Revamping the Statistics Dashboard

February 5th, 2010 by Justin Scott (fligtar)

Developers got their first glimpse at detailed statistics for their add-ons in early 2008 when we launched the Developer Statistics Dashboard for every add-on hosted on AMO. Since then, we’ve made incremental improvements to this tool, such as adding grouping and comparison options, data tables, locale usage stats, contributions, and most recently download sources.

In July, we asked developers to take a survey about how they use the Statistics Dashboard, and as part of our AMO rewrite currently underway, we’ll be revamping the dashboard.

Here’s a mockup from our designer, Chris Howse, of the overview page of the new dashboard:

Mockup of new Stats Dashboard

A few comments on the new design:

  • Our main goal was to simplify the dashboard and present the most common things developers are looking for up front, answering questions like “which application versions is my add-on used with?” and “how many people use my add-on on Mac?”
  • Each of the breakdown pages will have its own URL and be linked to directly, eliminating the annoying dropdown menu currently used
  • We’ll be replacing the Timeplot graphs with nicer, less buggy graphs using Highcharts
  • Most of the features of the new dashboard exist in the current dashboard, but this will create a much better platform and layout for us to add additional features after the rewrite. We already have some great ideas to implement at that time.

You can see the rest of the mockups and design discussion in bug 540885 and implementation in bug 543548.

Tags: , , ,
Posted in developers | 2 Comments »

Please read: Security Issue on AMO

February 4th, 2010 by Nick Nguyen (osunick)

Issue

Two experimental add-ons, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer were found to contain Trojan code aimed at Windows users. Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan. Both add-ons have been disabled on AMO.

Impact to users

If a user installs one of these infected add-ons, the trojan would be executed when Firefox starts and the host computer would be infected by the trojan. Uninstalling these add-ons does not remove the trojan from a user’s system. Users with either of these add-ons should uninstall them immediately. Since uninstalling these extensions does not remove the trojan from a user’s system, an antivirus program should be used to scan and remove any infections.

Status

This vulnerability is known to affect Firefox on Windows only, if either Master Filer or Version 4.0 of Sothink Web Video Downloader are installed. Versions of Sothink Web Video Downloader greater than 4.0 are not infected. Master Filer was downloaded approximately 600 times between September 2009 and January 2010. Version 4.0 of Sothink Web Video Downloader was downloaded approximately 4,000 times between February 2008 and May 2008. Master Filer was removed from AMO on January 25, 2010 and Version 4.0 of Sothink Web Video Downloader was removed from AMO on February 2, 2010. AMO performs a malware check on all add-ons uploaded to the site, and blocks add-ons that are detected as such. This scanning tool failed to detect the Trojan in Master Filer. Two additional malware detection tools have been added to the validation chain and all add-ons were rescanned, which revealed the additional Trojan in Version 4.0 of Sothink Web Video Downloader. No other instances of malware have been discovered.

Credit

This issue was originally reported by CatThief.

Antivirus Software

Here is a list of antivirus programs known to detect the trojans found in the affected add-ons.

Antiy-AVL
Avast
AVG
GData
Ikarus
K7AntiVirus
McAfee
Norman
VBA32

Posted in general, security | 41 Comments »

Vote your favorite add-ons for About.com Reader’s Choice Awards

February 2nd, 2010 by Julie Choi (joolzvrn)

The nominations are in, and it’s time to vote for your favorite add-ons in the 2010 About.com Reader’s Choice Awards. Add-ons are now up for public voting in the following categories:

While you’re there, be sure to vote for the Best Major Desktop Browser and Best Mobile Browser categories as well. You have until midnight February 25 to cast your votes. We’ll let you know the results once they’re in!

Posted in general | 4 Comments »

Are your add-on updates in the review queue? Check again!

January 25th, 2010 by Jorge

A few bugs have been filed recently surrounding the add-on upload process, and they all turned out to be a single problem: if the upload process fails for some reason, the file may end up in an incorrect state.

What does this mean to add-on authors? Sometimes they’ve ended up with multiple files for a version, other have had to attempt the upload multiple times until it works. But the sneakiest of problems is when the upload finishes well, but the uploaded file isn’t nominated for the public. This means that the new version of a public add-on will start with an “In Sandbox” state, and it will never appear in the add-on review queue. Authors rarely notices this error, and they become increasingly annoyed with the add-on not being reviewed.

Only 2 add-ons are currently waiting for more than 7 days. If your update has been waiting for longer than that, you’ve probably been bitten by this bug.

So, in order to be safe, please check the status of your add-on updates. In order to verify that your update is in the review queue, follow these steps:

  1. Go to your Add-ons Page.
  2. For the add-on you updated, check the status of the latest version, under Versions and Files. If the status is “In Sandbox” instead of “In Sandbox; Pending Review”, then your file is not in the review queue.
  3. If you need to change the status of your add-on, please email amo-editors AT mozilla dot org and we’ll be happy to help you.

The bug is already fixed, so please let us know if you continue experiencing any upload problems.

Update: this post refers to updates of add-ons that are already public. If you’re nominating your add-on for the first time, it’s normal for the status of your latest file to be ‘In Sandbox’.

Tags: , , , ,
Posted in general | 5 Comments »

Contributions Sources

January 25th, 2010 by Nick Nguyen (osunick)

Since we launched the Contributions Pilot last summer, thousands of users have helped out their favorite developers with small donations.  We’ve continued to expand on the pilot with new features like Pledge Drives and subscriptions, and now we’re going to look at where users make their donations to authors.

There are quite a few places where users can see Contributions links on AMO:

  • Add-on Detail page - The listing page for an add-on
  • Home Page – Links on the home page to Contributions
  • Meet the Developer – The “Meet the Developer” page that explains why an add-on was created and introduces the developer to users
  • Roadblock – A version of the “Meet the Developer” page that a user needs to click through to download an add-on
  • First Run Page – The First Run page allows developers to request contributions post-install with a version of the “Meet the Developer” page
  • Browse pages – Contributions links on the pages used to browse categories, most downloaded, recommended, and top-rated add-ons
  • Search – Contributions links on search results

Over the past 4 months, we’ve looked at the data we’ve gathered and found that add-ons users have given over $40,000 to the developers of their add-ons.  Here’s a breakdown of the entire group of contributions:

allsources

The bulk of contributions come from the Add-on Detail pages, where users directly click on the “Contribute” buttons.  First Run, Roadblock, and Meet The Developer all have similar slices at 9-12%.  The remainder of sources make up a mere 9% total of overall revenue. From looking at this data it looks like Add-on Detail pages are where users are most likely to make a decision to contribute– but the data looks different when we divide the group into different cohorts, based on how authors ask for contributions.

When add-on developers ask for contributions from their users, they have three options for presenting this offer:

  • Only when users click a “Contribute” link
  • In the background while an add-on is downloaded
  • As a roadblock when users click “Download”

Authors who don’t prompt for Contributions make up the largest group:

noprompt

About half of all participating add-ons elected to go with the least obtrusive option.  Unsurprisingly, over three quarters of contributions come from the main “Add-on Detail” page.

Let’s look at the second group of authors who show the “Meet the Developer” page during add-on download:

simultaneousHere’s where things start to get interesting.  This is the only group that elected to use a First Run page in any significant degree, and as you can see, the First Run page links generated 37% of the revenue in this group.  Since this is currently the only way to reach users post-install, it is unsurprising that it does so well in comparison.

The last group has chosen to interrupt the download process with a “Meet the Developer” page:

roadblock

Unsurprisingly, the roadblock generates the majority of revenue for this cohort. This is where the mix of contributions sources differ significantly than the first group.  While the revenue per add-on in this group is also lower than the other two, it’s important to take into consideration the relative popularity of add-ons in these three groups:

downloadsRoadblocked add-ons only represent 12% of the total downloads of Add-ons that request contributions.  This group is only about one-fifth as large as the no-roadblock, no-display-while-downloading group.  Let’s look at how revenue splits in these groups:

totalcontributions

As you can see here, the roadblocked add-ons comprise 18% of overall revenue while only representing 12% of overall downloads.  The middle group seems to be doing somewhat worse, with 38% of the downloads only garnering 30% of overall contributions.

While this is far from a scientific study, it appears that add-ons that employ a roadblock in concert with a well written “Meet the Developer” page receive the highest revenue per download.  Also note that the First Run pages seem to work very well for developers that elect to use them.  Based on this observation, we believe that adding a First Run page can have a significant impact on donations from users.

If you’re an author who uses Contributions to sustain the development of your add-on, we hope this information helps you refine your approach with our Contributions pilot.

Posted in developers, general | 5 Comments »

Nominate add-ons for About.com Reader’s Choice Awards

January 24th, 2010 by Justin Scott (fligtar)

Today is the last day to nominate your favorite add-ons for the 2010 About.com Reader’s Choice Awards. The add-ons with the most nominations will be up for public voting next month in the following categories:

While you’re there, be sure to nominate Firefox in the Best Browser categories as well! We’ll let everyone know when voting is open.

Posted in general | 1 Comment »

Broken executables in extensions in Firefox 3.6

January 22nd, 2010 by Dave Townsend

Reposted from my blog in order to spread the word:

If you are an extension developer and include executable files in your XPI package (binary or shell scripts) then you may be seeing problems in Firefox 3.6.

Back between Firefox 3.6 beta and Firefox 3.6 RC we took a small fix to the extension manager that changed how we extract the files from the XPI package. The fix involved adjusting how we accessed files to avoid hitting problems with certain anti-virus tools that would occasionally lock files in the middle of extraction making us fail to install the add-on. A side effect to this fix leaves us setting file permissions on the extracted files in a slightly different way to previously. This side effect means that the executable permission is getting stripped from all extracted files. If you try to execute these files with nsIProcess it will likely fail.

There is a bug on file and I have a patch almost complete so hopefully this should be fixed in Firefox 3.6.1 but until then you can workaround this in your extension by setting the executable permissions on the file yourself. Assuming you have a file variable that is an nsIFile pointed at the executable, just do:

file.permissions = 0755;

In case you were wondering why we enforce file permissions at all, it is because it turns out there are quite a lot of different zip tools that developers use to build add-ons. Some of them are unfortunately broken and embed bogus permissions into the generated XPI. After extraction it leaves us with files that are unreadable/unwritable which makes the add-on fail to work correctly. This most commonly affects developers on windows (where permissions are a little laxer in general) who get odd bug reports from users on Linux which is respectfully refusing to use the files. The easy fix is to enforce read/write permissions on the extracted file in the first place.

Tags: , ,
Posted in compatibility, developers | 3 Comments »

Firefox 3.6 is here! Are your add-ons up to date?

January 21st, 2010 by Jorge

When Firefox 3.6 beta 1 came out, I let you know that you should start working on your add-on compatibility for 3.6. Did you listen? No? Well, then you’re going to start hearing from your users, because Firefox 3.6 is now officially out. Within a few days most of the world will be up to date, and your add-ons should be up to date, too.

The add-on review queues are normally very busy during update times, so you should follow these guidelines to make sure your add-on stays up to date and doesn’t have to wait too long for a review:

  1. Visit Firefox 3.6 for developers and read all about the changes that have been introduced in Firefox 3.6. Some additional information for theme authors is available in this forum topic.
  2. Test your add-on with the final release of 3.6 and see if there are any compatibility problems. Most add-ons should be fine.
  3. If the current version of your add-on doesn’t show any compatibility issues, you don’t need to upload a new version. Visit the Developer Hub: https://addons.mozilla.org/en-US/developers/ and change the “max version” value in the latest version of your add-on (it’s in the Versions and Files section). That’s all it takes. Make sure to set your max version to 3.6.*.
  4. If you need to update your add-on for 3.6, submit your update as soon as possible. There will be an update rush happening soon, and it will probably take a while for the AMO editor team to catch up.

Also, if you have binary components, some important changes have been made to the C API which might affect your add-ons. Make sure you build your add-on against the newest SDK, which is version 1.9.2. The new SDK should be available in the Gecko SDK page.

If you have any questions or comments, don’t hesitate to post here, or at the new AMO forum.

Happy coding!

Tags: , , , , ,
Posted in developers, events, releases | 6 Comments »

AMO Category Popularity

January 19th, 2010 by Justin Scott (fligtar)

If you’re interested in which categories and add-on types are the most popular on AMO, you’ll probably want to check out a blog post I just made that lists the top 15 browse pages on the site.

We’re always looking for feedback on what improvements can be made to pages such as these, so please let us know your ideas!

Tags:
Posted in developers, end users | 1 Comment »

New Categories for Mobile

January 14th, 2010 by Nick Nguyen (osunick)

Add-ons for Mobile

If you’ve developed an add-on for Firefox Mobile, take a moment to update its categories.  We’ve added new categories which we better represent the interest of mobile users and we hope to see a thriving assortment of add-ons in the near future.  Also, we plan on revisiting these categories as the ecosystem evolves, so feel free to share any suggestions regarding any future categories you’d like to see on Mobile.

Posted in developers, end users, general, mobile | No Comments »

« Older Entries