#tor-dev log

18:01:20 <mikeperry> #startmeeting tbb-dev
18:01:20 <MeetBot> Meeting started Mon Jul 25 18:01:20 2016 UTC.  The chair is mikeperry. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:01:20 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
18:01:30 <boklm> hi
18:01:39 <arthuredelstein> hi everyone
18:02:17 <mikeperry> ok, so GeKo is on vacation, so I'm going to chair th meeting today, and help rebase and tag the release
18:02:54 <mcs> mikeperry: thanks for stepping into old shoes
18:03:01 <Yawning> hi browser people
18:03:14 <mikeperry> as far as I understand it everything is ready as far as code, we just need me to do the rebasing of the patch sets and tag the release for building
18:03:56 <mikeperry> I may also try to switch us to DuckDuckGo, if I feel confident I can do that without issue
18:04:33 <mcs> Will there be an alpha release at the same time or just after?
18:05:05 <mikeperry> hopefully at the same time, but Georg's mail mentioned only a stable branch
18:05:16 <mcs> OK
18:05:49 <mikeperry> is there anything I need to be aware of the the alpha and hardened tags+branches? GeKo mentioned only tor-browser-45.2.0esr-6.0-1
18:05:58 <mikeperry> as the source for rebasing on to 45.3.0
18:07:11 <mikeperry> apparently #19735 is the ticket I should use for the search engine change
18:08:00 <mcs> alpha should be on tor-browser-45.2.0esr-6.5-1
18:08:43 <mcs> but boklm probably knows all :)
18:09:08 <Yawning> uh
18:09:15 <Yawning> is my resource:// patch
18:09:20 <Yawning> going to get merged at least in alpha
18:09:49 <huseby> mtg today?
18:09:51 <huseby> hi
18:09:52 <arthuredelstein> I would also be in favor of Yawning's patch being included in the alpha.
18:09:55 <Yawning> it might not be perfect, but it probably won't break shit, and makes the situation dramatically less bad
18:10:12 <mikeperry> do we have a ticket for it?
18:10:21 <arthuredelstein> #8725
18:10:47 <boklm> in an email, Georg said he was not sure about waiting for August 1 to do the alphas, or start building them on the weekend to have enough time for signing them
18:11:18 <arthuredelstein> Yawning's branch has three commits that would need to be included
18:12:01 <Yawning> I used your commit naming convetion, so the 3 commits should stand out >.>
18:14:38 <mikeperry> shooting from the hip, my guess is #8725 will be fine for the alpha. less sure about the stabl
18:14:55 <Yawning> I've been using various versions of that for weeks
18:15:03 <Yawning> which ironically makes my browser fingerprint unique
18:15:19 <Yawning> becasue it doesn't leak information like a sieve >.>
18:15:37 <Yawning> up to y'all
18:16:47 <Yawning> (offtopic to the meeting I have questions-ish about the updater)
18:17:20 <mikeperry> ok, let's progress into the normal status updates and blocker concerns, and then discuss the release in more detail after that
18:17:27 <mikeperry> who wants to go "next"? :)
18:17:41 * arthuredelstein can go
18:17:46 <Yawning> I poked at sandboxing tor browser
18:17:48 <Yawning> it works
18:17:58 <Yawning> it's sketch and kludge but infinitely better than any other attempt
18:17:59 <Yawning> nyah
18:18:01 <Yawning> done
18:18:03 <Yawning> >.>
18:18:20 <arthuredelstein> Yawning: How do you feel about firejail vs flatpak now?
18:19:02 <Yawning> hm
18:19:07 <Yawning> either would work still
18:19:18 <Yawning> depends on what we want to do with our uptater
18:19:25 <Yawning> and how we want to launch tor
18:21:16 <Yawning> (which is an issue that we need to do design work on earlier rather than later)
18:22:53 <arthuredelstein> Do you think firejail is easer to use with the existing updater/tor launcher?
18:23:27 <Yawning> the former kind of
18:23:44 <Yawning> tor-laucher poses interesting questions regardless of system
18:24:13 <Yawning> I need to think about it more (and we should prolly discuss this offline/in a tocket/e-0mail w/e)
18:25:16 <huseby> Yawning: there's a *lot* of sandboxing work going on over on my side of the fence...have you talked to anybody working on it?
18:25:23 <huseby> jld@mozilla.com is probably the place to start
18:25:33 <Yawning> no
18:25:52 <Yawning> I have sat in my bunker of h8 and infinite lonleyness and just got it working for me >.>
18:26:28 <mikeperry> yeah, I have some thoughts in a text file about this.. Tor either needs to be launched independently, or we need some mechanisms like apparmor has for changing sandbox contexts based on execution.. we also need some way to lock down configuration of the tor client (at minimum some kind of control port filter could enforce this, possibly)
18:27:12 <huseby> Yawning: also re: tor#8725 you should set yourself as owner of https://bgz.la/863246 and upstream the patch.  (I'll help you do it).
18:27:21 <Yawning> ...
18:27:32 <mikeperry> we may actually also need a separate meek-style profile to run tor launcher in a separate process
18:27:34 <Yawning> it's sketch javascript, doing it in C++ is prolyl better >.>
18:27:58 <Yawning> my thing is just the "expeident, good enough" thing >.>
18:28:01 <mikeperry> and maybe leverage Mozilla's work there at a later date
18:29:10 <huseby> re: sanboxing, our current work tor related work that is sandboxing oriented is https://bgz.la/1287994 and https://bgz.la/1288308
18:29:15 <huseby> we're adding named pipe support
18:29:28 <huseby> so we can block/unshare the network kernel API's altogether
18:29:49 <huseby> then jld would know all about the work cribbing from the chromium sandbox
18:30:08 <huseby> Yawning: anyway, my point is, maybe coordinate?  you might make friends
18:30:43 <huseby> and your bunker at h8 and infinite loneliness might turn into h8-less and not-so-lonely :)
18:30:43 <mikeperry> oh cool namd pipe proxy support?
18:30:52 <huseby> mikeperry: yup ;)
18:31:01 <Yawning> I went with af_unix
18:31:02 <huseby> i convinced our necko team that it is a priority
18:31:09 <Yawning> for my h8 implementation
18:31:12 <Yawning> but I cheated
18:31:15 * mikeperry gets distracted by the mozilla tickets instead of status updates. and wonders if he is being a bad meeting chair :)(
18:31:36 <huseby> naw, we're always a bunch of chaos in this meeting
18:31:47 <Yawning> I also looked at the neko code and it looked simple, but cheating was easier/faster
18:31:52 <Yawning> and didn't involve rebuilding firefox
18:31:54 <huseby> mikeperry: let me make it easier on you.  all active tor work: https://wiki.mozilla.org/Security/Tor_Uplift/Tracking
18:32:00 <mikeperry> do we have af_unix patches/tickets for the linux and mac side?
18:32:08 <Yawning> we have a ticket
18:32:11 <Yawning> we don't have a patch
18:32:23 <huseby> mikeperry: uh, yes...
18:32:24 <Yawning> because, like I said, I cheated (I use LD_PRELOAD)
18:32:27 <huseby> that's the second bug
18:32:30 <huseby> 1288308
18:32:37 <huseby> i think we're tackling windows first
18:32:48 <Yawning> cheating works fine on all the unixes
18:32:49 <Yawning> heh
18:33:31 <huseby> turns out windows is harder than thought to make named pipes work
18:33:43 <arthuredelstein> Do we have a parent TBB sandboxing ticket on trac?
18:33:44 <huseby> and AFAICT, windows tor proxy doesn't support it either
18:33:57 <huseby> so we might have a patch for you guys :)
18:34:16 <Yawning> arthuredelstein: don't think so
18:34:39 <Yawning> #14270 is our af_unix one
18:34:53 <arthuredelstein> Yawning: I'll open one.
18:37:12 <huseby> Yawning: done with your update?
18:37:32 <arthuredelstein> #19055
18:37:36 <Yawning> I've been done for a while
18:37:43 <Yawning> >.>
18:37:48 <Yawning> arthuredelstein: that's orthogonal
18:37:54 <arthuredelstein> Oops, #19750
18:38:22 <Yawning> (the whole upstreaming thing is dumb, and I have a better idea, but other people should do their reports)
18:39:23 <huseby> ok
18:39:24 <huseby> can I go?
18:39:28 <arthuredelstein> go ahead
18:39:49 <huseby> so, my team....(HAH! "my team"...never thought I'd say that)
18:39:50 <huseby> so, ehem
18:40:05 <huseby> my team has a WIP uplift for the javascript timer precision reduction
18:40:16 <huseby> https://bgz.la/1217238
18:40:33 <huseby> i'll be reviewing it today but would like some feedback from arthuredelstein and mikeperry (if you have time)
18:40:44 <huseby> jonathan ran into some issues IIRC
18:41:10 <huseby> I've got a WIP patch for the firstPartyDomain origin attribute here https://bgz.la/1260931
18:41:28 <huseby> we're still chewing on it, but this will eventually replace ThirdPartyUtils::Get* functions
18:42:10 <huseby> the containers project is maturing and fixing a bunch of the origin attributes bugs
18:42:28 <huseby> next up for me is to uplift the tor isolation patches to validate our origin attributes implementation
18:42:33 <huseby> that's it for me
18:42:36 <huseby> oh
18:42:45 <huseby> an we're all coming to the tor dev meetup in seattle in september
18:42:54 <huseby> "my team" is
18:43:30 <huseby> there is one more engineer that will be joining my team in the next week or so
18:43:36 <huseby> so velocity++
18:43:41 <huseby> ok, now i'm done
18:44:45 <mikeperry> cool. I am digging around for the follow-up ticket we had to #1517 on our side
18:46:16 * arthuredelstein can go
18:46:25 <arthuredelstein> Since our last meeting, I reworked the font whitelisting patch
18:46:32 <arthuredelstein> (https://bugzilla.mozilla.org/show_bug.cgi?id=1121643)
18:46:42 <arthuredelstein> I finished up the https://bugzilla.mozilla.org/show_bug.cgi?id=1235520 patch (for posting soon)
18:46:47 <arthuredelstein> I did some more investigation of the ramifications of the #18762 patch.
18:46:56 <arthuredelstein> I opened and started working on #19741.
18:47:02 <arthuredelstein> I set up a live test for #8725 / bugzil.la/1120398 and then reviewed yawning's additional patch to address that issue.
18:47:08 <arthuredelstein> I reviewed #19484.
18:47:23 <arthuredelstein> I started working on #19459, and I also did some work on #13018.
18:47:28 <arthuredelstein> I hope to have patches working for these two in the next few weeks, in between vacations days.
18:47:31 <arthuredelstein> That's it for me
18:47:46 * boklm can go next
18:48:30 <boklm> This past week I was offline. This week I'm planning to help with the new release, and finish #19528 and #19410.
18:48:37 <boklm> That's it for me
18:48:49 * mcs will give a report
18:48:58 <mcs> Since our last meeting, Kathy and I helped finish #19568, we created a fix for #19269, and we filed and fixed #19689.
18:49:07 <mcs> Also, we investigated some updater issues that were reported via blog comments and filed #19725.
18:49:13 <mcs> We did some work on #19706 but we still need to develop a patch.
18:49:19 <mcs> We reviewed the changes for #19417 and #19528.
18:49:26 <mcs> We also did a quick review of https://bugzilla.mozilla.org/show_bug.cgi?id=1173199 (upstream bug for the pref to disable MathML).
18:49:31 <mcs> This week we plan to work on #19725, #19706, and #19646.
18:49:37 <mcs> A reminder: we will both be on vacation starting this Friday July 29 through August 5th.
18:49:42 <mcs> That’s all for us.
18:50:50 <Yawning> Someone that understands the update process, if I download one of the incremental mars and invoke the `update` binary with the approrpiate flags, will the right thing happen?
18:51:48 <mcs> Yawning: yes, you should be able to apply an update via that method.
18:52:01 <Yawning> mcs: thanks <3
18:52:07 <Yawning> and update handles signuatrue verification yes?
18:52:23 <Yawning> (where's the public key used to sign mars, is it posted anywhere?)
18:52:53 <mcs> There may be some code that logs tghe args used to invoke the updater.
18:53:14 <Yawning> kk
18:53:25 <mcs> Yes, sig verification is done by the updater.
18:54:05 <mikeperry> arthuredelstein: huseby: #16610 is relevant to https://bugzilla.mozilla.org/show_bug.cgi?id=1217238
18:54:22 <mikeperry> arg
18:54:23 <mikeperry> https://trac.torproject.org/projects/tor/ticket/16110
18:54:35 <Yawning> (sorry for the continual dumb questions)
18:54:42 <mcs> The public keys are checked in under toolkit/mozapps/update/updater (as .der files). I am afraid to ask why you need them :)
18:55:25 <Yawning> uh, pet project? >.>
18:55:54 <Yawning> more code from my house of madness?
18:56:18 <mcs> :)
18:57:37 <arthuredelstein> mikeperry: Thanks. The timing thing seems like potentially a big rabbit hole :(
18:57:51 <mcs> Does anyone else have a status update to share?
18:58:34 <huseby> mikeperry: did you mean #16610?
18:58:39 <huseby> wait...sorry
18:58:41 <huseby> reading
18:58:44 <huseby> blah
18:59:30 <huseby> mikeperry: thanks, marked the bgzla bug
19:00:32 <mikeperry> arthuredelstein: yeah. intuition tells me that it's not "indefensible" but that there will be a fllor below which it will be hard to reduce the precision, even with the algorithm from #1110
19:00:56 <arthuredelstein> I know, 16110 ;)
19:00:57 <mikeperry> damn this lag
19:01:00 <mikeperry> #16110
19:01:49 <arthuredelstein> Yeah. I think the longer a script runs, the higher the precision is can achieve, through averaging.
19:02:33 <arthuredelstein> "is can" -> "it can"
19:04:20 <arthuredelstein> (regardless of the algorithm)
19:06:36 <arthuredelstein> Anyone else for a status update?
19:07:32 <mikeperry> yeah. it would be nice to know how long we can make it have to run, and what error that tends to introduce on single core vs multicore systems, etc
19:08:10 <mikeperry> but going down that rabbithole by myself was not a high enough priority for me compared to other things
19:08:58 <sukhe> I can go next
19:09:30 <sukhe> we have finished porting the updater patches from TBB to Instantbird for Tor Messenger. the actual deployment and testing remains
19:10:20 <sukhe> there are few things that are not clear so I was wondering what would be the best way to discuss them? one is the MAR signing key generation and the other is the update-responses
19:11:22 <sukhe> (happy to do the real work here, just need to be pointed to the right direction as mcs did when we started)
19:12:50 <boklm> for the mar signing key generation: https://gitweb.torproject.org/tor-browser-spec.git/tree/processes/KeyGeneration
19:12:54 <mikeperry> mar key generation is documented at https://gitweb.torproject.org/tor-browser-spec.git/tree/processes/KeyGeneration
19:13:05 <sukhe> oh great, thanks
19:14:16 <sukhe> if we have time, I would also like to discuss if we can sign Tor Messenger releases on Windows and OS X with their respective certs
19:15:03 <sukhe> is there any solution where I can send the signed releases and someone on the TBB team can sign them with the required certs?
19:15:34 <boklm> for the update-responses, we will need to use the script from https://gitweb.torproject.org/builders/tor-browser-bundle.git/tree/tools/update-responses
19:16:01 <sukhe> boklm: yeah I saw that. is the deployment process documented somewhere?
19:18:33 <boklm> the deployement process we use is: https://gitweb.torproject.org/tor-browser-spec.git/tree/processes/ReleaseProcess
19:19:46 <sukhe> I meant for update-responses and its functionality on dist
19:20:28 * mcs unfortunately has to leave for a while but will read the backlog later.
19:21:52 <mikeperry> heh, I'm out of practice at keeping these meetings timeboxed :)
19:21:56 <boklm> sukhe: the deployement process is: updating config.yml, signing the mar files, running update_responses, copying the tools/update-responses/htdocs directory to dist
19:22:56 <sukhe> ok I will try it out and ask if you there any questions. thanks.
19:23:03 <boklm> sukhe: do we have a ticket for this ?
19:23:25 <sukhe> for the updater? yeah #14388
19:24:11 <boklm> ok, I can add some details about this on the ticket
19:25:18 <sukhe> ok great. thanks. (that's all from me)
19:25:46 <mikeperry> do we have anything for the Tor Browser release other than #8725 and maybe #19735 (perhaps both going into only the alpha)?
19:28:41 <boklm> we have also #19737
19:32:28 <mikeperry> ok thanks
19:33:19 <mikeperry> I'm going to call te meeting now, then. I am still travelling, but will merge those three in the next couple days, and then rebase when mozilla tags
19:33:57 <arthuredelstein> thanks, Mike!
19:34:02 <mikeperry> boklm: I will ping you when I think stuff is ready to start building
19:34:19 <boklm> mikeperry: ok, thanks!
19:35:05 <mikeperry> #endmeeting *baf*