An IoT Vision

Mark’s baby daughter keeps waking up in the middle of the night. He thinks it might be because the room is getting too cold. So he goes down to the local electronics shop and buys a cheap generic IoT temperature sensor.

He takes it home and presses a button on his home’s IoT hub, then swipes the thermometer across the top. A 5 cent NFC tag attached to it tells the hub that this is a device in the “temperature sensor” class (USB-style device classing), accessible over Z-wave, and gives its public key, a password the hub can use to authenticate back to the sensor, and a URL to download a JavaScript driver. The hub shows a green light to show that the device has been registered.

Mark sticks a AAA battery into the sensor and places it on the wall above his baby’s cot. He goes to his computer and brings up his hub’s web interface. It has registered the new device and connected to it securely over the appropriate protocol (the hub speaks Bluetooth LE, wifi and Z-wave). The connection is secure from the start, and requires zero additional configuration. The hub has also downloaded the JS driver and is running it in a sandboxed environment where it can communicate only with the sensor and has access to nothing else. If it were to want to communicate with the outside world, the hub manages the SSL (rather than the device or the driver) so it can log all traffic in cleartext.

Mark views the device’s simple web page (generated by the driver) and sees the room is at 21C. He asks the hub to sample the value every minute and make a chart of the results. The hub knows how to do this for various simple device classes, including temperature sensors.

The next morning, he checks the chart and indeed, at 3am when the baby woke up, the temperature was only 15C. He goes back to the electrical shop and buys an IoT mains passthrough plug and a cheap heater. He registers the plug with the hub as before, then plugs the heater into the passthrough, and the passthrough into a socket in the baby’s room.

Back at the web interface, he gives permission for the plug’s driver to see data from the temperature sensor. However, the default driver for the plug doesn’t have the ability to react to external events. So he downloads an open source one which drives that device class. Anyone can write drivers for a device class because the specs for each class are open. He then tells the new driver to read the temperature sensor, and turn the plug on if the temperature drops below 18C, and off if it rises to 21C. The next night, the baby sleeps through. Success!

The key features of this system are:

  • the automatic registration and instant security, based on a cheap NFC tag which implements an open standard, which allows device makers to make their devices massively easier to use (IoT device return/refund levels are a big problem at the moment);
  • the JS host environment on the hub, which means you can run untrusted code on your network in a sandbox so you can buy IoT devices without the risk of letting random companies snoop on your data, and every device or ecosystem doesn’t need to come with its own controller; and
  • the open standard and device classes which mean all devices and all software is hackable.

Wouldn’t it be great if someone built something like this?

What I’m Up To

It seems like I’m only managing one blog post a month at the moment. I’m doing loads of things, but don’t seem to have time to blog about them! Currently, the major components of my work are:

  • Helping Thunderbird get to a good and sustainable place (status update)
  • Running MOSS (applications always open!)
  • Copyright work for the public policy team

On that last point, we just submitted a filing to a US Copyright Office consultation on the famous section 1201 of the DMCA, which is the one which regulates the every three years exemption process for bypassing DRM. See our blog post here, which links to our filing. While this process is not really fixable in its current form, I hope we can help to make it a little better.

MOSS Applications Still Open

I am currently running the MOSS (Mozilla Open Source Support) program, which is Mozilla’s program for assisting other projects in the open source ecosystem. We announced the first 7 awardees in December, giving away a total of US$533,000.

The application assessment process has been on hiatus while we focussed on getting the original 7 awardees paid, and while the committee were on holiday for Christmas and New Year. However, it has now restarted. So if you know of a software project that could do with some money and that Mozilla uses or relies on (note: that list is not exhaustive), now is the time to encourage them to apply. :-)

Convenient… and Creepy

The last Mozilla All-Hands was at one of the hotels in the Walt Disney World Resort in Florida. Every attendee was issued with one of these (although their use was optional):

It’s called a “Magic Band”. You register it online and connect it to your Disney account, and then it can be used for park entry, entry to pre-booked rides so you don’t have to queue (called “FastPass+”), payment, picking up photos, as your room key, and all sorts of other convenient features. Note that it has no UI whatsoever – no lights, no buttons. Not even a battery compartment. (It does contain a battery, but it’s not replaceable.) These are specific design decisions – the aim is for ultra-simple convenience.

One of the talks we had at the All Hands was from one of the Magic Band team. The audience reactions to some of the things he said was really interesting. He gave the example of Cinderella wishing you a Happy Birthday as you walk round the park. “Cinderella just knows”, he said. Of course, in fact, her costume’s tech prompts her when it silently reads your Magic Band from a distance. This got some initial impressed applause, but it was noticeable that after a few moments, it wavered – people were thinking “Cool… er, but creepy?”

The Magic Band also has range sufficient that Disney can track you around the park. This enables some features which are good for both customers and Disney – for example, they can use it for load balancing. If one area of the park seems to be getting overcrowded, have some characters pop up in a neighbouring area to try and draw people away. But it means that they always know where you are and where you’ve been.

My take-away from learning about the Magic Band is that it’s really hard to have a technical solution to this kind of requirement which allows all the Convenient features but not the Creepy features. Disney does offer an RFID-card-based solution for the privacy-conscious which does some of these things, but not all of them. And it’s easier to lose. It seems to me that the only way to distinguish the two types of feature, and get one and not the other, is policy – either the policy of the organization, or external restrictions on them (e.g. from a watchdog body’s code of conduct they sign up to, or from law). And it’s often not in the organization’s interest to limit themselves in this way.

Hi, I’m Bill

Hi, I’m Bill. As Tim Chevalier has written about me (at least a little bit) in an article series entitled “The Christians and the Pagans” (1, 2, 3), I hope I may be permitted a short response. (Yes, it’s taken a while. Sorry about that.)

What first struck me as I read Tim’s three articles is the number of things we agree on. Firstly, I entirely agree that there is no such thing as being apolitical or non-ideological – as Tim says, being (supposedly) apolitical is a political view. In fact, I would also go on to say that there’s no such thing as being areligious – being an atheist or agnostic is a religious view. People sometimes find this assertion more palatable if I use the term ‘worldview’ instead of religion, but the point is the same – everyone has a highest point of reference, an ultimate real from which everything else flows. It may be God, matter, reason or something else, but everyone has it. Similarly, everyone has a basis on which they relate to others and a view of what would be ideal in society – everyone is political.

I also agree that it’s foolish to push away people who want to contribute. When Tim writes:

“[T]o build the best thing you can you have to include everybody who wants to and can work together on it and contribute. Pushing away people who have something to contribute is an exercise in purity-based morality, not a sound business or technical strategy.”

all I can say is a hearty (and perhaps slightly cheeky) “Amen!”.

However, when I agree with Tim on this, I can’t help remembering the following quote from the Github issue which prompted ESR’s article:

“Reading the links you posted I only have one thing to say to you:reevaluate your actions,you are becoming a toxic individual who is harming the Python and Django communities and haven’t even realized it yet. You are a member of the Django Software Foundation and are supposed to be setting the example. I will be forwarding the content of this issue to the Chair to evaluate your continued presence in the DSF. best regards.”

And I can’t help remembering what happened to Brendan Eich. There seemed to be a whole lot of pushing away, and purity-based morality, going on in both these situations. And if the response is “it’s not about his code; we didn’t like his politics”, surely that’s taking precisely the view that Tim is arguing against? Tim objects to people focussing on his politics and ignoring his code, and wishes it were different; would he grant Brendan the same grace?

Where we diverge is in Tim’s assertion that Christianity is a part of the dominant culture, an “unmarked ideology” in tech. This assertion would be within some distance of plausibility if by “Christianity” he meant the moralistic therapeutic Deism of American (and British) civil religion which is called “Christianity” in some quarters. Even then, it would be a big stretch – I think most people in tech don’t follow that; instead they see it for the hypocrisy it is. The dominant culture of tech is secular humanism. To demonstrate this point, of these pairs of opposing views, which one is dominant in tech? Which one would go unmarked if it were expressed in conversation at a tech gathering, and which would be challenged?

Christianity Secular Humanism
Marriage should be between one man and one woman Anyone should be allowed to get married to anyone else
Hell exists When we die, that’s the end
God created the universe Science explains the existence of the universe
Jesus is divine Jesus is irrelevant
Elective abortion is murder Women can do anything with what’s in their bodies
Sex should be for marriage only All (or most) forms of sex should be accepted and celebrated

As someone who has occasionally been on the sharp end of Christianity being very much a marked ideology in tech, I do find it hard to see how Tim can have come to the conclusion that it’s the mainstream. Over 1000 people come to Mozilla all-hands meetings; the prayer meetings we hold there have never attracted more than 5 people. This doesn’t bother us, because Jesus is Lord of all. But it’s hardly what one would call popular.

An additional trouble with Tim’s article is that it was prompted by an article by ESR, but Tim seems to have seriously misread him. Tim claims a pollution of agency attack – that is, people are denigrating the code of “SJWs” because of their politics. I agree his (ESR’s) headline (“Why Hackers Must Eject the SJWs”) is unhelpful at this point, but the body of his article seems clear that:

“We must cast [SJWs] out – refuse to admit them on any level *except by evaluating on pure technical merit whatever code patches they submit*.”

As we can see, ESR is urging precisely the opposite of what Tim says he is. ESR wants the hacker culture to stick to meritocracy, which he defines as focussing on the code contribution and not the person. His article is a call for a rejection by projects of a particular political stance and its ramifications, not of contributions. Just as, in a project run as perhaps Tim would have it run, other political stances and their ramifications would also be rejected by the leadership.

For myself, I unashamedly agree with this principle of operating open source projects. I don’t care if you call it meritocracy or something else. This is not to say some people don’t need more help on the contribution pathway than others – “to each according to his need”. But when it comes to looking at the code, we look at the code. If sometimes that principle is drifted from, and people start evaluating contributions based on the person who made them (a system which, for example, was being encouraged by djangoconcardiff) the solution is not to throw away the principle, but to recommit to it.

With Tim, I assert that this principle is *not* apolitical or non-ideological. Against Tim, I assert that instead, it is fundamentally based in justice. And I think this is where the heart of the disagreement is between “SJWs” and some (at least) who oppose them – it is not that one side says “we are pro-justice” and the other side says they aren’t, or says that something other principle is even more important. It’s that they don’t agree on what justice is. And perhaps one reason that “SJW” has taken on negative connotations in some circles (as Bradley discusses) is that people look at the form of justice espoused by this group and see it as no justice at all. Hence the ironic title.

More on the nature of true justice later, I hope. In the mean time, Merry Christmas to all :-)

Facebook “Community Standards”

A couple of things which apparently have violated Facebook’s “Community Standards” recently. Firstly, the idea of loving your enemies:


Secondly, a post encouraging people to correctly use the word “homophobia”:


Seems like the “community standards” process is being abused somewhat…

Mozilla Strategy and Vision

Not sure if I wasn’t paying enough attention, but I entirely missed the “Mozilla Strategy Articulation and 2016 Topline Targets” session from two weeks ago, recorded on Air Mozilla. This was the start of the 2016 planning process, where Chris Beard outlines our mission and 5-year vision. It should be required viewing for everyone interested in where Mozilla is or should be going in 2016, and in the next 5 years. We are planning for 2016 now; your input is welcomed.

What Does A Simple Phone for Old People Look Like? A Tablet

Ahmed Nefzaoui’s blog post about RTL languages introduced me to this awesome video, which is funny, charming, poignant and incidentally makes great points about phone usability:

It got me thinking: what would a phone for someone like Dotty look like? The more I thought about it, the more I realised the answer is “a tablet”.

Imagine a 7″ tablet with 4G phone hardware, so it has an always-on, fast, low-latency Internet connection. It is nice and big, and so easily held and viewed, and the screen controls can be made bigger for those with poor eyesight. It has no fiddly close-together hardware buttons to push. It can be unlocked with a simple swipe. You don’t have to know which is the menu button, which is *, or deal with T9 predictive text input. It has twin directional mics and speakers, with echo cancellation, so it doesn’t need to be held to the ear and the speaker positioned accurately. It has a built-in stand, so it can be placed at a good angle for calls on any flat surface. It has a camera for video calls, which (given sufficient bandwidth and frame rate) also allows for lip reading. It can record, and then email or MMS, short voice clips, which are much easier to create than text messages. It has wireless charging (or perhaps a dock) to avoid having to connect fiddly micro USB cables. One day, it might have voice recognition and speech-to-text, but perhaps not today. And it’s still small enough to fit in a handbag on the rare occasions it needs to go somewhere.

Thinking of all the advantages… why would anyone build a phone for old people in a mobile phone form factor?

Competition: The Mozilla Manifesto Principles in Simple Words

Randall Munroe of XKCD has written a whole book which explains things using only simple words. It’s called “Thing Explainer“. He’s also written a writing checker for people who want to write more things like that.

I am asking everyone to see if they can write the ten key points of the Mozilla Manifesto in a new way, saying the same things but using only simple words which his checker likes (like this writing that you are reading does).

You are allowed to use “Internet” even though it’s not a simple word, but if you find a way to not use “Internet”, that’s even better. You are also allowed to use “Mozilla” in the heading at the top, which will be “Mozilla Manifesto” but using only simple words.

It’s probably best if you put up your writing somewhere else on the Internet and then add some information here to say where it is. But if that’s a problem for you, you can put your writing here instead.

The person who makes the best writing will get something. I don’t know what yet. But making the best writing should make you happy anyway.

If you think this is a good and fun idea, then please tell everyone you know (in a nice way) so they can try as well.

I hope everything goes very well for you in this.

Top 50 DOS Problems Solved: Recursive Delete

Q: What is the quickest way to delete all the files in a sub-directory, plus all the files in any sub-directories inside it, and so on as deep as directories go, along with the sub-directories themselves? In other words how do you delete an entire branch of sub-directories within sub-directories without typing a lot of DEL, CD and RD commands?

A: There is no easy way for DOS to do this unassisted. The nearest any version comes is DR DOS which can delete the files, but not remove the sub-directories themselves. The relevant command is:

XDEL *.* /S

No version of MS-DOS can automatically delete files in sub-directories. To do the job in its entirety you need a third-party tree pruning utility. You can often find these in PD/shareware libraries. Alternatively, commercial disk utilities such as Xtree will do it.

Leaving aside the amazingness of not having recursive delete, I wonder why the DR-DOS folk decided to produce a command which removed the files but not the directories?

10 Reasons Not To Use Open Source

I was browsing the Serena website today, and came across a white paper: “Time to harden the SDLC. Open Source: does it still make sense? (10 reasons enterprises are changing their policies)”. You are required to supply personal information to download a copy, and they force this by only providing the link by email. However, intrigued, I requested one.

Apparently, enterprises are questioning their use of Open Source software (presumably in the specific area of software development) because:

  1. Terrorists
  2. Chinese hackers stealing things
  3. Chinese hackers changing things
  4. There is no support
  5. Ransomware
  6. Man-in-the-middle attacks
  7. Local copies of source code are easy to steal
  8. Edward Snowden
  9. 0-days
  10. Git is hard to use (I’ll give them this one)

The list ends with this wonderfully inconsistent paragraph:

All of this seems very alarmist: what is the true situation? The truth is no one really knows because no one is talking about it. There is a clear, present and obvious danger from using open source solutions in support of your technology stack. You have to decide if the risk is worth it.

No-one really knows, but there’s a clear, present and obvious danger? I see. The only clear, present and obvious danger demonstrated here is the one that git is posing to Serena’s business…

Kickstarter: Open Source Voice Control Box

This looks like fun – it’s Mycroft, an “open source AI” (basically, Siri, Cortana, Google Now etc). It would be even better if they did the language processing locally, but at least if it’s open source you can see what it is doing. There’s a stretch goal of $125k for Linux desktop control, which would be very cool. The drive closes in six days, and they still need $10,000 or so to hit their goal. Back it today; I have :-)

Top 50 DOS Problems Solved: Sorting Directory Listings

Q: Could you tell me if it’s possible to make the DIR command list files in alphabetical order?

A: Earlier versions of DOS didn’t allow this but there’s a way round it. MS-DOS 5 gives you an /ON switch to use with DIR, for instance:


would list all the files with names ending in .TXT, pause the listing every screenful (/P) and sort the names into alphabetical order (/ON).

Users of earlier DOS programs can shove the output from DIR through a utility program that sorts the listing before printing it on the screen. That utility is SORT.EXE, supplied with DOS. … [So:]


diverts the output from DIR into SORT, which sorts the directory listing and sends it to the screen. Put this in a batch file called SDIR.BAT and you will have a sorted directory command called SDIR.

I guess earlier versions of DIR followed the Unix philosophy of “do one thing”…