[tor-project] Tor Browser team meeting notes, 16 July 2018
Georg Koppen
gk at torproject.org
Tue Jul 17 20:12:00 UTC 2018
Hi all!
We had another Tor Browser meeting yesterday. The IRC log can be found at
http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-07-16-18.05.log.txt
and here come, as usual, the meeting notes from our pad:
Monday July 16, 2018
Discussion:
- I think the Sandboxing Meeting is scheduled for next Tuesday
15:00 UTC? (GeKo: Yes)
- We should think about possible sessions we could offer for the
mexico dev meeting open days; we'll have a talk about Tor Browser 8 then
(please volunteer if you want to do the talking part) but I think we are
a big team with lots of things going on and we could contribute more
- mcs: some ideas: UX changes in Tor Browser 8, a design
overview (aka “How is Tor Browser different from Firefox?”), sandboxing
futures.
- arthuredelstein: I'd like to talk about browser privacy
testing (For Tor Browser and other browsers with "Tor mode")
- Tor Browser on Github?
boklm:
Last week:
- reviewed #26355 (Make sure only Windows users on Windows7+ are
trying to use Tor Browser based on ESR60)
- reviewed #26251 (Adapt macOS snowflake compilation to new
toolchain)
- made patch for #26569 (Redirect pre-8.0a9 alpha users to a
separate update directory)
- looked with sisbell at list of things to do to integrate Tor
Browser for Android into tor-browser-build and opened some tickets:
#26693, #26695, #26696, #26697
This week:
- on vacation
sysrqb:
Last week:
Investigated report of proxy-bypass (#21863)
Investigated Android APK signing key (#26536)
Discussed and researched some Android localization with Emma
(#26536)
Helped with BridgeDB things
Prepared HOPE presentation slides for talking about Tor Browser,
TBA, and Tor on Mobile
Scheduled Sandboxed Tor Browser meeting on next Tuesday, 24 July
at 15:00 UTC
This week:
Helping talk about Tor with high schoolers on Monday
Talking at HOPE on Friday with other Tor people
tjr:
- Worked on #26476 with sukbir a bunch. Currently blocked on
needing to increase the file descriptor ulimit inside the container.
Don't know how.
- I've tried increasing the ulimit for user account and root on
the host; but it did not propagate into container.
- We know the issue is --gc-sections, we don't know why it happens
to Tor and not Mozilla; we're investigating that. (It's not the sandbox
or any Tor patches.)
- Jacek finished his contract:
- He got --enable-stylo working:
https://reviewboard.mozilla.org/r/256840/diff/1#index_header
- He landed most of his patches into -esr60
- I have a few more to land for him, plus the build job
- Not done for mingw-clang: --enable-sandbox, x86, debugging pdbs
- I need to investigate test failures for the x64 build, and then I
can land that in esr60
- I am getting fuzzyfox reviewed, and then we could experiment with
it maybe
GeKo:
Last Week:
-Vacation
This Week:
-Deal with my backlog
-Help with the mobile alpha release as needed
-Finish investigating Stylo related reproducibility issues on
macOS (#26475)
-Continue network review (#22176)
-reminder to do the status: updates at least daily
-reviews
-Is there anything anybody needs from me urgently? (igt0: Not
urgent, however I believe #26401 has high priority) (GeKo: Yes, I finish
my comments tomorrow)
pospeselr:
patch for #26456 (HTTP onion sites inheriting HTTPS certs) could use
a review (GeKo: that's on my list for tomorrow, too)
Last Week (s):
- found a potential solution for #26540 (pdfjs FPI violations) and
have a patch up
little janky, people should definitely take a look at it
- needs to be tweaked for multi-process (ie browser.tabs.autostart =
true)
- medical stuff
- took care of a bunch of moving related bs
This Week:
- partial vacation in Portland this week, working mornings in cafes
- fixup #26540 patch
- #25555 looks like interesting, so I'll grab that one (reimpleent
Optimisitc SOCKS feature)
Next Week:
- moving apartments (hopefully) on the 24th, I'm sure there will be
tons of problems to deal with/people to yell at but we'll see
igt0:
Last Week:
- Took a look in the tor browser settings: #26574
- Fixed a typo in the mobile addon handler: #26704
- Tested torbutton functionalities on mobile: domain
isolator, dragDropFilter, content-policy
- meeting about TBA release
This week:
- More preparation for TBA release
arthuredelstein:
Last Week:
- Patches for:
#26590 (SVG isn't blocked in Safest security setting with 8.0a9)
#26603 (remove obsolete http pipelining prefs)
#26353 (speculative connect violating FPI)
#26237 (fix ordering of toolbar)
- Investigated:
#18598 (disabled WebSpeech by default)
#16339 (ensure ImageCapture API is disabled)
- Proposed #26765 (Add Tor Browser indicator where Firefox PB
indicator is)
- Worked on my HTTP2 patch #14592, in progress
This week:
- Keep working on #14952
- More fingerprinting / ff60esr patches
Following week:
- I will be on vacation week July 23 - 27.
Am I the only one who finds this sandstorm document very hard to
use? Wondering if I'm doing something wrong or if we could switch to an
etherpad. (GeKo: There are more folks that seem to apply workarounds.
Let's resume this discussion once everyone was able to think about it)
sisbell:
Last Week:
Got android and build dependencies in build container for RBM build
Added stretch for containers
This Week:
Get Android license acceptance working in build
Get mach build commands working on container build
sukhe:
Last Week:
- I am still working on #26476 (crash on Windows) with tjr and
#12968 (HEASLR). Picked up #26251 (Snowflake) again.
- Since these all are blocking currently, is there anything else I
can focus on in the meantime? (GeKo: Yes, #25485 would be helpful)
This Week:
- Continue the above and find something else to work on based on
"Last Week"
isabela:
- request (about TBA release)
Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20180717/103cc042/attachment.sig>
More information about the tor-project
mailing list