[tor-project] Tor Browser team meeting notes, 11 March

Georg Koppen gk at torproject.org
Mon Mar 11 19:53:00 UTC 2019 

Hi!

Our weekly meeting just ended, this time without meetbot as it was sick.
Thus, here come just notes from the pad this time:

Discussion:
    -browser dev hiring (GeKo: We'll do the next interview on IRC but
think it's generally good to "get to know" folks we never met before via
a video call before hiring)


pospeselr:
    Last week:
        #25658 security level patch
        29120 uplift
        investigated #29554, #23359
    This week:
      #25658 fixes:

            right-to-left language support

     #29554 patch (fix about:preferences links not working correctly)

     #23359 patch (https everywhere adds itself back to toolbar on
second launch, probably related to our torbutton code pointed out by
intrigeri)


tjr (probably absent)
 - Letterboxing: (GeKo: I'll write an email to tbb-dev, probably
tomorrow, trying to get answers to all of your questions :) )
   My goal for March is to do more data analysis on screen resolutions
and put forward a proposal for 'We should use these set of dimensions'
   Before I do that; I'd like to get confirmation that this is something
Tor Browser wants to at last try to ship in Alpha. My questions:
       - if it was ready in a 60-based Alpha would you ship it then or
would you want to wait until 68?
       - what is the minimal viable product user experience wise?
         - does the margin needed different color or watermark?
         - do you need a button to disable it globally or after an
individual resize?
         - do you need it to work on mobile?
         - for very low resolution - under 100 pixels in a dimension -
does it need to do something intelligent or just not do any margins at all?
         - does it need a user walkthrough explainer? (Probably I
think... maybe you can start thinking of how that would look?)
       - My current analysis is of the form
https://ritter.vg/misc/ff/Content%20Resolution%20Analysis.html
         - See next steps in particular about defining a ftness function)
         - Is this an appropriate path forward? How often do you want me
to stop and get review and from whom?
         - (I'm optimistic that this python based analysis it Is
flexible enough that it can be easily changed, so I could to perform
most of the analysis without bugging people)
  Reminder, it is in Nightly under the pref (you must add it)
privacy.resistFingerprinting.letterboxing


mcs and brade:
    Last week:
        - Fixed #29445 (Tor Browser is denying ESR policies.json).
        - Fixed #22402 (Improve the "For assistance" link).
        - Posted patches for #29440 (Update about:tor when Tor Browser
is updated).
        - Posted a revised patch for #29627 (Moat: add support for
obfsproxy's meek_lite).
        - Reviewed the Tor Launcher patch in #29430 (Use uTLS for meek
TLS camouflage in Tor Browser).
        - Started review of #25658 (security slider replacement).
        - Helped with triage of incoming bugs.
    This week/soon:
        - Review #25658 (security slider replacement).
        - Work on #28628 (Introduce New Security Settings to users).
        - Investigate #29630 (TorBrowser creates empty directory in "/tmp”).
        - Investigate #27484 comment:13 (DDG onboarding doorhanger
disappears after tab switch).
        - For #28044, revise proposal 102 to take into account
intrigeri’s comments as well as some things we learned during
implementation.
        - Review the Firefox updater security audit report.


GeKo:
    Last Week:
        -reviews (#29194, #27486, #29445, #22402, #28329, #29572, #29440)
        - updated my patch for #28802
        - investigated broken git repo updating in our build system (#29572)
        - finish begin-of-the-month team admin stuff
    This week:
        - release prep
        - help with reviews for the alpha release
        - antonela: we could need some UI guidance for the New Identity
for Android feature (#28800)
        - how do we introduce the new security slider feature to users
that already have done the UI tour? After all the bubble just says: "New
to Tor Browser? Let's get started." Do we in general need a different
pointer for newly introduced features? (GeKo: Antonela updates the
ticket (#28628) with points that came up during the discussion)
           [tjr] Moz did that for the new tracking protection, it was a
three step tutorial thing


sisbell:
  Last week:
    - 29313: tor-android-service browser build (ready for review) -
removed native build, added back in classes that Firefox android app needs
    - 29574 Configure Orbot project to use TOPL (ready for review) -
fixes for duplicate class errors
    - 29575 Configure Firefox project to use TOPL (ready for review)
    - tested integrated APK
    - opened a couple of issues at TOPL project, opened issue at Orbot
project regarding moving android resources from orbotservice to app module
    - looking to move tor-android-service project hosted on GitHub to
guardianproject or torproject
  This Week:
   - Resolve bug where final bootstrap is not updating in UI in Android
Browser
   - Work on moving resources out of orbotservice and
tor-android-service libraries
   - submit PR for various fixes to TOPL project
   - respond to any code reviews


antonela:
     Last week:
         - #29440 Update about:tor UI review
         - #25658 Security Settings UI review
         - #28628 Introducing the new Security Settings
     This week:
         - Mozilla/Tor monthly meeting: Anything we want to show?
         - 8.5 Review, TBA and TB
         - #28800 - New Identity
         - Letterboxing


sysrqb:
     - Last week:
         #28329 (TBA configuration UI)
         BridgeDB patch review
     - This week
         #28329 testing and integration
         Release prep


boklm:
    Last week:
        - made some patches for:
            - #25876 (Source release tarballs for Tor Browser)
            - #29572 (Fetching latest commits fails when building
testbuilds)
            - #29675 (Nightly build should fail if "make fetch" fails)
            - #29667 (Add android-x86 to nightly builds)
        - updated patch for #26323 after review comments (Build 32bit
Linux bundles on 64bit systems)
    This week:
        - continue work on #27137 and testsuite
        - some reviews
        - work on #25623 (Disable network during build)
        - help with build of new releases


pili:

    Last week:

            - Outreachy application
            - UX ticket triage

    This week:

            - Start thinking about capacity planning for browser team
            - Start planning for OTF Onion Services proposal
            - Sponsor 8 Final report
            - Tor Browser 2 year vision write up - still very late with
this!!
            - More UX ticket triage


Georg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20190311/f252252c/attachment.sig>

More information about the tor-project mailing list