[tor-project] Tor Browser team meeting notes, 30 July 2018

Georg Koppen gk at torproject.org
Mon Jul 30 21:08:00 UTC 2018 

Hey!

Our weekly Tor Browser meeting finished a couple of hours ago. Here come
the meeting notes. The IRC log can be found at:

http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-07-30-17.59.log.txt

The entries from our pad are:

Monday July 30, 2018


Discussion:
  -storm vs. some etherpad [GeKo: We try to figure out first if we can
solve storm issues server-side/by cutting the meeting notes from the
previous meetings]
  -github coordinator for the team? (see:
https://lists.torproject.org/pipermail/tbb-dev/2018-July/000897.html)
[GeKo: We might want to have more disucssion on tbb-dev first before
moving forward]
  -next meeting [GeKo: 8/13 will be the next one]


GeKo
    -Last Week
      -reviews (most importantly related to #26401 and Tor Browser for
Mobile, e.g. #26528)
      -went deeper down the rabbit hole of indeterminism caused by rust
>= 1.26 (#26475); still need to go deeper :(
      -made progress on network code review (#22176)
      -finally sent feedback to fingerprint randomization paper which is
the basis for the GSoC project Arthur and I are mentoring
(https://lists.torproject.org/pipermail/tor-dev/2018-June/013220.html)
    -This Week
      -more work on #26475
      -more network code review (#22176)
      -work on #26409 (language prompt is shown twice)
      -reviews
      -releases? [GeKo: We move both meeting to the week from 8/13 to
finish remaining pieces]
      -begin of the month admin stuff
      -PSA: I have to be AFK from 8/2-8/12, alas (this is one of the
things I could not postpone as the planning for it where already done
before Mozilla moved the ESR release, I am sorry for that)


boklm:
    Last week:
        - attended PETS
        - made patch for #26861 (Bump available ulimit in runc container
in tor-browser-build)
        - worked on #26981 (Update marionette_driver used in
tbb-testsuite for esr60)
        - started reviewing the patches from sisbell integrating android
build into tor-browser-build
        - filled an upstream binutils ticket for #26148
    This week:
        - fix the testsuite for Tor Browser 8.0
        - some reviews, if needed


mcs and brade:
  Last week:
    - Attended the sandboxing futures meeting (Mark).
    - Worked on #25695: Activity 5.1: Redesign Tor Browser homepage
("about:tor”).
      - Created three child tickets to track implementation.
      - Posted a patch for the first child ticket: #26960 (implement new
about:tor start page).
    - Spent a little time on #26514 (intermittent updater failures on
Win64 (Error 19)).
      - Tried to build ESR52 updater using ESR60 mingw-w64 toolset but
the build failed.
      - Georg gave us a possible fix for the build, so now we can try again.
  This week or soon:
    - Rebuild and test the result for #26514 (intermittent updater
failures on Win64 (Error 19)).
    - Fix #26985 (Tor Launcher help button icons missing).
    - Make the simple text change suggested in #25509 (misleading proxy
prompt in Tor Launcher).
    - Start on #26961 (implement new user onboarding).
    - Review our notes from #22074 (undocumented bugs since FF52esr) and
file additional tickets if necessary.
    - Revisit #26381 (about:tor page does not load on first start in
localized Windows bundle).
    - After the Tor Browser nightly builds include the network team's
fix for #26876, do some testing for #26251 (Adapt macOS snowflake
compilation to new toolchain).


igt0:
    Last week:
        - Half of the week sick
        - Started to take a look in the about:tor for
mobile(https://trac.torproject.org/projects/tor/ticket/25696#comment:13)
        - Experimented with different UI layouts for #26884.
   This week:
       - Send a patch to #26884
       - Start the about:tor for mobile


sisbell:
    Last week:
        - Added arm target for rust
        - Created first version of Android build that works with RBM
(needs review)
    This week:
        - Move code to git repo at torproject #26974
        - Work on adding mobile branding to Android #26975
        - Testing of APK
        - Working on bugs and improvements needed for Android build
(based on feedback/review)


tjr

    - Started landing mingwclang build in -central

    - Working on Fuzzyfox

    - Worked on 26476 with sukhe some more


pospeselr:
    Last week:
        - moved house (Monday/Tuesday),   no more crazy building manager!
        - got my torproject gits working, reposted patches for #26540
(pdfjs disablerange fix) as gitweb diffs
        -  investigating #26874 (UNC path issues)
        - made travel arrangements for rustconf in Portland (gk: is this
something TPI would reimburse) [GeKo: I think we can make an argument
for that, I suggest asking travel at tpo]
    This week:
        - fix for #26874
        - other hi-pri tbb-fingerprinting
        - revisit #26540 patch, move smuggled first party domain onto
the nsIHttpChannel interface


sysrqb:
    Last week:
        First TBA patch landed
        Looked at Fennec networking code some more (#22170 and Bug 507641)
        Looked at igt0's work on Fennec update mechanisms
        Began looking at Orfox patches of AccountManager that were
dropped during earlier ESR rebases (#26858)
        Had first meeting about sandboxing tor browser
    This week:
        Finish #22170 with auditing TBA networking code for proxy-safety
        Create a branch for patching AccountManager (#26858) if needed
        Rebase branch for minimizing TBA permissions (#24796)
        Review other child tickets of Proxy-Safety and created patches
and/or close (#21863)


sukhe:
    Last Week:
        #9145 (gcc/hardware acceleration): merged
        #26949: STIX repository: merged
        #26476: tjr and I continue to debug this. we now have a "Tor"
build on
        TaskCluster and the next step is to compare the logs to see what
        differs.
        #25485: I need help with this one, someone who is familiar with C++:
        what's the simplest program that will use the latest ABI? simply
linking to our
        libstdc++ is not enough [GeKo: boklm stepped up to have a look
as well]
        #12968: boklm: seems like

https://ffmpeg.org/pipermail/ffmpeg-cvslog/2015-September/094027.html
        also set SHFLAGS. this is the only thing that differs from our
commit.
        how do we set those? otherwise I tried building with the gcc
patch and
        we get the same error. [GeKo: boklm stepped up to have a look as
well]
    This Week:

    #26476, #25485, #12968 -- hopefully


arthuredelstein:
  Last week:
    AFK for vacation
    Wrote some comments on sandboxing
  Previous week:
    HTTP2 patch, #14592 (almost ready)
    Met with the Tor uplift team
    Worked on #26520 (NoScript is broken with Tor Launcher disabled)
    Wrote a patch for #26490 "When first launching 8.0a9 the
screen.height starts at 612px" (still testing)
    Worked on #21787 "Make sure exposing the calendar information does
not leak the locale".
    Started to look at #24056 "UI locale is detectable by button width"
and #26604 "investigate whether date and time <input> types leak the
user's locale"
    Better monitoring for TBB locales: https://torpat.ch/locales
  This week:
    Finish #14592 (HTTP2)
    AFK on Wednesday
    Test #17252 "Confirm TLS session resumption/ID are isolated to the
URL bar domain, and re-enable them"
    Look at https://trac.torproject.org/projects/tor/ticket/26506
"NoScript not working on TBB/ESR60 on Windows"
    Finish other fingerprinting-related bugs I started.
  Following week:
    AFK Wed, Th, Fri.


Georg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20180730/952b6e34/attachment.sig>

More information about the tor-project mailing list