Weekly updates from Mozilla IT on things we're doing to support and empower all of Mozilla in our mission keep the web a global public resource, open and accessible to all!
- Event designer for Air Mozilla has simplified! As of Friday, March 16th, we've consolidated your requests into one form on The Hub:
- Starting this week, I will be regularly thanking individuals and teams who help empower all Mozillians' work on the mission. This week I'd like to thank the IT staff that helps make the MinIT a success! They built out the new tech here in Portland and produce our meetings on AirMo. PDX and all of Mozilla appreciate you. Thank you- Andy Kochendorfer, Diana Perez, James Dirks, Jason Helmers, Khanh Nguyen, Mark Richards, Tony Recendez!
- This Friday, March 16, at 12 Noon PDT, I will be hosting the IT Brown Bags - Lightning Talks edition! We broadcast live at 12 noon PST on Air Mozilla and in the #BrownBags Vidyo channel, and sessions are archived in the AirMo IT Operations channel. We have 5 hot topics scheduled for this week's Lightning Talks- LastPass, 1Password, the Enterprise City Map, How to identify a switch port, and the MOC! That's quite a Mozilla buffet. Come join the feast this Friday! Questions and conversations about the Brown Bags are held in Mozilla IT's Discourse and in the #it-brownbags Slack channel.
- The IT Brown Bags are a one hour program on the third Friday of every month, broadcast live at 12 noon PST on Air Mozilla and in the #BrownBags Vidyo channel. Next week's program (March 16) will be an hour of lightning talks, and we're looking for suggestions and volunteers to present 5-10 minute topics. Check out the Lightning Talks Mana page for more info, or contact me (mvk on Slack).
- Based on staff and volunteer feedback, the IAM Project released an improved version of the login experience .
- Autologin now shows what login method you’re autologging in with. All users now get a loading spinner rather than the login form when autologin is being attempted. Autologin is now turned off for Passwordless logins.
- Various UI improvements were deployed, including an improved mobile layout and submitting with ENTER from the password field now ‘just’ works.
- Account linking has improved. The login screen is now better optimised for adding a new identity to Mozillians.
- The IAM project aims to continuously improve the login experience. Please give your feedback in Discourse or file an issue in our GitHub repository
- Welcome to the new PDX Commons! Now Witness the Firepower of this fully Armed and Operational new Portland MozSpace.
Don’t call it a comeback, PDX been here for years But thanks to AVOps we got the funky fresh gear Now take it all in on the dope new TV screens Our tech is so legit, we're Mozilla’s coolest scene- WORD to MozPDX!
The PDX Commons is back online and refreshed with the latest AV standard that will serve all of your event production needs. AVOps is providing a consistent user experience across our global sites. The team has been in Portland throughout the month, enabling the entire office with state-of-the-art audio and video equipment. We've got four new screens in the Commons, including a sweet rotating TV and a fully-equipped event management booth. Lots of Mozilla and community events coming soon in PDX! Thanks you AVOps, and thank you WPR!
- The IAM Project has redesigned the login to Mozilla websites from scratch and implemented a New Login Experience for all Mozillians with auto-login, login method detection, experience optimizations including password manager integration, and better security. We welcome your feedback, comments and questions in our IAM Discourse category. Report issues on Github issues.
- IT’s 2018 objectives include enabling our customers to focus on their most strategic ambitions and making technology work like our people do. We’ve kicked off a joint project with Mozilla’s Workplace Resources team to help enable WPR, and to drive increased productivity for WPR’s business applications . IT and WPR teams will be meeting this week in Mountain View to plan out our efforts for 2018. We’ll be working together to improve technology for WPR and workplaces for all Mozillians- on every continent, in every MozSpace, at home and remote.
- The IT Brown Bags are open to all Mozilla staff and NDA volunteers! They take place the 3rd Friday of every month at 12 PM PST, and are broadcast on AirMo in the IT Operations channel and in the #BrownBags Vidyo room. This week, Josephine Leung and Heather Crince will be presenting about the Product Owner process, including a trip through the Product Owner Boardgame. Come join us! Discussion takes place in the Mozilla IT Discourse channel
- The Mozilla Data Collective is now open to NDA volunteers! Please visit https://www.mozdatacollective.com/ and login using your LDAP or Github+2FA. There's a ton of data there about all things Firefox and Mozilla, and new data and reports are being shared regularly. Whether you're staff or volunteer, it's always fun to check out the MDC and gain new insights on what we do as Mozilla.
- In last week’s tl;dr End User Services announced the launch of OutpostT, a program designed to improve IT support for our remotees. The team will initially focus on remotee onboarding, security awareness, and hardware support and will offer expanded coverage for Eastern North American and European time zones. OutposT is based in Toronto. See the tl;dr for more info or reach the ServiceDesk here
- The NetOps team, along with Workplace Resources, won the Super Bowl of MozPDX this last weekend, as they brought the next phase of the new Portland office space online. 36 new workstations opened up here today. Congrats to our champions, soaring like Eagles here in Portland!
- As part of Mozilla's Trust and Safety initiative, LDAP servers are being removed from MozSpaces. This means the authentication required for wireless, specifically the “Mozilla” SSID, is migrating away from LDAP to Certificate-Based Authentication and action will be required to stay online on the Mozilla SSID in a MozSpace. You will receive an email with instructions as this improvement comes to your location. If you use the Mozilla Guest SSID, no change will be needed. For your device to receive a certificate for authentication, our new onboarding process must be completed, and the email will have details. Contact Service Desk with any questions.
- Gene Wood and Sierra Reed got together to mash up Peanut Brittle Day and Privacy Day into one delightfully delicious web-protecting holiday. Check out their Peanut Brittle and Privacy video, share widely, and bring some sweetness to your privacy stance.
- As noted in the tl;dr, Slack is now officially open to NDA’d contributors! This month volunteers under NDA are being invited to Mozilla’s Slack instance after a pilot last year with a subset of this group. You can see if a Slacker is a staff member or a volunteer by clicking on their Slack profile. Including trusted non-staff on Slack is part of a larger effort from the Open Innovation and Information Security teams to remove barriers to collaboration. Staff, if you see volunteers in your channels and docs, say hi and welcome them! And volunteers, introduce yourself in channels you join! We are all part of the Mozilla community, protecting the web. Volunteers who'd like to access Slack can sign up via SSO using their Github identity and have the same level of access as staff.
- AVOPS will be upgrading the VidyoDesktop application to 3.6.14 after hours tonight PST. This release addresses a number of issues to enhance the reliability and usability of VidyoDesktop. Please upgrade to the latest release at your earliest convenience.
- What’s next for Vidyo’s Desktop communication platform at Mozilla
- Linux 3.6.3 update
- Enable WebRTC for Vidyo
- Evaluate Vidyo’s new VidyoConnect platform. If you would like to Alpha test, reach out to AVOPS via Slack #avops or email.
- What’s next for Vidyo’s Desktop communication platform at Mozilla
- IT will be running legacy AirMozilla in parallel with the new system for a period starting Feb. 1, 2018. Viewers can submit feedback on the #airmozilla Slack or IRC channels.
- Happy New Year from Mozilla IT! In 2018, IT's objectives are to Enable our customers to focus on their most strategic ambitions,to Make technology work like our people do, and to Provide comprehensive visibility into information security risk across Mozilla. We're eager to help all of Mozilla in our work to protect the Internet.
- AVOps rolled out phase 1 of the PDX office expansion last week, making 10 new conference rooms available with the latest and greatest in AV and conferencing gear. 6 small rooms and 4 kiosks. The great Portland conference room shortage is over! PDX office expansion continues over the next several weeks
- I'm hosting the IT Brown Bags every 3rd Friday at Noon PST, available on AirMo to staff and NDA contributors. This past week's Brown Bag was on the Nubis platform, IT's solution for Amazon Web Services hosting, providing rich monitoring and a standardized operations interface for your hosted applications. Nubis is a completely open source platform- all code is available in the nubisproject Github. You can watch last week's presentation on AirMo.
- New AirMozilla coming! Please visit airmo.mozilla.org to see the new library. You can view this meeting streaming live by clicking on the Spotlight in the upper left. The new platform offers full support and development, lots of interactivity, and concurrent social streaming (Facebook, YouTube, etc.) with many ways to present. You can see a brief overview here. To help, we’ve created an FAQ in Mana. Please contact AirMo Andy Kochendorfer with comments and questions.
- The Mozilla Contract Database is now live! Thanks to a collaborative effort between IT, Legal, People, and Finance, we delivered this service that reinforces the foundation of Mozilla’s business in 90 days, from conception to delivery. Those of you who manage contracts that are coming up for expiration should have received advance notices, giving you plenty of time to take care of your renewals before December 22. Thanks to everyone who contributed to this project!
- Join me in Austin for the Containers@Mozilla elective, Wednesday December 13th, 1 PM, in JW Marriott room 4. I'll be hosting a panel presentation and live Q&A on how container technologies like Docker are being used to solve problems across Mozilla, in Marketing, Open Innovation, and IT.
- Austin is Weird. Austin is a city built on music. Willie Nelson is the smoky grandfather of the scene. Local legend Kinky Friedman, in his Austin guide The Great Psychedelic Armadillo Picnic, says that when Austinites die, they go to Willie Nelson's house. In Willie's honor, in Mozilla's honor, in anticipation of Austin, here's a song:
On the Road again And I just can't wait to get On the Web again The life I love is saving the Internet with my friends and I can't wait to get On the Web again!
I'll see all y'all there!
- This Thursday is Thanksgiving in the USA. In this time of giving thanks for the harvest in the northern latitudes, Slack channel #thanksgiving is a place where you can share your gratitude. I am thankful for all my fellow Mozillians who fight tirelessly to keep the web open and free, through Firefox and all the things we do.
- Happy Launch Week! As we go forth and Grow From Firefox, remember that IT is here to help you manage your technology so that you can focus on applying your core capabilities to the Mozilla mission.
- Mozilla is now a USB-C friendly environment. IT has retrofitted all cable cubby equipped Small, Large, and Commons conference rooms with USB-C power and Video adapters. If you need USB-C hardware support outside of the conference rooms, please contact your local EUS representative.
- InfoSec and ParSys have launched the capability for volunteers and staff to work together in a shared Google drive, in a secure fashion. This is the first staff-volunteer collaboration use case that we have implemented on top of the IAM architecture. Andrew Krug will demonstrate.
- A quick reminder of the changes to Mozillians.org logins (emailed last week)
- Paid staff- keep using your LDAP authentication everywhere
- NDA’d volunteers- connect your MFA’d GitHub account to your Mozillians.org profile by 15 NOV
- All other Mozillians.org account holders can also link their GitHub+2FA account to their Mozillians profile
- The FAQ includes step by step guides
- The Mozilla Reps have launched an app to crowdsource tweets. Significantly, the app is live, launched on the ParSys container infrastructure in AWS after the initial experiment was a success. Container infrastructure is supporting experiments at Mozilla! Come to the Containers@Mozilla elective at the Y'All Hands to learn more.
- Today in Mountain View, we are kicking off data entry for our Contract Database project, a joint effort by IT, Finance, Legal, and People teams. It's part of Mozilla's continuous improvement efforts, bringing teams together to solve our shared problems. We are working together to strengthen Mozilla's business foundations
In honor of Morrissey coming to Portland, intepretive Morrissey song titles in italics
- NetOps completed the infrastructure refresh of the Vancouver City of Glass office. With this, the Mozilla-wide office infrastructure refresh is complete, save for the Portland office, which will be upgraded during the office expansion. A Rush And A Push And The Land Is Ours
- This Friday at 9 AM PST, the DevOps cohort will feature a presentation on Kubernetes in AWS, from Andrew Krug. The DevOps cohort is available to staff only. Email Scott Idler to be added to the weekly invite. That's How People Grow Up
- The Mozilla Data Collective brings you data for launch activities! For the release of Firefox Quantum (or Release 57), we are getting metrics related to Release 57 to the MDC to be shared with all staff. In The Future When All's Well
Everyday Is Like Sunday....
- April King and Jonathan Claudius are leading a session on “Securing the Web with the Mozilla Observatory” at MozFest this week. Participants will learn how to use Mozilla Observatory as a resource, and easy ways to level up the security of the services they operate and use.
- This past weekend at the BSides Portland conference, Andrew Krug (InfoSec) and Yousef Alam (ParSys) stood up the reference Kubernetes architecture for the “Capture The Flag” competition. No contestant was able to break out of the cluster, so now we know we’re ready to build secure Kubernetes clusters!
- Voting is open for All Hands electives!
- If you’re interested in containerization (Docker, Kubernetes, etc..), check out the Mozilla and Containers (4.3) elective I’ll be leading.
- Persona, Firefox Accounts, LDAP, passwordless email? Learn more at IAM: past, present, and future of how we manage identity at Mozilla (4.21).
- InfoSec is proposing Everything You Always Wanted To Know About Security But Were Afraid To Ask (4.8), presented by Gene Wood.
- I’m helping to facilitate Legal, Finance, and CASA (4.13), for those of you who work with contracts and want to learn more about CASA and the contract process.
- Mozilla’s Infosec department is sponsoring the 7th annual BSides Portland event this Friday and Saturday at the Portland Convention Center. Andrew Krug will be offering an encore presentation of his BlackHat talk on hacking serverless runtimes, and Mozilla has provided a reference architecture for Kubernetes to power the Capture the Flag Contest as part of our bug bounty program.
- Researchers have discovered a flaw in WPA2, a common Wifi encryption protocol. If you use WPA2 on your laptop, device, or access point, you are likely exposed. We use Aruba Wifi access points in our offices, and a patch will be deployed shortly- look for communications from the MOC about any office downtime. Your mobile devices are particularly vulnerable- you may want to use 4G instead of Wifi when you have a choice.
- Infosec will be rolling out more alerts to the SSO Dashboard this week. In addition to existing alerts for out of date software we will add alerts for security anomalies we may notice about your @mozilla.com account.
- IT began build out of a new data center space two weeks ago for the hosting of Firefox build and test resources that are not fit for the cloud. This space will also begin to give us geographical redundancy for these resources. While migration work will continue throughout the next 12 months, this initial move is a major milestone!
- Starting two weeks ago, all incidents and requests through ServiceNow (The Hub) will generate a brief 3 question survey (https://mozilla.service-now.com). Please take the time to give us feedback on the Customer Experience in order for us to continue to improve.
- Mozilla has completed our transition away from Okta. If you were previously using Okta to access Workday or other apps, you should now be accessing through Auth0. You can reach the most active secured apps through https://sso.mozilla.com.
- Over the weekend, the dial-in access for the teleconferencing systems moved from our old Asterisk system to Jive. The extension numbers and prompts have changed. Vidyo is on extension 2000 and no longer needs the extra 9 added at the beginning of the conference room numbers. The basic audio-only conferencing is now on extension 4000. Please use 2000 or 4000 as appropriate for the password on the 800# instead of 369 (if you dial 369 it'll give you instructions though). If you see any dial-in instructions which need updating, please update them or contact the organizer and remind them to. HUGE shout-out to Andy Kochendorfer from AVOps for providing his voice for the new prompts.
- IT is initiating a proof-of-concept for the new Vidyo Cloud solution, as a separate instance. Those interested should be part of relatively insular group that can regularly use the NEO client. If interested, please join the #vidyocloudpocrequest Slack channel.
- The site intranet.mozilla.org will be shut down on September 29th at 5pm PST. We've identified several Mana pages that have links to intranet.mozilla.org. To view the list, please visit the Slack channel #intranet-shutdown or if you have any questions, contact @jojo on Slack
- Interested in DevOps? Jon the DevOps cohort! Open to all community- staff and volunteers. Join the #devops channel on Slack, get more info on Mana at https://mana.mozilla.org/wiki/display/DO/DevOps+Cohort, or email email@example.com to join. Next meeting is Friday, October 6!
(below are info items that won't be read in the Project meeting due to time)
- Starting last week, all incidents and requests through ServiceNow (The Hub) will generate a brief 3 question survey (https://mozilla.service-now.com). Please take the time to give us feedback on the Customer Experience in order for us to continue to improve.
- End User Services is discontinuing the use of Kaspersky Endpoint Security 10 for Windows 10 laptops. Instead Windows users will now use Microsoft Windows Defender, the built-in antivirus solution. Malware and virus protection is a constantly evolving field. In the past, dedicated products provided the best defense against malicious files. However, Microsoft’s built-in service has matured over time to be a competitive/formidable antivirus product.
- The MinIT now has a wiki! You're reading it here
- The YVR City-of-Glass office now has a spiffy new Commons and upgraded large conference rooms to further improve their AV experience.
- A first user-specific security alert landed in the SSO Dashboard: The dashboard tells you if your Firefox is out of date. More to come! https://sso.mozilla.com
- (Staff only, on Mana) Traveling? Check out https://mana.mozilla.org/wiki/display/SECURITY/Security+Precautions+when+traveling We have special procedures for high risk countries. This can happen to YOU! https://twitter.com/thegrugq/status/629364323933134848