18:01:33 #startmeeting tor browser 18:01:33 Meeting started Mon Jun 20 18:01:33 2016 UTC. The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:01:33 Useful Commands: #action #agreed #help #info #idea #link #topic. 18:01:39 hi everybody! 18:01:51 welcome to another weekly tor browser meeting 18:01:58 hi 18:02:03 hi 18:02:22 let's get started with the status updates 18:02:34 i guess i can start today 18:02:56 this week i worked mostly on #19400 and the related #19417 18:03:33 i furthermore prepared a new release, 6.0.2 fixing the crash and other issues that came up in the 6.0 transition 18:04:11 i continued to work on updating the design document and looked a bit on our sponsorU tickets 18:04:47 this week i plan to continue working on the design doc update + #19274 18:05:27 and i hope to get the instructions sorted out for removing the codesigning bits on OS X to check whether the bundle matched our builds 18:05:34 that's it for me. 18:06:03 * mcs will go next 18:06:12 Last week, Kathy and helped debug #19400 and #19410. 18:06:21 We created a fix for #19411. 18:06:30 We completed several code reviews for Tor Browser 6.0.2 and 6.5a2. 18:06:36 This week we will focus on #19273. 18:06:43 Also, we plan to mostly be away from keyboard June 29th - July 4th (starting next Wednesday). 18:06:49 That’s all for now. 18:08:38 * arthured1lstein can go now 18:08:44 Last week I worked on revising my patch for #16998 18:08:51 I did a review and manual tests of #8725 18:08:57 I investigated #19416. 18:09:05 I wrote and submitted a new patch for bugzil.la/1121643 18:09:11 And I did some more exploratory work on #13018. 18:09:21 This week I want to work mainly on trying to upstream patches to Firefox and looking at #10281 some more. 18:09:31 Also I might look at #19459, which is an interesting idea. 18:09:38 that's it for me 18:09:57 mcs: i guess #16623 is somehow related to #19273 18:10:06 but i have not thought much about it. 18:10:21 GeKo: Yes, thanks for bringing that ticket to our attention. 18:10:33 i actually rediscovered the tbb-torbutton-conversion things this weekend while looking for something else ;) 18:11:59 * boklm can go next 18:12:07 This past week I fixed #19402, made a first version of #18497, helped build the new version and started publishing it today. 18:12:21 I'm planning to finish publishing it tomorrow morning. Then work on #18923, #15994, #15138. 18:12:38 That's it for me. 18:14:14 b 18:14:20 oops, sorry, don't mind me. =) 18:14:31 hej, ingen fara :) 18:15:08 alright, do we have anybody else here for status updates? 18:15:18 a huseby maybe or amoghbl1? 18:16:56 does not seem to be the case. let's move to the discussion part 18:17:45 the only item i have is that we probably only do a 6.0.2 to fix the bugs we found recently 18:18:14 i originally thought about taking the opportunity to put new stuff in an alpha and get that out as well 18:18:35 but i feel that can wait and we can use our time better and get things done 18:19:14 alpha users can cope with the bugs we fixed in the stable i think 18:19:43 ok 18:20:09 Your thinking makes sense to me. For #19400, alpha users can manually rm the asmjs files if they are affected. 18:20:31 apart from that: focusing on SponsorU items seems smart as there is still the sandboxing efforts coming, probably 18:21:11 and i bet this is coming along with a bunch of surprises :) 18:21:22 but so far i think we are still good 18:21:32 “Interesting times ahead” 18:21:39 as always :) 18:22:07 did i mention the asmjscache bugs we found last week already? ;) 18:22:25 anything else we need to discuss? 18:22:47 GeKo: You made an interesting point in your recent email. 18:22:53 "I guess there is (still) a bunch of users out there that is disabling JavaScript by default and enabling it only when needed without bothering with the security slider." 18:23:12 This sounds a little like what I do! :P 18:23:22 ha! 18:23:25 I usually set security to high but then disable JS when needed. 18:23:55 Or, I should say, enable JS when needed. 18:24:08 that is okay. 18:24:26 I guess it is, but it made me wonder if we need to give clearer advice. 18:24:27 what i had i mind were users from the days we where we did not have the slider 18:24:57 and they are probably still doing the old "disable noscript and enable it only on certain sites" by default 18:25:25 without realizing that the highest level is doing a bunch of other stuff, too 18:25:32 Ah, makes sense. 18:25:42 i am not so much worried about folks doing it like you 18:25:59 I wonder if we should display some kind of alert to users who do that. 18:26:05 (The first time only) 18:26:28 Because the security slider is a little hidden compared to the NoScript button. 18:26:53 well, that's why we show the notification box the first time tor browser gets started 18:27:22 i somehow feel people thinking they need to mess with the settings further should know what they are doing 18:27:32 Yes 18:27:53 they *should* ;) 18:28:11 But I agree the existing notification is a pretty good hint 18:29:19 i am happy if we could design a better hint if possible 18:29:40 that area is one where i hope the ux people can help in the future 18:30:20 Yes, I suppose it's best to first study what users are doing in that respect. 18:30:26 yes 18:32:11 okay, thanks for the meeting everyone *baf* 18:32:18 #endmeeting