Forgot your password?
typodupeerror

Comment: Re:Rest of the world. (Score 4, Informative) 24

by jesser (#39802619) Attached to: Bug Bounty Hunters Weigh In On Google's Vulnerability Reporting Program

Mozilla, Google, and Facebook all offer bounties to researchers outside the US.

* Mozilla has awarded bounties to researchers in several European countries.

* Google says: “We are unable to issue rewards to individuals who are on sanctions lists, or who are in countries (e.g. Cuba, Iran, North Korea, Sudan and Syria) on sanctions lists.”

* Facebook says: “You must... Reside in a country not under any current U.S. Sanctions (e.g., North Korea, Libya, Cuba, etc.)”

Which bounty programs are restricted to the US?

Comment: Re:Firefox is required anyway. (Score 1) 297

by jesser (#38731644) Attached to: Notes On Reducing Firefox's Memory Consumption

Your database sizes aren't much different from mine. My places.sqlite is 73.4MB my urlclassifier3.sqlite (in ~/Library/Caches/Firefox/) is 42MB.

Firefox stores a lot of history information, including individual visits, in order to provide good predictions when typing into the address bar. I'm not sure which heuristics it uses to expire old history, or even whether it's primarily based on database size or age.

We could probably stop storing individual visit information if we fixed bug 704025. But I'm guessing that wouldn't shrink the database much, because dates are tiny compared to URLs and titles.

Comment: Re:UNCO is unconfirmed but it uses a lot of time (Score 1) 334

by jesser (#37249758) Attached to: Updated: Mozilla Community Contributor Departs Over Bug Handling

I triaged bugs back in 2000, too. What was your username or email address in Bugzilla? :)

Nowadays my focuses are security and finding bugs.

In 2009 I wrote about how to make triage more efficient and more effective. (Tyler linked to my post). And I actually triaged a subset of bugs that way when I was tasked with bringing down the number of crash bug reports.

Comment: Re:Mozilla may not want Google (Score 1) 182

by jesser (#37074020) Attached to: Why Google Needs Firefox

What exactly do Mozilla do with 100 million dollars of tax-free revenue?

The first thing we do with it is to pay taxes. It was not trivial for us to figure out how to do that.

Are they building a war chest?

You can get a sense of how much we're saving by reading financial reports from previous years. To some extent, we're saving not because we want to save, but because we can only hire people so fast while maintaining quality and culture.

That'd be 500 full time employees at 100k per year with 50 million left over in case of emergencies.

500 full time Mozilla employees and contractors isn't far off.

I've heard a rule of thumb that once you throw in benefits, offices, and travel, the cost of employing someone is about twice their salary. I don't know whether that holds for Mozilla, which has generous employee benefits but many remote employees.

Comment: Re:How about not breaking add-ons? (Score 1) 364

by jesser (#36819956) Attached to: Firefox Is Going 64-Bit: What You Need To Know

every single time, Firebug and Greasemonkey stop working.

If you use a beta version of Firefox and want to use Firebug, the Firebug developers say you should use the beta version of Firebug. It would be nice if Firefox Beta automatically went out and fetched the beta version of Firebug instead of just saying the version you have is incompatible.

Greasemonkey is often more compatible than its authors let on. I'm using it with Firefox 8 Nightly and it's working fine, despite being marked as only compatible with Firefox 5. I bet it would work in your Firefox 6 Beta just fine.

There's also a competitor to Greasemonkey called Scriptish that is marked as compatible with Firefox 6 beta. I've heard good things about it but haven't tried switching yet.

track add-ons better and not refuse to load them just because they haven't yet been certified to work

That's the plan!

AMO-hosted extensions that use APIs that haven't changed are automatically assumed to work. So are extensions developed using the new SDK.

To do it safely for other extensions, we'll need to gather data from beta users (like you -- thanks!) to find out whether the extension still does its job, whether it causes crashes (crash-stats correlations), and whether it causes other widespread problems (telemetry correlations).

Future beta versions of Firefox will probably ask you whether you also want to beta-test extensions that might not be compatible. For now you have to set a hidden pref to do that.

Comment: Re:64bit: NOT new, just Win getting parity w/linx+ (Score 1) 364

by jesser (#36819720) Attached to: Firefox Is Going 64-Bit: What You Need To Know

I'm pretty sure "__misaligned_access" in that stack trace is a red herring. Notice the large offsets and multiple frames blamed on the "same function". It's probably a section of ntoskrnl for which you don't have full symbols.

In theory you can get a decent stack trace (or even stack traces for all threads) by following the instructions on How to get a stacktrace with WinDbg. In theory. I tried once and got about as far as you did.

Comment: Re:Rendering (Score 1) 441

by jesser (#36730150) Attached to: Firefox 8 20% Faster Than Firefox 5

Does that mean the goal of Rust is to become part of Firefox at some point?

Yes, the hope is that parts of Firefox will begin to be written in Rust. I heard a rumor that we might replace our HTML parser first. (Our current HTML parser has one of the weirdest build requirements; it's written in a custom subset of Java that can be source-translated into C++.)

I had always wondered why Mozilla would suddenly become interested in writing a new programming language out of the blue

As opposed to digging deeper and deeper into our unhappy dialect of C++? ;)

Didn't seem like the sort of organization with so much excess resources to throw around that it would be useful to start spinning up such a thing

We're doing pretty okay on money for now :) Putting together a language research team doesn't compete directly with much of the other stuff we're doing, except maybe JS engine work. It's a long shot, but if it works succeeds, it will be worthwhile many times over.

instead of, say, buying more build slaves

IIRC, we were limited there by datacenter power or space. We recently got space in a data center in Phoenix, which should help a lot.

We were also limited there by trying to use the same hardware to test Firefox's performance on all desktop operating systems, which meant using a specific version of the Mac Mini for everything. And using the same hardware for both performance testing and unit testing. We're going to change that.

Real Programmers don't write in FORTRAN. FORTRAN is for pipe stress freaks and crystallography weenies. FORTRAN is for wimp engineers who wear white socks.

Working...