- tor-project - lists.torproject.org

(FWD) Save the Date for RightsCon Tunis (June 11-14, 2019)
by Roger Dingledine 18 Sep '18

18 Sep '18

The next RightsCon has been scheduled. It's right before the summer Mozilla-All-Hands in Canada, which will make the logistics tricky but possible for those who want to do both. --Roger ----- Forwarded message from "Nikki Gladstone, Access Now" <conference(a)accessnow.org> ----- Date: Tue, 18 Sep 2018 15:53:05 -0400 (EDT) From: "Nikki Gladstone, Access Now" <conference(a)accessnow.org> To: arma(a)mit.edu Subject: Save the Date for RightsCon Tunis (June 11-14, 2019) Hi Roger, It???s officially time to mark your calendars for RightsCon Tunis [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510845&ea.campaigne…] We???re thrilled to share with you that the next RightsCon will be held from Tuesday, June 11 to Friday, June 14, 2019. Alongside our team in Tunis, we have found the perfect venue for hosting the growing RightsCon Community. RightsCon Tunis will be a bustling hub, situated at the Laico Hotel and the Palais des Congrès, right next to the city???s Human Rights Square, and just a few minutes walk from the downtown core. RightsCon Tunis will build on the historic success of RightsCon Toronto by continuing to provide a space for a community of civil society organizations, technologists, businesses, startups, public servants, and lawyers to connect, collaborate, build strategies, draft declarations, and move forward real-world change. Whether in provocative plenaries, intimate roundtables, informal meetings, or the lively Community Village, RightsCon Tunis will help shape the future of human rights in the digital age. RightsCon Tunis will be the summit???s eighth iteration, the first hosted in Africa and the Middle East. As an emerging tech center and growing democracy, Tunisia has been a beacon of hope for others across the region and the world ??? yet there is still so much work to do. Next year???s program will tackle current pressing issues and those on the horizon, including: ----------------------------------------------------------------------------- * Election integrity and the erosion of democratic values; ----------------------------------------------------------------------------- * Artificial intelligence and algorithmic accountability; ----------------------------------------------------------------------------- * Our identities online, biometrics, and facial recognition technology; ----------------------------------------------------------------------------- * The convergence of emerging technologies; ----------------------------------------------------------------------------- * Data trust, protection, and user control ??? locally, regionally, and globally; ----------------------------------------------------------------------------- * Misinformation and the future of journalism; ----------------------------------------------------------------------------- * Preventing net discrimination and promoting Net Neutrality; ----------------------------------------------------------------------------- * Privacy, surveillance, and societal control; ----------------------------------------------------------------------------- * Digital inclusion and accessibility; ----------------------------------------------------------------------------- * Technology as a tool for the Sustainable Development Goals; ----------------------------------------------------------------------------- * Strengthening digital security and encryption; ----------------------------------------------------------------------------- * Cybersecurity policy; ----------------------------------------------------------------------------- * Conflict and humanitarian response in the digital age; ----------------------------------------------------------------------------- * And much, much more. ----------------------------------------------------------------------------- It is more important than ever to bring the RightsCon community together. These topics are just a glimpse of what???s to come. Tell your network you???re joining us in Tunis. SHARE ON FACEBOOK: [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510846&ea.campaigne…] SHARE ON TWITTER: [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510847&ea.campaigne…] Soon, we???ll be sharing with you important updates on RightsCon Tunis, including the launch of our new RightsCon community platform in early October, which will host our call for proposals . Make sure to keep an eye out for details on attending the summit including ticket sales, hotel accommodations, travel visas, and more. Mark your calendar, save the date, and get ready for the official RightsCon call for proposals. We can???t wait to see your submissions! Chat soon! Nikki RightsCon Program and Community Manager Stay connected with the RightsCon [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510850&ea.campaigne…] community on social media for all the latest updates. [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510848&ea.campaigne…] [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510849&ea.campaigne…] Follow Access Now [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510854&ea.campaigne…] for more opportunities to join the fight for human rights in the digital age. [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510851&ea.campaigne…] [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510852&ea.campaigne…] [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510853&ea.campaigne…] You are receiving this email because you have registered for updates about RightsCon. If you do not wish to receive these emails, click here to unsubscribe: [https://act.accessnow.org/page/broadcast.message.redirect.do?campaignpageur…] For support on anything related to RightsCon, please contact us at conference(a)accessnow.org. The hyperlinks in this email contain URLs with tracking IDs used to measure clicks, only for the purpose of internal metrics. We do not sell or share this data with third parties. We use this data to improve the quality and relevance of our campaigns, and it is collected and stored in compliance with our Data Usage Policy [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510855&ea.campaigne…] . If you would prefer to receive the RightsCon Rundown without these tracking IDs, you can opt out by clicking here: [https://www.e-activist.com/ea-campaign/action.handleOptOut.do?ea.question.i…] Feel free to contact us at info(a)accessnow.org with any questions or concerns. Access Now defends and extends the digital rights of users at risk around the world. Your support makes a difference. Donate here. [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510856&ea.campaigne…] [https://www.e-activist.com/ea-action/enclick?ea.url.id=1510857&ea.campaigne…] | P.O. Box 20429, Greeley Square Station, 4 East 27th Street, New York, NY 10001-9998 ----- End forwarded message -----

1 0

UX Team Report - August 2018
by Antonela Debiasi 18 Sep '18

18 Sep '18

Hi Tor, Those are the highlights from last month: * Tor Browser Tor Browser 8 got released, and I'm proud of the work we did in collaboration with the Development, Community and Communications teams. We thought about the user experience browsing with Tor Browser 8 as an opportunity to educate users. Educated users empower our product. The new circuit display, the onion padlock, and the new onboarding are just the beginning. https://blog.torproject.org/new-release-tor-browser-80 Tor Browser for Android got it first alpha release, please download it and let us know what do you think! https://blog.torproject.org/new-alpha-release-tor-browser-android * Tor Browser Icon Tor browser got significant visual updates, and we think that our icon should reflect it. Yes, Tor Browser needs a new icon *_* I have been working on some concepts to replace the globe icon. What do you think? Do you have ideas? Dump there at the ticket! https://trac.torproject.org/projects/tor/ticket/25702 * New torproject.org Website After the support portal launch, we continued our Tor Project website redesign focusing on landing pages. We are working with the Communications Team iterating content and layout. You anxious? Feel free to sneak peek the prototype here: https://marvelapp.com/project/2397265/ * Usability Research Helen is traveling through Kenya meeting and interviewing our users. We are using the ticket #27010 for hosting all our usability research efforts. https://trac.torproject.org/projects/tor/ticket/27010 * Academic Research Marshini Chetty and Agnieszka Dutkowska-Żuk from Princeton have been playing with .onions for a while and also they wrote a paper (!). Last month we met to talk about further usability research related with onion services and Tor Browser. Thanks, Marshini and Agnieszka! * Conferences Hiro spoke about onions and different user cases at Fullstackfest in Barcelona. Are you curious about .onions? You can see the slides here: https://slides.com/hiropaw/deck-15-18#/ * S9 - Localization The new Tor Browser 8 got released with 9 nine more language support: Catalan, Irish, Indonesian, Icelandic, Norwegian, Danish, Hebrew, Swedish, and Traditional Chinese. Thanks, emmapeel, arthurdelsdein, ggus and folks around the globe for making it happen! On behalf of the Tor UX team, Antonela

2 3

services updates july/august
by silvia [hiro] 18 Sep '18

18 Sep '18

Hey all, here are some highlights of what has happened in tor project services in July - August - Lektor package in testing [1] - Support portal building via Jenkins - Found a lektor bug, waiting for the lektor people to get back to me before patching the debian package [2] - Moat working on azure, being used by tor browser 8 [1] https://packages.debian.org/buster/lektor [2] https://github.com/lektor/lektor/issues/596

1 0

Network team meeting notes, 17 Sep 2018
by Nick Mathewson 17 Sep '18

17 Sep '18

Hi! Our logs are at http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-09-17-16.58.html And here are our notes: = Network team meeting pad! = Welcome to our meeting! Mondays at 1700 UTC on #tor-meeting on OFTC. (This channel is logged while meetings are in progress.) Want to participate? Awesome! Here's what to do: 1. If you have updates, enter them below, under your name. 2. If you see anything you want to talk about in your updates, put them in boldface! 3. Show up to the IRC meeting and say hi! Note the meeting location: #tor-meeting on OFTC! (See https://lists.torproject.org/pipermail/tor-project/2017-September/001459.ht… for background.) After each week's meetings, the contents of this pad will be sent to tor-project @ lists.torproject.org. After that is done, the pad can be used for the next week. == Previous notes == (Search the list archive for older notes.) 6 Aug: https://lists.torproject.org/pipermail/tor-project/2018-August/001936.html 13 Aug: https://lists.torproject.org/pipermail/tor-project/2018-August/001947.html 20 Aug: https://lists.torproject.org/pipermail/tor-project/2018-August/001954.html 27 Aug: https://lists.torproject.org/pipermail/tor-project/2018-August/001963.html 4 Sep: https://lists.torproject.org/pipermail/tor-project/2018-September/001965.ht… 10 Sep: https://lists.torproject.org/pipermail/tor-project/2018-September/001972.ht… == Stuff to do every week = * Let's check and update the roadmap. What's done, and what's coming up? url to roadmap: https://docs.google.com/spreadsheets/d/1Ufrun1khEo5Cwd6OwngERn829wU3W3eskdr… * Check reviewer assignments at https://docs.google.com/spreadsheets/d/1Ufrun1khEo5Cwd6OwngERn829wU3W3eskdr… * Also, let's check for things we need update on our spreadsheet! Are there important documents we should link to? Things we should archive? * Check rotations at https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/TeamRot… * Community guides, it's time to hand off to the next guide! * Let's look at proposed tickets! [but see discussion] https://trac.torproject.org/projects/tor/query?status=accepted&status=assig… == Reminders == * Remember to "/me status: foo" at least once daily. * Remember that our current code reviews should be done by end-of-week. * Make sure you are in touch with everybody with whom you are doing work for the next releases ------------------------------- ---- 17 September 2018 ------------------------------- == Announcements == Tor 0.3.2 will not be supported past 9 October (3 weeks from now): https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… == Discussion == * Is anything blocking 0.3.5.1-alpha? teor says: #27288 makes tor exit if it has a consensus that requires LinkAuth=1: See: https://lists.torproject.org/pipermail/tor-dev/2018-September/013434.html We fixed the issue for OpenSSL tors (#27734), but NSS tors are still affected. The public Tor network can still generate consensuses that require LinkAuth=1: - Consensuses need an absolute majority of configured authorities (5/9). - Required protocols need a 2/3 supermajority of voting authorities (4/5). - Currently, 4/5 authorities are on 0.3.3, and still require LinkAuth=1. - Maybe we should block 0.3.5.1-alpha until another authority upgrades to 0.3.4.8? - But 4/9 authorities being down is really rare. [dgoulet: Last week I emailed dir-auth@ list on moving towards a new stable so we can vote that out. As of now the consensus does *NOT* have "LinkAuth=1"] Even then, NSS Tors will exit at launch if they have a cached consensus which requires LinkAuth=1 (#27735): - Maybe we should block 0.3.5.1-alpha until NSS works with an (old) cached consensus? - But in a week, cached consensuses that old will be really rare. Here's what I think we should do now: - Ask the remaining 4 authorities to upgrade to 0.3.4.8 alpha. - Try to write a draft proposal for the old cached consensus issue. - Wait a week after the last consensus that required LinkAuth=1, then release 0.3.5.1-alpha. Here's what I think we should do before the release candidate: - wait for the required supermajority of authorities to upgrade (6/9). [DONE] - release at least one 0.3.5 alpha with the old cached consensus fix. * What sessions do we need for our team day in Mexico? - See https://trac.torproject.org/projects/tor/wiki/org/meetings/2018MexicoCity/D… - Retrospective & Revisiting our weekly routines (60 min) - Roadmapping (90-120 min) - Refactoring plans, next steps, open problems? (60-90 min) - Rust plans, next steps, open problems? (60-120 min) - Improving our process -- capacity estimation? (30-60 min?) * Let's defer non-essential tickets from the 0.3.5.x-final milestone == Updates == Nick: * Last week: * Stable releases * Got OSS-Fuzz build working. (required initialization in ed25519 code. e5601f14ed4) * Reviewed and merged lots and lots * Defered a bunch of feature tickets to 0.3.6 or unspecified. * Wrote code to make networkstatus mmapped, then fuzzed it, added its testcases to the corpus, and deferred it to 0.3.6 (#27244) * Handled some lingering missing-parts of NSS (chutney compat, byte-counting, closing sockets correctly) * Tried to get jenkins passing again * Fixed a test issue where leaks in a tinytest subprocess wouldn't cause the tests to fail (#27658) * Fixed some outstanding memory leaks (#27684, #27685) * Handled some 32-bit apple-os time-computation bugs. (#27139) * Wrote a patch to fix up our assert() macros so that the compiler doesn't let you assert(a=b). * Miscellaneous bugfixes * This week: * Revise whitepaper * Release 0.3.5.1-alpha * Defer more items from 0.3.5.1-alpha * Hunt bugs in 0.3.5.1-alpha * More prep for mexico * Identify remaining roadmapped items in advance of mexico meeting * Write a proposal about better handling required-but-absent protover stuff, to prevent another problem like #27734 haxxpop (offline): last week: - Nothing IIRC. this week: - Maybe we should discuss about the cli for client auth keygen tool. Should it be `tor-keygen`? `tor --keygen`? IMO, I think we should implement the client keygen tool in C because currently Rust is not required by default. I'm afraid that the tool will not be included in the binary if it doesn't --enable-rust. [dgoulet: Agree and we have all the utils/libs in the Tor code base for this tor-keygen tool which could go in src/tools] teor (offline): last week: - Attended the relay operators' IRC meeting - Reviewed #27247 and #27629 for Sponsor 8 RAM usage - Worked out the available compiler versions in our CI for #27468 - Got a response from Travis CI about startup hangs and network failures (#27366), it was confusing, so I asked them to clarify - Diagnosed "required protocol" errors (#27288) - Reviewed a few protover tickets - Took some leave this week: - Do travel preparation (so many pieces of paper!) - Catch up on meeting planning - More Reviews! (Try to help with the 0.3.5 feature freeze backlog) - Install our Travis macOS dependencies more reliably, and faster (#27738) - Make our CI run the latest GCC and clang (#27468) - Add NSS to our CI (#27751) - Create an updated list of fallback directory mirrors (#24786) ahf Last week: Sponsor 8: - Hacked on #25502 tests and ran into some troubles with my timer-based event loop handler for Windows, Unix parts seems to work fine now, but I'd like to make sure this works the same way on both Windows and Unix since we change the way transports.c is reading data from the PT worker processes. Misc: - Reviewed: #27289, #27451, #27664, #27685, #27684 - Initial (but unfinished) reviews of #27194, #27315, #27709 - Wrote a test implementation of a service that uses the feature in #4700 for testing: https://github.com/ahf/charybdis/commit/15781f5a22e82dd8a963c0f032e0ae1c8b7… - Fixed some issues with our patches for #4700. - Participated in a podcast about Tor. - Went over some press material for Steph about CF. - Went over Roger's big draft proposal. This week: Sponsor 8: - Get #25502 issues fixed and uploaded for review. Misc: - Work on bugfixes/reviews for 0.3.5 branch(?) catalyst: last week (2018-W37): - #27169 (defer dirinfo bootstrap progress) - made pull request and merged - more work on bootstrap reporting items - talked with arma some about PT + proxy stuff - looks like work for #27100 (add PT connect bootstrap status) and #27167 (track first OR connection) will overlap significantly this week (2018-W38): - (bug rotation?) - reviews - travel prep - 0.3.5 bugfixes as needed - more work on #27100 and #27167 asn: Last week: - Finalized #4700 with the help of ahf. It's now in merge_ready. - Fixed some coverity issues with v3 client auth - Reviewed #27678 and #27464. - Received email from a few v3 operators telling me they are experiencing reliabiliy issues. Spent lots of time debugging the logs. Some of them look like #25882, others look like potentially fixed bugs in master, while others might be actual issues we don't know of yet. This week: - Work on onion proposal. - Work on SponsorV report. - Possibly debug more v3 logs... - Reviews. dgoulet: Last week: * Worked and reviewed on many 035 tickets, rushing the pre-freeze. * Ticket triage on 035. This week: * Bug hunting and squashing for 0.3.5 as we enter the post-freeze and 036 pre-merge-window. Mike: Last week: * Worked with dgoulet on fix for bw stats leak (#23512) * Fixed up #27678 * Reviewed tickets * Started work on travel safety guide This week: * Finish travel safety guide * Update vanguards for 0.3.5.1

1 0

July/August Fundraising Report
by sstevenson＠torproject.org 17 Sep '18

17 Sep '18

Hello Tor World! Here is my first update on our fundraising efforts. Much of my time in July and August was spent getting up to speed on what you all do so that I can effectively make the case for giving. I also jumped into strengthening relationships by beginning to introduce myself to major donors via email and to our grant program managers in person. I also connected with folks from the community at the FOCI conference in Baltimore. Additionally, we updated the Tor Donate page by changing some of the language and suggested donation amounts. We also clarified the swag options. On the social media front, I wrestled with Facebook to enable the fundraising tools on our page and tested it by getting some of my own friends to give a few hundred dollars through a personal fundraiser. I worked with comms to optimize the newsletter sign-up process and cleaned up the database in anticipation of the list growing significantly in the coming months! I attended a fundraising conference here in DC to network and attempt to find an awesome grant writer. I also got some new ideas for messaging, fundraising through social media, and converting one-time donors to monthly givers. With regard to grants, we submitted a proposal for onion services as well as a few reports for current grants. I also got a crash course in government grants by attending the DARPA BAA presentation. This is for funding to hide communication in common apps traffic and Roger is working on the proposal. I am very excited that we have hired Al Smith to be our grant writer! Al will join us in Mexico and start work in the Seattle office October 10th. Please reach out to me with any comments or suggestions. I look forward to meeting you all in person in Mexico! Sarah Sarah Stevenson Fundraising Director The Tor Project sstevenson(a)torproject.org Public Key: 93B3 AC08 4257 FA3D D4BB 8E95 CC08 5DBA C015 612A

1 0

Notes from September 13 2018 Vegas team meeting
by Karsten Loesing 14 Sep '18

14 Sep '18

Notes for September 13 2018 meeting: Nick: 1) Stable releases came out this week; aiming for an 0.3.5.1-alpha next week. 2) We have a significant backlog of stuff to review because of our focus on sponsored deliverables for 0.3.5 feature-freeze deadline. We should evaluate how well that worked. 3) Reminder: (No discussion needed). Various people promised that around now, they would be trying out our mobile API stuff. We need your feedback right away if it is going to be useful. Georg: 1) We got all pieces for the mobile release sorted out; good feedback 2) Planned bugfix release for next week (8.0.1 and 8.5a2) Steph: 1) rewriting a post to gather Tor stories. Will create an accompanying survey 2) had a call with a researcher about self regulation in anonymous spaces. Was very receptive to learning more about Tor and positive uses 3) responded to press inquiries about tba and noscript bug 4) sharing info about Toronto Library’s awesome program piloting Tor Browser in its Learning Centers + Roger’s panel there Sept 22 5) posting localized tweets Emma helped pull through 6) coordinated podcasts for ahf and isa Shari: 1) hosting lots of people in Seattle this week: meeting with auditors, figuring out how to do Mexico City without Isabela; organizing grants, figuring out timesheet allocations, pizza party; good week! 2) getting close to transferring ED responsibilities to Isabela; worked out a tentative plan 3) reviewing things for audit 4) must do a budget adjustment for Sida; I will get that done by next week at the latest 5) offer out for new grant writer; meeting person later today 6) nickm: Sue wants to know if you've set new accounting people up in SVN (I have; I activated the passwords for both of them, and sent them email. I heard back from Bekeela and Millicent. I have not confirmed that they successfully logged on, though. -Nick) 7) talked with Dragana at Localization Lab and discussed ways to better support each other's work Karsten: 1) Released Onionoo protocol version 7.0. 2) Created a survey to get input on our next 6-month roadmap, but did not publish it just yet. 3) Finished the review of the ExoneraTor patch that is going to make Everything So Much Better. Sarah: 1) Was in Seattle plotting out current and future grants. 2) Beginning to dig into YE campaign planning. isabela: 1) synced with roger, erin, shari, sarah, bekeela, millincent, sue on currents grants, performance review, diversity plan, new grants applications, Mexico Meeting, auditors etc. 2) getting docs for sue for auditors 3) getting SOI for drl deadline tomorrow! 4) organizing all the tasks we came up with from our discussions in seattle 5) going to Madrid next week to meet PMs Pili and Gaba so I can onboard them before Mexico 6) getting answers to journalists that are reaching out to steph 7) me and shari met with dragana about tor project and localization lab collaboration Mike: 1) Finishing up 0.3.5 stuff

1 0

Tor Project Calendar (experimental)
by Arthur D. Edelstein 13 Sep '18

13 Sep '18

Hi Everyone, We set up a public Tor Project Calendar on sandstorm. The purpose of this calendar is to keep track of Tor events, team meetings, release dates, code freeze dates, milestones, deadlines and any other things that would be useful. Here's a link with the web interface: https://storm.torproject.org/shared/GkOOrd_SCu04LdDPW0tyGZ8v1gjvYLopjF5QzGG… You can also sync this calendar with Thunderbird/Lightning or (I believe) Google Calendar. Click on the cloud button labeld "Sync" at left to get started. It's still experimental, but I'm hoping this will work for us over the long term. If you would like to add events, please let me know! Thanks, Arthur

1 0

August Communications Report
by Stephanie A. Whited 13 Sep '18

13 Sep '18

Hello Tor! In August, the team spent time improving aspects of our newsletter, including making the unsubscribe and opt-out functions clearer. We also worked on copy for the TBA and TB8 releases, and Steph has been working with Isa and Antonela on the new website. Steph led a media training at LFI and a 2nd Tor session at CS4CS, a cybersecurity program for high school women (thanks to gman999 for support and Yin for coordinating). Roger and Steph went to DEF CON. Roger’s AMA was allowed to go long because it was so engaging, and we picked up some donations. Attendees asked why we didn’t have a booth, so we definitely want to next year! Mark your calendars if you want to help (we’ll need a group of committed folks for our booth): August 8-11, 2019 in Las Vegas. We’re also in talks to create a Tor badge for next year. August in links and stats: Blog posts https://blog.torproject.org/pune-meetup-privacy-tools-and-technologies https://blog.torproject.org/tor-friends-and-relay-operators-meetup-berlin https://blog.torproject.org/volunteer-spotlight-sina-rabbani-helps-activist… Twitter https://twitter.com/torproject avg at least 3 tweets/weekday New followers: 2,854 Top tweets https://twitter.com/torproject/status/1031988541469937664 https://twitter.com/torproject/status/1030079468541374464 https://twitter.com/torproject/status/1035609722844585984 Mastodon https://mastodon.social/@torproject at least 1 post/week New followers: 870 Instagram https://www.instagram.com/torproject/ at least 1 post/month New followers: 24 LinkedIn https://www.linkedin.com/company/tor-project/ at least 1 post/week New followers: 49 Facebook https://www.facebookcorewwwi.onion/TorProject/ at least 1 post/weekday New followers: 167 Newsletter 1/month (held for TB8) https://newsletter.torproject.org/archive/2018-09-06-we-gave-tor-browser-ux… o/ comms -- Stephanie A. Whited Communications Director The Tor Project IRC: stephw PGP Key ID: 39A876AD <https://pgp.mit.edu/pks/lookup?op=get&search=0x6D6B72C339A876AD>

1 0

Notes from the Tor Browser meeting, 10 Sep 2018
by Georg Koppen 11 Sep '18

11 Sep '18

Hi! Yesterday we had our weekly Tor Browser meeting. The IRC log can be found at: http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-09-10-18.00.log… The notes from our pad are: Tor Browser Meeting Notes Monday September 10, 2018 Discussion: -User Agent (GeKo: https://trac.torproject.org/projects/tor/ticket/26146#comment:33 has our current plan) -State of the Onion at the dev meeting (GeKo: We'll mull over what to talk about and decide next Monday who will be presenting on behalf of the team) -Mozilla/Tor TB8 Retrospective (GeKo: Good idea, let's do it after Mexico (see https://lists.torproject.org/pipermail/tbb-dev/2018-September/000908.html)) GeKo: Last week: -help with getting our releases out (8.0, 8.5a1 and 1.0a1 for mobile) We did it! \o/ -started organizing issues with the tbb-8.0-issues keyword (https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~tbb…) -begin of the month admin stuff -help with new DRL proposal -created new gpg subkeys This week: -tbb-8.0-issues (GeKo: The plan is to get a 8.0.1 release out next week, tackling issues marked with tbb-8.0.1-can) -tor browser for mobile planning (GeKo: the meeting is on 9/11 at 1800 UTC, presumably in #tor-meeting) -could need a second look at rust proxy safety (sysrqb: could you help with that? gk: sure) tjr - So close to landing a mingw-clang x64 browser build job in -central. 2 patches need r+'s - Outstanding things to be done for mingw-clang: --enable-sandbox, x86, get it running :( - I can backport it to -esr60 after a supposedly coming NSS version bump lands. - Tried some debugging for https://bugzilla.mozilla.org/show_bug.cgi?id=1466192 (jemalloc on Windows in mingw-gcc) but no progress yet - Sent fuzzyfox in for review! https://bugzilla.mozilla.org/show_bug.cgi?id=1432429 (GeKo: Yay!) mcs and brade: Last week: - Used staged MAR files to test Tor Browser 7.5.6 to 8.0 updates (no issues found). - Helped with bug triage. - Completed month-end administrative tasks. - Was away from keyboard Thursday and Friday. This week: - Review the fix for #26381 (broken about:tor on Windows with sandboxing). - Work on tickets flagged with the tbb-8.0-issues keyword. - Help with triage of new tickets. - Review our notes from #22074 (undocumented bugs since FF52esr) and file additional tickets if necessary. sysrqb: Last week: Finally released TBA 1.0a1 Moved. Landed patch for #27400 - Target Android API 26 Helped Isa create Google Play Store page for Tor Browser for Android Helped Steph and Isa with blog post This week: Restart Gecko after first-run - #27611 Begin looking at Tor's new embedding API Discussing future plans/roadmap for next alpha release Look at rust code for proxy safety TBA private tabs - #24920 sisbell: Last week: - Completed #27438 - Android Gradle Build Downloads - Source Code: https://github.com/sisbell/artc - Crate: https://crates.io/crates/artc This Week: - Integrate and test rust program output (from #27438) with RBM build for android-toolchain - Respond to comments regarding open issues for android RBM build igt0: Last Week: - Struggled a bit with the #26690 (padlock for tba), sending a patch today - Started to implement the Tor Circuit Display - Helped out a bit with the TBA release This Week: - Finish the padlock #26690 - Have the Tor Circuit Display UI for Android done - Start to refactor tor button to separate the UI and logic pospeselr: Last Week: - fix for #26381 (broken about:tor on Windows with sandboxing) - review needed! (mcs/brade: can you take a look?) mcs: Yes, we will take a look. - cleaned up patch for #26450 (pdfjs range requests on default circuit) This Week: - put up patch for #26450 using the 'smuggled' first-party domain technique discussed in ticket - begin investigation for #3600 (prevent redirects from transmitting cookies) wayward: User Advocate role - getting started Last week: - created new user feedback tracking doc (https://storm.torproject.org/shared/JwsANJ37_QYZnGa9SCTVIGSjCAWm43Tyd_d3cJe…) https://trac.torproject.org/projects/tor/wiki/UserIssuesResearch This week: - establish contact with applications team (would a weekly/monthly email update be too annoying?) (GeKo: We had a weekly mail to tor-project and I think we could keep that format for the time being) - other places to find feedback, besides reddit, stack exchange, blog posts, and IRC? (twitter? mastodon? any ideas welcome) - what info to gather for bug investigations and feedback reports - will set up a monthly mailing list with user feedback - figure out some place/way to organize user feedback by importance - perhaps on trac, or a wiki page? arthuredelstein: Last week: - Patch for #27290 (now investigating more for possible revision) - Opened #27476 (Remove gap between Tor Launcher window and main browser window) - Revised #27097 - Looked more at NoScript/torbutton communication (#27413 et al) - #27268 (pref cleanup, will post soon) This week: - tbb-8.0-issues, tbb-fingerprinting - uplifting FPI permissions patch (https://bugzilla.mozilla.org/show_bug.cgi?id=1330467) - look more at optimistic socks Georg

1 0

Tails report for August, 2018
by intrigeri 11 Sep '18

11 Sep '18

Hi, here's the Tails report for August: https://tails.boum.org/news/report_2018_08/ Cheers, -- intrigeri

1 0