Skip to content

{ Category Archives } Uncategorized

Marketplace in Q4, 2013

Another set of slides summarizing Marketplace accomplishments in Q4 of 2013 (html). Behold the animated gifs! Also, hat-tip to Will Kahn-Greene’s summary of Input in 2013.

2013 Q3 Accomplishments

The end of September was the same as every quarter lately – a whirlwind of summaries and demonstrations. I gave several presentations on what the Marketplace, SUMO, and Input teams did but I didn’t post anything on this [neglected] blog. It’s my party and I like to emphasize demos and screenshots over text so I’m […]

Tagged , , ,

A successful first FLOSSHack

A few months ago Tim Morgan emailed the Portland OWASP chapter and suggested that we organize a meeting where everyone could get together and audit some existing software. When vulnerabilities were found we would follow the responsible disclosure life cycle and notify the maintainers before publicly disclosing. It would be a fun way to spend […]

Tagged , , ,

Adding a debug language to ȧḓḓ-ǿƞş.ḿǿzīŀŀȧ.ǿřɠ

Last week Greg Koberger finally got me to cross “add a test locale to AMO” off my list – and it turns out it only took a few minutes of actual coding. It sounds like others have had some troubles so I wanted to run through what I did. Firstly, you can see what I’m […]

Tagged , , , , ,

Security in Depth; the first layer of addons.mozilla.org

Discussing the security measures of a public facing and popular website is usually taboo. Often owners are unsure they are following best practices, prefer not to draw attention to their site, or hope that they can maintain security through the obscurity of their code. At Mozilla we are fortunate to offer nearly all of the […]

AMO brings new levels of pedantry to Mozilla Webdev

And we love it. When we first started writing AMO in PHP we agreed to follow the PEAR coding standards and left it at that. Four years and thousands of lines of code later it’s roughly true, but there are some obvious mistakes and oversights. The main problem is that there is no automation for […]