Hello!

We held our weekly Tor Browser meeting yesterday in #tor-meeting2. Here is the IRC log: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-09-23-17.30.lo...

From the weekly updates, we discussed some details around hardening Tor

Browser on Windows. We also discussed upcoming work by the Guardian Project related to Tor integration in Android apps and how we can benefit from it, as well as working together. In particular, the discussion focused on sharing and learning from each other.

There will be a Tor Browser Release Meeting on Wednesday, 25th September

at 18UTC on #tor-meeting.

There was a discussion point about testing nightly builds with FuzzyFox in the near future, but that discussion was postponed until another meeting.

Below are the notes from our meeting pad:

========================================= Discussion: 9.0a7 release this week? Should we think about enabling fuzzyfox on nightly after 68esr rebasing is completed (maybe after 9.0)?

mcs and brade (will miss the meeting): Last week: - Helped with #31303 (Browser Toolbox fails to open when tor-launcher is present). - Created fixup patches for #30429 (Rebase Tor Browser patches for Firefox ESR 68). - Created patches for #31491 (clean up the old meek http helper browser profiles). - More debugging for #31607 (App menu items stop working). - The fix still eludes us; we reached out to Mozilla for help. This week: - Vacation.

acat (will miss the meeting): Last week: - 31303: Browser Toolbox fails to open when tor-launcher is present - Localization issues: #28196 and #31747. - Revised .onion security expectations patch in #30429. - #27601: backported some fixes - Investigated #15563: ServiceWorkers violate first party isolation... - Fixed #31574: TypeError: addon is null with Tor Browser based on ESR 68 - Revised patch for #31575: Firefox is phoning home during start-up in Tor Browser based on ESR 68 This week: - Finish fixing Localization issues: #28196 and #31747. - #30504: Investigate if New Identity works properly after moving to ESR 68 - Revise .onion security expectations patch in #30429. - #30463: Make sure telemetry reporting is disabled in Tor Browser 9 - Try to finally get https://bugzilla.mozilla.org/show_bug.cgi?id=1573276 landed

GeKo: Last Week: - Firefox bug review (#31597) - stack smashing protection for Firefox on Windows (#29013) - work on create dependencies file issue (#31568) - lots of reviews (#30429, #30943, #31646, #31491, #31303, #31574, #31448, #27601, #25483, #31192) This Week: - Firefox bug review (#31597) - stack smashing protection for Firefox on Windows (#29013) - reviews - release prep for 9.0a7 - will be afk tomorrow

sysrqb: Last week: - Investigated autocomplete on Android not working (#31720) - Updated branch for PBM autostart on Android (#31010) - Created patch for showing Tor Browser version on about:tor on Android (#30943) - Created patch for Android x86_64 support (#31192) This week: - Finish autocomplete on Android not working (#31720) - Finishing Android 68esr rebase (#31010) - Look into Security Slider rendering bug on Android (#31822) - release prep

pospeselr: Last week: - rebased my #31286 (bridge settings) work against ESR68 branch and fixed various issues surrounding that - implemented proxy settings read/write from/to Tor daemon - populating UI with read proxy settings - integrated antonela's new Tor icon :) This Week: - port over the SETCONF logic (so settings are actually saved) - feed proxy settings to BridgeDB when requesting bridges - firewall settings/read/write populate - traveling mid-week but will be on this weekend

tjr: - Kept bugging for feedback on wasm-in-extensions https://bugzilla.mozilla.org/show_bug.cgi?id=1576254 - Have been (slowly) investigating cppunittest failures on esr68 and if there are bad implications from that - Have been working (slowly) on making outer-window-size spoofing the default in Firefox. Lots of tests (failures) to update - Haven't started this, but the rust networking check we have for 68 needs to be redone with a new strategy https://bugzilla.mozilla.org/show_bug.cgi?id=1376621

boklm: Last week: - Some reviews: - #31564 (Android bundles based on ESR 68 are not built reproducibly anymore) - #31584 (Clean up mingw-w64 project) - Looked at #31729 (Warning about missing GTK wayland related packages in configure script) - Made patch for #31646 (Update abicheck to require newer libstdc++.so.6) This week: - Work on #18867 (Ship auto-updates for Tor Browser nightly channel) and sub-tickets - Review #27493 ('mk_add_options' or 'export' MOZILLA_OFFICIAL), #30334 (build_go_lib for executables), #29187 (Bump NSIS version to 3.04) - Will be afk tomorrow (Tuesday)

Antonela: - #31286 - TB9 Network Settings, added some missed assets - Filed #31768 - TB9 Net Settings Onboarding - #30022, #30025 - S27 Onion, Errors and Tor Browser this week. I have a lot of questions, so please be patient :) - #27511 - TB9? New Identity, nah are running user research in Brasil with a journalists group

sisbell: Last Week: - #31192: Support x86_64: made changes and verified this works on emulator - #31564: Android Reproducibility: Upgraded to Buster. Still need to test if build works with JDK 11 This week: - 31564 - upgrade JDK and verify build with latest apktool from buster - Submit merge request for tor-android-library with latest version of tor

eighthave/_hc: Last Week: - I was sick all week, so I mostly did mindless size optimization of tor for Android https://github.com/guardianproject/tor-android/issues/18, but it looks like it'll shave 1-2MB of each arch - I was not able to get -ffunction-sections and -gc-sections going, which was standard part of Android ndk-build. It seems to be removed from clang builds though. - I started moving Android config into tor/configure.ac's --enable-android flag https://trac.torproject.org/projects/tor/ticket/28766#comment:6 This Week: - native Android TorService that links in tor daemon as a shared library - how best to share build setups and/or binaries between Tor Browser and others

pili: Last week: - S27 meeting - Roadmap gardening This week: - Tor Browser Release meeting - S27 September report - More roadmap gardening - We have so far planned for 85.15 points worth of work when we have a capacity of 79 points for the month which is not bad for our first time doing this - Please update the actual points for the issues you have worked on: https://trac.torproject.org/projects/tor/query?status=closed&keywords=~T... - #26345 - #27399 - #27601 - #30683 - #30384 - #31308 - #31448 - #31491 - #31604 - #31606 - #31646 - #31656 - Please add points estimation for the following tickets: - #19417 - #30036 - #30460 - #30461 - #31778 - #31641 =========================================

Have a good week! Matt

Hello!

We held our weekly Tor Browser meeting on Monday in #tor-meeting2. Here is the IRC log: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-10-07-17.29.lo...

From the weekly updates were quiet this week and we didn't discuss much.

From the discussions, we are planning another Tor Browser Alpha release

at the beginning of next week. After this, we discussed ticket triage and whether we are still happy with the current priorities of tickets targeting 9.0a and 9.0.

Next, we discussed the new icon chosen for the new "New Identity" button. We're going with the broom! The conversation then moved onto string localization and making sure we freeze all new strings soon such that we give translators enough time and we can release fully-localized Tor Browser 9.0.

After this, Mike Perry joined us as a surprise guest and asked some questions related to the networking code audit of Firefox 68esr-based Tor Browser he's doing for us (the ticket for that: https://trac.torproject.org/projects/tor/ticket/31144).

And finally, we began discussing NameCoin's Tor Browser integration work. In particular, there was a question about reducing the size of the NameCoin binary and whether bundling a subset of Certificate Authority Root Certificates is a reasonable solution.

--------------------------------------------------------------- Week of October 7, 2019 Discussion: sysrqb: Next alpha release 14 October, code freeze 10 October sysrqb: Are the current tbb-9.0-must-alpha tickets reasonable? Are we missing any tickets that should be included in a 9.0a? Are there any tickets we can/should delay until 9.0 or 9.5a? GeKo: Are we fine with the broom icon for New Identity? Pili: Reminder to update tickets with "Actual Points" once the ticket is closed

mcs and brade: Last week: - Opened #31910 (replace meek_lite with meek in circuit display). - Closed #31019 (Investigate update on Windows via BITS). - Fixed #31935 (TB9.0a7 is asking for a new profile). - Opened and fixed #31955 (macOS: avoid throwing inside nonBrowserWindowStartup()). - Published patches for #31607 (App menu items stop working). - We are still hoping to receive feedback from Mozilla engineers. - Started to look at #31768 (Introduce Tor network settings and other updates in TB9 onboarding). - Tested 9.0a7 candidate builds on macOS 10.15 beta 8. - Attended the ESR migration meeting. - Did a little thinking about onion service errors vs. SOCKS optimistic data.

This week: - #31768 (Introduce Tor network settings and other updates in TB9 onboarding). - #31910 (replace meek_lite with meek in circuit display). - #31607 (App menu items stop working). - Sponsor 27 meeting r.e. onion service errors vs. SOCKS optimistic data. - Open a Firefox bug for #31547 (Back out or modify patches for Mozilla's bug 1574980). - Create ticket for https://blog.torproject.org/comment/284256#comment-284256

boklm: Last week: - Helped publish the new alpha - Made patches for: - #31293 (tor-android-service gradle failure when probing network interfaces) - #31926 (Add Android x86_64 to the alpha download page) - #31911 (Add information about monitoring disk space for cdn.tpo) - Updated patch for #31564 (Android bundles based on ESR 68 are not built reproducibly anymore) - Worked on #25099 (Update nightly version number) - Reviewed #31550 (Fix shellcheck (and related) issues in start-tor-browser) - Started reviewing #29013 (Provide stack smashing protection for mingw-clang builds) - Looked at the new alpha users update pings graph (#31755) This week: - Finish reviewing #29013 (Provide stack smashing protection for mingw-clang builds) - Look at fpcentral issues after buster upgrade - Try to fix #31987 (Make fpcentral recognize Tor Browser esr68) - Try to fix #31986 (Update fpcentral dependencies) - Review #30334 (build_go_lib for executables) - Work on #18867 (Ship auto-updates for Tor Browser nightly channel) and sub-tickets - Help building new alpha

pospeselr: Last week: - test builds! ( https://trac.torproject.org/projects/tor/ticket/31286#comment:26 ) - Tor log viewer in about:preferences#tor - lots of code cleanup, refactoring and general TODO completions This week: - finish resolving acat's patch feedback, finish TODO list and get a final patch candidate up

Jeremy Rand: Last week: - Electrum-NMC binary size optimizations: - Forward-ported all Electrum-NMC binary size optimizations from demo branch to 3.3.8 branch. - Removed Python protobuf package. (Only was needed for Payment Protocol, which isn't a thing for Tor Browser's use case.) - Optimized Python certifi package to only include root CA's from top 10 intermediate CA's in the Alexa Top 1 Million.

- Kudos to Ryan Castellucci for the idea.

- 12.7 KiB instead of 275.5 KiB (uncompressed .pem file).

- Added support for the above optimizations in tor-browser-build.

- ncprop279 binary size optimizations:

- Added build tags to ncdns that disable TLSA-related code. (Not needed for Tor Browser's current use case.)

- Decreases size of ncprop279 binary (without rbm, uncompressed, no symbol stripping) by 0.7 MiB.

- Added support for the above optimizations in tor-browser-build.

This week: - Forward-port parallelized blockchain download from demo branch to 3.3.8 branch; make it play well with rbm build environment. - Address Nick's feedback on #19859. - Maybe make some progress on stream isolation in ncprop279 and StemNS.

sysrqb: Last week: Updated tickets with points Added tbb-no-uplift onto a few older tickets, so torpat.ch is more colorful Started working on squashing and reordering some Android patches within the set of desktop patches (#31918) Spent some time on OTF proposal This week: Finish #31918 Test some branches: #31010, #31822, tor-browser-build patches More reviews

tjr - Finished and landed the allow-wasm-for-extensions patch: https://bugzilla.mozilla.org/show_bug.cgi?id=1576254 \o/ - Will work on esr68 backport this week; but I think it will be one that Tor carries locally and we don't land in esr68 - Got to the bottom of the cppunittest failures on esr68 mingw builds! \o/ - Will try to land tests in that branch this week. - Have been working on a few mingw cleanup bugs. Most have no reason to backport. But at least one does: - https://bugzilla.mozilla.org/show_bug.cgi?id=1585351 <- Due to library maintenance reasons we won't backport this; but Tor should.

GeKo: Last week: -Worked on features review (#31591, #31597) -investigated some issues (#31985, #31954) -wrote small patches for #31822, #31811 -reviews (#27511, #31911, #31914, #31955, #30643, #31935, #19417, #31981, #31979, #31568, #31747 -investigated bug in ar locale (#31929) -had a ton of fun with #31980 -helped with OTF proposal This week: -Finishing #31591 -More work on #31597 -re-enabling language packs signature checks where possible (#31942) -release prep for 9.0a8 -OTF proposal review -reviews

acat: Last week: - Finish fixing Localization issues: #31747 (old onboarding strings) - #30463: Make sure telemetry reporting is disabled in Tor Browser 9 - #19417: asm.js files should be no linkability risk - Finish fixing .onion security expectations patch for android (#30429, #31010) - #27511: Add New identity button to toolbar - Review #31286. This week: - Finish #31778: Support default dark-theme for the Circuit Display UI. - #13543: HTML5 media support may lead to fingerprinting - #31602: Remove Pocket indicators in UI and disable it by default - https://bugzilla.mozilla.org/show_bug.cgi?id=1581537

pili: Last week: - OTF Browser Proposal - Roadmapping for October - FOSDEM20 organisation This week: - Totalling up September points (~40 team points for the month),

- hoping to get some more clarity on team capacity by going through a few more month cycles

- More OTF Browser Proposal - Tor Browser release meeting this week - S27 "extraordinary" meeting this week - FOSDEM20 organisation

- submitted for a stand today

- planning to submit a main track talk this week

sisbell: Last Week: - 31979/30460: TOPL dependency list (regenerated with latest how to doc). I believe this should be resolved regarding the artifact counts. Also verified tor-android-service and tor-onion-proxy-library deps - 31981: remove deprecated patch from tor-android-service - 31568: Updated gradle how to - 31130: Worked on buster upgrade (in progress) This week: - Finish buster upgrade - 30665 - look into clang issue

Antonela: - #27511 - New Identity button, done \o/

- #31286 - Net Settings, almost done!

- #31768 - TB9 Onboarding, Dunqan worked on the fist version, i worked with steph on the content, i'll iterate today/tomorrow based on recent comments

- #31778 - Support for the dark theme, status? (Seems acat is picking that up, GeKo) (cool, thanks! -A)

- S27: Worked on #19251 - Better onion errors in clients. Any comment is appreciated, no hurries. ---------------------------------------------------------

Have a good week, Matt

Hello!

We held our weekly Tor Browser meeting today in #tor-meeting2. Here is the IRC log: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-10-21-17.30.lo...

1) We are releasing Tor Browser 9.0 and Tor Browser 9.5a1 this week! These are both based on Firefox 68.2.0esr.

2) We'll be tracking issues in Tor Browser 9.0 on trac with the keyword tbb-9.0-issues [0].

[0] https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~...

3) Last week, with ticket #28709, we tried enabling FuzzyFox [1], but we found it has problems in Tor Browser. At the meeting, we briefly discussed whether investigating this should happen this week, and we decided we'll delay this until after the upcoming releases.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1432429

4) We'll be changing our triaging process in two weeks and introducing a multi-round, multi-level triage process. We'll begin every day by triaging new tickets. The first round will be around Europe's morning, and the second round will be around Americas morning. We'll begin using a new trac keyword for indicating a ticket needs a deeper review before it can be assigned.

5) We discussed upcoming tickets for the remainder of the year. They are mostly scheduled for November (keyword TorBrowserTeam201911), but some will eventually move to December. 6) Lastly, we discussed changing the team meeting time due to "northern"-hemisphere Daylight Savings timing endings. Parts of Europe change this coming weekend, and parts of North America change their time the following weekend. We decided our next meeting (28 October) will be at 17:30 UTC and the meetings after that will be at 18:30 UTC (until further notice).

=============================== Week of October 21, 2019 Discussion: Releases Browser Tasks and Experiences New ticket triaging process upcoming work (next two months) upcoming meetings and daylight savings time (brade)

sysrqb: Last week: Reviewed acat's #31730 patch Fixed up proxy-bypass patches for #31144 Resolved conflicts of rebasing onto 68.2.0 #32097 Began investigating fuzzyfox problems This week: Releases Finish external app proxy-bypass notification #26529 Ticket reviews Bug fixes Fuzzyfox

boklm: Last week: - Helped publish 9.0a8 - Helped build the new releases and made draft blog post for 9.0 - Investigated reproducibility issues (#32052 and #32053) This week: - Help with publishing new releases - Investigate reproducibility issues (#32052 and #32053) and try to fix them - Try to fix fpcentral (#32014), and related fpcentral tickets (#31987 and #31986) - Review #30334 (build_go_lib for executables) - Work on #18867 (Ship auto-updates for Tor Browser nightly channel) and sub-tickets

GeKo: This week - help with OTF proposal (yay, we got it submitted) - work on #32053 (macOS reproducibility issues) - release prep for 9.0 and 9.5a1 - a ton of reviews - work on #32053 Next week - help with releases - work on #32053 (macOS reproducibility issues) - loose esr68 transition ends - help with tbb-9.0-issues

mcs and brade: Last week: - Opened Mozilla bugs for: - #31547 (Back out or modify patches for Mozilla's bug 1574980). - #31955 (macOS: avoid throwing inside nonBrowserWindowStartup() - Investigated #32039 (Tor Browser 8.5.5 is not working on macOS 10.15 after being freshly installed). - Investigated #32055 (Importing bookmarks from Safari doesn't work). - Worked on #27604 (bundle relocation is broken). - Filed and fixed #32154 (Tor Launcher's custom bridge field only allows one line of input). - Provided some UX feedback for #30783 (End of Year Fundraising Campaign Banner). This week/upcoming: - Record Actual Points in our completed tickets (done). - Get back into Sponsor 27 work: #30237 (v3 onion services client auth). - Maybe #32119 (onboarding for "Goodbye Onion Button" could be better). - waiting on UX input. - We will be afk Thursday and Friday this week; sorry for the short notice.

acat: Last week: - Revert aarch64 torbutton fixup (#31730 ) - Investigate/think about #13543 spoofing values. - #31740: Review RemoteSettings usages in esr68 - https://trac.torproject.org/projects/tor/ticket/32092 - Reviewed #22919 - Worked on #28745: THE Torbutton clean-up This week: - Finish #28745 - tor#30783: End of Year Fundraising Campaign Banner - [new] - https://bugs.torproject.org/30783%0F - #27604: Relocating the Tor Browser directory is broken with Tor Browser 8 - #31573: Uncaught exception in SessionStore.jsm with Tor Browser based on ESR 68 - Revise https://bugzilla.mozilla.org/show_bug.cgi?id=1581537. [Browser UI locale is leaked in several ways]

Jeremy Rand: Last week: - Several stream isolation patches are now merged to ncdns, ncprop279, and ncdns-repro. - As expected, was a less productive week than usual due to time spent on the scheduled softfork (which is now finished -- softfork was successful). This week: - Continue working on #19859, assuming my current patches get more feedback. Might start porting my spec patches to implementation even if no feedback on spec is immediately received.

antonela: - i've been thinking in a way to share our alpha builds with users for pre-testing and i discovered tor-qa. Geko: is ok if we promote tor-qa for early bird users? who is on that list? > we are building this https://community.torproject.org/user-research/ [GeKo: yes, that would be an option. I don't know who is on that list (but I could look :); it's been quite as of late] - Tor Browser 9 release, doing what is needed: screenshots, reviews, documentation, etc

pospeselr: Last week: - fixed various little bugs relating to #31286 - fixed #32125 (circuit display doesn't work with user-provided bridges without a fingerprint ) - wireshark proxy bypass investigation This week: - tbb-9.0-issues: #32164 - tor log viewer #31803 - icon #31764 - broken paste and go

sisbell: Last Week: - #30501: BridgeList an overloaded field (in review) - #30767: Custom obfs4 bridge does not work for custom bridges (in review) - #30518: Missing command line options (merged/fixed) - #30324: Adapt Android toolchain (fixed) - #30461: Removed patches for tor-android-service (merged/fixed) This week: - 30552 - Cleanup of torrc - 31130 - Android tor Debian ===============================

Have a good week everyone! Matt

Hello!

It seems I didn't sent this last week. Here are the meeting notes from last Monday's meeting: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-11-04-18.29.lo...

During the meeting we mostly discussed our priorities for November.

Below are the notes from our meeting pad:

Discussions: Status of 68esr rebasing tickets - #30429 and #31010 (GeKo: we are close at least for #30429; I wanted to have a last look over them before closing but am distracted by other work :( #30429 at least should get done this week, though)) Do we need #31650 (pre-crunch and pre-strip PNG in tor-service-android to make it reproducible)?

sysrqb: Last week: Release prep Fixed locale-selector crash #32343 (boklm, thanks for providing a better patch) obfs4proxy incompatibility with Android O (#32303) Reviewed torrc cleanup on Android #30552 Reviewed BridgesList Preferences is an overloaded field #30501 Tweaked EOY campaign patch for mobile #30783 This week: 9.0.1/9.5a2 Releases Finish patch for #32303 Follow up on #31915 patch uplift OTF proposal Fastlane support #26844

pospeselr: Last week: - #32220 prototyping (letter-boxing white borders) - working on patch which adds a border around the page content, and sets the margin to the color of the chrome background to indicate the margin is not part of the content (and varies with theme) - 9.0.1 build This week: - finish up #32220, one remaining outstanding issue: newly created windows do not have enough space to fit the browser element without letter-boxing - start work on exposing an option in about:preferences to toggle letter-boxing (#32325) - investigate #32308 (letter-boxing jiggling on window resize)

Jeremy Rand: Last week: - #19859: Ready for review. - Stream isolation with Namecoin now fully works across the full stack. - Audited Electrum-NMC for proxy leaks; no leaks were detected. - Not surprising, since Electrum is used in Tails and Whonix, so presumably they would have noticed already if there were proxy leaks. - I also open-sourced my proxy leak detector that I originally wrote for my master's thesis 2 years ago; I'll probably post a link on the tor-dev mailing list since it might be interesting for the Tor community. https://github.com/JeremyRand/heteronculous This week: - Main thing left on my end: clean up Git history of Electrum-NMC stable 3.3.8 branch, tag an Electrum-NMC nc3.3.8 release, make tor-browser-build use that Electrum-NMC tag. - Remaining things that might be worth doing (which of these, if any, are blockers for merging Namecoin support to nightly with Namecoin disabled by default?): - Properly handle some AuxPoW edge cases - These edge cases mainly fall into the category "Someone with large amounts of hashrate might be able to make 1 block appear as 2 blocks, until someone else mines a block on top of the real one", and similar attacks that are highly expensive and accomplish virtually nothing attack-wise. Obviously worth fixing, but IMHO it's not something that warrants blocking a nightly merge. - Disable punycode/IDN's in the .bit TLD to prevent homograph attacks - In the DNS world, registries are supposed to prevent homograph registrations; Namecoin treats registrations as binary blobs without regard to Unicode, so Namecoin can't easily prevent homographs. Long-term we should try to find a safe way to allow IDN's, but short-term we should just disable punycode/IDN's from being looked up in ncdns. IMHO disabling punycode/IDN's isn't worth blocking a nightly merge, since it only affects users who have opted into Namecoin by both enabling Namecoin via env var and navigated to a .bit site in the URL bar. - Stop hardcoding username/password/port for Electrum-NMC RPC interface, use random instead - Main reason why Electrum-NMC password-protects the RPC interface is to prevent theft of coins/names. But the Electrum-NMC instance in Tor Browser doesn't have the wallet enabled, so this is mostly a moot point. Accessing the RPC interface *would* allow opening connections with arbitrary stream isolation data... but that's also true of the Tor SOCKS port, which is unauthenticated. AFAIK Tor Browser doesn't allow websites to access localhost via AJAX and similar stuff, so this seems like a pretty minimal attack risk. So IMHO it's not worth blocking a nightly merge. Long-term we should definitely switch to cookie authentication for the Electrum-NMC RPC port. - Audit build reproducibility - In theory everything should be reproducible (it all builds in rbm and I've tried to follow best practices for rbm usage), but there may be issues since I haven't carefully tested for reproducibility (e.g. I've filed a few Go-related reproducibility bugs on Trac that might or might not affect things here). Is audited reproducibility considered a blocker for nightly, or just for alpha/stable? (I have no idea what the policies are for this; I'll follow whatever policies you have in this area.)

mcs and brade: Last week: - Sponsor 27 work: #30237 (v3 onion services client auth). - rebased patches for ESR68/Tor Browser 9. - worked on loose ends. - Reviewed some patches. This week/upcoming: - #30237 (v3 onion services client auth). - Provide updated biographical info to Al for use in proposals.

acat: Last week: - Finish fixing #27604: Relocating the Tor Browser directory is broken with Tor Browser 8 - Landed https://bugzilla.mozilla.org/show_bug.cgi?id=1581537. [Browser UI locale is leaked in several ways] - Checked #32255: Missing ORIGIN header breaks CORS in Tor Browser 9.0 This week: - #23719: Make sure WebExtensions are spared from JIT disabling in higher security settings (Medium-High) - #21952 - Onion-location: increasing the use of onion services through automatic redirects and aliasing - send updated resume to Al for OTF proposal.

tjr: - Working on bumping to clang-9 in -central. - clang-10-trunk just had CFG support land, maybe worth investigating bumping to that

sisbell: Last Week: -#30552/#30501/30767: Made changes to TOPL code based in feedback, various code changes to improve readability, additional unit tests, bug fixes - #31130 - Android tor Debian - solved the Java installation issue which was main barrier to completion, Next will upgrade https-everywhere to buster - #31922 - ApkTool - made changes to config (will be able to test once I complete #31130) This week:’ - #31130: Upgrade https-everywhere to buster and then test final apk - #31922: ApkTool test using Debian version - #30501: Code integration changes to tor-android-service, migration code for different fields

pili: Last week: - Catching up from MozFest - Browser proposal for transition away from ESRs - end of month admin and roadmap gardening This week: - Sponsor 44 report - Start of month roadmap planning

GeKo: Last week - release prep - reviews (#27309, #32342, #32184, #27604, #32188, #30783, #32220, #28745) - small patches for the release (mainly backports): #32321, #32318, #32250 - work on #27268 (while reviewing #28745) - #32053 (macOS reproducibility issue); made small steps in the right direction but we are still not there :( This week: - #32053 - #31597 - finish #30429 - look at/finish #31010 - work on setting up the Android signing (token)

boklm: Last week: - helped with building new releases - Continued investigating reproducibility issues (#32052 and #32053) - Helped with fix for #32342 - Rebased patch for #30334 (build_go_lib for executables) This week: - Help with publishing of new releases - Work on #18867 (Ship auto-updates for Tor Browser nightly channel) and sub-tickets - Test/review rebased patch for #30334 (build_go_lib for executables)

- Matt

Hello!

We held our weekly Tor Browser Team meeting on Monday. Here are the meeting logs: http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-11-18-18.29.lo...

During the meeting we briefly discussed on-going work for making onion services more usable.

Next, we briefly talked about some Android-related work. We have a useful collection of libraries now, but they may not be the best solution, especially as some of our partners in this space are actively developing different solutions. We will have more discussions in the future about how Tor development on Android (and mobile, in general) should continue.

Finally, an idea was proposed of creating a Tor Browser build that makes troubleshooting network connectivity problems earlier. Ticket #32540 was created for this.

Weekly notes:

==================================== Week of November 18, 2019 Discussion: What is the status of our testing suite? (test-reports.tbb.tpo? Are the tests run automatically anywhere and are the results publicly available?)

GeKo:

Last week:

- Help with OTF proposal

- Still banging my head against #32053 :(

- reviews (#30327, #31130, #32508)

- #31597 (closed Mozilla bugs between esr60-esr68)

- worked on the signing infrastructure for macOS #32173

- went over all our signing related tickets and tagged them with `tbb-sign` (https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~...)

- more RLBox work (wrote patches for #32436 and #32437 over the weekend)

- wrote small patch for #32509

- a bit thinking about the design doc update

- HackerOne house-keeping and triage

This week:

- more work on #31597

- more work on #32053

- more work on #32173

- design doc update

- reviews

- more RLBox work in my spare time

mcs and brade: Last week: - Sponsor 27 work: #30237 (v3 onion services client auth). - Tied up loose ends. - Posted patches for review and revised them based on feedback from Richard. - Spent a little time on #10416/#29020 (Tor won't start on Windows when path contains non-ascii characters). - Commented in #32498 (Consider updating MAR_CHANNEL_ID for nightly build). This week/upcoming: - For #19757, think about permanent storage of client auth keys and associated management UI. - Respond in #32418 (up-to-date Torbrowser notifies that it can't update). - Add actual points to completed tickets.

Pili: Last week: - OTF Browser Proposal - S44 Final report - Trac triage - Tor Browser Release meeting - S27 meeting - Tor Browser October report - General roadmap admin This week: - OTF Browser Proposal - S44 final report - Trac triage

Jeremy Rand: Last week: - Addressed review of #30558. - Addressed review of #19859. - Filed #32520. - Debugged #31691 a bit. - Filed #32523. - Filed #32527. This week: - Address whatever review happens on #30558 and #19859.

sysrqb: Last week: Some work on the OTF proposal Fastly event Ticket triage Ticket assignments Misc Tor Browser things This week: More OTF proposal More ticket triage and assignments Write summary of Fastly event and thoughts about onion services

acat: Last week: - Revised #28745: THE Torbutton clean-up - Worked on #21952 (Onion-location: increasing the use of onion services through automatic redirects and aliasing): - Exposed in about:preferences - Implemented automatic redirects as with "Location" header. - Basic visual feedback when redirect ("manual" or automatic) to .onion has happened This week: - Wrap up work on #21952, and do builds so that it can be tested. - Check #32255 (Missing ORIGIN header breaks CORS in Tor Browser 9.0) and take some action (not sure exactly which one) - Follow up #32297 (try to reproduce with new info from reporter)

boklm: Last week: - Updated patch for #25099 (Update nightly version number) - Worked on patch for #25101 (Generate incremental mar files for nightly builds) - Some reviews - Looked at blog comments This week: - Finish patch for #25101 (Generate incremental mar files for nightly builds) - Generate a mar signing key for nightly builds (#31988) - Make patch for #32475 (Reduce the number of locales we provide updates for in nightly) - Test/review rebased patch for #30334 (build_go_lib for executables)

sisbell: Last Week: - #Broke apart #30501 issues. These are (will be) broken into changes 1) No API changes; 2) API changes but easy conversions to Android shared pref format; 3) Breaking API changes and changes needed to underlying shared prefs (with data migration needed). (1) issues are #30767, #32516; (2) #32501, #32518 + more this week; (3) #30501 - BridgeList + sets for enumerations of addresses - #30767 - TOPL Custom obfs4 bridge does not work work for Android - Recreated isolated commit (in review) - #32516 - TOPL Cleanup write methods. Various cleanup to simplify writing of torrc fields. - #32501 dormant canceled field - previous patch broke tor-android-service: I added a couple of commits to bring these changes into tor-android-service and TOPL. We should be able to remove patches in browser build after this. - #32476 More investigation into JNI. Open question if this supports Desktop platforms or whether changes are Android specific only. This Week: - Define and work on issues for (2) API breaking changes and (3) if time - Follow up with guardian project to define more specific plans - Prototype with JNI - #31992 apktool workaround - Would like to do MR for #30767, #32516, #32501 to TOPL project this week

pospeselr: Last Week: - US holiday on monday - reviewed #30237 (mcs/brade onion service auth) - deep dive into NoScript for #30570 (per-site settings) - fixed about:preferences#tor UX bug #32508 This Week: - hmm see why the fix for #32508 isn't working as expected - investigating feasibility of adding first-party isolation double-keying to NoScript, prototype Next Week: - Holiday travelling from the 24th through the 6th with limited/unpredictable availability Next Month: - Moving cross-country sometime in the middle of December also with limited/unpredictable availability ====================================

Have a good week, Matt

Hello everyone,

Last Monday we held our weekly Tor Browser Team Meeting. The notes are available http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-12-02-18.29.lo...

We briefly talked about team/ticket maintenance, and we are looking at allocating funding for fixing bugs using the Bug Smashing funds we received in August (yay!).

We held a conversation about what purpose the .mozconfig* files within the tor-browser repository should have. We decided they should be useful/usable for developers now, and we may change how they are maintained in the future.

Finally we discussed a problem with localized Tor Browser installations, where the locale of the browser may leak to websites, therefore people who use locales that are not very popular may place themselves in small anonymity sets. Should we warn users about this before/after they download the browser? When and how should we do it? These are open questions, and we're still looking for some help answering them.

===========================================

Discussion: - Release - December ticket assignment and Reviewers - #32116 - #32602 (Consider what to do about locales used by very few people)

pospeselr: Last week: - US thanksgiving holiday travel fun - more flu! - 9.0.2-build2 build -> https://people.torproject.org/~richard/builds/9.0.2-build2/ - Mozila 1594455 uplifting progress (letterboxing improvements) https://bugzilla.mozilla.org/show_bug.cgi?id=1594455 - Prototype patch for #32325 (add option to disable letterboxing to about:preferences) - going to try and get this uplifted to firefox directly to avoid having to write two rather different patches to handle our disparate localization systems - screenshot: https://share.riseup.net/#Mgnlm4ZlDQO9mlUtGGZ5fg This week: - update #32116 patch with comments pointing devs to actual mozconfig's in tor-browser-build - submit #32325 patch to Mozilla - review/comment on #32645 (Update URL bar onion indicators) - nail down UX design on #30570

boklm: (might be afk during meeting) Last week: - Finished first part for #25101 (Generate incremental mar files for nightly builds) - Helped with build of new releases - Added test for #27265 (In some cases, rbm will download files in the wrong project directory) - Updated patch for #32475 (Reduce the number of locales we provide updates for in nightly) - Reviewed #31130 (Use Debian 10 for our Android container images) - Looked at blog comments This week: - Will be at Reproducible Builds summit the next 3 days - Help with publishing of the new releases - Work on: - #31988 (Generate a mar signing key for nightly builds) - #25102 (Add script to sign nightly build mar files) - Try to find some time to test rebased patch for #30334 (build_go_lib for executables)

GeKo: Last week:

- more work on #32053 (made good progress; a patch is hopefully ready later this week), #31597 (made good progress), and #25021 (made not so good progress :( )

- wrote patches for #32556, #32505, 32618

- reviews (#32616, #32498, #32255, #32475, #25101, #32365, #32606, #27265, #32527)

- release prep

- work on apple signing infrastructure update (#32173, #32556)

- more RLBox investigation in my spare time

This week: - #32053, #31597, #25021 - start with the BIG ticket triage - reviews - more RLBox work in spare time

mcs and brade: Last week: - Enjoyed some time off for the U.S. Thanksgiving holiday. - Sponsor 27 work: #19757 (permanent storage of client auth keys and associated management UI). - Code reviews: - #32498 (Update MAR_CHANNEL_ID for nightly build). - #32505 (Tighten our rules in our entitlements file for macOS). - Reviewed recent Mozilla updater changes and worked on #32616 (disable GetSecureOutputDirectoryPath() functionality). This week/upcoming: - More work on #19757 (permanent storage of client auth keys and associated management UI). - Code reviews.

Jeremy Rand: Last week: - Decided to be a subversive by not taking time off for Thanksgiving :) - Tested boklm's patch for #32527. - Debugged #32520 a bit, submitted a patch that doesn't need libfaketime. - Spent most of my dev time on non-Tor things while I'm waiting for more feedback to show up for #30558. This week: - Address whatever review happens on #30558. - @pili Would it be beneficial for me to attend S27-related meetings to provide a Namecoin perspective? If there's stuff happening there that's relevant, I'm happy to attend; if it's not going to be relevant; then that's fine too and I can save my time for other things. :)

sysrqb: Last week: Release prep and building Some ticket reviews This week: Releases Sending some overdue emails tor browser spec updates android signing key documentation

antonela - opened #32645 Update URL bar onion indicators - reviewed #21952 Onion location - reviewed #32325 Allow letterboxing opt-in/out - reviewed #30570 Implement per-site security settings support

sisbell: Last Week: - #31130 - Buster Support - small change to use snapshot repo. Tested Android variant build - #32476 - Review/Comments of JNI services - #32534 - Review/Comment on new jtorctl implementation - #32501 - Fixed formatting in TorSettings interface (TOPL) - ready for review - #32516 - Write methods in TorConfigBuilder - fixed a number of issues to make methods cleaner, more consistent. - #32405 - Crash after bootstrap - fixed/merged - Thanksgiving holiday This week: - test buster on different variants - #28704 Compile Tor and dependencies (#28764 SSL, #28765 LibEvent)

Pili: Last week: - S9 Phase 2 report This week: - Catching up on roadmap and projects after reporting season - Please start tagging bugs with "BugSmashFund" and adding points to it so we can start "using" the pot of money :) - Please update your November Actual Points - Reminder about moving off Storm and into NextCloud - please move any documents you want to keep to Nextcloud ===========================================

- Matt

Hello!

We held our weekly meeting on Monday. The logs are available http://meetbot.debian.net/tor-meeting2/2019/tor-meeting2.2019-12-16-18.30.lo... .

This was a short meeting. This was also the last scheduled Tor Browser Team meeting of 2019 (!). The next team meeting will be on 6 January, 2020.

We have a Tor Browser release coming on 7 January, so all of our patches should be ready for that release by the end of this week. We are having a Tor Browser Release meeting on Wednesday (18 Dec).

Finally, I'd like to thank Georg (GeKo, gk) for his fearless leadership of Tor Browser for many years. As he moves onto new and interesting challenges on the Network Health team, he will be missed on this team (although we know he is not too far away). We wish him the best of luck.

Have happy holidays everyone!

============= Week of December 16, 2019

Discussion: Next team meeting Release prep

pospeselr: Last week: - pushed updated patch for #32116 (tor-browser mozconfig fixes) - Mozilla 1594455 and 1601040 revisions - a bit of 30570 work This week: - 31855 (remove end of year fundraising campaign) - offline this week after Monday, but back from afk on Wednesday

mcs and brade: Last week: - Sponsor 27 work: - #19757 (permanent storage of client auth keys and associated management UI). - We posted work-in-progress screenshots here: https://trac.torproject.org/projects/tor/ticket/19757#comment:18 - Remaining work is mainly to make the UI functional by hooking it up with control port commands. - Added tickets and comments to the S27 report pad: https://pad.riseup.net/p/aAZQ_UDNrJiwSRxTrFoK - Created a patch for #32674 (Change about:tor ‘Get involved' to point to new community portal). - Completed code review for #21952 (Onion-Location). This week/upcoming: - #32636 (Clean up locales shipped with Tor Launcher). - We will be taking time off from Tor work starting 19-December (this Thursday); back on 6-January-2020.

sysrqb: Last week: Finished most team lead transition items Began testing #28764 and #28765 Discovered CMake broke nightly builds #32741 Began updating security-slider part of the design doc This week: Looking at a possible crash (maybe Android-specific) #32744 Continue updating design doc Release prep Triaging tickets

boklm: Last week: - Worked on #18867 subtickets: - Setup generation of incrementals (#25101) and fixed #32738 (If the linux64 mar-tools does not exist, we should use the other mar-tools available) - Signing of nightly sha256sums files with gpg (#32750 and #32751) - Started a script to sign nightly mar files and publish them (#25102), and subtickets - Started a script to generate a mar signing key for nightly builds (#31988) - Some reviews: - #32053 ((Tor Browser bundles based on Firefox 68 ESR are not reproducible (LLVM optimization issue)) - #32739 (Bump clang to 8.0.1) - Looked at android build issue (#32761) - Looked at blog comments This week: - Try to finish the work on #18867 (Ship auto-updates for Tor Browser nightly channel) - Look at macOS signing situation

Jeremy Rand: Last week: - Addressed Georg's review so far on #30558. This week: - Address whatever additional review happens on #30558. - Review boklm's rebased #30334 patch.

Pili: Last week: - Browser Proposal meetings and revisions - BugSmashFund tagging - Some trac triage - General roadmap gardneing This week: - Wrapping up things before vacation - afk from Friday 20th December 2019 - Monday 6th January 2020 - back on January 7th (probably) - ping me if there is anything urgent you need me to look at before I go

GeKo:

- Last week:

- helped a bit with OTF proposal

- #31597 (almost done), #25021

- more old ticket triage

- reviews (#30558, #32741, #32751, #26861, #27045, #32750)

- more RLBox work in spare time (not much, though, alas)

- a bit HackerOne work

- spent some time deobfuscating JavaScript malware served in a fake Tor Browser

- This week:

- finish #31597

- work on #25021

- reviews

- more ticket triage

- finish up some loose ends from my Tor Browser ToDo list

Antonela

- reviewed #21952 =============

Thanks, Matt