#tor-dev log

19:00:01 <GeKo> #startmeeting tor browser
19:00:01 <MeetBot> Meeting started Mon Dec  5 19:00:01 2016 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:00:01 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:00:24 <GeKo> hi all and welcome to another round of the tor browser meeting!
19:00:33 <arthuredelstein> hi everyone
19:00:41 <GeKo> i guess we have to cover quite some ground today, thus let's start with quick status updates
19:00:42 <mcs> hi
19:00:45 <GeKo> who goes first?
19:00:46 <Synzvato> Hi everyone
19:01:17 <Yawning> hi
19:01:22 <boklm> hi
19:01:48 * mcs will go first
19:01:55 <mcs> Last week Kathy and I created a tor-browser-bundle patch for #20121.
19:02:00 <mcs> We also did some work on #20761.
19:02:06 <mcs> This week we will do something to address #20761 and we will also help with code reviews.
19:02:12 <mcs> If we have extra time we will work on #9675 and maybe #20083.
19:02:22 <mcs> That’s all for us.
19:03:25 <Yawning> (#20883 isn't a huge deal because I think integrating the update ui into an external sandbox agent is better)
19:03:29 <Yawning> err
19:03:30 <GeKo> i did not get to think much about #20761 the last days
19:03:33 <GeKo> sorry
19:03:56 <GeKo> i hope to get to that tomorrow
19:04:02 <mcs> Yawning: right, you said that last week but I already forgot
19:04:06 <mcs> GeKo: no problem
19:04:18 <Yawning> I can go.
19:04:41 <Yawning> I worked on stomping out sandboxing bugs, and making the sandboxing better, I still can tag whenever
19:04:55 <Yawning> I might tag and start working on the more.. involved stuff
19:05:07 <Yawning> not sure yet
19:05:26 <Yawning> That's basically it.
19:06:19 <GeKo> i can go
19:06:52 <GeKo> i worked on #20684 hoping to get that into the alpha but there are problems
19:06:57 <GeKo> err
19:07:02 <GeKo> #20683
19:07:15 <GeKo> 32bit is not ready yet it seems
19:07:42 <GeKo> and i even hit issues with 64bit selfrando in the alpha. we'll see if i find time to debug and fix that in time
19:08:06 <Yawning> GeKo: is there a ticket re: NSS, HW AES and selfrando
19:08:10 <GeKo> but the selfrando people fixed already some stuff and made a tag for us
19:08:16 <GeKo> Yawning: not yet
19:08:26 <GeKo> probably best in their github bugtracker
19:08:38 <GeKo> but we can have one on trac as well
19:08:48 <Yawning> I need to apply the override to the alpha in the sandbox if that ships
19:08:56 <GeKo> then i worked on the drl proposal for tor browser on mobile
19:09:02 <Yawning> which takes all of 2 mins, but I need to know to do it.
19:09:04 <Yawning> (sorry)
19:09:28 <GeKo> i had the interesting experience of acting on a 0-day chemspill release
19:09:35 <GeKo> thanks for all that helped with it
19:09:53 <GeKo> that did cost bascially two days :(
19:10:06 <GeKo> then i did the admin stuff for the month
19:10:23 <Yawning> (lolwtf https://github.com/immunant/selfrando/issues/5)
19:10:40 <GeKo> i am not fully done yet due to some planning we can talk about later
19:11:05 <GeKo> Yawning: yeah, i was, well, surprised about that one too
19:11:18 <GeKo> i reviewed #20121
19:11:33 <GeKo> this week i hope to get all the things into the alpha and release we want
19:11:39 <GeKo> and get the building going
19:11:49 <GeKo> i guess there won't be much time else :(
19:11:52 <GeKo> that's it for now
19:13:05 * boklm can go next
19:13:17 <boklm> This past week I helped with the new surprise releases, helped with #20352 to install seccomp from backports
19:13:20 <boklm> I posted a patch on #20660 and worked a little on #17380
19:13:29 <boklm> This week I'm planning to help with the new releases, fix setup on the Windows test machine to fix the win_DEP_ASLR test, and work on #17380
19:13:37 <boklm> That's all for me
19:13:47 <GeKo> where are we with #20352?
19:13:56 <GeKo> do you think the patches are good as they are?
19:14:35 <boklm> I can review the patches more carefully tomorrow
19:14:44 <GeKo> that would be neat
19:14:54 <Yawning> (SHould #20793 live with the gitian stuff?)
19:15:07 <GeKo> i think having a nightly might not be that bad before we start with the alpha
19:15:19 <Yawning> (It's more, add a .desktp and an icon to the packaging thing.)
19:15:21 <GeKo> Yawning: i thought so while looking over the ticket
19:15:37 <Yawning> I could put one in the source tree somewhere as well
19:15:44 <Yawning> but I have no neat icon
19:16:16 <Yawning> and my artistic tallent is bacially like, stick figures and ascii art middle fingers
19:16:18 <Yawning> so
19:16:51 * GeKo mumbles something about ux team
19:17:19 <isabela> we dont have a designer on staff but we can help look for volunteers who could help
19:17:22 <isabela> :)
19:17:40 <GeKo> who is next?
19:17:40 <isabela> Yawning: all you need is an icon?
19:18:08 <Synzvato> I could go next
19:20:09 <GeKo> Synzvato: sure, go
19:20:10 <Synzvato> I have done some additional work on #20815 during the past week
19:20:30 <Synzvato> Wrapped up the tests, shared some conclusions, and the corresponding prototype
19:21:16 <GeKo> neat
19:21:20 <Synzvato> Wrapped up the tests, shared some conclusions, and the corresponding prototype. This week, based on the results, we could discuss where we want to go from here (technology-wise).
19:21:51 <GeKo> fine with me
19:21:53 <isabela> Synzvato: sounds good - we can do that after this meeting on tor-mobile
19:22:52 <Synzvato> Sure
19:23:15 <Synzvato> That's it for me
19:23:49 * arthuredelstein can go
19:24:09 <arthuredelstein> This week again I have been working on #10281.
19:24:18 <arthuredelstein> I have 3 approaches now:
19:24:24 <arthuredelstein> (1) Using DieHarder
19:24:30 <arthuredelstein> (2) Using a patch to use randomized partitions
19:24:36 <arthuredelstein> (3) Using jemalloc redzones
19:24:46 <GeKo> do we get all three? :)
19:24:55 <arthuredelstein> (1) unforunately is causing occasional crashes. The DieHarder author is helping me look into it.
19:25:08 <arthuredelstein> (2) seems to be a good idea but I have had a lot of trouble trying getting my backport to work correctly on ESR45.
19:25:15 <arthuredelstein> (3) now seems to be the simplest option, so I started working on that this weekend and I hope to have a patch ready today.
19:25:24 <Yawning> (weird irc client shat itself sorry)
19:25:39 <arthuredelstein> Once I have (3) working I will go back to (2) as well.
19:25:48 <arthuredelstein> But given the time pressure I think (3) is the best option right now.
19:26:05 <GeKo> okay, let me know if there is stuff i or anybody else can help with
19:26:12 <arthuredelstein> thanks
19:26:39 <arthuredelstein> Would be useful to me to discuss selfrando at some point as well.
19:26:48 <arthuredelstein> That's all for me.
19:27:06 <GeKo> have you read the paper?
19:27:46 <arthuredelstein> Yes, part of it.
19:28:14 <GeKo> okay, otherwise this would have been my first idea
19:28:34 <GeKo> anyway, anybody else here for a status update?
19:29:44 <GeKo> okay, then let's move on to discussion time
19:30:21 <GeKo> i have two items. the most important one is work for the coming weeks and months now that sponsoru is basically over
19:30:31 <GeKo> we have https://trac.torproject.org/projects/tor/wiki/org/roadmaps/TorBrowser
19:30:41 <GeKo> and i updated it a bit and shuffeld items around
19:30:57 <GeKo> i think it is okay for the next couple of weeks and months at least
19:31:05 <GeKo> but it is not set in stone
19:31:22 <GeKo> mcs: the main task for you would be sandboxing things
19:31:47 <GeKo> probably seatbelt profile feedback incorporation; unix domain socket stuff
19:32:03 <GeKo> and most importantly looking at the content sandboxing that comes with esr52
19:32:22 <Yawning> there was plans to talk to mozilla about things
19:32:38 <GeKo> one big item here would be to check how well our own extensions work with e10s
19:32:44 <GeKo> yeah, sounds good
19:33:08 <GeKo> boklm: i have the gitian transformation as main point for you
19:33:18 <boklm> ok
19:33:19 <mcs> GeKo: OK. Kathy and I will look over the roadmap in more detail soon.
19:33:28 <GeKo> i guess the windows 64bits builds have to wait for 7.5 alpha
19:33:51 <GeKo> mcs: thanks
19:34:18 <GeKo> boklm: it might be too much to try to get away from gitian and get 64bit builds out with gitian at the same time
19:34:22 <Yawning> I still have no idea what I'm going to do next year
19:34:44 <GeKo> there is still 1month we have for the linux sandbox i guess
19:35:02 <Yawning> I mean, I dunno, it needs ongoing improvement
19:35:02 <GeKo> (money-wise)
19:35:06 <Yawning> (yeah)
19:35:12 <GeKo> (yeah)
19:35:22 <Yawning> oh here's a random question
19:35:34 <Yawning> does sending SIGTERM to firefox cause a graceful exit?
19:35:54 <GeKo> arthuredelstein: i think if you want to start with the rebasing once the dust settles that might be good thing
19:36:07 <Yawning> ie: if I want to retart firefox to apply an update, can I just SIGTERM it?
19:36:10 <GeKo> we would have chances this time to be earlier done with that
19:36:24 <GeKo> and would have more time for testing thigns
19:36:27 <GeKo> *things
19:36:52 <GeKo> i plan to look over the release notes of past firefox releases to find large things we need to patch earlier
19:37:14 <arthuredelstein> GeKo: Yes, I agree rebasing should be my next task
19:37:20 <GeKo> this way we avoid doing all the 52esr things whn they are urgent
19:37:24 <GeKo> okay, cool
19:37:36 <GeKo> Yawning: not sure, i'd have to look at the code
19:37:40 <arthuredelstein> Also because it will help to see how well the new FPI patches are working
19:37:57 <arthuredelstein> And I think with E10s we're going to have more things to fix.
19:38:06 <GeKo> yes, and testing all that can't get started early enough
19:38:12 <arthuredelstein> exactly
19:38:46 <GeKo> arthuredelstein: oh, with respect to rebasing and upstreaming there is #20557
19:38:50 <Yawning> no worries I can check myself, just wondering if anyone knew offhand
19:38:56 <GeKo> i wonder whether we could help the bsd people here
19:39:13 <GeKo> either by upstreaming their patches or at least by including them into our tree
19:39:27 <GeKo> (so that we are aware of them)
19:39:58 <GeKo> might be a thing to thing about while doing the esr52 transition
19:39:59 <arthuredelstein> GeKo: Yeah, that sounds like a good idea.
19:40:15 <GeKo> okay. that's it from me wrt planning
19:40:23 <GeKo> for the next weeks and months
19:40:48 <GeKo> if there are things that sound wrong or not optimal let me know and we can fix them
19:40:56 <isabela> also
19:41:01 <Yawning> patching that selfrando thing looks easy
19:41:05 <isabela> the ux team are tracking the tasks we can help y'all with
19:41:19 <Yawning> "make the sandbox ui not suck, once there's binaries for download"
19:41:25 <isabela> i know they are far away on the roadmap
19:41:48 <Yawning> unless they want to build the current master
19:42:24 <isabela> just want to let you know we are aware of them and will organize ourselves to help out with it
19:42:40 <GeKo> thanks
19:43:29 <GeKo> the second item i have on my list is a bit 6.5 planning
19:43:52 <GeKo> because next week there'll be the last 6.5 alpha coming out (hopefully)
19:44:08 <GeKo> question 1) what do we do with the unix domain socket work?
19:44:19 <Yawning> does it work?
19:44:38 <GeKo> for most of the scenarios for  most people as it seems
19:45:00 <GeKo> but i feel we should wait for 7.0 before we ship it on by default
19:45:04 <Yawning> I guess more importantly, does anything else we plan to ship during the 6.5 service life require it?
19:45:17 <GeKo> there are still edges i want to get rid of
19:45:33 <GeKo> Yawning: i don't think so
19:45:56 <Yawning> I mean, the fact that we wre working on it got a lot of press, but I tbb_stub-ed the problem away
19:46:05 <Yawning> so I don't have the dependnecy
19:46:05 <GeKo> yeah
19:46:11 <Yawning> does the OSX thing need it?
19:46:27 <GeKo> currently #20761 is the main blocker here
19:46:53 <GeKo> not sure actually but it uses it
19:47:02 <mcs> Yawning: Yes, although we could enable it via an env var if necessary (I think)
19:47:29 <mcs> I think it is okay to disable it by default (via prefs) if we think we may break too many things
19:47:36 <Yawning> ^
19:47:53 <GeKo> that's my impression, too, good
19:48:25 <arthuredelstein> If #20761 is the main blocker, then that seems like something that could be patched.
19:48:31 <arthuredelstein> Although maybe there isn't enough time
19:49:03 <GeKo> i think we need a patch anyway as disabling it does not restore the old behavior it seems
19:49:28 <mcs> GeKo: I think you are correct.
19:49:48 <GeKo> so, my current plan is to disable it for the next alpha to have at least one alpha to test for the configuration we want to ship
19:50:52 <GeKo> mcs: so what is probably most needed right now is a patch that is guaranteeing the old behavior if the feature is disabled
19:51:04 <Yawning> should I patch that selfrando thing?
19:51:05 <GeKo> i am still not sure whether that means solving #20761
19:51:35 <mcs> GeKo: We don’t have a solution yet even for just that part but we will work on it.
19:51:40 <GeKo> or whether there is a shortcut for us to get what we want short term
19:51:42 <GeKo> okay, thanks
19:51:54 <GeKo> Yawning: feel free, the selfrando folks would be happy i guess
19:52:07 <GeKo> but read the dev agreement first
19:52:18 <GeKo> that was horrible the last time i looked at ot
19:52:20 <GeKo> *it
19:52:31 <Yawning> dev agreement?
19:53:54 <GeKo> yeah, let me look it up later
19:54:03 <Yawning> oh I see
19:54:25 <GeKo> question 2) we want to have a new MAR signing key soon just for the usual yearly rotation
19:54:29 <GeKo> we do for the first time
19:54:41 <GeKo> i wonder what would be a good timeframe for this
19:54:56 <GeKo> should we put it into the alpha and then ship it in 6.5
19:55:10 <GeKo> or is aiming for 7.0 a better thing?
19:55:48 <Yawning> ... they want me to sign something
19:55:48 <GeKo> i wonder whether there are are some cons for the 6.5 plan i am missing
19:55:50 <Yawning> yeah ok fuck that
19:55:56 <GeKo> yeah
19:56:10 <Yawning> are *we* comfortable with, carrying a patch around that fixes that
19:56:17 <Yawning> #fuckupstream
19:56:24 <GeKo> i think so, yes
19:56:27 <Yawning> k
19:56:34 <Yawning> I'll ragefork the repo and fix that
19:56:39 <GeKo> thx
19:57:29 <GeKo> apart from that i don't have further things to discuss
19:57:41 <GeKo> if there is something else we have three minutes :)
19:57:52 <Yawning> If we are rotating mar keys
19:58:02 <Yawning> will the old ones continue to work for a while?
19:58:20 <mcs> testing the new mar signing key in the alpha might be smart just in case
19:58:23 <GeKo> there is no expiration date on them
19:58:26 <Yawning> my tinfoil hattery hardcodes the mar signing key in my sandbox thing, so I don't need to trust the updater to verify sigs
19:58:42 <Yawning> there's like 10 sig slots or something in the MAR format right?
19:58:43 <GeKo> which is one reason we want to rotate them yearly
19:58:53 <Yawning> we'll continue to sign updates with the old keys for a while?
19:59:01 <GeKo> mcs: that was one of my thoughts as well
19:59:49 <GeKo> Yawning: the second one that has been baked in from the beginning will be there for more than another year
20:00:02 <Yawning> Updating the hardcoded mar keys is trivial, I'm more concerned about getting the update out, because I have no idea how to handle updating my thing yet
20:00:04 <Yawning> ok
20:00:25 <Yawning> I have release_primar and release_secondary
20:00:28 <Yawning> right now
20:00:55 <GeKo> primar goes away and secondary->primar and a new secondary enters the scene
20:01:09 <GeKo> *primary probably
20:01:19 <Yawning> ah gotcha
20:01:21 <Yawning> ok
20:01:26 <GeKo> okay, i think i'll aim for 7.0 and plan to think a bit harder about it
20:01:42 <GeKo> i think we are at the end
20:01:55 <GeKo> thanks all for your input *baf*
20:01:59 <GeKo> #endmeeting