Category Archives: mobile

John Lilly’s thoughts on Opera moving to WebKit

John Lilly’s thoughts on Opera moving to WebKit:

But what I have learned being around the Mozilla folks is that technologies always, always, always have arcs. Seems obvious. But decisions that seem incredibly clear in the near term — say a period of 3 or 4 years — don’t always seem so clear several years later.

What we know for sure is this: monocultures always make more & faster progress in the near term when they’re stewarded by strong, vibrant leaders. But over time you get stuck. Companies change, sensibilities change. And then you’ve got all the technology, and all talent, and all of the best thinkers, all trapped on one technology stack.

What we do know is that in technology, we’ve never been served well by monocultures — we know this for sure. I worry that in our desire for clearer definition, easier standards, faster progress, we’re forgetting that we know this. Same as it ever was, I suppose.

 

my MozCamp EU 2012 mission

In preparation for my participation at MozCamp EU 2012, I’m working hard to promote two Engagement programs we’re launching. One is the Tiger Team project (which I’m working with Chelsea Novak on) where we are gathering quickly implementable and test-able ideas to support the promotion of Firefox desktop. The other is a program that we’re launching soon to enable Mozilla communities to come up with ideas to promote Firefox for Android (Fennec) which we would help fund and the communities would implement. Both of these are outlined in my Mission MozCamp page. I look forward to finding out who my buddy will be :)

Mozilla Vision 2012 in Japan

Mozilla Japan will be hosting their developer event this weekend in Tokyo. Some portions will be streamed in English on UStream. Please see the details below for viewing remotely.

https://wiki.mozilla.org/Japan/Events/MozillaVision2012/Conference

A live broadcast of the event will be available at these times:
January 20th (Fri) 17:00 – 18:00 (PST)
January 20th (Fri) 20:00 – 21:00 (EST)
January 21st (Sat) 1:00 – 2:00 (WET)

The following is a list of sessions available for live broadcast:
———————————
Opening/Special Talk Session (60 min.):
Pursuing Dreams – Technology and Creation from an Open Mind
(Navigator: Satoko Takita of Mozilla Japan, Jun Murai of Keio University)
(Guest: Tomotaka Takahashi as Robot creator)

Panel Discussion (90 min.):
Raise Golden Eggs! – Discussing the Future Education Style
(Moderator: Kaoru Takeuchi as Science Writer)
(Panelists: Mark Surman of Mozilla Foundation, Kim Jones of Curriki, Shinpei Toyofuku of GLOCOM)

Session (50 min.):
The Future of HTML5 and Web Technology – Overview of the Latest Web Technologies for Everyone
(Presenter: Chris Heilmann of Mozilla Corporation)

Session (50 min.):
The Current and Future of Web Standards
(Presenter: Tantek Çelik of Mozilla Corporation)

Session (50 min.):
pdf.js – Challenging the Limits of HTML5 and JavaScript
(Presenter: Andreas Gal, Chris Jones of Mozilla Corporation)

Lightning Talk (60 min.)
———————————

Following are other URLs for the event as your reference.

Mozilla Vision 2012 (English web site)

https://wiki.mozilla.org/Japan/Events/MozillaVision2012

Mozilla Vision 2012 (Japanese web site)

http://mozilla.jp/events/vision/2012/

Firefox 4 launch party in Manila

In a few hours I’ll be leaving for Manila where my colleague Sid Stamm and I will be celebrating the Firefox launch with the Mozilla Philippines community this Saturday April 16th.

EVENT DETAILS HERE

If you are not already RSVPed and wish to attend, please contact the Mozilla Philippines community to see if there are any extra seats. The last I heard, the event was sold out.

I’ll be doing a talk about Firefox 4, Sid will be talking about some of the new security features of Firefox 4 and perhaps what we might expect later this year from the security team.

The Philippines market is a vibrant one for Mozilla, where Firefox has enjoyed being the dominant browser on the desktop since early 2009. Recently, we are seeing a growth in the popularity of Chrome in the Philippines (yugatech.com, jozzua.com), which makes for interesting discussions- it’s something I will certainly address in my presentation.

I’m really looking forward to spending time in Manila with the Philippine Mozillians.

Mark Zuckerberg on HTML5 at Facebook

At Facebook’s press event today 3 journalists were given a chance to interview Mark Zuckerberg separately from the main press event. At the end of a long discussion, Robert Scoble asked Mark Zuckerberg about any future iPad app for Facebook and this is a quick transcript of what he said.

Starting around 34:20

Our view over the long term is that the development ecosystem right now is kind of crazy. I talked about this a little at Startup School, I don’t know if any of you guys were there. It’s like, when we were getting started in 2004 with Facebook, there was no question what we were going to build- er, what platform we were going to build on top of. Software development was already kind of ‘meh’ too complicated and you don’t want to make someone download something. Mobile environments were not mature enough at all. So of course [in 2004] we’re going to build for the web.

But today, if you’re going to build something from scratch, you have to build a website, but by the way now there is good JavaScript and Ajax-type interactions that work in some places but not in others so you probably want different versions of the website, then you want a simple mobile website, an HTML5 mobile website, an iPhone app, an Android app, an iPad app, a RIM app, and all these different things- and it’s insane. Something has to rationalize all this- and I think our view over time is that the HTML5 environment [the browser] that is being created across all of these [devices] should be a very valuable thing for making it so that people can build all of this.

But regardless I think that the modern app development environment is that you build apps that people use in multiple places.  It’s not just that you build a website. It is that you build a website, then you also build a mobile experience, and then you probably build something inside a social network because that is how you get a lot of exposure to a lot of users. But the more we can make this ‘all web’ that I think is  good.

If a company like Facebook sees the value in an HTML5-based web application that can run across many modern mobile devices, that, to me is a great testament to the power of the web vs. native mobile apps.  Clearly native apps have their place but the more fragmentation we see in the mobile space in both operating systems as well as devices (there are now tablet devices coming out in many different sizes from 11 inches to 7 inches an every size in between) the more important the web will be.

Scobleizer on CinchCast – Interview of Mark Zuckerberg and Erick Tseng of Facebook with Techcrunch and Financial Times.

mp3 download

the Security of Internet Banking in South Korea in 2010

For those of you who have followed my blog, you know that it has been 3 years since I first reported on the fact that Korea does not use SSL for secure transactions over the Interent but instead a PKI mechanism that limits users to the Windows OS and Internet Explorer as a browser. Nothing fundamentally has changed but there are new pressures on the status quo that may break open South Korean for competition in the browser market in the future.

In fact, one of the new pressures on the status quo has been the popularity of the iPhone in South Korea, which wasn’t available officially until late 2009 due to a different Korean software middle-ware requirement, WIPI, which has since been deprecated. With WIPI dead and buried, Apple released the iPhone to great fanfare in the Korean market and Blackberry has also launched in the Korean market.

Another pressure on the status quo was a recent report out from 3 researchers (Hyoungshick Kim, Jun Ho Huh and Ross Anderson) from the University of Oxford’s Computing Laboratory, “On the Security of Internet Banking in South Korea.

South Korean Internet banking systems have a unique way of enforcing security controls. Users are obliged to install proprietary security software – typically an ActiveX plugin that implements a bundle of protection mechanisms in the user’s browser. The banks and their software suppliers claim that this provides trustworthy user platforms. One side-effect is that almost everyone in Korea uses IE rather than other browsers.

We conducted a survey of bank customers who use both Korean and other banking services, and found that the Korean banks’ proprietary mechanisms impose significant usability penalties. Usability here is strongly correlated with compatability: Korean users have become stuck in an isolated backwater, and have not benefited from all the advances in mainstream browser and security technology. The proprietary mechanisms fail to provide a trustworthy platform; what’s more, alternative strategies based on trustworthy computing techniques are quite likely to suffer from the same usability problems. We conclude that transaction authentication may be the least bad of the available options.

The popularity of the iPhone (the press claims 500,000 units sold in the few months since it was released) resurfaced the issue that only Windows and IE can be used to make secure transactions with Korean Internet services. iPhone/Blackberry/Android users in Korea (not to mention Firefox/Opera/Safari/Chrome users) cannot bank online or purchase items online or do any secure transaction with the smartphone browser because Korean services only support the PKI mechanism that only works with Active-X in IE and Windows.

Dr. Keechang Kim of Korea University has been working tirelessly for many years to try to change the status quo in Korea around browsers and the reliance on a PKI mechanism that is tied to one platform. With concern being raised by different parts of the Korean government, including the Korean Communications Commission as well as the Office of the President of Korea, Keechang has gathered a very interesting panel of presentations for April 29th in Seoul.  The panelists will be addressing the (Korean) Financial Supervisory Service (FSS) which is the regulatory body in Korea that is currently mandating the PKI mechanism that is in place today (which requires Active-X, etc.)  Unless the FSS relaxes or changes their regulations, Korean banks cannot offer other mechanisms for Korean users to bank online, etc.  In short, unless the FSS changes their stance, nothing will change in Korea.

Security Issues of Online Banking & Payment in Korea” is an open public meeting (registration recommended) starting at 10 AM on April 29th at COEX Conference Hall E1 and will feature:

  • Bruce Schneier (Chief Security Technology Officer, BT) on “Security: What Works, What Doesn’t, and Why”
  • Hyoungshick Kim, Jun Ho Huh (Univ. of Oxford) “What’s the danger of mandating proprietary security solutions?”
  • Lucas Adamski (Dir. Security Engineering, Mozilla) on “Securing Browser Interactions”

Again this meeting is open to the public. Anyone is welcome to attend.

While I have no illusions that one meeting will get the key Korean government entities to do a 180 from their current stance, I do think this will be an important opportunity to bring external, Korean and non-Korean security expertise to Korea to discuss the current state of affairs and show that a PKI-based security architecture is only as secure as the computers that those certificates are used on.  If the computers are compromised, and at least one security services provider, Network Box, claims that S. Korea is the largest source for malware in the world, (Korea reigns as king of malware threats) then there is no way to be sure that the person in control of those personal certificates is the legitimate owner.

The deletion of the requirement for WIPI in Korean mobile phones opened the Korean market to the iPhone and the Blackberry and Android phones from outside of Korea.  Korean users of these new smartphones realized that they could not bank online, buy online, etc. and are now pressuring the Korean government to change the current laws which mandate a PKI-based mechanism that has been implemented with Active-X.  As the popularity of smartphones that cannot make use of the current PKI-based architecture for encryption/authentication grows in Korea, the pressure for the government to change their regulations will only mount.  The key question for Mozilla is whether the Korean government will open up to a point where Firefox and Fennec can be used in the future for secure transactions in Korea.

Thank you to Keechang and everyone in the OpenWeb.or.kr community for your tireless efforts to try to break open the Korean market. Thank you also to Channy Yun who has put aside his own schedule in order to participate and guide Lucas in Seoul.  There is still a long road to walk to an open, competitive market in S. Korea for browsers, but I am starting to see the light at the end of the tunnel.

No choice of browser in South Korea

UPDATE: Marcis has kindly provided a Belorussian translation of this post – НЯМА магчымасці выбіраць браўзар У ПАЎНОЧНАЙ КАРЭІ

As has been in the news this week and mentioned on many Mozilla blogs, the European Commission is working with Microsoft and other browser manufacturers, including Mozilla of course, to launch the web browser ballot in the EC.

To those critics of the browser ballot who would rather the free market be left completely to Adam Smith’s invisible hand, I would present to you the example of South Korea. In short, South Korea is a sad example of a Microsoft monoculture where the course of history and the lack of anti-monopoly oversight have created a nation where every computer user is a Windows user and banking or ecommerce or any secure transaction on the Internet with South Korean entities must be done with Internet Explorer on a Windows OS.

The situation in South Korea has gotten markedly worse since the government, bowing to pressure from the citizens who wanted to use the smart phones that were sold elsewhere in the world, relaxed a rule that previously required a Korea-specific middleware called WIPI, that was never going to be implemented by smart phone makers outside of Korea. Now that the WIPI requirement was gone, manufacturers like RIM and Apple can now sell Blackberries in Korea and iPhones in Korea.

But as I suspected last fall when the iPhone’s official sales in Korea was announced, the browsers in these new smart phones (be it the browser in the iPhone, the Blackberry, or the Android devices that are on sale in Korea) can’t interoperate with the Active-X based security requirements that Korean banks and ecommerce stores require. So it’s not surprising to me at all that the news from Korea since the launch of these smart phones has been universally negative regarding the requirement to use Active-X for secure web transactions in Korea.

Here’s a selection of quotes from 3 recent articles in the Korea Times:

Korea Paying Price for Microsoft Monoculture (09-23-2009)

But the land of ubiquitous broadband, feature-happy “smart” phones and ultra-cool computing devices doubles as a crusty regime where Linux, Firefox, Chrome and Opera users can’t bank or purchase products online, and where Mac users buy Windows CDs to prevent their devices being reduced to fashion items.The bizarre coexistence of advanced hardware and an outdated user environment is a result of the country’s overreliance on the technology of Microsoft, the U.S. software giant that owns the Korean computing experience like a fat kid does a cookie jar.

It is estimated that around 99 percent of Korean computers run on Microsoft’s Windows operating system, and a similar rate of Internet users rely on the company’s Internet Explorer (IE) Web browser to connect to cyberspace.

Mobile Banking Monoculture? 01-10-2010

At the center of the controversy is the [Korean] Financial Supervisory Service’s (FSS) guidelines on the safety of financial services provided on smartphones, which were finalized and announced last week.The new rules can be summarized simply ― all financial transactions on these advanced handsets will be subject to the same security requirements that control online transactions on personal computers.

The problem with this, according to critics, is that the existing legal framework was precisely what allowed Microsoft to establish a virtual monopoly in computer operating systems and Web browsers here, which is now blamed for having computer users stuck with outdated technologies and exposed to larger security risks.

Rigid Regulations Retard Mobile Wallet Era 02-10-2010

In essence, the current law states that all encrypted online communications on computers require the use of electronic signatures based on public-key certificates. And since the fall of Netscape in the early 2000s, Microsoft’s Active-X controls on its Internet Explorer (IE) Web browsers remain as the only plug-in tool to download public-key certificates to computers.

So we can see in Korea today that the lack of choice of web browser (not to mention the lack of choice of computer operating system), indeed the lack of interoperability of Korea’s secure transaction protocol on the web, means that the smart phones of today, that don’t support ActiveX, are useless in Korea for secure transactions. That means if you are an iPhone/Blackberry/Android user in Korea, you cannot bank online with a Korean bank, you cannot trade stocks on the Korean markets, you cannot shop online with a Korean Internet site. You can’t do many of the key things that these smart phones were designed to do.

So when people ask you, “why is the choice of a web browser important?” tell them that in South Korea, people don’t get a choice of what operating system to use or what web browser to use.  After you explain to them that a place without choice is South Korea, ask them again if they’d like to not have a choice and why the choice of a web browser is important.

I hope to have better news from South Korea soon.  Please watch my blog for updates on this issue and other issues facing Mozilla and the open web in Asia.

In the meantime, please be sure to visit Open To Choice.org where Mozilla’s Chair, Mitchell Baker and Mozilla’s CEO, John Lilly, explain why we at Mozilla believe that the choice of browser is a critical right for all Internet users worldwide.

opentochoice.org

Here’s a list of things that the Mozilla community is doing and which we encourage everybody to do:

• Comment on the open letter at opentochoice.org;
• Follow @opentochoice on Twitter;
• Write a post on your blog;
• Use your favorite social network to spread the word;
• Write to bloggers that you know, to local media
• Start a thread in technology and OSS related forums and mailing lists about the browser choice screen;
• Offer to localize the open letter (send an email to contact -at- opentochoice.org)
• Are you participating in local events where you can talk about choice? Do a talk, organize a booth, distribute flyers in the welcome pack, put a banner on the event page;
• Become a browser choice screen watcher: did you see the browser choice screen pop-up on your screen? send us an email, post it on your blog, Tweet about it. Give details (country, time of day, choice of browser).

Engadget – Nokia N900 review

Engadget’s N900 review covers the Mozilla-based browser:

Now, finally, let’s talk about this handset’s real treat, its crown jewel: the glorious browser. The Internet Tablet line has used a fairly capable Mozilla-based browser for ages, but between the latest tweaked code and the N900′s thoroughly freshened internals, it’s gone to an entirely new level. Almost without fail, sites were rendered faithfully (just as you’d expect them to look in Firefox on your desktop) with fully-functional, usable Flash embeds — and it’s fast. Not only is the initial rendering fast, but scrolling around complex pages (Engadget’s always a good example) was effortless; you see the typical grid pattern when you first scroll into a new area, of course, but it fills in with the correct content rapidly. To say we were blown away by the N900′s raw browsing power would be an understatement — in fact, we could realistically see carrying it in addition to another phone for browsing alone, because even in areas where it gives a little ground to the iPhone or Pre in usability, it smacks everyone down in raw power and compatibility. In our line of work where 24 / 7 access to the web is of paramount importance, having the N900 in our pocket when we were away from our laptop was a comforting insurance policy.

Nokia N900 review — Engadget

Korea Paying Price for Microsoft Monoculture

Last week the Korea Times had a long piece on the unique issues around browser security and encryption technologies in Korea, Korea Paying Price for Microsoft Monoculture, which did not reference my original article, the cost of monoculture, but is updating the issues I raised in early 2007.

A few choice quotes:

But the land of ubiquitous broadband, feature-happy “smart” phones and ultra-cool computing devices doubles as a crusty regime where Linux, Firefox, Chrome and Opera users can’t bank or purchase products online, and where Mac users buy Windows CDs to prevent their devices being reduced to fashion items.

The bizarre coexistence of advanced hardware and an outdated user environment is a result of the country’s overreliance on the technology of Microsoft, the U.S. software giant that owns the Korean computing experience like a fat kid does a cookie jar.

Critics say the country would end up paying dearly for allowing a Microsoft monoculture to take hold, with consumers deprived of the freedom to choose newer and better products and the Web industry seeing its innovation compromised.

(Anyone want to send me a Steve Ballmer with cookie jar photoshop masterpiece? :) )

The article goes on to cover a lot of the issues affecting web users in Korea and how many valiant efforts have gone into trying to affect change, most significantly the 3 lawsuits that Dr. Keechang Kim has brought against various Korean policy-making bodies, without success.

The newest effort of the open web community in Korea is openbank.or.kr, an effort to push/educate banking institutions in Korea to change their practices as many believe it is these consumer-facing services which are key to making real change happen for an open web in Korea.

Mozilla is committed to supporting the Koreans who are pushing for a competitive truly open web in Korea. If there is something that we should be doing in Korea to further support open web efforts, please do not hesitate to contact me or leave a comment with your thoughts.

I, for one, look forward to a day when anyone in Korea can use any modern browser on any major consumer computer operating system to bank, purchase goods/services online, trade stocks, etc. without the need for a browser plugin.

Future Web Forum 2009 – Sept. 4 – Seoul

Channy Yun of the Mozilla Korea community tells me that the Future Web Forum 2009 event is this Friday, September 4th, in Seoul. Channy will be speaking about Firefox 3.5 and Firefox.next while Joone Hur will be speaking about the current state of Fennec (see event program).

Last year Mitchell Baker and I spoke at this event which was scheduled alongside the OECD Ministerial Meeting on the Internet.  Vint Cerf and Mitchell both keynoted the event last year.

If you are in Seoul this Friday, don’t miss this event as it is one of the few events which showcases browsers other than IE in Korea.