Skip to content
By using Twitter’s services you agree to our Cookies Use. We and our partners operate globally and use cookies, including for analytics, personalisation, and ads.
  • Home Home Home, current page.
  • About

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?

    New to Twitter?
    Sign up
jonathansampson's profile
Sampson
Sampson
Sampson
@jonathansampson

Tweets

Sampson

@jonathansampson

Building the web since the mid-90's. Regional Manager of The Office references. Former Microsoft engineer, Stack Overflow moderator no. 4. 🇧🇷🇺🇸

Florida
Joined January 2009

Tweets

  • © 2019 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Imprint
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list


    Under 100 characters, optional

    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    Sampson‏ @jonathansampson Aug 25
    • Report Tweet

    What happens when you launch a fresh install of Firefox? I was curious, so I did so with version 68.0.2, and monitored my network activity. Here's what I learned…pic.twitter.com/kTglccO7Qy

    10:29 PM - 25 Aug 2019
    • 361 Retweets
    • 666 Likes
    • Matt Willis 🍂 Autumn Spice 🍂 🔜 #MidwestNotGoingFest dat Mike Enos Pascal Ernster 🏳️‍🌈🇪🇺🇱🇺 wayne nilsen Jon Schneider Code Talk Lukor
    21 replies 361 retweets 666 likes
      1. New conversation
      2. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Note, this doesn't involve any interaction beyond opening the browser and waiting a few minutes. What I found were dozens of requests, which loaded nearly 16 MB in data. Lets break down what I saw.pic.twitter.com/csegTyjuJF

        3 replies 10 retweets 72 likes
        Show this thread
      3. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Let's first look at which endpoints were hit, and how often. Firefox launched with a http://mozilla.org  tab opened in a blurred tab. Resources loaded from there would explain the 26 calls. Some of these other hosts should be familiar, if you've read my other browser threads.pic.twitter.com/zsXoKQw0dD

        2 replies 4 retweets 52 likes
        Show this thread
      4. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        The first 5 requests were for http://detectportal.firefox.com  over the HTTP protocol. These are meant to detect public networks, like that available at the coffee shop. If the response does not contain 'success', it's a good indicator you're on a portal.pic.twitter.com/r8nsqAa5CZ

        2 replies 4 retweets 52 likes
        Show this thread
      5. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Next up were 2 identical requests for http://ocsp.digicert.com . OCSP is the Online Certificate Status Protocol, and is used to check for revocation of bad certs. I assume FF is testing its own certificate, since the browser opens with a Mozilla tab. No clue why it checked twice.

        5 replies 5 retweets 54 likes
        Show this thread
      6. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        A call to http://snippets.cdn.mozilla.net  is next. The path carries information about the device I am using: OS, 32 or 64 bit, lang, etc. The call redirects to 12 KB of JSON. Snippets are small messages displayed on the New Tab.pic.twitter.com/ijzQAT6GL8

        1 reply 3 retweets 46 likes
        Show this thread
      7. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Two Remote Settings calls are made to the http://tiles.services.mozilla.com  host. They are nearly identical bits of JSON. One is for the cfr provider, and the other is for cfr-fxa, per the https://github.com/mozilla/gecko/blob/central/testing/profiles/common/user.js#L9-L10 … resource. I have no remote settings, which explains ASR_RS_NO_MESSAGES.pic.twitter.com/lTTuA5A6n7

        1 reply 2 retweets 40 likes
        Show this thread
      8. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        A third "http://tiles.services .moz" call is made, with a different body. It contains a client_id. Along with it were a few other bits of data: event=AS_ENABLED locale=en-US profile_creation_date=18134 region=UNSET release_channel=release topic=main value=0 version=68.0.2

        1 reply 2 retweets 45 likes
        Show this thread
      9. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        The http://mozilla.org  tab discussing the importance of Privacy loads in the background, bringing along with it the Google Tag Manager and Google Analytics. Hello, Google.pic.twitter.com/SlNY9Bltss

        5 replies 43 retweets 210 likes
        Show this thread
      10. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        It looks like we aren't done talking with Google either. Firefox makes its next move in downloading Safe Browsing bits from Google APIs. This is common among browsers today (Exception: @brave proxies the call through http://brave.com , keeping users out of Google's hands).

        3 replies 14 retweets 125 likes
        Show this thread
      11. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Next up, http://normandy.cdn.mozilla.net . Mozilla says it "…is a feature that allows Mozilla to change the default value of a preference for a targeted set of users, without deploying an update to FF." It returns a JSON file with a handful of URLs. Firefox will use these URLs at times.pic.twitter.com/nyLsLHUxFB

        2 replies 2 retweets 36 likes
        Show this thread
      12. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        In fact, part of the Normandy response included a URL for the classify-client action. Firefox makes a call for that next. The server returns a bit of JSON that specifies the users country, and a request time: {"country":"US","request_time":"2019-08-26T02:41:45.823283Z"}

        1 reply 2 retweets 35 likes
        Show this thread
      13. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        The Normandy work doesn't stop there. Next we see calls to http://firefox.settings.services.mozilla.com . Each with a different path. The first request carries the bits that make up the path for the second request. And the third looks like the Snippets file from earlier.pic.twitter.com/mA4bUNVOzQ

        1 reply 2 retweets 34 likes
        Show this thread
      14. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        The last normandy response above then instructs Firefox to download numerous certificates from http://content-signature-2.cdn.mozilla.net . At this point, Firefox takes a break and checks for available updates. It doesn't find any, so we get an XML response with an empty <updates> object.pic.twitter.com/x4kFeTQtho

        2 replies 2 retweets 37 likes
        Show this thread
      15. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Another Normandy call to retrieve settings is made. This one results in a large list of buckets or records; I'm not sure of the nomenclature here. Either way, we see numerous calls for more data made as a result. For instance, "Have I Been Pwned" data is retrieved.pic.twitter.com/sw2iG4spSO

        1 reply 3 retweets 35 likes
        Show this thread
      16. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        After a few more normandy calls, we now see a request to the aus5 sub on http://mozilla.org . This also passes device information, resulting in an XML response containing addons to download/install. The OpenH264 addon is requested over HTTP. I hope they do integrity checking!pic.twitter.com/OswiXN0wJy

        4 replies 3 retweets 51 likes
        Show this thread
      17. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Also, it looks like these identical files are being downloaded twice. Is it a coincidence that Firefox opens with 2 tabs, and makes 2 identical calls? The 2nd addon is WideVine. This is requested directly from Google's http://gvt1.com  domain. Hello again, Google.

        2 replies 8 retweets 59 likes
        Show this thread
      18. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Firefox has been open for a few minutes, and Mozilla would like to know about me, my machine, and how I have Firefox configured. 37,097 bytes of information are sent to http://incoming.telemetry.mozilla.org .pic.twitter.com/KLr5iYMDSt

        1 reply 8 retweets 60 likes
        Show this thread
      19. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Of all browsers I've reviewed recently, Firefox is one of the most active upon installation. I think it may be the only one to immediately collect telemetry data too. I would like to see them proxy calls to Google endpoints, and avoid the initial http://mozilla.org  tab.

        5 replies 22 retweets 131 likes
        Show this thread
      20. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Sampson Retweeted Sampson

        That pretty much covers what Firefox does when you first run the browser after installation. If you enjoyed this thread, see the others I did on Opera, Vivaldi, Brave, Dissenter, and Chrome. Take care!https://twitter.com/jonathansampson/status/1165392803687542790 …

        Sampson added,

        Sampson @jonathansampson
        From today: What happens when you first open the Opera browser? https://twitter.com/jonathansampson/status/1165353213308129281 … Vivaldi? https://twitter.com/jonathansampson/status/1165358155922059266 … Dissenter? https://twitter.com/jonathansampson/status/1165377063932637184 … And Brave? https://twitter.com/jonathansampson/status/1165391211999518720 … If you enjoy these threads, I'll consider doing more later 🙂
        8 replies 15 retweets 117 likes
        Show this thread
      21. Sampson‏ @jonathansampson Aug 25
        • Report Tweet

        Sampson Retweeted Sampson

        I also reviewed Google Chrome, for those interested:https://twitter.com/jonathansampson/status/1165493206441779200 …

        Sampson added,

        Sampson @jonathansampson
        What happens when you launch Google Chrome for the first time on a Windows 10 machine? When I launched Google Chrome for the first time (and let it sit for a minute), 32 requests were made, and 7.26 MB of data downloaded. pic.twitter.com/UpmrQBUceK
        Show this thread
        4 replies 9 retweets 67 likes
        Show this thread
      22. End of conversation

    Loading seems to be taking a while.

    Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

      Promoted Tweet

      false

      • © 2019 Twitter
      • About
      • Help Center
      • Terms
      • Privacy policy
      • Imprint
      • Cookies
      • Ads info