Profile

Cover photo
Patrick McManus
Works at Mozilla Corporation
Attended Worcester Polytechnic Institute
2,267 followers|764,001 views
AboutPostsPhotos+1's

Stream

Patrick McManus

Shared publicly  - 
 
Thanks Google TCP Team for Open Source Fix!
The Google TCP team deserves a shout out for identifying and fixing a nearly decade old Linux kernel bug that I think will have an outsized impact on performance and efficiency for the Internet. Their patch addresses a problem with cubic congestion control,...
49
33
Grant Grundler's profile photo
 
So true: "...tracking this stuff down is the work of quality non-glamorous engineering."  Sad part is no one is going to get a promotion for this kind of work either. Hopefully substantial public recognition though.
Add a comment...

Patrick McManus

Shared publicly  - 
 
Opportunistic Encryption For Firefox
Firefox 37 brings more encryption to the web through opportunistic encryption of some http:// based resources. It will be released the week of March 31st. OE provides unauthenticated encryption over TLS for data that would otherwise be carried via clear tex...
17
1
Centmin Mod Nginx Auto Installer Project's profile photoMantas Mikulėnas (grawity)'s profile photoPatrick McManus's profile photoDavid Lloyd's profile photo
6 comments
 
Hi,  Any chance that DNS-SEC/DANE will be supported any time soon?
Add a comment...

Patrick McManus

Shared publicly  - 
 
HTTP/2 Dependency Priorities in Firefox 37
Next week Firefox 35 will be in general release, and Firefox 37 will be promoted to the Developer Edition channel (aka Firefox Aurora). HTTP/2 support will be enabled for the first time by default on a release channel in Firefox 35. Use it in good health on...
Next week Firefox 35 will be in general release, and Firefox 37 will be promoted to the Developer Edition channel (aka Firefox Aurora). HTTP/2 support will be enabled for the first time by default on a release channel in Fire...
10
1
Pablo Carrera Estrada's profile photo
 
Great thing!
Add a comment...

Patrick McManus

Shared publicly  - 
 
Proxy Connecitons over TLS - Firefox 33
There have been a bunch of interesting developments over the past few months in Mozilla Platform Networking that will be news to some folks. I've been remiss in not noting them here. I'll start with the proxying over TLS feature. It landed as part of Firefo...
8
2
Chris Adams's profile photoPatrick McManus's profile photoAlex Mc-J's profile photo
5 comments
 
+Patrick McManus
 Oh I didn't even think of trying that, that makes it much easier.
Add a comment...

Patrick McManus

Shared publicly  - 
 
 
Paper: Analyzing Forged SSL Certificates in the Wild
Abstract—The SSL man-in-the-middle attack uses forged SSL certificates to intercept encrypted connections between clients and servers. However, due to a lack of reliable indicators, it is still unclear how commonplace these attacks occur in the wild. In this...
2
Add a comment...

Patrick McManus

Shared publicly  - 
 
 
I blogged about my last week's work on getting the #http2 dissector in #wireshark up to date with the drafts.
2
1
Add a comment...
Have him in circles
2,267 people
Garry Stylus's profile photo
David Chaves's profile photo
aslam sharif's profile photo
Joe Walker's profile photo
Seppo Erviälä's profile photo
parth parikh's profile photo
Todd Ford's profile photo
sara czyzewicz's profile photo
Carlos Rivadeneira's profile photo

Patrick McManus

Shared publicly  - 
 
Brotli Content-Encoding for Firefox 44
The best way to make data appear to move faster over the Web is to move less of it and lossless compression has always been a core tenet of good web design. Sometimes that is done via over the top gzip of text resources (html, js, css), but other times it i...
8
1
Add a comment...

Patrick McManus

Shared publicly  - 
 
HTTP/2 is Live in Firefox
The Internet is chirping loudly today with news that draft-17 of the HTTP/2 specification has been anointed proposed standard. huzzah! Some reports talk about it as the future of the web - but the truth is that future is already here today in Firefox. 9% of...
21
4
Patrick McManus's profile photoBenjamin Bennett's profile photo
3 comments
 
I'm curious to see how the server model changes now that the client is so much more persistent. It may argue for pushing more smarts into something like a proxy server that can know when the client is connected and issue requests on its behalf and push events and pages as appropriate, and depending on system load.
Add a comment...

Patrick McManus

Shared publicly  - 
 
Firefox gecko API for HTTP/2 Push
HTTP/2 provides a mechanism for a server to push both requests and responses to connected clients. Up to this point we've used that as a browser cache seeding mechanism. That's pretty neat, it gives you the performance benefits of inlining with better cache...
8
2
Ilya Grigorik's profile photoBenjamin Kerensa's profile photoMorgaine Fowle (de la faye)'s profile photo
7 comments
 
Push API is in Chrome 42, and it rides atop Google Cloud Messaging. Doesn't sound net neutral at all. Someone please hurry up and get a webidl going for exposing HTTP2 Push. It's already too late.
Add a comment...

Patrick McManus

Shared publicly  - 
 
Joe Hildebrand wrote a great I-D last spring that crisply captured the generic problems with transparent middlebox deployments.

I've joined the effort and we've updated it to -01.
Network Working Group J. Hildebrand Internet-Draft Cisco Systems, Inc. Intended status: Informational P. McManus Expires: May 14, 2015 Mozilla November 10, 2014 Erosion of the moral authority of transparent middleboxes draft-hildebrand-middlebox-erosion-01 Abstract Many middleboxes on the ...
7
Add a comment...

Patrick McManus

Shared publicly  - 
 
how do you (easily?) weigh a 5lb helium balloon? Ya know, to make sure its a 5lb balloon.
My friend Jenny Lawson — aka The Bloggess — is weird. This isn’t casting any aspersions! She would be the first one to admit it. In fact, she does, constantly, on her blog. If you read her book, Let's Pretend This Never Happened, you'll find this assessment is ironclad. For further...
1
Add a comment...

Patrick McManus

Shared publicly  - 
 
 
Yay, Facebook is using HSTS! Their response header pins the certificate for 30 days (2592000 seconds): prevents MITM attacks, makes the browser automatically rewrite all requests to HTTPS.. aka, no costly redirects!

For a great intro to HSTS check out this article by +Mike West: http://www.html5rocks.com/en/tutorials/security/transport-layer-security/
4
1
Add a comment...
People
Have him in circles
2,267 people
Garry Stylus's profile photo
David Chaves's profile photo
aslam sharif's profile photo
Joe Walker's profile photo
Seppo Erviälä's profile photo
parth parikh's profile photo
Todd Ford's profile photo
sara czyzewicz's profile photo
Carlos Rivadeneira's profile photo
Education
  • Worcester Polytechnic Institute
    Computer Science, 1992 - 1996
Work
Occupation
Network Hacker, most often on Firefox. HTTP, SPDY, Websockets, DNS, TCP, etc..
Employment
  • Mozilla Corporation
    Engineer for Networking, 2010 - present
  • PenBay Networks
    Owner, 2008
  • IBM
    Engineering Manager, 2005 - 2007
  • DataPower
    Engineer, 2002 - 2005
  • AppliedTheory
    Engineer, 1996 - 2002
  • NYSERNet
    Engineer, 1994 - 1996
Basic Information
Gender
Male
Patrick McManus's +1's are the things they like, agree with, or want to recommend.
Scaling Existing Lock-based Applications with Lock Elision
cacm.acm.org

Enabling existing lock-based programs to achieve performance benefits of nonblocking synchronization.

The Human Genome Project Wasn’t Overhyped. The Payoff Just Took Time | X...
www.xconomy.com

People in the tech industry often like to say that we overestimate the short-term impact of new technology and underestimate the longer-term

GSoC - wrap up - M.G.
gabor.molnar.es

This year’s Google Summer of Code program has sadly come to an end. It has been a great summer for me: I’ve met fantastic people, worked on

On the NSA
blog.cryptographyengineering.com

Let me tell you the story of my tiny brush with the biggest crypto story of the year. A few weeks ago I received a call from a reporter at P

Domain Sharding revisited | High Performance Web Sites
www.stevesouders.com

Domain Sharding revisited. September 5, 2013 10:41 am | 4 Comments. With the adoption of SPDY and progress on HTTP 2.0, I hear some people r

All IP Addresses Are Not the Same
www.circleid.com

One IP address is much the same as another - right? There's hardly a difference between 192.0.2.45 and 192.0.2.46 is there? They are just en

Google Authenticator
market.android.com

Enable 2-step verification to protect your account from hijacking.Google Authenticator generates 2-step verification codes on your phone.Ena

Yahoo adds HTTPS support to Yahoo mail - The H Security: News and Features
rss.feedsportal.com

Yahoo has quietly begun to enable HTTPS support for Yahoo Mail, but it's still only an opt-in option for users who wish to protect their pri

[Phoronix] Firefox 18.0 Lets Loose IonMonkey Compiler
lxer.com

Phoronix is the leading technology website for Linux hardware reviews, open-source news, Linux benchmarks, open-source benchmarks, distribut

A fix for an 11-year-old bug in the build system | Nicholas Nethercote
blog.mozilla.com

A fix for an 11-year-old bug in the build system. Posted on January 5, 2012 by Nicholas Nethercote| 4 Comments. I have noticed for months th

Reminder: visit the Ada Initiative feminist hacker lounge at PyCon this ...
adainitiative.org

At this year's annual USA Python conference — PyCon in Santa Clara, California, March 15–17 — the Ada Initiative will have a booth in the Ex

MWC 2013, Firefox OS, and More Web API Evolution | Brendan Eich
brendaneich.com

Last week started with a bang, with Mozilla's Firefox OS launch at Mobile World Congress 2013. We announced that Firefox OS had won the supp

Linode Blog » Linode Nextgen: The Network
blog.linode.com

March 7, 2013 1:24 pm. This is the first of a series of blog posts about an effort we're calling Linode: NextGen. In the coming days, we'll

xkcd: Two Years
xkcd.com

< Prev · Random; Next >; >|. Permanent link to this comic: http://xkcd.com/1141/ Image URL (for hotlinking/embedding): http://imgs.xkcd.com/

Crimeware Author Funds Exploit Buying Spree — Krebs on Security
krebsonsecurity.com

The author of Blackhole, an exploit kit that booby-traps hacked Web sites to serve malware, has done so well for himself renting his creatio

Self-hosted Parallel JS - Baby Steps
smallcultfollowing.com

The blog has been silent for a while. The reason is that I’ve been hard at work on Parallel JS. It’s come a long way: in fact, the goal …

Q&A: How to combine 2 wireless routers on one home network? (2Wire &...
www.techrepublic.com

Hi everyone, nice to have a forum dedicated to wireless technologyI have a nice robust 2Wire 1800HG Wireless DSL router that i have successf

Lebanon Loses Lone Link - Renesys Blog
www.renesys.com

The two graphs below illustrate traceroute measurements into Lebanon through the two largest International internet providers serving the Le