Enough

We’re not giving browsers enough credit…

I’m currently working on a few projects that are special browsers. I can’t put in any more details but the gist is that I will only have a WebView to play with. The interface of the browser is JavaScript/CSS/HTML, for which we use vue.js and Sass respectively.

I am also running an insider build of the OS as I want to be on the bleeding edge. My own browsers is a developer preview. This all taught me quite a few things.

  • There is a huge difference between a browser and a webview
  • It is possible to build all kind of fancy interfaces in web technologies. But often there are hard to work around security, performance and accessibility issues.
  • Day-to-day browsing sucks when your browser is a moving target

The main thing it taught me that as developers, we have a massively skewed view of what a browser is. Or, more accurately, what matters to users.

A browser is a web display tool

Glasses in front of a screen
Photo by Kevin Ku

In my meetings with clients, I found a few things that mattered most to them:

  • Performance – a browser should start up fast, not bog down the operating system eating resources and stay responsive. This is not only about first use, but often a big need for long-term use – for example in a kiosk scenario. Browser restarts are uncommon and should not be necessary
  • A reliable content display – a browser should also render content instantly. Content could be HTML documents with all the cruft they come with these days. But it is increasingly important that media of all kind plays smoothly. And often there is no chance to rely on a plugin or third-party player. This means a browser should be a video/audio player. It also should be an ePub and PDF reader. And it needs to render huge images and WebGL/WebVR content without any hiccups.

Neither of those should come as a surprise – this is also what we as developers expect. As developers we also want more. We put a lot of stake into the developer tools experience. And we want browsers to support the newest and hottest experimental technology. And we complain to other browser makers if not all are on par with the others on both these counts.

Most clients that wanted a bespoke browser, however, had other priorities.

A browser is an enabler

Welcome sign
Photo by rebeck96

I was happy to hear that every customer I worked with put a high emphasis on accessibility. I was less happy to see how tough it still can be to make a zoomable interface in a WebView. And how to get keyboard access right. And how to enable screenreader access and text to speech interfaces. But that’s my job as a developer. And yours, too.

A browser needs to enable people of all different abilities to reach what they came for. And ability isn’t a fixed state but fluctuates with environment and external influences. I found that out lately when I had to zoom my browser to 110% to read the average web site. A reminder that I am the age I look. I fixed it later by switching to varifocals, but I am happy that browsers allow me to fix it on the spot. Often a WebView embedded in an App doesn’t allow that.

A browser is a guardian

Lock
Photo by ShonEjai

A very common demand is to have blocking of unwanted content in the browser. This ranges from must haves like malicious site filters to popup blocking up to providing a pre-approved whitelist and block all else. Ad-blocking is also often a demand, but the big worry is that an opened document could give an attacker access to the computer.

Browser creators have a shared list of known attack sites to filter out. This is a great service that protected quite a few people over the last years.

Displaying insecure content in a secure site is another problem that I needed to work with. Whilst browsers have UI interfaces and blocking built-in some WebViews allow mixed content. That’s not good.

People also wanted to ensure that there is no dependency on plugins for video display or to outright ban Flash content. PDF was a big concern, too. And they were right to do so. Browsers do a lot to avoid malformed PDFs to spy on us.

Speaking of spying, a private browsing mode or a general browsing experience that blocks trackers was also high on the list. This is not surprising and a sensible feature to offer.

The opposite of a private mode is, however, also something that we keep underestimating.

A browser is a memory keeper

Reminder knot on finger
Photo by Rachel Demsick

Browsers are there for us to display the web, but they are much more importantly there to make this easier for us the more we use them. I felt that in my own use of an unreliable (preview) browser in a constantly changing configuration. I realised just how much it sucks having to constantly re-enter passwords. How annoying it is not to have sites I keep visiting autocomplete when I type a few letters of the URL. How “share with X” buttons become useless when you are not logged in. In essence, how much I rely on the browser to remember what I’ve done and intelligently help me along the way.

We don’t give browser makers enough credit for this amazing experience, as it is – like all good UX – invisible. A browser that automatically and safely stores and enters form data for me is a great help. It even protects me from entering wrong information and the frustrating re-filling experience. Yes, of course this is also an attack vector, but that doesn’t mean we shouldn’t celebrate its usefulness – we should make it more secure instead.

Having Firefox’s “awesomebar” remember my surfing habits over the last 10 years spoiled me. I don’t even remember the last time I bookmarked anything. My important finds I tweeted out anyway and let Pinboard remember them for me.

Others may as well have a lot of bookmarks. Together with synced autofill content and history it is great to be able to take this experience with you. Independent of computer, phone or device.

Conclusion

When it comes to answering what a browser does for us, I learned a lot in the last few months. I am more humble when demanding features of my colleagues and friends in other companies working on browsers. They are doing an incredible job building a piece of software that displays the web in an accessible and secure way. And once you learn about attack vectors of the web and webviews you are in for some rough nights.

I also learned that when it comes to who wins the most users in the browser space, it comes down to how they handle user data. Technical ability of a platform and “pushing the envelope of what the web can do” is exciting for us as developers. End users, however want the web to be easy, fast and secure to use. They also want their browser to know where they’ve been, and choose when it shouldn’t. They want a few things automated and get easy access to their content to send out to the web. From a privacy point of view, I also feel uneasy about this, but those who make this the easiest, win.

When it comes to what browsers can do, they’re much more on par than they’ve ever been – thanks to standards. The big differentiator isn’t what tech to support, it is how much of a travel companion on the web the browser is. It is a game of data, insights and good UX of the browser interface itself.

I am much more excited about what we can do in the future to help people keep their online identity in a browser without leaking it. And I would love to see more interfaces that teach people the value of their own data whilst using a browser.

A browser is not merely a display mechanism for the web. It is a record of your identity and history on it. This can be a great thing if done well, or a scary one if not. I’m worried that too many people on the web leave breadcrumbs without knowing it. They see the convenience of that without knowing the consequences or value to others.

I invite any other web developer to look closer at the interface elements and user-centric features of browsers. There is a lot of beauty and very clever, researched-based interfaces to be found. And I’d love to see this get more coverage in our circles, and not only which new API or tech feature is the next big thing.

View full post on Christian Heilmann

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

“Is open still enough?” – Keynote at Posscon 2013 at Columbia, SC

I just delivered the Keynote at Posscon in Columbia, South Carolina talking about the history of Mozilla, open source now and how Firefox OS is ready to disrupt a very closed market.

Abstract

In the open source world we know why we put our time and efforts into the larger goals we try to achieve. We successfully showed that the barriers and lock-ins of the past don’t hold up in the test of time and got even the enemies of old to release their code.
This made us lax and we can be seen as hard to talk to and deal with. We seem to have quite a strong lack of empathy for people who don’t “get” open and our behaviour can lead to a lot of opportunities to go wasted.
Times change and the new mobile computing world and closed app markets give end users an incredibly alluring world of simplicity – a world that is built on lock-in, afford-ability and making the user the product. A world that the open alternatives to date can not match when it comes to simplicity and shininess.
Mozilla, amongst others, is battling this change by offering a truly open alternative called Firefox OS. In this keynote Chris Heilmann will show how open can still win the minds and hearts of the main market and what we as an open source community can do to avoid the future to be behind shiny and yet sturdy bars and locks.

Slides and screencast

The slides are available online and the Screencast of the talk is on YouTube.

Notes

Today I am here to talk about the success of open source. At a massive open source conference. Bit of a no-brainer, isn’t it? So I want to take this opportunity to share my views of how open source changed the IT world, how the foundation I work for had a massive impact and what challenges lie ahead for the world of open source.

Specifically I will talk about the world I know about and care deeply for – the web and how its use changed media as we know it.

I work for Mozilla, a large player in the open world space with the flagship product being Firefox, the web browser. Mozilla emerged from the ashes of Netscape, with its Navigator and Communicator products and the messy fight with Microsoft. When the dust settled after Netscape was defeated a few of the Netscape folk realised that the web needs something that is open, free and a way to promote standards above closed software and technology. Thus Firefox was born. In its very core the values of Mozilla are to keep the web open, available to everybody and that consuming the web is on the terms of the end user. Not the terms of a corporate agenda, not the monetisation of a product, not the need to build products that age very fast so that you need to buy the next one.

Firefox brought the web to people who didn’t have it. Without it I am very sure we wouldn’t have had Wikipedia, we wouldn’t have had the social web revolution, and we wouldn’t have had all the open source goodness we have on the web with great products like WordPress, Drupal and others taking on traditionally very commercial markets.

This is not because of Firefox the product. It is because of Firefox the idea. The browser that is dictated by the needs and wants of the users. The browser that doesn’t shy away from making unpopular decisions in the eyes of developers when the security and privacy of end users is at stake (remember WebSockets?).

From the very beginning Open Source was the main success factor of Mozilla and Firefox. First of all you can’t destroy what is open and distributed. You can not buy it out, you can not block it. Open Source projects die when end users don’t care about them or developers don’t keep them up to date or don’t hand them over to other people who care in time.

And here is the amazing thing. A lot of years went past and by now, open source is very much the standard when people start web projects. Other browsers are open source, libraries, frameworks, whole operating systems are.

One of the things we have to give a lot of credit for this is ironically enough not open source although it builds on an open source infrastructure: GitHub.

GitHub made version control easy, it made pull requests and commenting social and it had a friendly interface – something incredibly important but sadly enough far too often forgotten.

Traditionally a lot of companies, users and developers flocked to more closed environments as they were simpler. We got to admit that we expect a lot from new developers and the open source crowd is not that known for being the most embracing and welcoming when you don’t play by the rules – rules that in a lot of cases don’t even get explained.

With Github it became easy, and it makes sense for people to release their products there. They get the benefits of version control, and have a direct channel to end users. There is no long process to become part of a project. You fork it, you fix it, you send a pull request.

This is great and it makes me very happy to see that people care to release their products open source. However, I start to see a bit of an annoying trend concerning this: it is fashionable to release things open source.

Companies have a hard time hiring new developers. It costs a lot of money to get an engineer through the door and finding them is not easy. That’s why it makes sense to go where the developers are. And GitHub is that place right now.
This leads to a lot of strange products being released as open source without really being it. I found two main happenstances here that I refer to as Ta-Dah sourcing and pasture sourcing.

Ta-Dah source is when a company releases an open source version of a commercial product after releasing it commercially. All the new features and design decisions are done by the company and the source is then released a few weeks later. This is fair enough, but it smacks of using the open source community to fix your problems rather than making them part of the design process and have a say in the direction of the product. It also means that derivatives of your product will always be a version behind and get rude awakenings when you change something very vital to the original product.

Pasture sourcing is when a company or an individual throws a product over the fence to the open source crowd to maintain it for them as they lost interest in it, or it doesn’t really fit their company goals any longer. This way of releasing open source has a bitter aftertaste. It feels as if the company is doing the open source community a favour by releasing code, but it actually just means that you throw out damaged goods or something that is not fashionable any longer. You don’t really act out of altruism or to go open source, all you do is to feel smug about “not letting a product die” by making other people do the maintenance work for you.

Both of these approaches assume that communities around your products happen magically and don’t need any supervision. That is never the case. Open source developers donating their time and effort are not worker drones to do free work for you. You should give them the respect, guidance and feedback they deserve.

Of course not all companies do that wrong. I want to give a quick shout-out to Adobe here. Yes, Adobe the evil corporation that brought us Flash and Dreamweaver and Photoshop and Illustrator. Adobe saw the sign of the times and that open is better than closed. That’s why their new HTML5 tools are built very much with feedback from the community and their web-based editing tool, Edge Code is released in parallel as an open source project called Adobe Brackets.

Adobe Brackets is a great example how a very closed and highly commercial company can go open when the right people have the audacity and stamina to plow through meetings and give lots of internal presentations. Not only is the code of Brackets available – they also have a great way to triage new bugs and invite new developers to come in. Easy to fix bugs are being flagged as that to get people into the project with a quick win, and not by being overwhelmed with tons and tons of documentation. The project planning is openly visible, and pull requests from the outside take precedence over internal ones. Thanks, Adobe for being a good role model.

There is however a big change happening that is quite a throwback in the terms of open source. Many, many new users start on the web with a mobile device and when you look at that market, the word open is mud.

The mobile market is a highly competitive one and it seems the most money is made by suing each other over patents. It is also an incredibly weird market where the people who shout the loudest are not the ones who make the most money.

It is a market where people closely guard their products and try to keep their cards close to their chest. The massive scare-word is fragmentation, which we who work in the open would call choice.

In a highly competitive market the main issue you have is that you want to have an ongoing presence. You don’t want to build a product and then not see any of it any longer. The concept of in-built obsolescence is very, very common. You got to make sure people want new, bigger, better, faster more. And you need to build the shiniest product.

This didn’t go down well with Mozilla. We are here to keep the web open and free and leave it the choice of the user what to use to go online. We also wanted the web technologies to be the platform of choice because of their open nature and them being built on agreed standards.

It all started that way – in the 1997 keynote Steve Jobs talked about reinventing the phone with the iPhone. He also very much pointed out that HTML5 and the Safari browser (which is built on the open source WebKit engine) is the platform your apps run on. “No SDK” was the message. That changed, and my educated guess is that in-built obsolescence is the reason.

Nowadays all the apps that want to really perform and get access to the interesting hardware in the phone need to be written in Objective C and be distributed through the marketplace as apps. HTML5 apps are of course possible but they get a slice of the pie, not the full one.

Android is better as it is open source. Well, to a degree. It suffers from the same issue that HTML5 apps are limited in their access. Even worse, older Android versions have a stock browser that is lacking in very necessary HTML5 support features, which is why Chrome, another Google product is now on newer Androids.

Newer Androids being the main point here – the goodness of HTML5 is not given to older phones and tablets not capable of supporting the latest Android. Android is full on in competition with iOS and thus has to play the same game of in-built obsolescence.

We saw this and realised things have to change. The first thing we did was beef up Firefox for Android, which is a browser you can install and gives you lots more HTML5 goodness on Android with backwards compatibility including Froyo. On iOS, no browser is allowed that doesn’t run the same JavaScript engine as Safari, which means Firefox can’t get there. This even forced Opera to swallow the bitter pill of ditching their engine and make their browser WebKit based.

We also realised that the lock-out happening on the mobile web is not only based on expensive and fleeting hardware but also in the infrastructure around it. Many people in emerging markets would love to play with apps and the new mobile web world but have no credit card and their connections still cost by the megabyte, which makes a 50MB Angry Birds upgrade a costly affair.

So we went the extra mile and built Boot2Gecko. This was a new operating system for mobile devices based on the same Linux core as Android. On top of that we have a stack of drivers and open, standardised APIs to access the hardware via JavaScript. The rest of the phone is Gecko – the engine that powers Firefox. Every single thing in the phone’s interface and in the apps you build for this platform is HTML5. It is the hardware platform and OS the standard deserves.

We showcased B2G last year at Mobile World Congress – the biggest mobile event and a cut-throat sales show. We had some success. We went home, did our work and came back – and this year we owned the show.

In two days I gave 54 interviews to all kind of media about Firefox OS as the final product is called now. Everybody wanted to know about that open source thing that managed to attract 18 mobile provider partners and 4 hardware partners to bring phones to emerging markets where other approaches have failed.

Firefox OS is the open answer to all the problems I mentioned. We are not trying to compete with Android and iOS on the high-end. Instead the aim is to bring highly affordable phones to a market that wants to go online on their terms – with billing to the carrier and apps that can be tried out before you download them.

Let me quickly show you what that means. {demo}

The great thing about all this is that Mozilla built this system over the course of two years. Not as the open source deliverer for mobile providers but with them – a lot of the code has been written by partners.

The beauty of all of that is that when you write apps for Firefox OS, you write them on your own terms. You can publish them outside the market, bill your users with a payment API instead of having them sign up for a marketplace, and above all – your apps will also run on Android, iOS, and desktop browsers. You will not get all the goodies you get in Firefox OS across the board, but nothing stops you from using PhoneGap to, well, bridge that gap.

We bet on open and we won a massive battle. Now we are ready to roll out enjoyable mobile experiences for the masses without them having to be part of an arms race between two large corporations. This is about getting people online, not about getting them as consumers. And that, to me, is a massive opportunity.

So here’s to an open future of the mobile web. Come, join us.

View full post on Christian Heilmann

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)