18:00:25 <GeKo> #startmeeting tor browser
18:00:25 <MeetBot> Meeting started Mon Apr 30 18:00:25 2018 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:00:25 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
18:00:28 <GeKo> hi all!
18:00:34 <boklm> hi!
18:00:37 <GeKo> welcome to another weekly tor browser meeting
18:00:50 <mcs> hi
18:00:54 <arthuredelstein> hi!!
18:01:01 <GeKo> let's look at the pad and add notes/mark discussion points bold
18:02:20 <igt0> !
18:04:24 <sysrqb> o/
18:07:11 <GeKo> alright, let's get started
18:08:25 <GeKo> mcs: brade: so, while thinking about the updater changes, we want to have a new signing key using 384bit sha in the first esr60-based alpha, right?
18:08:50 <mcs> GeKo: I think so, yes.
18:09:00 <mcs> Will that be a problem :)
18:09:03 <mcs> ?
18:09:28 <GeKo> no, i just have to make sure i don't forget that and get the details right :)
18:09:40 <mcs> OK; thanks
18:10:10 <GeKo> so, i'd use "-Z SHA384" instead of "-Z SHA512"
18:10:38 <GeKo> when creating the new key and that's the only change?
18:11:12 <GeKo> otherwise, please let me know
18:11:16 <mcs> I think so, but now I am puzzled as to how brade and I did some updater testing on macOS last week without such a signing key. I will investigate.
18:11:29 <GeKo> heh, good idea :)
18:11:33 <mcs> :)
18:12:15 <GeKo> okay, it seems no one has an item for the whole group, good
18:12:22 <GeKo> tjr: i have just one for you on the pad
18:12:30 <tjr> Yup, saw it
18:12:34 <GeKo> thanks for going down that rabbit hole :)
18:12:56 <tjr> I will write something up yea. It's pretty basic I think, but it feels empowering to start to understand how to navigate assembly
18:13:08 <GeKo> yeah
18:13:36 <GeKo> discussion time i guess then
18:13:40 <GeKo> igt0: you are up
18:14:27 <igt0> so, about tor browser mobile
18:15:28 <igt0> we and firefox have the accessibility services enabled, however android allows an app to listen for accessibility events and these events sometimes can be, for example, an user typing in a form.
18:16:01 <igt0> Few password managers were using those accessibility services to know when an user is typing in an user/password form
18:16:35 <igt0> so my question here, is everyone okey if we disable accessibility on mobile(accessibility.force_disable = 1)?
18:17:25 <arthuredelstein> What do accessibility services provide for actual accessibility?
18:17:27 <GeKo> do we know what else would break
18:17:31 <GeKo> ?
18:17:48 <sysrqb> i haven't researched this, bu i see you provided some research papers on #25902
18:17:59 <igt0> arthuredelstein, GeKo screen readers will not work.
18:18:05 <sysrqb> (i'll read them later)
18:18:24 <sysrqb> does firefox emit intents when this is detected?
18:18:41 <sysrqb> how does Firefox tell Android, so Android can tell the other apps?
18:19:17 <pospeselr> does Android require the user to agree to anything to allow apps to read other apps accesibility events?
18:19:24 <pospeselr> or does it just silently happen?
18:19:46 <igt0> sysrqb, it is not an intent
18:20:02 <igt0> pospeselr, nop, the app broadcast accessibility events
18:20:22 <sysrqb> can we neuter the broadcast code?
18:20:36 <pospeselr> wow
18:20:37 <pospeselr> ok
18:20:49 <igt0> firefox has a whitelist
18:20:57 <sysrqb> pospeselr: it's being "helpful"!
18:21:22 <igt0> and we can disable it using the accessibility.force_disabled
18:21:41 <sysrqb> oh, but this is how screen readers work?
18:21:48 <sysrqb> they listen for these broadcasts?
18:21:55 <pospeselr> sysrqb: yeah I would think so
18:22:02 <igt0> sysrqb, yeah
18:22:11 <arthuredelstein> igt0: What kind of whitelist?
18:23:55 <igt0> arthuredelstein, By app id, Firefox broadcast those events for few apps. E.g. bitwarden (password manager)
18:24:26 <arthuredelstein> I see, so in principle we could allow screen readers but deny password managers
18:24:34 <arthuredelstein> correct?
18:24:37 <sysrqb> ^
18:24:49 <igt0> yeah
18:25:17 <GeKo> sounds like things we should explore
18:25:20 <arthuredelstein> So, just to understand, in principle is it true that any whitelisted app could read all the text from whatever web page the user is visiting?
18:25:56 <igt0> arthuredelstein, yep
18:27:59 <GeKo> igt0: i think it's fine figuring out in a series of alphas what the right balance is for accessibility vs browser lockdown
18:28:09 <GeKo> if we think we need to make a trade-off
18:28:23 <GeKo> (and i think we should do that in this case)
18:29:36 <GeKo> so, i think to answer your question: yes, we care but it's not obvious yet whether disabling accessibility totally is the right choice
18:29:45 <pospeselr> it would be kind of shitty to just shut out blind users
18:29:51 <GeKo> yep
18:30:01 <sysrqb> indeed
18:30:14 <igt0> cool, so i will take a look in the whitelist approach. thanks!
18:30:25 <GeKo> sounds good!
18:30:45 <GeKo> oving forward to the next items
18:30:48 <GeKo> *moving
18:30:51 <pospeselr> the whitelist approach seems promising, wonder how much work it would be to let users edit it
18:30:53 <pospeselr> anyway
18:31:00 <GeKo> extensions first, i think
18:31:16 <GeKo> so, what are our current plans wrt to torbutton and tor-launcher?
18:31:38 <GeKo> do we need more discussion or are we ready to pick an approach and move forward with it?
18:32:05 <sysrqb> I can look at tor-launcher this week
18:32:06 <GeKo> we are close to being in the need to actually do something about it
18:32:31 <sysrqb> i think we will need two implementations, one for desktop and one for android
18:32:34 <GeKo> given that the clock starts to tick louder and l ouder
18:32:40 <GeKo> *louder
18:32:56 <sysrqb> but hopefully we can re-use some of the desktop extension on android
18:33:25 <GeKo> yes
18:33:43 <sysrqb> in particular the controller code
18:33:54 <GeKo> sysrqb: so, if you could post some plan this week on the tor launcher ticket that would be great
18:34:17 <sysrqb> but we'll need a new UI on android, probably written in java for android
18:34:21 <sysrqb> GeKo: sure, will do
18:34:37 <mcs> for desktop, we need something to insert Torbutton and Tor Launcher as system extensions. I think.
18:34:52 <mcs> (build process changes or something more)
18:34:53 <GeKo> me too
18:35:03 <sysrqb> yes, that was part of the work I did on tor-launcher
18:35:14 <sysrqb> i was discussing that with arthuredelstein too
18:36:18 <GeKo> ok. i'd assume we can use the same mechanism for torbutton as for tor-launcher
18:36:24 <igt0> About torbutton, we need first to separate "backend" from "frontend". There are lot logic that can be reused by both desktop and mobile.
18:36:48 <GeKo> well, not first
18:36:53 <GeKo> that's the second item
18:36:54 <sysrqb> yes, the same mechanism should work, and we may be able to continue using the current build process
18:37:11 <sysrqb> but i will start testing now we have rebased patches
18:37:14 <sysrqb> for ESR60
18:37:39 <GeKo> igt0: i think the first is to just have this work in a desktop environment
18:37:53 <GeKo> with as little changes as possible compared to what we have right now
18:38:04 <GeKo> because the ESR60 clock is ticking
18:38:07 <mcs> +1 (especially given our schedules)
18:38:15 <arthuredelstein> My thinking is I would start to try that out this week
18:38:21 <arthuredelstein> using the work by sysrqb and igt0
18:38:30 <GeKo> please do
18:38:41 <arthuredelstein> and see if I can build a "working" bundle
18:38:45 <sysrqb> sounds good arthuredelstein
18:38:55 <igt0> +1
18:39:07 <sysrqb> i'll look at it, too - i forget exactly where i left it
18:39:35 <GeKo> okay, i'll update the pad later with what we came up with.
18:39:45 <GeKo> last item i have: the upcoming releases
18:40:00 <GeKo> could someone help with the build this time?
18:40:23 <arthuredelstein> I'm happy to help again but also happy if someone else wants to :)
18:40:38 <GeKo> arthuredelstein: ok, sounds good
18:41:03 <GeKo> let us try this again, this time slightly more complex
18:41:17 <GeKo> we have both the stable and the alpha bundles to make
18:41:23 <arthuredelstein> yes
18:41:41 <GeKo> for added fun i planned long ago to be away from my keyboard starting from thursday
18:41:49 <GeKo> and then mozilla moved the releases
18:42:23 <GeKo> my current plan is to tag releases on thursday before i leave
18:42:36 <GeKo> assuming we'll have release tags by then
18:43:23 <GeKo> boklm: we can talk about later what to do if things go wrong and we need additional builds
18:43:43 <boklm> ok
18:43:56 <GeKo> but my current plan is that you could either do the rebases and tagging yourself, getting the build unstuck
18:44:21 <GeKo> or i'll do the things on monday and we finish the bundles on monday/tuesday
18:44:38 <GeKo> we'll have an extra day this time and mozilla is releasing on wednesday
18:45:02 <GeKo> either way, i think i can do the signing part at least, so we can share the releas load
18:45:14 <GeKo> does that sounds like a plan that could work?
18:45:18 <GeKo> *sound
18:46:07 <arthuredelstein> sounds like a good plan to me. So we plan to tag both stable and alpha on Thursday, correct.
18:46:08 <boklm> I am planning to be travelling on the wednesday, but I'm expecting to have enough internet to do the publishing
18:46:44 <GeKo> arthuredelstein: yes.
18:47:10 <GeKo> boklm: ok
18:47:29 <GeKo> i guess if things don't work out as expected i could do the publishing part, too
18:47:37 <GeKo> but we'll see
18:47:44 <GeKo> first we need some bundles :)
18:48:08 <GeKo> sysrqb: sorry for just landing the backport. i don't have a good setup for testing orfox builds right now :(
18:48:13 <boklm> so this looks like a good plan to me
18:48:28 <GeKo> sysrqb: if we need to back out the patch let me know
18:48:34 <sysrqb> GeKo: no worries, it looks like there is an easy fix
18:48:44 <sysrqb> i understand not being able to test easily
18:49:26 <GeKo> that'll be much better once we have some tor-browser-build integration
18:49:26 <sysrqb> i should have a branch ready for reiew later today
18:49:33 <GeKo> yay
18:49:34 <sysrqb> yes, for sure
18:49:55 <GeKo> okay, anything else that came up during the meeting and which we should talk about today?
18:50:45 <GeKo> hearing crickets.
18:51:00 <GeKo> thanks all, then and have a nice week *baf*
18:51:06 <GeKo> #endmeeting