[tor-project] Tor Browser team meeting notes, 16 April 2018

Georg Koppen gk at torproject.org
Tue Apr 17 12:48:00 UTC 2018 

Hi all!

Here come the meeting notes from our weekly meeting we had yesterday.

The chat log can be found on

http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-04-16-18.09.log.txt

and our pad items are/were:

Monday, April 16, 2018


pospeselr:

    Last week:

    - uplifted patch for #20283 and posted to firefox bug #859782
(https://bugzilla.mozilla.org/show_bug.cgi?id=859782)

    - verified no other syscalls on files in /proc/ need to be fixed for
#20283

    - reviewed #21537, #25721

    This week:

    - finish uplift of #20283 (just need to update the patch with review
feedback)

    - #23247 (.onion padlock states), #25147 (Backport of fix shipped in
Firefox 58.0)

    - probably getting sick since my wife brought back the plague from
Oregon


GeKo:
    Last week:
        - release preparations
        - addressed review feedback for #21537 and #25481 and got both
merged
        - last interview for the android dev position
        - started to work on rust support for macOS (#25779)
    This week:
        - https://bugzilla.mozilla.org/show_bug.cgi?id=1390583 (stylo
build bug for windows)
        - help with the alpha releases
        - code review of #24309
        - fix rust enabled macOS builds (#25779)


mcs and brade:
  Last week:
    - Worked on rebasing Tor Browser updater patches for ESR60 (part of
#25543).
    - Created #25750 (update Tor Launcher for ESR 60).
    - Commented on #25511 (Expose TZ info on control port for better
debugging of time errors).
    - Helped with triage of #25737 (Tor Browser's update check bypassed
Tor once on macos, because of xpcproxy?)
    - Participated in the Android developer interview.
    - Participated in the UX/Tor Browser "sync" meeting.
    - Attended the Snowflake meeting.
  This week:
    - Continue rebasing Tor Browser updater patches for ESR 60.
    - Monitor #25807 (Can not request bridges from torproject.org (App
Engine is broken for moat)).
    - Revisit #25509 (Tor browser tells me "A local proxy is needed when
connecting through a company, school, or university network")


igt0:
    Last Week:
        - Testing fingerprinting and linkability defenses for TBA:
#25703. The last week focus was android ability to open and send data to
external apps.
          - Even if the external-default is false, Orfox(fennec) opens
external apps: #25790
          - Investigating an exception when an malformed android-app
intent is clicked, even when external-default is false.

              - sysrqb: igt0, are you using a fuzzer or manual testing?
(igt0: Manual testing, I am not sure if a fuzzer would help for privacy
related issues, however I am open for ideas :))

        - moved to a new place (was without internet the whole friday :( )
    This week:
        - Keep looking into #25703 (Test linkability/fingerprinting
defenses for TBAndroid).


tjr
  - Have spent a considerable amount of time on working on getting the
x64 version of MinGW running.
    - Most of that time has been spent on getting a debug version with
symbols working actually.
    - Current status: There is a belief from a few folks (ted, binutils)
that there are so many symbols in Firefox I am overflowing 'something'
in gcc with debug information or something.
    - Next step is to start parsing coff format and try to figure it out...
    - I am not sure how much more time I can spend on this...
  - All (or most) fingerprinting work is on hold until Ethan's team
resumes and a plan is determined =/


boklm:
    Last week:
        - reviewed #25481 (Enable rust support in Linux nightlies)
        - setup a new VM for nightly build with more disk space
        - made some ansible scripts to setup nightly builds (#25817)
    This week:
        - help with building the new alpha
        - finish setup of new nightly build VM and enable email
notifications
        - work on fixing testsuite issues
        - investigate binutils reproducibility issue


sysrqb:
    Last week:
        Continued rebasing Orfox patches onto mozilla-central (gecko-dev)
        Updated https-everywhere addon in Orfox (branch is ready, will
update ticket after meeting)
    This week:
        Finish rebasing Orfox patches, testing and ask for review by igt0
        Push some try builds
        Hopefully work on bug1440789 - integrating add-on features in-tree


arthuredelstein:
    Last week:

        Posted patch for circuit display:
https://trac.torproject.org/projects/tor/ticket/24309

        Continued rebasing
https://trac.torproject.org/projects/tor/ticket/25543 (will post branch
soon)

    This week:

    Post rebased patches

    run alpha release build

    Make revisions to #24309 patch as needed

    Look into PointerEvents
https://trac.torproject.org/projects/tor/ticket/25794 (GeKo: #22343
would be neat to see fixed)

    Experiment with a desktop TBB/Firefox 60 build? Figure out what's
still needed


Isabela:
    - need help from Mobile team with report for sponsor8 here is a pad
with more info:
https://storm.torproject.org/shared/fXYsrJU_42qUhjYLyc4Z0myeeXY39ab336XuYaL_Pqv
    - will probably bug geko on sponsor4 final reports to make sure I am
not missing anything (towards the end of the week)
    - this week sync will probably follow up with security controls and
about:tor
    - arthur is helping ux team with user research coordinator
applications :)


Georg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20180417/874794ff/attachment.sig>

More information about the tor-project mailing list