Hello!
We held our weekly Tor Browser Team meeting on Monday. Here are the meeting logs: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-11-18-18.29.lo...
During the meeting we briefly discussed on-going work for making onion services more usable.
Next, we briefly talked about some Android-related work. We have a useful collection of libraries now, but they may not be the best solution, especially as some of our partners in this space are actively developing different solutions. We will have more discussions in the future about how Tor development on Android (and mobile, in general) should continue.
Finally, an idea was proposed of creating a Tor Browser build that makes troubleshooting network connectivity problems earlier. Ticket #32540 was created for this.
Weekly notes:
==================================== Week of November 18, 2019 Discussion: What is the status of our testing suite? (test-reports.tbb.tpo? Are the tests run automatically anywhere and are the results publicly available?)
GeKo:
Last week:
- Help with OTF proposal
- Still banging my head against #32053 :(
- reviews (#30327, #31130, #32508)
- #31597 (closed Mozilla bugs between esr60-esr68)
- worked on the signing infrastructure for macOS #32173
- went over all our signing related tickets and tagged them with `tbb-sign` (https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~...)
- more RLBox work (wrote patches for #32436 and #32437 over the weekend)
- wrote small patch for #32509
- a bit thinking about the design doc update
- HackerOne house-keeping and triage
This week:
- more work on #31597
- more work on #32053
- more work on #32173
- design doc update
- reviews
- more RLBox work in my spare time
mcs and brade: Last week: - Sponsor 27 work: #30237 (v3 onion services client auth). - Tied up loose ends. - Posted patches for review and revised them based on feedback from Richard. - Spent a little time on #10416/#29020 (Tor won't start on Windows when path contains non-ascii characters). - Commented in #32498 (Consider updating MAR_CHANNEL_ID for nightly build). This week/upcoming: - For #19757, think about permanent storage of client auth keys and associated management UI. - Respond in #32418 (up-to-date Torbrowser notifies that it can't update). - Add actual points to completed tickets.
Pili: Last week: - OTF Browser Proposal - S44 Final report - Trac triage - Tor Browser Release meeting - S27 meeting - Tor Browser October report - General roadmap admin This week: - OTF Browser Proposal - S44 final report - Trac triage
Jeremy Rand: Last week: - Addressed review of #30558. - Addressed review of #19859. - Filed #32520. - Debugged #31691 a bit. - Filed #32523. - Filed #32527. This week: - Address whatever review happens on #30558 and #19859.
sysrqb: Last week: Some work on the OTF proposal Fastly event Ticket triage Ticket assignments Misc Tor Browser things This week: More OTF proposal More ticket triage and assignments Write summary of Fastly event and thoughts about onion services
acat: Last week: - Revised #28745: THE Torbutton clean-up - Worked on #21952 (Onion-location: increasing the use of onion services through automatic redirects and aliasing): - Exposed in about:preferences - Implemented automatic redirects as with "Location" header. - Basic visual feedback when redirect ("manual" or automatic) to .onion has happened This week: - Wrap up work on #21952, and do builds so that it can be tested. - Check #32255 (Missing ORIGIN header breaks CORS in Tor Browser 9.0) and take some action (not sure exactly which one) - Follow up #32297 (try to reproduce with new info from reporter)
boklm: Last week: - Updated patch for #25099 (Update nightly version number) - Worked on patch for #25101 (Generate incremental mar files for nightly builds) - Some reviews - Looked at blog comments This week: - Finish patch for #25101 (Generate incremental mar files for nightly builds) - Generate a mar signing key for nightly builds (#31988) - Make patch for #32475 (Reduce the number of locales we provide updates for in nightly) - Test/review rebased patch for #30334 (build_go_lib for executables)
sisbell: Last Week: - #Broke apart #30501 issues. These are (will be) broken into changes 1) No API changes; 2) API changes but easy conversions to Android shared pref format; 3) Breaking API changes and changes needed to underlying shared prefs (with data migration needed). (1) issues are #30767, #32516; (2) #32501, #32518 + more this week; (3) #30501 - BridgeList + sets for enumerations of addresses - #30767 - TOPL Custom obfs4 bridge does not work work for Android - Recreated isolated commit (in review) - #32516 - TOPL Cleanup write methods. Various cleanup to simplify writing of torrc fields. - #32501 dormant canceled field - previous patch broke tor-android-service: I added a couple of commits to bring these changes into tor-android-service and TOPL. We should be able to remove patches in browser build after this. - #32476 More investigation into JNI. Open question if this supports Desktop platforms or whether changes are Android specific only. This Week: - Define and work on issues for (2) API breaking changes and (3) if time - Follow up with guardian project to define more specific plans - Prototype with JNI - #31992 apktool workaround - Would like to do MR for #30767, #32516, #32501 to TOPL project this week
pospeselr: Last Week: - US holiday on monday - reviewed #30237 (mcs/brade onion service auth) - deep dive into NoScript for #30570 (per-site settings) - fixed about:preferences#tor UX bug #32508 This Week: - hmm see why the fix for #32508 isn't working as expected - investigating feasibility of adding first-party isolation double-keying to NoScript, prototype Next Week: - Holiday travelling from the 24th through the 6th with limited/unpredictable availability Next Month: - Moving cross-country sometime in the middle of December also with limited/unpredictable availability ====================================
Have a good week, Matt