[tor-project] Tor Browser team meeting notes, 12 Nov 2018

Hi!

Below are our weekly Tor Browser team meeting notes. The chat log can be found at

http://meetbot.debian.net/tor-meeting/2018/tor-meeting.2018-11-12-18.58.log....

and our pad entries are/were:

Discussion: - Tor Browser in the Snap Store? (see Iain's mail) [GeKo will reply to it on Tue or Wed] - upcoming 1:1s - Team responsibilities restructuring - things to take over from Arthur: - annual rebase - maintaining circuit display UI - optimistic SOCKS (if I don't finish it) - adding locales - Mozilla uplift coordination - things Arthur will continue to maintain: - torpat.ch - arthuredelstein.net/exits - permissions FPI uplift (with Mozilla) - IRC presence

GeKo: Last week: -Jacek worked on the Windows accessibility issue, patches are up for review/merged, see: https://bugzilla.mozilla.org/show_bug.cgi?id=1430149 and we probably can soon be testing them in our nightly builds -reviews (#25013, #28260, #27443, #26540, #22343) -worked on #27443 and #26483 (alas no time for the design doc update #25021) -helped with proposals -helped with the anti censorship position interviews -security controls redesign This Week: -More work to get TBA-a2 into shape (reviews, help with #27443, #26483 and other related bugs) -another round of looking into doc for #3600 -look again over the cubeb - audio files disk leak and reply to Mozilla dev mail -write mail regarding Tor Browser snap -hopefully getting back to updating the Tor Browser design doc (#25012)

mcs and brade: Note: We will be away from work Tuesday, November 20 - Friday, November 23. Last week: - Finished #22074 (Review Firefox Developer Docs and Undocumented bugs since FF52esr). - Reviewed #28039 (Tor Browser log is not shown anymore in terminal since Tor Browser 8.5a2). - Reviewed #22343 (Save as... in the context menu results in using the catch-all circuit). This week: - #27239 (TB team feedback on jump-to-80% work) - #28196 (about:preferences#general is not properly translated anymore)

tjr: * MinGW - Landed sandbox support on -central. x86/x64 builds on -central should be consistently runnable. - Working on getting mingw-clang tests running on -central https://bugzilla.mozilla.org/show_bug.cgi?id=1475994 - Uplifted a bunch of mingw-clang patches to esr60. Intend to figure out what else besides this we need to uplift and get it done. - Have a esr60 build of mingw-clang successfully building. Haven't tested if it runs yet. - Intend to harass people about uplifting nss patches to esr60, which would unblock uplifting the build jobs - Nothing is stopping us at this point to start bringing the mingw-clang toolchain into rbm; I'm just intimidated to start trying to do it. - Keeping an eye on the accessibility stuff! https://bugzilla.mozilla.org/show_bug.cgi?id=1430149 * Fuzzyfox - It's in Nightly. It would probably be easy enough to backport to esr60. - We had someone test it manually a bunch, and they found only one minor issue. https://bugzilla.mozilla.org/show_bug.cgi?id=1506295 - That said, I am less certain it is worry-free. I wanted to do some performance debugging locally. - We also don't know what level of security assurance it gives us at different levels, and how it compares with Tor's 100ms choice right now. * Emailed kinetik about cubeb audio files (https://trac.torproject.org/projects/tor/ticket/28373) - Got a response that there are temp files. I didn't fully understand his other replies. - Does anyone at Tor have the bandwidth to drive this conversation, or should I try to? [GeKo: I will get back to that one this week] * TB 8 Retrospective Followup - please help me - Tor disables the web extensions process on <platforms>. The tickets/reasons for this are <?> - [GeKo: In ESR60 this is only available on Windows (IIRC the feature landed for macOS and Linux in Firefox >= 61; The reason for this is that this breaks Torbutton/NoScript communication needed for our security slider, see: https://trac.torproject.org/projects/tor/ticket/27411] - [tjr] Okay, so it seems like the path forward for this is just integration them into the browser? Is relying on that for the next ESR a safe approach, or should I investigate these prefs and ensure they keep working in the next ESR just in case we need them? - I'm going to talk to #build folks about the rust stuff, continuing the conversation in https://bugzilla.mozilla.org/show_bug.cgi?id=1376621 and trying to build consensus among them on a path forward. I intend to propose this issue to the Tor Uplift Team (Ethan) as a 'must complete' by the next ESR. - I think it'd be good to get feedback from Mozilla on the strategy to import torbutton/torlauncher into the browser codebase. I am in a holding pattern for that waiting for tor browser proposals to be written. - I need to think about how to better communicate open mozilla bugs as we approach next ESR - I have been writing a WinDbg guide for trac for debugging mingw-clang builds with WinDbg * Other: I am considering writing a tbb-dev proposal to increase the max content processes from 4 to 999. This would increase memory consumption, especially for users with a lot of tabs. It would provide some small level of tab isolation at the process level, but only for new tabs opened, not tabs reused. The security gain contains a lot of "Well if the user does this, things are kinda better, but if they do this they're no better." So not sure if it's useful, the main draw is that it's a 4 character patch, so easy to do, just difficult to decide one.

igt0: Last week: - First set of patches to #25013 (torbutton within torbrowser) - Rebased #27111 (about:tor on mobile) This week: - Finish #25013(add the necessary bits of code in tor browser) - Add banner on tor browser(#28093) - More TBA alpha2 stuff

pospeselr:

Last week:

- Final patch for #26540 (pdfjs circuit isolation)

- #3600 work ( doc could use some eyes: https://storm.torproject.org/shared/Kw99Ow0ExZFFC6FKD5CeryfVFAoAL9Z_iEVlflI0... ): [GeKo: I'll give it another look this week]

- Some more work on the brainstorming/design doc, circling in on a 'mix and match' solution here

- Still some open questions here regarding user experience related to OAuth and cookie keying:

- If you use an OAuth provider (say oauth.com) via foo.com, should the session cookie related to oauth.com be valid for other sites using that provider, or should that cookie be double-keyed to foo.com|oauth.com? My intuition is that oauth.com should not be treated as a first party in such a scenario.

- Mozilla's Ehsan Akhgari has pointed me to some patches added in Firefox 64 that appear to be necessary for this work (determining whether domains have been interacted with by a user)

- A bit of Athens travel planning

This week:

- Uplift #26540

- filed bug https://bugzilla.mozilla.org/show_bug.cgi?id=1506693

- Investigate per-sku app icons

- Backporting user interaction patches from Firefox 64, adding debugging hooks for the various redirect entry points needed regardless of final solution here

sysrqb: Last week: TBA+Orbot - #28051 A little S19 interview work rust audit TBA+tor-browser-build This week: Finish TBA+Orbot - #28051 TBA localization Review #26690 - TBA onion-padlock Review #25013 - move Torbutton into tor-browser

boklm: Last week: - made two builds with `-Wl,-t` for #26148 (binutils update) and started looking at logs - updated and tested patches for #27265 (In some cases, rbm will download files in the wrong project directory) and #27045 (Add option for firefox incremental builds) - made patch for #28260 (Use Rust 1.28.0 to build Tor), with help from gk. This week: - look at the logs from `-Wl,-t` to try to understand the issue from #26148 - work on bringing back the testsuite

sisbell: Last week: - # 27443 Firefox for Android - add test dependencies for gradle, testing various ndk versions, rust versions and API levels - # 28144 Update tor-browser for Android - Add extensions and repackage and debug sign apk, verified apk runs on device This Week: - # 28144 Add makefile for Android - # 27443 Investigate rust deltas between 1.26/1.28 [GeKo will find out the patch that fixes this for 1.28 and sisbell meanwhile tries to get #27977 in shape]

pili: Last week:

- DRL Proposal

This week:

- Carry on roadmapping...

- OTF Engineering lab follow up

- Tor Browser Release meeting this week! (just an announcement :) ) [19:00 UTC :) ]

arthuredelstein: Last week: - Refactored/simplified patch for https://bugzil.la/1330467 (FPI for permissions); will post soon - Investigated https://trac.torproject.org/26498 (bn-BD not displayed in title bars) - Revised https://trac.torproject.org/22343 (Save As... FPI) - Started working again on https://trac.torproject.org/25555 (Optimistic SOCKS) - Revised https://trac.torproject.org/28187 (Change Tor Circuit display icon to an onion) This week/next week - Try to get something working for #25555 - See if it's possible to fix #26498

antonela: Last week: - Security Settings - Tor Browser Icon survey ended - https://trac.torproject.org/projects/tor/ticket/25702#comment:8 - when can we have it packed? [GeKo: not sure yet as we are not used to have three different icons for our release channels; pospeselr will look into the changes we'd this week] This week: - Moar Security Settings - Leading Orfox users to Tor Browser Android (27399) - Design TBA+Orbot configuration UI/UX (28329)

Georg