A user on the Test Pilot discussion forum wrote:

“I didn’t join the big brother “test-pilot” but had to comment on how invasive this research will really be to the average user. Everything you type, always, whether sent or saved, will be saved on a database. If you have a webcam and you agreed to the test pilot thing, mozilla can use your camera to see what is going on. It sounds absurd, but it
is simple for a computer to identify certain things and bring the more important images to the front, however, your actions will be recorded whether they are flagged as a hazard or not. just put a bit of electrical tape over the lens when you aren’t using the camera.

I hate being watched….Peace”

It would be easy to dismiss this person as paranoid. (If we wanted to spy on you, why would we go to the trouble of announcing a data collection program and inviting people to voluntarily join it?) but actually, he is absolutely right to be concerned about his privacy and absolutely right to be skeptical of the motives of the organizations writing his software.

No, Test Pilot does not collect video data or connect to your webcam in any way. (I don’t even know how I would connect a Test Pilot study to a webcam! The user is accusing me of being a much better programmer than I actually am.) It does not record any words that you type, either. Certain studies have recorded certain very specific keystrokes, in order to tell whether a user is using keyboard shortcuts for Firefox menu items, for example, or whether they’re using the Enter key in the URL bar. We published a privacy policy and we have stuck to the rules of that privacy policy. And each study gives you, before you agree to upload anything, the chance to review the collected data for yourself.

The user who posted the above message has already decided that he doesn’t trust us, so I doubt I can convince him that we’ve stuck to our privacy policy.

But, as Levar Burton used to say on Reading Rainbow, you don’t have to take my word for it.

All of the Test Pilot studies are open-source, as is Firefox itself, as is the Test Pilot extension that bridges the two. Anyone who likes can examine the source code for themselves.

Now not every user will have the time, inclination, or ability to read through that source code. But not every user has to; all it takes is one whistleblower to look at the source code and tell everybody “hey, it looks like this study here is doing something fishy”.

So here’s the link to the source code of every single Test Pilot study. And here’s the link to the source code of the Test Pilot extension that runs them.

Go ahead! Read through that code. Look for the functions that secretly turn on your webcam and log the words you type. (There aren’t any.) Flag anything that looks fishy, wrong, or that looks like it might go outside the privacy policy. Please! We’ve got nothing to hide. I would welcome that sort of code review. I would consider it a personal favor from you to me to help us improve the quality and security of Test Pilot code.

This is an underappreciated benefit of open source. With closed-source software, you have to take a company’s word that they aren’t doing anything fishy with your machine. An open source project can’t hide that kind of thing from its users. Sharing the code keeps us honest.


On one of my previous posts, commenter Rasmussen wrote:

Umm, am just a dumb end user. Chrome is really tempting me now.. I stuck with FF while all my friends switched over to chrome solely because i’m addicted to addons and the Manifesto.

FF was the first software company that i discovered had an ideology, and it’s kinda exotic, because i always believed software companies were soulless.

I do hate the startup time and the crashes and as chrome has brought in the extensions, the case for me staying with FF is getting weaker.

However, Google is being evil sometimes, and the FF ideology charms me, and it could be the reason i’m typing this through FF, which is why i hope the bigwigs of FF are and will remain sincere about the ideology.

Hope you guys remain competitive, I do want you to win but just don’t become obsolete.

From my experience talking to and working with the “bigwigs of FF” as Rasmussen call them, I can personally vouch for their sincerity. They’re more serious about the Mozilla principles than most people I know are serious about anything. They’re dedicated to fighting for openness, freedom, and user choice on the Internet, and they know we can’t get complacent just because we’ve been gaining market share. They know that talking about our principles isn’t enough: we have to back them up with quality software that people want to use.

This isn’t the first time I’ve heard users complain about Firefox’s startup time and stability relative to Chrome. I could talk and talk about how seriously we’re taking those problems, how hard the Firefox team is working on performance and stability, and how killing crashes and reducing startup time are some of our highest priorities going in to Firefox 3.6 and 3.7. But maybe it will be more convincing to show you:

  • The Crashkill project is aiming to identify and fix the most common causes of crashes.
  • The Startup Time project is analyzing the reasons it takes Firefox as long as it does to start up, and finding ways to reduce that time.
  • The Electrolysis project is moving plugins like Flash to a separate process, and extensions to another separate process, so that a problem with a Flash movie or an extension (both common causes of crashes) can’t take down the whole browser.
  • Finally, see the Firefox Roadmap, which shows the top improvements planned for the next few releases.

Since Firefox is developed in the open, anyone can follow our progress. Firefox developers — who include not just Mozilla corporation employees, but also volunteers from all around the world — use the pages that I linked to above to track their own work on startup time and crashes. Since these pages are developer-oriented, they’re on the technical side. But whether you’re a developer or not, you’re welcome to use them to take a peek into what we’re doing.

Edited to add: Vlad has blogged a a good introduction to the problems involved in improving startup time. It’s still technical, but less so than the wiki page; check it out if you’re interested.