19:00:18 <GeKo> #startmeeting tba-a3 prep
19:00:18 <MeetBot> Meeting started Thu Dec 13 19:00:18 2018 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:00:18 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:00:26 <sisbell> hi
19:00:34 <GeKo> let's see
19:00:57 <pili> I have put together a quick pad for some reference also: https://storm.torproject.org/shared/8rBxmOjPs26nzQvmUvH9icIvAIE07uWnq6EFwXD0P-k
19:01:05 <GeKo> first of all, we made the tba-a2 milestone, yay!
19:01:06 <pili> with some links and notes
19:01:19 <pili> \o/
19:01:28 <GeKo> i think this has been the hardest so far
19:01:43 <GeKo> and i think the things yet to come won't be harder
19:02:02 <GeKo> and we have reproducible builds
19:02:07 <GeKo> and a multilocale .apk
19:02:32 <GeKo> good job so far!
19:02:37 <GeKo> now
19:02:43 <antonela> \o/
19:02:50 <GeKo> https://trac.torproject.org/projects/tor/query?status=!closed&keywords=~TBA-a3
19:03:09 <GeKo> is the link with all the tickets which i have collected to tba-a3
19:03:33 * emmapeel dances a multilocale dance
19:03:59 <GeKo> https://pad.riseup.net/p/tbb-roadmap-2018-19
19:04:13 <GeKo> has the things we want to have for this milestone
19:04:25 <GeKo> ("3rd alpha release")
19:04:36 <GeKo> end of december is too optimistic
19:04:40 <GeKo> :)
19:04:47 <GeKo> so we'll move this to january
19:05:00 <GeKo> i am still pondering whether we should have a separate release for that
19:05:09 <GeKo> and then the security update like a week later
19:05:12 <GeKo> as we did this time
19:05:34 <GeKo> but i think it's fair to say we want to have tba-a3 things out in january
19:05:51 <GeKo> with that in mind, please look over the tba-a3 tickets
19:06:06 <GeKo> and let me know whether it makes sense what i've collected there
19:06:41 <GeKo> additionally i've started using https://trac.torproject.org/projects/tor/query?keywords=~tba-8.5
19:06:51 <sisbell> It doesn't look like much reproducible build stuff for android is in this next release
19:07:04 <GeKo> to tag stuff we want to have in the final release, probably happening at the same time with 8.5
19:07:20 <GeKo> sisbell: we fixed all of it!
19:07:50 <GeKo> (well, probably compiling tor on our own brings some new issues, see the openssl ticket)
19:08:05 <GeKo> but maybe providing x86 builds raises new problems
19:08:07 <GeKo> we'll see
19:08:27 <sisbell> cool, i'll just need to know priorities for me
19:08:38 <sisbell> I can jump in on anything
19:08:39 <GeKo> yeah, no worries we get to that :)
19:08:50 <GeKo> just the basic outline first
19:09:54 <GeKo> sysrqb: what i am a bit unsure about is the state of the pt integration
19:10:14 <GeKo> especially if we don't want to have orbot any longer
19:10:35 <GeKo> which is why #28802 is rather vague
19:11:20 <sysrqb> yes, i think anto and me wanted to talk about that a little inthis meeting, too
19:11:30 <sysrqb> s/me/I/
19:11:44 <GeKo> okay, let's do this
19:11:58 <sysrqb> in terms of UI
19:13:31 <antonela> yes, we really want to ship a browser that people open it and the browser starts. We may need to consider the bootstrapping moment and also that comment georg you made about exposing users in risk when they are connecting to tor
19:15:03 <antonela> we have been discussing a lot of options to do it, one of them is having a list of countries were we think tor access could be compromised and move users to the Network Settings screen
19:15:10 <antonela> s/were/where
19:16:08 <sysrqb> i think orbot integration depends on how comfortable we are with using #27609, too
19:16:14 <sysrqb> (which i guess may be the next discussion)
19:16:16 <antonela> at some point, we can do that bridge connection under the hoods, but for this scope we may need the user action
19:16:22 <antonela> yep
19:18:02 <sysrqb> at this point, i think we need to decide what we expect the user knows and understands
19:18:03 <GeKo> so, could we separate the ui question for a moment from being able to integrate pt/bridge functionality?
19:18:14 <GeKo> where are we with the latter?
19:18:33 <sysrqb> orbot already has support for obfsproxy and meek
19:18:54 <GeKo> yes. what do we do if we don't want to have orbot?
19:19:18 <sysrqb> that depends on #27609
19:19:25 <sysrqb> i haven't really looked at it
19:19:44 <GeKo> sisbell: where are we with that one?
19:19:57 <sisbell> The tor onion proxy library doesn't have UI so all of that would need to be defined and built
19:20:01 <sysrqb> but i was under the impression that integrating PTs shouldn't be too difficult
19:20:36 <sysrqb> right, no UI, but would shipping additional binaries (pluggable transports) and installing/upgrading be "easy"?
19:20:47 <sisbell> Installing is easy
19:20:57 <sysrqb> do you think?
19:21:04 <sisbell> I'm not sure what pluggable transports involves
19:21:23 <sysrqb> okay, i guess this'll need some more research
19:21:32 <sisbell> Yeah, the installing is just copying files from tor-android-binary
19:21:58 <sysrqb> these binaries won't necessarily be in tor-android-binary
19:22:08 <sysrqb> they're currently built by tor-browser-build
19:22:25 <sysrqb> but i assume we can just copy them into the asset directory before bundling
19:22:37 <sysrqb> but maybe not
19:22:45 <GeKo> yes, that could be a first step
19:22:55 <GeKo> for the final thing we have #28803
19:24:14 <sisbell> if its just putting files in assets, that will be easy
19:24:14 <GeKo> so, i think the big question to decide right now is
19:25:04 <GeKo> should we take the onion proxy library and start thinking for ui around it
19:25:17 <GeKo> or should we continue with orbot and improve its ui for our needs
19:25:36 <GeKo> i suspect the latter might be less work
19:25:44 <GeKo> but not the right solution
19:26:06 <sysrqb> yeah. my understanding is the latter is less work, but the former is better long term
19:26:17 <sisbell> There are a lot of new tools and recommendations from google for building out the UI
19:26:32 <sysrqb> we need a new UI for both
19:26:33 <sisbell> So going legacy at this point may not make as much sense
19:27:04 <sisbell> but that depends on timelines
19:27:45 <sisbell> https://developer.android.com/topic/libraries/architecture/
19:27:58 <sisbell> There is a newer view model which is way cleaner
19:27:58 <sysrqb> ~4 weeks :)
19:28:32 <sisbell> We'd need a list of UI features and design first, so that would be pretty tight
19:28:58 <sysrqb> we're contrained by the android support library we're using, as well
19:29:20 <sysrqb> we only work on tight deadlines :)
19:29:29 <GeKo> tm
19:29:37 <sysrqb> but anyway...
19:30:00 <GeKo> how about this
19:30:17 <pili> :)
19:30:35 <sysrqb> i guess one option is we ship the first stable with orbot, and we ship the 9.0 with the onion proxy library?
19:30:49 <GeKo> sisbell: could you look at possible pt integration with the onion proxy library?
19:31:01 <sisbell> yes, I'll take a look
19:31:02 <GeKo> looking how orbot does that
19:31:14 <GeKo> and thinking about the proxy library could do it
19:31:30 <GeKo> and sysrqb and anto could work on the UI design further?
19:31:38 <GeKo> i mean we need a new UI anyway
19:31:54 <GeKo> so the waste of time in case we switched away from orbot
19:31:58 <sysrqb> yeah
19:32:04 <GeKo> could maybe minimized
19:32:15 <antonela> yes, both options will require a UI
19:32:15 <sysrqb> yep
19:32:16 <GeKo> sysrqb: i think your plan is a good fallback plan
19:32:41 <GeKo> but if it is not too hard we should try for the better option first
19:32:57 <GeKo> the good thing is 8.5 does not get out on day X
19:33:02 <GeKo> we have some leeway here
19:33:15 <sysrqb> yeah
19:34:00 <sysrqb> i'm okay with this plan
19:34:31 <GeKo> igt0: what do you think?
19:34:46 <igt0> I think it is a good plan.
19:34:57 <GeKo> sisbell: you good, too?
19:35:00 <sisbell> sounds good to me
19:35:04 <GeKo> great
19:36:11 <GeKo> sysrqb: antonela: do we need further ui discussions here or can we do this on the ticket or...?
19:36:36 <antonela> i just thought that was important to agree on what we want to build
19:36:59 <antonela> and core questions are 1. Connect button 2. No Connect button
19:37:29 <GeKo> what would the connect button entail?
19:37:37 <GeKo> like, just connect?
19:37:43 <antonela> yes
19:37:46 <GeKo> or an experience like on desktop?
19:38:19 <antonela> no
19:38:32 <GeKo> what's the point of the connect button then?
19:38:50 <antonela> https://trac.torproject.org/projects/tor/attachment/ticket/28329/mockups-1.1.png
19:39:03 <antonela> this option includes the connect button and the settings button (as a secondary one)
19:39:15 <antonela> it allows users to opt-in to connect and also to config if is needed
19:39:15 <sysrqb> from user testing, as i understand it, it seems like most people don't understand what we're asking them
19:39:33 <antonela> exactly, the desktop version has problems and i dont want to carry it to mobile
19:39:34 <sysrqb> when we give them an option for connect or configure
19:40:03 <GeKo> as long as we provide a secure alternative to mobile users that's fine with me
19:40:22 <GeKo> so what is behind "settings"?
19:40:49 <antonela> so, something we discussed in all hands is that lets do our best effort to prescind from the connect button without compromise users safety
19:41:15 <antonela> behind settings we will have Network Settings, depending on which library we will have (orbot or onion proxy) the options we will have available
19:41:34 <antonela> ideally that Network Settings aims to be close with the features we have in desktop
19:41:47 <antonela> under the same section
19:41:52 <GeKo> okay, sound good to me
19:42:12 <antonela> great, how we can do it is the next question
19:42:19 <GeKo> fwiw, i am a fan of the all hands plan :)
19:42:28 <antonela> :)
19:43:12 <GeKo> so i guess as a step in the right direction we could start with the connect/settings combo?
19:43:23 <GeKo> and see how far this gets us?
19:44:02 <GeKo> or did i misunderstand the plan?
19:44:58 <antonela> mmm i would like to think that we don't need a connect button, bootstrap automagically and think about the scenarios where tor is compromised and what is the best flow to move users to network settings in that cqse
19:45:04 <antonela> s/cqse/case
19:45:18 <GeKo> okay
19:45:45 <antonela> from product perspective, is my aim, on the tech side, you have the final word :)
19:46:28 <GeKo> i personally fear this will be a deep rabbit hole which needs quite some time to get right
19:46:42 <GeKo> especially as we want to keep our safety level
19:46:52 <antonela> okey, if this is the case, we can back to the connect button idea, but could we try?
19:47:01 <sysrqb> ideally we would create different a few different UIs and having user testing for each, see which one works best
19:47:20 <sysrqb> in particular, i'm worried we're adding a connect button simply because we don't know the correct answer
19:47:30 <GeKo> i suspect we should sit down first for that idea to enumerate all the possible scenarios we care about and what could go wrong with the new design
19:47:32 <sysrqb> but the user doesn't know the correct answer either, so they select connect anyway
19:47:38 <antonela> yes, specially for the flows which may have frictions
19:47:42 <GeKo> or do we have such an analysis somewhere already?
19:47:59 <sysrqb> but this all requries more time and research
19:48:15 <GeKo> yes, i agree
19:48:25 <GeKo> and i'd love to see this kind of testing
19:48:48 <GeKo> to get some data which could back up our reasoning and decisions
19:48:50 <antonela> this could be part of s19 i think
19:48:59 <GeKo> yes
19:49:08 <antonela> so maybe, we can do it
19:49:20 <sysrqb> but for this version, i agree we can show the connect button first
19:49:20 <antonela> what we need? an anti censorship team? haha
19:49:34 <GeKo> antonela: yes, we can do it
19:49:39 <GeKo> but the issue is time
19:49:43 <antonela> yep
19:49:54 <GeKo> s19 goes longer than march/april
19:49:58 <sysrqb> so this guarantees tor browser doesn't do anything until we know the user wants to connect
19:50:02 <GeKo> where we want to have the stable out
19:50:14 <GeKo> so this would work
19:50:22 <pili> s19 funding ends at the end of May I believe :)
19:50:31 <antonela> matt, yes lets do it
19:50:52 <antonela> lets have a connect button for this version and lets think about how we/someone can research about that
19:50:58 <sysrqb> kk:)
19:51:06 <GeKo> how about we do the connect/settings combo for 8.5 stable and start working asap on the other option for 9.0?
19:51:11 <antonela> but hey, this is temporary
19:51:13 <antonela> yes!
19:51:30 <GeKo> we could start working on this hard problem in parallel to stablizing 8.5
19:51:36 <GeKo> no need to wait until it is finally out
19:51:55 <antonela> coolio
19:51:58 <sysrqb> sounds good
19:51:59 <GeKo> okay, great, i am happy
19:52:05 <antonela> that is great
19:52:06 <antonela> hahaha
19:52:12 <GeKo> :)
19:52:35 <antonela> what else? snowflake in android is not a thing yet really?
19:52:58 <sysrqb> not yet
19:52:58 <GeKo> there is something like that made by _hc
19:53:15 <GeKo> and we are supposed to integrate that int the mobile browser :)
19:53:19 <GeKo> *into
19:53:20 <antonela> nice
19:53:27 <GeKo> as part of s19
19:53:52 <GeKo> so i wanted to look over that once we have a clear way froward with out pt story
19:54:10 <GeKo> i think _hc did the hard work
19:54:22 <GeKo> and i hope the remaining piece will be less hard
19:54:34 <GeKo> not sure if we can squeeze it into 8.5
19:54:40 <GeKo> it would be cool, for sure
19:55:02 <GeKo> but i suspect snowflake itself might need more baking time on android
19:55:07 <sysrqb> yep
19:55:09 <GeKo> so probably 9.0a1
19:55:17 <GeKo> with the aim of having it in 9.0
19:55:41 <GeKo> oO(it seems this 9.0 thing will be a great release)
19:55:53 * antonela dreams with a TB9 without tor-launcher
19:55:58 * antonela drops the bomb
19:55:59 <sysrqb> igt0: are you okay with the goals for the next alpha?
19:56:01 <sysrqb> particularly, with the ones that have your name next to them?
19:56:02 <pili> I was thinking to wait until february for the snowflake part :)
19:56:25 <pili> in fact, I was thinking of waiting until february for most of the s19 part, but we can discuss during our next team meeting
19:56:32 <igt0> sysrqb, yep, if we moved things to january, yep. End of december will be tough.
19:56:38 <pili> well, starting at least, not finishing :P
19:56:44 <GeKo> igt0: yeah, no worries
19:56:54 <antonela> #28145
19:56:58 <sysrqb> yeah, for sure
19:56:58 <sysrqb> cool
19:57:01 <sysrqb> antonela: lol
19:57:03 <antonela> i'll talk with ggus or alison to have it reviewed
19:57:03 <GeKo> aiming at mid-end january
19:57:12 <GeKo> antonela: thx
19:57:23 <igt0> yep mid january would be great
19:57:54 <GeKo> i wanted to point out at the beginning of the meeting (yes!) the parity section of pili's document
19:58:00 <antonela> the one who is going to work on #28800, when that please ping me
19:58:07 <GeKo> please add stufff that i missed
19:58:32 <GeKo> yeah, that's not decided yet
19:59:02 <GeKo> so, as a final thing so everyone has 2-3 tickets on the radar
19:59:30 <GeKo> sisbell: top prio i think is #27609 + the pt story associated with it
19:59:47 <GeKo> and for the build part #28752 and #27210
19:59:52 <sisbell> understood
20:00:04 <sisbell> I have fix for #28752
20:00:12 <sisbell> So i'll check in today
20:00:17 <GeKo> saw it, great!
20:01:08 <_hc> about snowflake on android, there are binaries now that in theory should work.
20:01:29 <sysrqb> wooo!
20:01:32 <GeKo> igt0: i guess you work on #25764
20:01:47 <igt0> yes, i am on it right now
20:01:58 <sysrqb> _hc: that's awesome
20:01:59 <_hc> the open issues are: 1) how to integrate it into things (n8fr8 is working on a first attempt there)  2) making sure its not linking to proprietary Google Play libraries
20:02:07 <GeKo> and i guess you could pick of the ned identity ticket afterwards
20:02:12 <GeKo> i.e. #28800
20:02:20 <igt0> yep, they are related
20:02:21 <GeKo> sysrqb: you are doing the rest :)
20:02:31 <sysrqb> ha. yeah :)
20:02:31 <GeKo> (just kidding)
20:02:33 <antonela> haha
20:02:49 <GeKo> but #28329 i guess?
20:02:58 <sysrqb> (mostly)
20:03:07 <sysrqb> yeah
20:03:13 <GeKo> what about or open localization things
20:03:19 <GeKo> like the fastlane stuff
20:03:23 <GeKo> *our
20:03:34 <GeKo> do you think you want to look into that?
20:03:58 <sysrqb> yeah, i'll take that too
20:04:05 <GeKo> okay, thanks.
20:04:18 <GeKo> i think that's enough work for the time being
20:04:45 <GeKo> are we good with the short and medium term plan and work assignments?
20:04:55 <antonela> yeess sounds like a plan!
20:05:11 <sisbell> yes
20:05:14 <sysrqb> yep
20:05:24 <GeKo> igt0: ?
20:05:34 <igt0> yep
20:05:39 <GeKo> \o/
20:05:57 <pili> great! :)
20:06:01 <GeKo> thanks all then and happy mobile-improving *baf*
20:06:05 <GeKo> #endmeeting