== Mozilla Security ==

Downloading unknown and untrusted code from the internet and running it locally on a client machine; from a security standpoint it seems like a horrible idea, but this is exactly what Mozilla Firefox does. Firefox’s first line of defense is a human shield by the name of Johnathan Nightingale. Johnathan was educated in cognitive science and artificial intelligence and is currently working for the Mozilla Corporation on security, usability and coding for Firefox. Johnathan’s talk The Most Important Thing - How Mozilla Does Security, and What You Can Steal focused primarily on the Mozilla security philosophy and best practices. The essential message was, “Capture expensive knowledge so you don’t have to pay for the same lesson twice!” this is achieved through a feedback loop, always asking the question, “How can we make sure problems like this never happen again?” It sounds simple enough but I can understand where Johnathan is coming from, I agree that security is often does as a last ditch effort and is too often overlooked. The need for a robust security model is essential to the success of a very at risk piece of software like Firefox. I found the concept of bug triage interesting, to dissect a bug and determine its risk factor and impact its correction could have on the code not only in place, but in other areas. Johnathan also discussed the importance of bug post-mortems, emphasizing that they should not be blame finding campaigns but more process related, e.g. who could we have brought in sooner that would have solved this bug quicker? Johnathan also touched on the value of community, particularly the reporter of a bug. Johnathan said it is important to not diminish the reporters as their intention is to make the browser safer, community is essential and without it Mozilla could not survive. Lastly Johnathan emphasized the importance of tests: “NOTHING LANDS WITHOUT TESTS!” says Johnathan. Mozilla runs 75,000 automated tests, in 6 frameworks, on 4 platforms, at least 20 times a day. Now that’s what I call testing! He went on to say that tests that don’t run are a waste of time! Once again it seems obvious once it’s stated, but I myself have seen tests written just to write tests; tests that become stale and out of date. What happens is you avoid running the tests cause you know most of them won’t pass, the point is all tests must pass or it doesn’t land on the tree, that keeps the code tight and ensures fixes don’t break other previously working components. Mozilla also enforces mandatory code review because the philosophy that two people are less likely to make the same mistake and to act as a gatekeeper against “this is little, it’ll be fine”. I found Johnathan quite inspiring, he really makes to see the value of security, community, testing and review. I believe Johnathan sees the open nature of Firefox as invaluable to its success and security. The ability for many eyes to peer deep into the bowels of the beast allow for “all bugs to become shallow”. Johnathan values metrics, but not just for metrics sake. He says to measures things which matter, not what’s easy to measure! I found this both humorous and true, how often do we say we need some sort of metric or benchmark, but only measure what is easy to measure just to feel like we’re doing metrics, rather than spend the time to measure something which impacts performance and productivity. Johnathan suggest some good metrics are: measure the days of exposure to users, reduce the number of regressions, and reduce the number of all nighters. He suggests much of this can be addressed by designing for security up front, being proactive, but never expect to avoid being reactive as bugs will arise you don’t account for. Johnathan says you should always have a steady-state, improving security, never regress, as security should only get better; don’t produce fixes that reduce security in another area. I believe Johnathan holds the community in high regard, he referenced the value of user input and interaction more than once and his delivery told me he appreciated everything that people have to offer. He suggests if you can’t go open source to the world, how about just to your customers? I found this to be an interesting concept and it shows me that Johnathan is passionate about open source even if it’s not being practiced in its purest form.