#tor-meeting log

11:00:28 <richard> #startmeeting Tor Browser Weekly Meeting 2022-06-13
11:00:29 <MeetBot> Meeting started Mon Jun 13 11:00:28 2022 UTC.  The chair is richard. Information about MeetBot at http://wiki.debian.org/MeetBot.
11:00:29 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
11:00:50 <richard> the meeting pad: https://pad.riseup.net/p/tor-tbb-keep
11:01:00 <richard> msim: I've added a section for you at the bottom of the doc
11:01:07 <msim> :D
11:01:29 <richard> so typically the way we do this, we spend the first 5-10 mins updating our sections with what we did the previous week, and our plans for the current one
11:01:33 <PieroV> We could delete the old discussions of May
11:02:00 <richard> put anything in bold that you want/need to discuss with the team in that part
11:02:00 <Jeremy_Rand_Talos_> Are introductions in order, for those of us who don't know msim yet?
11:02:24 <richard> or you can add discussion points in the == Discusion == section
11:02:37 <msim> oh yes i should probably do that
11:02:45 <richard> oh where are my manners
11:02:50 <richard> msim: go for it :)
11:03:01 <msim> so hi i'm the new intern (contractor? dev? not sure what i should introduce myself as)
11:03:17 <msim> i'm marco, @msimonelli on gitlab, and obviously msim on irc
11:04:10 <msim> i'll be doing some work on the sponsor 131 tasks (specifically the webrtc thing), as well as the branding swap (maybe? richard clarify pls), and also finishing up some old MRs i made
11:04:30 <Jeremy_Rand_Talos_> Ah hey, welcome msim!  I think I've seen you on the R2 GitHub before?
11:04:51 <msim> yes! i also do work for bpfs on r2 :)
11:05:27 <Jeremy_Rand_Talos_> Cool cool!  Sorry I didn't recognize your IRC nick.
11:05:39 <msim> ha no worries, it's not exactly plastered everywhere :P
11:06:43 <richard> Pierov: and let's indeed clear out some of the old cruft
11:06:47 <richard> from the doc
11:07:17 <PieroV> richard: done
11:11:26 <richard> ok, let's get started
11:13:40 <richard> doens't seem like wehave any bolded sections, so we'll begin with the discussion
11:14:55 <richard> to begin with, S131 work
11:17:58 <richard> with the flurry of pierov's changes last week, we are mostly there w/ regards to deliverable 1 on the tor-brwoser.git side
11:18:50 <richard> boklm: are you blocked on anything there for the tor-browser-build changes?
11:18:54 <PieroV> (I lied on the docs, I still have a thing for S131 phase 1: disabling pocket, but I'll wait for 91.10 branch)
11:20:36 <boklm> richard: no, my plan this week is to try building the new base-browser tor-browser.git branch, and check which other tor-browser-build changes are needed
11:20:48 <richard> donuts: and in terms of scheduling a kick-off meeting, that will probably need to happen next week unless we can all agree on a time for tomorrow
11:22:04 <donuts> next week wfm, we weren't planning on spending any design time on this project until July/August
11:22:16 <richard> PieroV: apart any remaining known blockers (like Pocket removal) you should be able to go ahead starting on the deliverable 2 work
11:22:45 <PieroV> richard: should we check for any possible blocker in 11.5, first?
11:23:10 <richard> i'll leave it to your best judgement on which piece makes the most sense to start with
11:23:31 <PieroV> (like: is the Mac bundled fonts issue something we should fix before going stable?)
11:23:47 <richard> yes that is a good point
11:24:04 <donuts> which one's the mac issue again?
11:24:06 <richard> we should also swap out links to the remote tb manual with the embedded one as well
11:24:12 <donuts> there are so many issues with bundled fonts :/
11:24:16 <PieroV> Yes, I have an issue for that
11:24:24 <PieroV> (richard ^)
11:24:29 <richard> excellent
11:24:38 <PieroV> donuts: the fact is that they're all linked to Mac bundled fonts not working at all, probably
11:25:27 <donuts> yeah that seems like a thing we should fix before stable, richard?
11:25:42 <richard> sounds pretty high priority to me
11:26:04 <PieroV> And for stable I also have a pair of minor S96 issues, in addition to the help buttons
11:26:11 <donuts> wait is it only broken in alpha?
11:26:27 <PieroV> donuts: I think it broke with 11.0
11:26:33 <PieroV> But has never been fixed yet
11:26:47 <donuts> right, wuft
11:26:47 <richard> (this is why the js console doesn't use a monospace font?)
11:26:53 <richard> (or is that a different one?)
11:27:02 <PieroV> richard: no, the monospace issue has been solved
11:27:17 <PieroV> I've added Menlo last week, and it's already in the alpha
11:27:30 <PieroV> It's related for example to the bangla issue
11:27:42 <PieroV> tor-browser#41004
11:29:17 <richard> donuts: nightly w/ all of the latest changes (though not rebased to 91.10) successfully built, so you should be able to see the almost latest there
11:29:17 <richard> from Friday anyway, I assume they kept building over the weekend
11:29:52 <donuts> richard: got it, ty
11:31:27 <richard> ok
11:31:52 <richard> finally, we need builders for 11.5a13
11:32:03 * boklm can build the desktop version
11:32:14 * PieroV has built the Android version on the MR before the HTTPS-E change
11:32:35 <PieroV> I can resume after the MR is merged
11:32:37 <richard> iirc the rebase and tor-browser-build MRs have sign off, but I had to do a couple force-pushs to fix to fix various build issues
11:32:40 <richard> excellent
11:33:01 <PieroV> I think it won't be a problem, as long as the version was correct :)
11:33:04 <richard> I'll get those both pushed after htis meeting
11:33:12 <PieroV> Otherwise we need to rebuild from GeckoView on Android
11:33:25 <richard> yeah
11:33:48 <richard> also ran into a little fallout from removing aguestuser from the signing keychain (whoops)
11:34:05 <richard> but i successfully built latest so we should be good there
11:34:13 <boklm> I pushed a commit on master fixing that (but I see you made the same change in the MR)
11:34:14 <richard> alright, PieroV: let's hand the rest off to you
11:34:25 <PieroV> okay, first item will be quick
11:34:30 <richard> boklm: excellent :)
11:34:55 <PieroV> As donuts said, we have a lots of fonts issues. I think we could even add a tag for it, even though it isn't a major topic such as Linkability, or Fingerprinting or Disk Leak
11:35:06 <PieroV> err, a label
11:35:11 <donuts> like "Fonts"?
11:35:13 <PieroV> Yes
11:35:26 <richard> wfm, I can do othat
11:35:27 <boklm> +1 for adding a label
11:35:32 <donuts> +1 from me, would be nice to see them all in one place
11:35:35 <richard> i have the power
11:35:39 <Jeremy_Rand_Talos_> Sounds reasonable to me.
11:35:56 <PieroV> Great. Second item is not that quick, or maybe yes
11:36:06 <PieroV> What if we officially dropped Windows 7 support?
11:36:18 <PieroV> Windows 7 has been EOL for more than two years (Jan 14 2020)
11:36:24 <boklm> does Mozilla still support it?
11:36:29 <PieroV> Yes
11:36:31 <richard> PieroV: so the problem with that
11:36:33 <donuts> they do, iirc
11:36:34 <richard> is the global south exists
11:36:46 <Jeremy_Rand_Talos_> Do we have any info on how many users are on Win7, and why they are?
11:37:01 <richard> and doesn't necessarily run the latest and greatest operating systems
11:37:05 <donuts> yeah I would be very nervous about dropping win7 without a really good reason
11:37:36 <donuts> one thing that would be interesting though is to look into OS fragmentation among our userbase in the next UX survey
11:37:37 <PieroV> Okay, the main reason is infra-os fingerprinting through fonts, and improve support for scripts (primarily Asian, I think)
11:37:40 <msim> PieroV: other than eol what's the motivation for dropping support?
11:38:07 <PieroV> We have a series of script issues that we could solve with 2-3 system fonts, added in Windows 8
11:38:27 <PieroV> Enabling them though will allow fingerprinting the Windows version
11:38:38 <msim> ah, right
11:38:40 <richard> ah I see
11:38:46 <PieroV> (well, I'm ignoring the fact that even Windows 8, 8.1, 10 and 11 have different versions of the same font)
11:39:02 <Jeremy_Rand_Talos_> I might be okay with deprioritizing Win7-specific fixes if they are a major time sink, but I am hesitant about dropping it completely.
11:39:40 <PieroV> I think Mozilla is dropping it on the ESR after 102
11:39:55 <richard> yeah unfortunately I think this falls under the category of 'meet the users where they are'
11:40:10 <PieroV> Do we have a rough idea?
11:40:26 <richard> PieroV: tbh I woul expect them to drop support roughly around that time frame
11:40:43 <msim> PieroV: the q3 release (esr 102.1?), or do u mean esr 103?
11:40:55 <Jeremy_Rand_Talos_> What exactly is the definition of dropping Win7?  TB won't run at all, or Win7 users will have a diff fp than Win8+?
11:40:56 <PieroV> ESR 114 or whatever
11:41:13 <PieroV> Jeremy_Rand_Talos_: I mean: stop doing anything special for Windows 7
11:41:20 <donuts> I assume gradually more and more unfixed bugs until it stops working entirely
11:41:21 <richard> so historically, we've had to drop support for older Windows when Mozilla does
11:41:36 <richard> becuase usually not to long after they add new sandboxing features that depend on newer windows versions
11:41:42 <PieroV> If it continue working we're all happier, but don't invest time if it stop
11:41:59 <richard> that's what happened with Vista anyway
11:42:15 <Jeremy_Rand_Talos_> PieroV, would patches still be accepted from the community for Win7 bugs?
11:42:20 <donuts> ahh, vista
11:42:24 <PieroV> Jeremy_Rand_Talos_: yeah, why not?
11:43:08 <richard> Jeremy_Rand_Talos: we will have to play it by ear honestly
11:43:26 <richard> sorry, I mean that we will need to see when we get there
11:43:38 <richard> it all depends on the how and why of the potential win7 breakage
11:44:07 <richard> maintaining a backwards compatible fork of the sandboxing/security system just to enable runtime support for old+new windows
11:44:17 <richard> sounds like a bad and error-prone idea
11:44:37 <Jeremy_Rand_Talos_> OK, in that case, as long as community patches are accepted, I'm okay with dropping Win7 on my end, though maybe there are global south issues etc. that will necessitate other policies
11:44:38 <richard> but we can worry about that come 2023
11:45:02 <richard> or whenever mozilla officially drops spuport
11:45:30 <richard> in the meantime we need to keep supporting (unless some UX research can tell us 'actually nobody uses this OS naymore')
11:45:54 <PieroV> Okay. Then we'll have a series of unsupported scripts that we may want to fix in 11.5
11:46:04 <donuts> I would be surprised, be we can ask and see
11:46:22 <boklm> maybe mozilla has some numbers
11:46:28 <richard> folks who do tor trainings can probably tell us what they've seen in that regard as well
11:46:57 <richard> PieroV; can said script supported be added by bundling more fonts?
11:47:04 <PieroV> richard: yes
11:47:21 <Jeremy_Rand_Talos_> richard, maybe try putting a Win7-user-specific notice in the splash page for some months before making a decision to drop support
11:48:34 <Jeremy_Rand_Talos_> Also note that Mozilla nums may differ from Tor Browser nums, because a lot of users who didn't upgrade to Win10 made that choice for privacy reasons
11:48:45 <boklm> bundling more fonts sounds fine, if not increasing the size of the bundle too much
11:49:40 <PieroV> BTW: https://support.mozilla.org/en-US/kb/firefox-version-100-on-windows-7
11:50:10 <PieroV> Firefox is requiring updates on Windows 7, we may have to do a similar page for 12
11:50:43 * richard reading tor-browser#41022
11:51:05 <richard> from that page: Note: If you install Firefox without Microsoft security update KB4474419, you may notice an orange or yellow warning message in the UAC (User Account Control) prompt, indicating that the installer is not properly signed. The Firefox installation, however, will complete and Firefox will work.
11:51:23 <richard> looks like it may just be a root certificate thing
11:52:05 <donuts> what's the UAC prompt?
11:52:21 <PieroV> The one to run things with administrator privileges
11:53:17 <donuts> okay, sounds like the installation works either way
11:53:18 <richard> donuts: like the graphical sudo prompt on linux/macOS
11:53:34 <donuts> got it, ty
11:54:02 <richard> donuts: and it seems like it only affects the installer, so until we need to update our windows code-signing key we should be good
11:54:21 <donuts> yep
11:54:23 <richard> anyway
11:54:41 <richard> ok five more minutes
11:55:30 <PieroV> For the eTLDs the only important thing for the moment is: they exist, and we should correctly deal with them, if we want to rewrite .onion
11:55:52 <richard> boklm: one thing I forgot, it is on your list but I would like you to prioritize looking at the Android signing process, and streamlining that as much as possible for us
11:56:17 <richard> PieroV: so real quick, what is a n eTLD vs a TLD?
11:56:33 <PieroV> richard: they're effective TLDs
11:56:52 <Jeremy_Rand_Talos_> richard, co.uk is an eTLD but not a TLD
11:56:53 <PieroV> from a practical point of view, it's that securedrop.tor.onion, tor.onion and similar must be treated as TLDs
11:56:58 <richard> ooh ok ok
11:57:06 <PieroV> Or also those hosts that offer free third level domains
11:57:08 <donuts> so it's not an electronic TLD?
11:57:14 <PieroV> Nope, effective
11:57:16 <richard> so we would want tihs as part of the onion rewrite/about:rulesets feature
11:57:23 <donuts> ^^
11:57:31 <Jeremy_Rand_Talos_> richard, they're also called Public Suffixes
11:57:34 <boklm> richard: ok
11:57:39 <PieroV> Yes, and that's a reason for one of our Tor Browser patch to exist
11:58:00 <donuts> https://en.wikipedia.org/wiki/Public_Suffix_List
11:58:17 <PieroV> If we can patch at runtime, instead, we could drop that patch. Also, that patch may be moved from Base Browser to Tor Browser
11:58:32 <Jeremy_Rand_Talos_> richard, FPI is keyed to the eTLD+1 of a hostname
11:58:41 <Jeremy_Rand_Talos_> hence why Tor Browser cares about it
11:58:49 <richard> yep that makes sense
11:58:57 <PieroV> Yes, they're needed for whatever is domain-scoped
11:59:04 <PieroV> So I think also FPI
11:59:18 <PieroV> (I've seen that cookies for example need this functionality)
11:59:44 <Jeremy_Rand_Talos_> And stream isolation usernames
11:59:53 <richard> ok, this all seems reasonable to me
11:59:59 <PieroV> So far the patches are okay-ish but could be improved
12:00:14 <PieroV> And in the future improving them may become a necessity
12:00:22 <richard> well that is the hour+1 minute
12:00:32 <richard> so I will call it
12:01:03 <richard> runtime eTLD's sound great let's plan on making a plan for a patch
12:01:06 <richard> #endmeeting