companies are entangled with virtually every part of our lives. These companies reached their market positions in part through massive innovation and investment, and they created extremely popular (and lucrative) user experiences. But we are headed today down a path of excessive centralisation and control, where someday the freedom to code and compete will be realised in full only for those who work for a few large corporations.

Our submission examines modern digital competition through the following key considerations:

1. Increasing centralisation poses competition concerns;
2. Traditional metrics and tools are insufficient to promote competition;
3. Interoperability is a powerful, ready-to-use key to unlock competition in the tech sector; and
4. Changes to law, policy, and practice regarding internet competition should be grounded in technology and built to benefit all internet users and businesses.

The EU has a well established track record in enforcing competition in digital markets. We encourage the Commission to continue its leadership by embracing interoperability as a core principle in its approach to digital competition. If the future of the internet stays grounded in standards and built out through an ecosystem of transparent third-party accessible APIs, we can preserve the digital platform economy as a springboard for our collective social and economic welfare, rather than watching it evolve into an oligarchy of gatekeepers over our data.

The post Contributing to the European Commission’s review of digital competition appeared first on Open Policy & Advocacy.

https://blog.mozilla.org/netpolicy/2018/09/28/contributing-to-the-european-commissions-review-of-digital-competition/

Hubs by Mozilla lets people meet in a shared 360-environment using just their browser. Hubs works on any device from head-mounted displays like HTC Vive to 2D devices like laptops and mobile phones. Using WebVR, a JavaScript API, Mozilla is making virtual interactions with avatars accessible via Firefox and other browser that people use every day.

In the course of building the first online social platform for VR and AR on the web, Mozilla wanted confirm it was building a platform that would bring people together and do so in a low-friction, safe, and scalable way. With her years of experience and seminal studies examining the successes and pitfalls of social VR systems across the ecosystem, Jessica Outlaw and Tyesha Snow of The Extended Mind, set out to generate insights about the user experience and deliver recommendations of how to improve the Hubs product.

BACKGROUND ON THE RESEARCH STUDY
In July 2018, The Extended Mind recruited five pairs of people (10 total) to come to their office in Portland, OR and demo Hubs on their own laptops, tablets, and mobile phone. We provided them with head-mounted displays (HTC Vive, Oculus Rift & Go) to use as well.

Users were a relatively tech savvy crowd and represented a range of professions from 3D artist and engineer to realtor and psychologist. Participants in the study were all successful in entering Hubs from every device and had a lot of fun exploring the virtual environment with their companion’s avatar. Some of the participants in their early twenties also made a point to say that Hubs was better than texting or a phone call because:

“This makes it easier to talk because there are visual cues.”

And…

“Texting doesn’t capture our full [expression]”

In this series blog posts, The Extended Mind researchers will cover some of the research findings about the first-time user experience of trying Hubs. There are some surprising findings about how the environment shaped user behavior and best practices for usability in virtual reality to share across the industry.

BROWSER BASED VR (NO APP INSTALL REQUIRED)
Today, the focus is on how the accessibility of Hubs via a browser differentiates it from other social VR apps as well as other 2D communication apps like Skype, BlueJeans, and Zoom.

The process for creating a room and inviting a friend begins at hubs.mozilla.com. Once there, participants generated a link to their private room and then copied and pasted that link into their existing communication apps, such as iMessage or e-mail.

Once their companion received the link, they followed instructions and met the person who invited them in a 360-environment. This process worked for HMDs, computers, and mobile phone. When participants were asked afterward about the ease of use of Hubs, accessibility via link was listed as a top benefit.

“It’s pretty cool that it’s as easy as copy and pasting a link.”

And

“I’m very accustomed to virtual spaces having their own menu and software boot up and whole process to get to, but you open a link. That’s really cool. Simple.”

Some believed that because links are already familiar to most people, they would be able to persuade their less technologically sophisticated friends & family members to meet them in Hubs.

Another benefit of using the browser is that there is already one installed on people’s electronic devices. Obstacles to app installation range from difficulty finding them in the app store, to lack of space on a hard drive. One person noted that IT must approve any app she installs on her work computer. With Hubs, she could use it right away and wouldn’t need to jump that hurdle.

Because Hubs relies on people’s existing mental models of how hyperlinks work, only requires an internet browser (meaning no app installation), and is accessible from an XR or 2D device it the most accessible communication platform today. It could possibly be the first digital experience that people have which gets them familiar with the with the concepts of 360 virtual spaces and interacting with avatars, which subsequently launches them into further exploration of virtual and extended reality.

Now that you've got a sense of the capabilities of Hubs, the next blog posts will cover more specific findings of how people used it for conversation and how the environment shaped interections.

https://blog.mozvr.com/mozilla-hubs-immersive-communication-on-any-device/

https://blog.mozilla.org/sumo/2018/09/28/support-localization-top-50-sprint-and-more/