18:01:20 <mikeperry> #startmeeting tbb-dev 18:01:20 <MeetBot> Meeting started Mon Jul 25 18:01:20 2016 UTC. The chair is mikeperry. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:01:20 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 18:01:30 <boklm> hi 18:01:39 <arthuredelstein> hi everyone 18:02:17 <mikeperry> ok, so GeKo is on vacation, so I'm going to chair th meeting today, and help rebase and tag the release 18:02:54 <mcs> mikeperry: thanks for stepping into old shoes 18:03:01 <Yawning> hi browser people 18:03:14 <mikeperry> as far as I understand it everything is ready as far as code, we just need me to do the rebasing of the patch sets and tag the release for building 18:03:56 <mikeperry> I may also try to switch us to DuckDuckGo, if I feel confident I can do that without issue 18:04:33 <mcs> Will there be an alpha release at the same time or just after? 18:05:05 <mikeperry> hopefully at the same time, but Georg's mail mentioned only a stable branch 18:05:16 <mcs> OK 18:05:49 <mikeperry> is there anything I need to be aware of the the alpha and hardened tags+branches? GeKo mentioned only tor-browser-45.2.0esr-6.0-1 18:05:58 <mikeperry> as the source for rebasing on to 45.3.0 18:07:11 <mikeperry> apparently #19735 is the ticket I should use for the search engine change 18:08:00 <mcs> alpha should be on tor-browser-45.2.0esr-6.5-1 18:08:43 <mcs> but boklm probably knows all :) 18:09:08 <Yawning> uh 18:09:15 <Yawning> is my resource:// patch 18:09:20 <Yawning> going to get merged at least in alpha 18:09:49 <huseby> mtg today? 18:09:51 <huseby> hi 18:09:52 <arthuredelstein> I would also be in favor of Yawning's patch being included in the alpha. 18:09:55 <Yawning> it might not be perfect, but it probably won't break shit, and makes the situation dramatically less bad 18:10:12 <mikeperry> do we have a ticket for it? 18:10:21 <arthuredelstein> #8725 18:10:47 <boklm> in an email, Georg said he was not sure about waiting for August 1 to do the alphas, or start building them on the weekend to have enough time for signing them 18:11:18 <arthuredelstein> Yawning's branch has three commits that would need to be included 18:12:01 <Yawning> I used your commit naming convetion, so the 3 commits should stand out >.> 18:14:38 <mikeperry> shooting from the hip, my guess is #8725 will be fine for the alpha. less sure about the stabl 18:14:55 <Yawning> I've been using various versions of that for weeks 18:15:03 <Yawning> which ironically makes my browser fingerprint unique 18:15:19 <Yawning> becasue it doesn't leak information like a sieve >.> 18:15:37 <Yawning> up to y'all 18:16:47 <Yawning> (offtopic to the meeting I have questions-ish about the updater) 18:17:20 <mikeperry> ok, let's progress into the normal status updates and blocker concerns, and then discuss the release in more detail after that 18:17:27 <mikeperry> who wants to go "next"? :) 18:17:41 * arthuredelstein can go 18:17:46 <Yawning> I poked at sandboxing tor browser 18:17:48 <Yawning> it works 18:17:58 <Yawning> it's sketch and kludge but infinitely better than any other attempt 18:17:59 <Yawning> nyah 18:18:01 <Yawning> done 18:18:03 <Yawning> >.> 18:18:20 <arthuredelstein> Yawning: How do you feel about firejail vs flatpak now? 18:19:02 <Yawning> hm 18:19:07 <Yawning> either would work still 18:19:18 <Yawning> depends on what we want to do with our uptater 18:19:25 <Yawning> and how we want to launch tor 18:21:16 <Yawning> (which is an issue that we need to do design work on earlier rather than later) 18:22:53 <arthuredelstein> Do you think firejail is easer to use with the existing updater/tor launcher? 18:23:27 <Yawning> the former kind of 18:23:44 <Yawning> tor-laucher poses interesting questions regardless of system 18:24:13 <Yawning> I need to think about it more (and we should prolly discuss this offline/in a tocket/e-0mail w/e) 18:25:16 <huseby> Yawning: there's a *lot* of sandboxing work going on over on my side of the fence...have you talked to anybody working on it? 18:25:23 <huseby> jld@mozilla.com is probably the place to start 18:25:33 <Yawning> no 18:25:52 <Yawning> I have sat in my bunker of h8 and infinite lonleyness and just got it working for me >.> 18:26:28 <mikeperry> yeah, I have some thoughts in a text file about this.. Tor either needs to be launched independently, or we need some mechanisms like apparmor has for changing sandbox contexts based on execution.. we also need some way to lock down configuration of the tor client (at minimum some kind of control port filter could enforce this, possibly) 18:27:12 <huseby> Yawning: also re: tor#8725 you should set yourself as owner of https://bgz.la/863246 and upstream the patch. (I'll help you do it). 18:27:21 <Yawning> ... 18:27:32 <mikeperry> we may actually also need a separate meek-style profile to run tor launcher in a separate process 18:27:34 <Yawning> it's sketch javascript, doing it in C++ is prolyl better >.> 18:27:58 <Yawning> my thing is just the "expeident, good enough" thing >.> 18:28:01 <mikeperry> and maybe leverage Mozilla's work there at a later date 18:29:10 <huseby> re: sanboxing, our current work tor related work that is sandboxing oriented is https://bgz.la/1287994 and https://bgz.la/1288308 18:29:15 <huseby> we're adding named pipe support 18:29:28 <huseby> so we can block/unshare the network kernel API's altogether 18:29:49 <huseby> then jld would know all about the work cribbing from the chromium sandbox 18:30:08 <huseby> Yawning: anyway, my point is, maybe coordinate? you might make friends 18:30:43 <huseby> and your bunker at h8 and infinite loneliness might turn into h8-less and not-so-lonely :) 18:30:43 <mikeperry> oh cool namd pipe proxy support? 18:30:52 <huseby> mikeperry: yup ;) 18:31:01 <Yawning> I went with af_unix 18:31:02 <huseby> i convinced our necko team that it is a priority 18:31:09 <Yawning> for my h8 implementation 18:31:12 <Yawning> but I cheated 18:31:15 * mikeperry gets distracted by the mozilla tickets instead of status updates. and wonders if he is being a bad meeting chair :)( 18:31:36 <huseby> naw, we're always a bunch of chaos in this meeting 18:31:47 <Yawning> I also looked at the neko code and it looked simple, but cheating was easier/faster 18:31:52 <Yawning> and didn't involve rebuilding firefox 18:31:54 <huseby> mikeperry: let me make it easier on you. all active tor work: https://wiki.mozilla.org/Security/Tor_Uplift/Tracking 18:32:00 <mikeperry> do we have af_unix patches/tickets for the linux and mac side? 18:32:08 <Yawning> we have a ticket 18:32:11 <Yawning> we don't have a patch 18:32:23 <huseby> mikeperry: uh, yes... 18:32:24 <Yawning> because, like I said, I cheated (I use LD_PRELOAD) 18:32:27 <huseby> that's the second bug 18:32:30 <huseby> 1288308 18:32:37 <huseby> i think we're tackling windows first 18:32:48 <Yawning> cheating works fine on all the unixes 18:32:49 <Yawning> heh 18:33:31 <huseby> turns out windows is harder than thought to make named pipes work 18:33:43 <arthuredelstein> Do we have a parent TBB sandboxing ticket on trac? 18:33:44 <huseby> and AFAICT, windows tor proxy doesn't support it either 18:33:57 <huseby> so we might have a patch for you guys :) 18:34:16 <Yawning> arthuredelstein: don't think so 18:34:39 <Yawning> #14270 is our af_unix one 18:34:53 <arthuredelstein> Yawning: I'll open one. 18:37:12 <huseby> Yawning: done with your update? 18:37:32 <arthuredelstein> #19055 18:37:36 <Yawning> I've been done for a while 18:37:43 <Yawning> >.> 18:37:48 <Yawning> arthuredelstein: that's orthogonal 18:37:54 <arthuredelstein> Oops, #19750 18:38:22 <Yawning> (the whole upstreaming thing is dumb, and I have a better idea, but other people should do their reports) 18:39:23 <huseby> ok 18:39:24 <huseby> can I go? 18:39:28 <arthuredelstein> go ahead 18:39:49 <huseby> so, my team....(HAH! "my team"...never thought I'd say that) 18:39:50 <huseby> so, ehem 18:40:05 <huseby> my team has a WIP uplift for the javascript timer precision reduction 18:40:16 <huseby> https://bgz.la/1217238 18:40:33 <huseby> i'll be reviewing it today but would like some feedback from arthuredelstein and mikeperry (if you have time) 18:40:44 <huseby> jonathan ran into some issues IIRC 18:41:10 <huseby> I've got a WIP patch for the firstPartyDomain origin attribute here https://bgz.la/1260931 18:41:28 <huseby> we're still chewing on it, but this will eventually replace ThirdPartyUtils::Get* functions 18:42:10 <huseby> the containers project is maturing and fixing a bunch of the origin attributes bugs 18:42:28 <huseby> next up for me is to uplift the tor isolation patches to validate our origin attributes implementation 18:42:33 <huseby> that's it for me 18:42:36 <huseby> oh 18:42:45 <huseby> an we're all coming to the tor dev meetup in seattle in september 18:42:54 <huseby> "my team" is 18:43:30 <huseby> there is one more engineer that will be joining my team in the next week or so 18:43:36 <huseby> so velocity++ 18:43:41 <huseby> ok, now i'm done 18:44:45 <mikeperry> cool. I am digging around for the follow-up ticket we had to #1517 on our side 18:46:16 * arthuredelstein can go 18:46:25 <arthuredelstein> Since our last meeting, I reworked the font whitelisting patch 18:46:32 <arthuredelstein> (https://bugzilla.mozilla.org/show_bug.cgi?id=1121643) 18:46:42 <arthuredelstein> I finished up the https://bugzilla.mozilla.org/show_bug.cgi?id=1235520 patch (for posting soon) 18:46:47 <arthuredelstein> I did some more investigation of the ramifications of the #18762 patch. 18:46:56 <arthuredelstein> I opened and started working on #19741. 18:47:02 <arthuredelstein> I set up a live test for #8725 / bugzil.la/1120398 and then reviewed yawning's additional patch to address that issue. 18:47:08 <arthuredelstein> I reviewed #19484. 18:47:23 <arthuredelstein> I started working on #19459, and I also did some work on #13018. 18:47:28 <arthuredelstein> I hope to have patches working for these two in the next few weeks, in between vacations days. 18:47:31 <arthuredelstein> That's it for me 18:47:46 * boklm can go next 18:48:30 <boklm> This past week I was offline. This week I'm planning to help with the new release, and finish #19528 and #19410. 18:48:37 <boklm> That's it for me 18:48:49 * mcs will give a report 18:48:58 <mcs> Since our last meeting, Kathy and I helped finish #19568, we created a fix for #19269, and we filed and fixed #19689. 18:49:07 <mcs> Also, we investigated some updater issues that were reported via blog comments and filed #19725. 18:49:13 <mcs> We did some work on #19706 but we still need to develop a patch. 18:49:19 <mcs> We reviewed the changes for #19417 and #19528. 18:49:26 <mcs> We also did a quick review of https://bugzilla.mozilla.org/show_bug.cgi?id=1173199 (upstream bug for the pref to disable MathML). 18:49:31 <mcs> This week we plan to work on #19725, #19706, and #19646. 18:49:37 <mcs> A reminder: we will both be on vacation starting this Friday July 29 through August 5th. 18:49:42 <mcs> That’s all for us. 18:50:50 <Yawning> Someone that understands the update process, if I download one of the incremental mars and invoke the `update` binary with the approrpiate flags, will the right thing happen? 18:51:48 <mcs> Yawning: yes, you should be able to apply an update via that method. 18:52:01 <Yawning> mcs: thanks <3 18:52:07 <Yawning> and update handles signuatrue verification yes? 18:52:23 <Yawning> (where's the public key used to sign mars, is it posted anywhere?) 18:52:53 <mcs> There may be some code that logs tghe args used to invoke the updater. 18:53:14 <Yawning> kk 18:53:25 <mcs> Yes, sig verification is done by the updater. 18:54:05 <mikeperry> arthuredelstein: huseby: #16610 is relevant to https://bugzilla.mozilla.org/show_bug.cgi?id=1217238 18:54:22 <mikeperry> arg 18:54:23 <mikeperry> https://trac.torproject.org/projects/tor/ticket/16110 18:54:35 <Yawning> (sorry for the continual dumb questions) 18:54:42 <mcs> The public keys are checked in under toolkit/mozapps/update/updater (as .der files). I am afraid to ask why you need them :) 18:55:25 <Yawning> uh, pet project? >.> 18:55:54 <Yawning> more code from my house of madness? 18:56:18 <mcs> :) 18:57:37 <arthuredelstein> mikeperry: Thanks. The timing thing seems like potentially a big rabbit hole :( 18:57:51 <mcs> Does anyone else have a status update to share? 18:58:34 <huseby> mikeperry: did you mean #16610? 18:58:39 <huseby> wait...sorry 18:58:41 <huseby> reading 18:58:44 <huseby> blah 18:59:30 <huseby> mikeperry: thanks, marked the bgzla bug 19:00:32 <mikeperry> arthuredelstein: yeah. intuition tells me that it's not "indefensible" but that there will be a fllor below which it will be hard to reduce the precision, even with the algorithm from #1110 19:00:56 <arthuredelstein> I know, 16110 ;) 19:00:57 <mikeperry> damn this lag 19:01:00 <mikeperry> #16110 19:01:49 <arthuredelstein> Yeah. I think the longer a script runs, the higher the precision is can achieve, through averaging. 19:02:33 <arthuredelstein> "is can" -> "it can" 19:04:20 <arthuredelstein> (regardless of the algorithm) 19:06:36 <arthuredelstein> Anyone else for a status update? 19:07:32 <mikeperry> yeah. it would be nice to know how long we can make it have to run, and what error that tends to introduce on single core vs multicore systems, etc 19:08:10 <mikeperry> but going down that rabbithole by myself was not a high enough priority for me compared to other things 19:08:58 <sukhe> I can go next 19:09:30 <sukhe> we have finished porting the updater patches from TBB to Instantbird for Tor Messenger. the actual deployment and testing remains 19:10:20 <sukhe> there are few things that are not clear so I was wondering what would be the best way to discuss them? one is the MAR signing key generation and the other is the update-responses 19:11:22 <sukhe> (happy to do the real work here, just need to be pointed to the right direction as mcs did when we started) 19:12:50 <boklm> for the mar signing key generation: https://gitweb.torproject.org/tor-browser-spec.git/tree/processes/KeyGeneration 19:12:54 <mikeperry> mar key generation is documented at https://gitweb.torproject.org/tor-browser-spec.git/tree/processes/KeyGeneration 19:13:05 <sukhe> oh great, thanks 19:14:16 <sukhe> if we have time, I would also like to discuss if we can sign Tor Messenger releases on Windows and OS X with their respective certs 19:15:03 <sukhe> is there any solution where I can send the signed releases and someone on the TBB team can sign them with the required certs? 19:15:34 <boklm> for the update-responses, we will need to use the script from https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree/tools/update-responses 19:16:01 <sukhe> boklm: yeah I saw that. is the deployment process documented somewhere? 19:18:33 <boklm> the deployement process we use is: https://gitweb.torproject.org/tor-browser-spec.git/tree/processes/ReleaseProcess 19:19:46 <sukhe> I meant for update-responses and its functionality on dist 19:20:28 * mcs unfortunately has to leave for a while but will read the backlog later. 19:21:52 <mikeperry> heh, I'm out of practice at keeping these meetings timeboxed :) 19:21:56 <boklm> sukhe: the deployement process is: updating config.yml, signing the mar files, running update_responses, copying the tools/update-responses/htdocs directory to dist 19:22:56 <sukhe> ok I will try it out and ask if you there any questions. thanks. 19:23:03 <boklm> sukhe: do we have a ticket for this ? 19:23:25 <sukhe> for the updater? yeah #14388 19:24:11 <boklm> ok, I can add some details about this on the ticket 19:25:18 <sukhe> ok great. thanks. (that's all from me) 19:25:46 <mikeperry> do we have anything for the Tor Browser release other than #8725 and maybe #19735 (perhaps both going into only the alpha)? 19:28:41 <boklm> we have also #19737 19:32:28 <mikeperry> ok thanks 19:33:19 <mikeperry> I'm going to call te meeting now, then. I am still travelling, but will merge those three in the next couple days, and then rebase when mozilla tags 19:33:57 <arthuredelstein> thanks, Mike! 19:34:02 <mikeperry> boklm: I will ping you when I think stuff is ready to start building 19:34:19 <boklm> mikeperry: ok, thanks! 19:35:05 <mikeperry> #endmeeting *baf*