Tag: Thunderbird

Categories
Mozilla Spam

Bayesian Spam Filter Poisoning With RSS

Overview

Bayesian Filtering is a great method for fighting spam. Unlike rule based filtering which spammers can easily adapt to with simple modifications, Bayesian adapts with the spammers changes, making it much more difficult for them to defeat the filtering. As a result it’s used in server side mail filtering as well as client side filtering in various products including Mozilla Thunderbird, SpamAssassin, and SpamBayes. Despite this level of “intelligence” it’s not foolproof. Like anything that analyzes unsanitized input, its vulnerable to poisoning. To be fair, there is a debate on if it exists or not. I personally believe it does exist.

Continue reading “Bayesian Spam Filter Poisoning With RSS”
Categories
Mozilla

Thunderbird 2.0 Beta 1

Thunderbird 2.0b1 is out, I updated a few days ago. I really love the new tagging functionality. Being able to create your own tags makes organizing mail about 100X easier. The presets of 1.5 just weren’t enough. As far as the UI goes, I was initially not to fond of the earth tone coloring, but I think the new icons are starting to grow on me. There is also a new phishing detection (similar to Firefox). To test it, I looked in my spam folder for a few phishing emails to test the new filter against. So far so good.

The only downsides thus far is bayes spam filtering is not performing as good as it did on 1.5. I reset things, hopefully after a few days of learning it will resolve itself. Or perhaps it’s a lingering regression in 2.0. It is after all still in beta. The other is the new mail notification doesn’t seem to open mail if you click on it. I was hoping it would open email when clicked. Perhaps it’s just not obvious where to click. The appearance and effect seems to be much better now.

It’s hard to write even a mini-review of beta software, since it is just beta and things are incomplete or subject to change. I plan to write more on it closer to the 2.0 release. Despite it’s lower profile development (compared to Firefox), and more subtle changes) it’s really evolving. The changes made really do make it a much better experience.

Categories
Mozilla

In Search Of The Missing Sync?

I had another silly thought this evening, and thought I’d just mention it for anyone interested. I’ve been reading through some bugs, and wiki documents on the state of synchronization of various devices with Mozilla based products.

It would be great to have a generic XPCOM wrapper for interacting with Bluetooth support on various platforms (yes, you read that right, and trust me it’s not that crazy). It would need to have the ability to detect what Bluetooth implementation is used by the user for Windows (Broadcom/WIDCOMM vs. Windows XP), Apple’s Bluetooth implementation and of course Linux (I believe it’s Bluez, but I’m not to familiar with Bluetooth on Linux). Note that this does not mean having Mozilla drivers for Bluetooth hardware. Just an easy way for developers to interact with Bluetooth without the concept of platform specific software.

With projects like Lightning, Thunderbird maturing, and MiniMo it’s important to be able to interact with other devices for the sake of forward progress, and this may prove to be the best solution for many cases.

There are several approaches to device sync from what I’ve seen from things that are device specific likePalmSync to the more generic iSync, but the problem that comes up is that it’s a lot of work for relatively limited devices. For example, even with iSync, as robust as it is, your still limited in devices it supports, and it’s Mac only (leaving Windows and Linux users in the cold). Others still require commercial software (Palm) to work with iSync. So for all the work, all Windows users have no benefit from iSync support. For all the effort on PalmSync for Windows done thus far (and that’s a fair amount of effort), no Mac users have been able to benefit thus far. SyncML has some potential, but the lack of support thus far still leaves many without any support. Anyone without a newer device likely won’t ever have SyncML support, so again the problem is a limited device set. And still not all newer devices support SyncML, and it could even depend on your service provider, as they sometimes disable features.

The advantage of Bluetooth is standardization. Lets face it, love it or hate it Bluetooth is becoming more and more available. More and more portable devices are shipping with it. By having support for it, Mozilla products gain compatibility with devices as they come out. It also would provide good device support over multiple platforms. For example, Thunderbird’s Address Book could have a small database of device types (phone/PDA models) and the format of an address book they support (such as vCard) or Calendar (vCalendar or iCal).

It looks like Synchronization Profile (SYNC) and File Transfer Profile (FTP) would be necessary to get most devices going (seems not all support SYNC, so supporting FTP would allow you to at least dump your Address Book or just an Address Book card from time to time onto your phone.

If included with Firefox, there would be an easy way for product developers, and extension developers to add a “send with Bluetooth” menu option. Save snippets of a web page, an hCard, the possibilities are endless.

This wouldn’t work for every device (such as the iPod thus far which is Bluetooth free, but I’ve got you covered on that ;-)), but it’s a big gain with supporting 1 protocol.

I could even see this as an interesting approach to keeping bookmarks in sync. Perhaps store your bookmark file on your cell phone… well you get the picture, mobile devices are without question the future, the question we need to ask is, how do we transport data back and forth?

It doesn’t look like something I’m personally up to implementing (I’m not very strong when it comes to this stuff), but it would be pretty cool to see someone take on. The key to this is that it needs to support SYNC and FTP, as well as be as multi-platform as possible. That’s not an easy task, but the possibilities are rather impressive.

I’m curious what others think of such an idea. I’m not saying it’s 100% workable, or warrantied for any particular use. Just some idea in my head I felt like putting into text and sending down the series of tubes we call the internet.

Categories
Apple Mozilla Open Source

Lightning Strikes The iPod

I started working to implement support for Lighting (project to integrate Calendar into Thunderbird) to sync with Apple iPods via mozPod. Didn’t take to long before I had a successful sync. It’s not done yet, and likely some big evil bugs (read: including but not limited to loss of data or first born child), but it’s well on the way!

That’s right, we now have the ability to sync contacts and calendar to the iPod on Mac/Windows (Linux still on the todo list, though it’s mostly there). It will require Thunderbird 1.5 or later. No release date just yet.

How cool is that? πŸ˜€

Categories
Mozilla

Better Corporate Deployment

A while back I asked a question about how companies deploy/update Firefox in the corporate environment. I got a fair amount of feedback on the issue. I wanted to post this a while back, but got sidetracked. Anyway here’s what I’ve put together after reading comments and emails about the topic.

Based on what I’ve read, and looking at where apps like Firefox and Thunderbird stand, I see a few possibilities to improve:

Provide MSI’s as a download

From what I’ve read, and some email’s, MSI’s seem to be the vehicle of choice for most looking to deploy an application because it’s fairly easy to use, and pretty common.

Better Documentation for Corporate Deployment

It seems part of the problem is corporate IT departments don’t see clear documentation on “how to”. A fix for this would be some good documentation on “recommended practices”. Some topics to discuss:

  • How to disable auto update
  • Prohibit installing extensions
  • How to deploy updates with popular deployment tools and enterprise tools and technologies like Group Policy
  • Discuss how the CCK could be helpful

Upgrade Recommendations

A big problem seems to be keeping things up to date. There are several complicated issues here. To discuss them briefly:

Policy Restrictions
In some cases, computers are locked down enough that auto update in Firefox won’t work since it can’t update files. This means an admin must interfere, and must know that they need to take some sort of action.

Internal Testing
Companies have strong testing policies in place because of internal apps that are business critical. As a result before something like a browser can be updated, it must be tested against these applications. How do we minimize the time from the release of the new version, to when a company actually deploys this. Obviously the less time involved, the better.

Update Notification
With auto-update disabled, how do companies know a new release has been issued? How can they easily keep up to speed, with low noise?

Solution
The first step has already been taken. Mozilla products have a very good versioning scheme and maintenance update release pattern. It’s also good that stable branches live for a while. This is essential for corporate deployments. It allows for some time between moving between versions (such as 1.0.x to 1.5.x). The release cycles work rather well.

There seems to be a need for an IT mailing list, that would notify IT professionals when a release reaches the RC (Release Candidate) stage, allowing them time to test the new version against their systems. Such notification should also contain changes made since the last release, but written in terms of “what to look for when testing” or “what impact these changes could have” (for example a change in how plugins are loaded/handled, requiring testing where Java applets are embedded in web pages). By sending these notifications first during the RC stage, it would allow for some time to do testing, and quicker deployment once the release is official. This is important in the case of security bugs being fixed, when exploits could quickly follow an announcement. The low noise of the mailing list would ensure IT professionals get notifications they need.

Conclusion

I’m curious how these proposals would work for IT departments, from what I’ve read and feedback I’ve received I believe this would allow for much easier adoption, without adding too much of a burden.

Categories
Mozilla Software Tech (General)

Corporate Updating

Had a little discussion last night that got me wondering, so I thought I’d post the question.

How does your company update products that offer in built-in updating functionality, like Firefox? Do you leave the functionality enabled and let the applications developer push updates to your desktop, or do you disable auto-update (I think app.update.enabled can be used to disable it in Mozilla products) and update via group policy or whatever method your company uses.

If anyone is able to comment (I know some IT Dept’s are very secretive) that would be great. Especially helpful if you can comment at least on the size of your organization and what method is used with apps that have the ability to auto-update. Especially if you deploy Firefox or Thunderbird in your organization. Leave a comment or feel free to email me if it’s not something you can post publicly.

From the way I see it, both have advantages and disadvantages:

Auto-Update

Advantages

  • No intervention by IT to keep product up to date.
  • No special servers, or configs to maintain.
  • Prompt updates.

Disadvantages

  • No ability to test update before it’s live.
  • Rely on developer to keep server secure.
  • Bandwidth consumption on WAN (download from source for each workstation, rather than just on the LAN).

Manual Update

Advantages

  • Ability to test updates for things like extension compatibility, and with intranet applications.
  • Feeling of control over workstations.
  • Less bandwidth consumption on WAN.

Disadvantages

  • Requires IT keep close eye on releases.
  • Delay can be a danger during 0 day exploits.
  • Infrastructure may be needed.
Categories
Mozilla

mozPod 0.2 Status

I have slowly been working on a new mozPod release, it’s just not going very fast, as it’s still a lower priority project. So far, it seems to be pretty well accepted. Here are a few of the changes planned, or already completed:

  • Preliminary Lightning Support
  • Having an LDAP server setup in your Address Book won’t cause the sync to fail
  • Some code cleanup, optimization, and bug fixes

For the record, I will be dropping support for Thunderbird 1.0.x in mozPod 0.2. Most people seem to be upgrading, and it’s just not worth the hassle. Many (or most) seem to have had problems with MozPod and Thunderbird 1.0 anyway.

Yes, development is a little slow, but it’s free (unless you feel like saying thanks), so don’t complain ;-).

Update: It’s out.

Categories
Apple Mozilla Software

mozPod 0.1 Released

I decided to release mozPod 0.1 as a late Christmas Gift. This is of course a 0.1 release (beta quality at best), so of course feedback is desired. I’m positive bugs remain, and I’m positive there are some larger bugs still in that code. Testing is needed to locate them. So if you download, make sure to come back here and let me know how it goes for you. I know there is no unicode support just yet, and the Thunderbird UI may get a little slugish during sync (though once sync is done it should go back to normal).

Download

MozPod

For those who don’t know, mozPod is a Mozilla Thunderbird extension to allow for easy transfer of the users address book to the popular Apple iPod for mobile use. The extension has a minimal UI and is designed to be as automatic as possible.

Thanks

Special thanks to David Bienvenu (who hopefully will get a blog sooner than later πŸ˜‰ ), and Boris Zbarsky for their help, and everyone who volunteered and participated in testing.

Categories
Apple Mozilla Programming

iPod Sync Private Testing

Before I do a more general release, I want to get a few more technical people to give it a try, so I can get any big issues resolved.

Please email me (using the form) the following info if you wish to participate:

Name
Email
OS
iPod Version
Experience

You will need to be using Thunderbird 1.5. This is rather untested stuff, so I do put an emphasis on only technical users with experience testing and doing QA with Mozilla products.

If you don’t think you qualify, just wait a little longer until this round is over. I do plan on a 0.1 release by the end of the year.

Update [12-26-2005]: It’s out, and available here.

Categories
Apple Mozilla

iPod Sync Unteaser

Unfortunately it’s not done yet. The big issue remaining is to ensure the Thunderbird UI doesn’t completely freeze up (which many people apparently don’t like). I just don’t feel it’s right to release like this, since it’s annoying and problematic. My first stab at it was unsuccessful, so I’m taking it on from another angle, but need some solid time to sit down and really dig into it. I’ve been hoping to also handle non-ASCII characters as well, but that might get pushed out to the next release. My plan was to have done this already, but real life interferes with my plans at times. This week is Thanksgiving (read: I’m not coding when I can be eating, as I’m sure most of you can relate with), and I’ve got finals rapidly approaching (read: less coding time). I’ve also got a few other projects that I’m balancing here. There’s lots of great announcements coming up on this blog in coming months, so keep an eye on that RSS feed.

So how much longer?
The correct answer is “when it’s done”. My true hope is by the end of the year at the latest (which is only a couple weeks). Hopefully earlier than that (I’d really like to have it by early December). It all depends how much time I get to work on it.

I guess that’s just life… everything takes a little longer than you want.

Daniel Glazman is sitting on two really sweet extensions (CaScadeS II and OpenWengo), and hacking away at them ever so diligently. So I’m not the only one making people crazy by not going fast enough (seriously, check out some of those screenshots on his blog. Really cool stuff he’s been working on).

While your waiting, check out the Mozilla Quality Blog for ways you can help ensure 1.5 totally rocks. There’s no such thing as too much testing.

Update [12-26-2005]: It’s out, and available here.