[tor-project] Notes from the Tor Browser team meeting, 4 June 2018

Georg Koppen gk at torproject.org
Mon Jun 4 19:57:00 UTC 2018


We just finished our weekly Tor Browser meeting. The chat log can be
found at:


The notes from our pad are:

Monday, June 4, 2018
    sysrqb: Do we want to use the 'status:' updates during the week like
the network team? [GeKo: It seems we like this idea. Need to check with
the network team to not mess with their status updates]
    sysrqb: General question: is there an update/timeline on the new
tp.o website? [GeKo: not sure actually]

    Last Week:
      - Updated #1459420 patch (HLS Player doesn't use the centralized
Proxy Selector)
      - Still struggling with the Orfox crash, I also contacted Till
from Mozilla (sysrqb: could you give a hand? yes)
      - Delivered my talk in the JSConfEU about fingerprinting
techniques and mitigations. [GeKo: Are there slides/a recording
available somewhere?]
    This Week:
      - More Orfox debugging
      -  tweak Tor Button to make it work on mobile and initial mobile
UI preparation (we need to think about what we can reuse)

mcs and brade:
  Last week:
    - Reviewed and tested rebased external helper app patch (part of
    - Fixed #26235 (Help menu does not open in Tor Browser nightlies
based on ESR60).
    - Started working on #22074 (Review Firefox Developer Docs and
Undocumented bugs since FF52esr).
  This week:
    - File a Bugzilla bug for #25909 (disable updater telemetry)
    - Continue with #22074 (Review Firefox Developer Docs and
Undocumented bugs since FF52esr).

    Last week:
      - continued MAR signing key testing
      - finished macOS patches for new toolchain (including all the
other components, not only firefox), nightlies should be available
rather soon
      - made progress on the network review
      - reviews (#25859, #25650, #26204, #26235)
      - sent out 1:1 feedback scheduling mails
  This week:
      - finish MAR signing testing and come up with a plan for the
changes we need for the next update and how we address them (#26050)
      - network review
      - more code reviews
      - help with the windows changes for esr60
      - begin of the month admin stuff, ticket prioritization for next alpha
      - I'll be afk on 6/6

    Last Week:

        - Worked on #26204, #25837, #26073, #26216 (in progress), #26205 (in

          progress). Looked at Windows builds of Firefox 60ESR

        - Rust build question: what's the purpose of prev_version? Is
there a reason we are using the source tar and not the git?

          I am asking because panic-abort.patch fails to apply for the
Windows 32bit build.

          I am building on top of master with


          [boklm: prev_version is the binary version we use for
bootstrapping the build. panic-abort.patch was made on rust 1.25.0 and
it seems it will need to be rebased on version 1.26.1.]

    This week:

        - Resume #26126, #26205, #26203 (Windows builds)

 - Ethan, Tim and Gary are back! Had their first couple days. Will sync
up with them this week. (Arthur says: yay!)
 - Expect a Tor/Mozilla sync meeting to get scheduled after all-hands,
probably late day Berlin time / early morning USA time
 - MinGW Work

     - x64 Sandbox work:

     - x64 Sandbox with jemalloc:

     - Jacek will start on mingw-clang sometime soonish in
https://bugzilla.mozilla.org/show_bug.cgi?id=mingw-clang and children

    Last week:
        - reviewed #26204, #26249, #9711, #25832, #25894, #25554,
#25548, #26195, #26003
        - updated #25860 (Clean up OpenSSL's configure options for Windows)
    This week:
        - finish reviewing #24632 (Update macOS toolchain for ESR 60)
        - update HEASLR patch (#12968) and try to inspect the binary to
check if we are good
        - start looking at #26050 and #26234 (update "watershed" for
ESR60-based Tor Browser)
        - fill upstream binutils ticket for #26148
        - continue work on some ansible roles for testsuite VMs setup

    Last week:
        - run without /proc patch uplift updates
        - seems like #23247 test failures were some intermittent issue
with the ESR60 tryserver, rebased agains latest and test failures went away
        - localization approach of pulling strings from tor-button
strings list won't work as is (due to string formatting specifiers)

    - problem is modifying that first line which either shows:

    - the various HTTPS and encryption properties (uses string
formatters) OR

    - scary connection not encrypted message (hard coded string)

    - for onion https connections we would need to throw away the HTTPS
info altogether and only display a constant 'onion encryption' message
for the 1st line

    - if anyone has thoughts on this I'm all ears

      - started work on #26039
(<profiledir>/preferences/extension-overrides.js will not be loaded in
ESR 60)

      - took off Friday (and Monday was Holiday)

    This week:

    - finish up #26039 patch

    - Last week:
        Monday was US holiday
        Continued work on TBA patches
        Looked at Orfox bug
        Began dogfooding nightly
    - This week:
        Rebasing and testting TBA patches on top of Arthur's Tor Browser
patches (#26233)
        Looking at Orfox bug some more

    - Last week:
        Finished a branch for #26233 (Rebase to Firefox 61)
        Started work on #14952 (HTTP2 audit and patch)
    - This week:
        Try to get a patch for review for #14952
        Work on #25555 (optimistic socks) and #26128 (noscript/security
slider, possibly in collaboration with sukhe)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20180604/5c2488e0/attachment.sig>

More information about the tor-project mailing list