11:00:28 <richard> #startmeeting Tor Browser Weekly Meeting 2022-06-13 11:00:29 <MeetBot> Meeting started Mon Jun 13 11:00:28 2022 UTC. The chair is richard. Information about MeetBot at http://wiki.debian.org/MeetBot. 11:00:29 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 11:00:50 <richard> the meeting pad: https://pad.riseup.net/p/tor-tbb-keep 11:01:00 <richard> msim: I've added a section for you at the bottom of the doc 11:01:07 <msim> :D 11:01:29 <richard> so typically the way we do this, we spend the first 5-10 mins updating our sections with what we did the previous week, and our plans for the current one 11:01:33 <PieroV> We could delete the old discussions of May 11:02:00 <richard> put anything in bold that you want/need to discuss with the team in that part 11:02:00 <Jeremy_Rand_Talos_> Are introductions in order, for those of us who don't know msim yet? 11:02:24 <richard> or you can add discussion points in the == Discusion == section 11:02:37 <msim> oh yes i should probably do that 11:02:45 <richard> oh where are my manners 11:02:50 <richard> msim: go for it :) 11:03:01 <msim> so hi i'm the new intern (contractor? dev? not sure what i should introduce myself as) 11:03:17 <msim> i'm marco, @msimonelli on gitlab, and obviously msim on irc 11:04:10 <msim> i'll be doing some work on the sponsor 131 tasks (specifically the webrtc thing), as well as the branding swap (maybe? richard clarify pls), and also finishing up some old MRs i made 11:04:30 <Jeremy_Rand_Talos_> Ah hey, welcome msim! I think I've seen you on the R2 GitHub before? 11:04:51 <msim> yes! i also do work for bpfs on r2 :) 11:05:27 <Jeremy_Rand_Talos_> Cool cool! Sorry I didn't recognize your IRC nick. 11:05:39 <msim> ha no worries, it's not exactly plastered everywhere :P 11:06:43 <richard> Pierov: and let's indeed clear out some of the old cruft 11:06:47 <richard> from the doc 11:07:17 <PieroV> richard: done 11:11:26 <richard> ok, let's get started 11:13:40 <richard> doens't seem like wehave any bolded sections, so we'll begin with the discussion 11:14:55 <richard> to begin with, S131 work 11:17:58 <richard> with the flurry of pierov's changes last week, we are mostly there w/ regards to deliverable 1 on the tor-brwoser.git side 11:18:50 <richard> boklm: are you blocked on anything there for the tor-browser-build changes? 11:18:54 <PieroV> (I lied on the docs, I still have a thing for S131 phase 1: disabling pocket, but I'll wait for 91.10 branch) 11:20:36 <boklm> richard: no, my plan this week is to try building the new base-browser tor-browser.git branch, and check which other tor-browser-build changes are needed 11:20:48 <richard> donuts: and in terms of scheduling a kick-off meeting, that will probably need to happen next week unless we can all agree on a time for tomorrow 11:22:04 <donuts> next week wfm, we weren't planning on spending any design time on this project until July/August 11:22:16 <richard> PieroV: apart any remaining known blockers (like Pocket removal) you should be able to go ahead starting on the deliverable 2 work 11:22:45 <PieroV> richard: should we check for any possible blocker in 11.5, first? 11:23:10 <richard> i'll leave it to your best judgement on which piece makes the most sense to start with 11:23:31 <PieroV> (like: is the Mac bundled fonts issue something we should fix before going stable?) 11:23:47 <richard> yes that is a good point 11:24:04 <donuts> which one's the mac issue again? 11:24:06 <richard> we should also swap out links to the remote tb manual with the embedded one as well 11:24:12 <donuts> there are so many issues with bundled fonts :/ 11:24:16 <PieroV> Yes, I have an issue for that 11:24:24 <PieroV> (richard ^) 11:24:29 <richard> excellent 11:24:38 <PieroV> donuts: the fact is that they're all linked to Mac bundled fonts not working at all, probably 11:25:27 <donuts> yeah that seems like a thing we should fix before stable, richard? 11:25:42 <richard> sounds pretty high priority to me 11:26:04 <PieroV> And for stable I also have a pair of minor S96 issues, in addition to the help buttons 11:26:11 <donuts> wait is it only broken in alpha? 11:26:27 <PieroV> donuts: I think it broke with 11.0 11:26:33 <PieroV> But has never been fixed yet 11:26:47 <donuts> right, wuft 11:26:47 <richard> (this is why the js console doesn't use a monospace font?) 11:26:53 <richard> (or is that a different one?) 11:27:02 <PieroV> richard: no, the monospace issue has been solved 11:27:17 <PieroV> I've added Menlo last week, and it's already in the alpha 11:27:30 <PieroV> It's related for example to the bangla issue 11:27:42 <PieroV> tor-browser#41004 11:29:17 <richard> donuts: nightly w/ all of the latest changes (though not rebased to 91.10) successfully built, so you should be able to see the almost latest there 11:29:17 <richard> from Friday anyway, I assume they kept building over the weekend 11:29:52 <donuts> richard: got it, ty 11:31:27 <richard> ok 11:31:52 <richard> finally, we need builders for 11.5a13 11:32:03 * boklm can build the desktop version 11:32:14 * PieroV has built the Android version on the MR before the HTTPS-E change 11:32:35 <PieroV> I can resume after the MR is merged 11:32:37 <richard> iirc the rebase and tor-browser-build MRs have sign off, but I had to do a couple force-pushs to fix to fix various build issues 11:32:40 <richard> excellent 11:33:01 <PieroV> I think it won't be a problem, as long as the version was correct :) 11:33:04 <richard> I'll get those both pushed after htis meeting 11:33:12 <PieroV> Otherwise we need to rebuild from GeckoView on Android 11:33:25 <richard> yeah 11:33:48 <richard> also ran into a little fallout from removing aguestuser from the signing keychain (whoops) 11:34:05 <richard> but i successfully built latest so we should be good there 11:34:13 <boklm> I pushed a commit on master fixing that (but I see you made the same change in the MR) 11:34:14 <richard> alright, PieroV: let's hand the rest off to you 11:34:25 <PieroV> okay, first item will be quick 11:34:30 <richard> boklm: excellent :) 11:34:55 <PieroV> As donuts said, we have a lots of fonts issues. I think we could even add a tag for it, even though it isn't a major topic such as Linkability, or Fingerprinting or Disk Leak 11:35:06 <PieroV> err, a label 11:35:11 <donuts> like "Fonts"? 11:35:13 <PieroV> Yes 11:35:26 <richard> wfm, I can do othat 11:35:27 <boklm> +1 for adding a label 11:35:32 <donuts> +1 from me, would be nice to see them all in one place 11:35:35 <richard> i have the power 11:35:39 <Jeremy_Rand_Talos_> Sounds reasonable to me. 11:35:56 <PieroV> Great. Second item is not that quick, or maybe yes 11:36:06 <PieroV> What if we officially dropped Windows 7 support? 11:36:18 <PieroV> Windows 7 has been EOL for more than two years (Jan 14 2020) 11:36:24 <boklm> does Mozilla still support it? 11:36:29 <PieroV> Yes 11:36:31 <richard> PieroV: so the problem with that 11:36:33 <donuts> they do, iirc 11:36:34 <richard> is the global south exists 11:36:46 <Jeremy_Rand_Talos_> Do we have any info on how many users are on Win7, and why they are? 11:37:01 <richard> and doesn't necessarily run the latest and greatest operating systems 11:37:05 <donuts> yeah I would be very nervous about dropping win7 without a really good reason 11:37:36 <donuts> one thing that would be interesting though is to look into OS fragmentation among our userbase in the next UX survey 11:37:37 <PieroV> Okay, the main reason is infra-os fingerprinting through fonts, and improve support for scripts (primarily Asian, I think) 11:37:40 <msim> PieroV: other than eol what's the motivation for dropping support? 11:38:07 <PieroV> We have a series of script issues that we could solve with 2-3 system fonts, added in Windows 8 11:38:27 <PieroV> Enabling them though will allow fingerprinting the Windows version 11:38:38 <msim> ah, right 11:38:40 <richard> ah I see 11:38:46 <PieroV> (well, I'm ignoring the fact that even Windows 8, 8.1, 10 and 11 have different versions of the same font) 11:39:02 <Jeremy_Rand_Talos_> I might be okay with deprioritizing Win7-specific fixes if they are a major time sink, but I am hesitant about dropping it completely. 11:39:40 <PieroV> I think Mozilla is dropping it on the ESR after 102 11:39:55 <richard> yeah unfortunately I think this falls under the category of 'meet the users where they are' 11:40:10 <PieroV> Do we have a rough idea? 11:40:26 <richard> PieroV: tbh I woul expect them to drop support roughly around that time frame 11:40:43 <msim> PieroV: the q3 release (esr 102.1?), or do u mean esr 103? 11:40:55 <Jeremy_Rand_Talos_> What exactly is the definition of dropping Win7? TB won't run at all, or Win7 users will have a diff fp than Win8+? 11:40:56 <PieroV> ESR 114 or whatever 11:41:13 <PieroV> Jeremy_Rand_Talos_: I mean: stop doing anything special for Windows 7 11:41:20 <donuts> I assume gradually more and more unfixed bugs until it stops working entirely 11:41:21 <richard> so historically, we've had to drop support for older Windows when Mozilla does 11:41:36 <richard> becuase usually not to long after they add new sandboxing features that depend on newer windows versions 11:41:42 <PieroV> If it continue working we're all happier, but don't invest time if it stop 11:41:59 <richard> that's what happened with Vista anyway 11:42:15 <Jeremy_Rand_Talos_> PieroV, would patches still be accepted from the community for Win7 bugs? 11:42:20 <donuts> ahh, vista 11:42:24 <PieroV> Jeremy_Rand_Talos_: yeah, why not? 11:43:08 <richard> Jeremy_Rand_Talos: we will have to play it by ear honestly 11:43:26 <richard> sorry, I mean that we will need to see when we get there 11:43:38 <richard> it all depends on the how and why of the potential win7 breakage 11:44:07 <richard> maintaining a backwards compatible fork of the sandboxing/security system just to enable runtime support for old+new windows 11:44:17 <richard> sounds like a bad and error-prone idea 11:44:37 <Jeremy_Rand_Talos_> OK, in that case, as long as community patches are accepted, I'm okay with dropping Win7 on my end, though maybe there are global south issues etc. that will necessitate other policies 11:44:38 <richard> but we can worry about that come 2023 11:45:02 <richard> or whenever mozilla officially drops spuport 11:45:30 <richard> in the meantime we need to keep supporting (unless some UX research can tell us 'actually nobody uses this OS naymore') 11:45:54 <PieroV> Okay. Then we'll have a series of unsupported scripts that we may want to fix in 11.5 11:46:04 <donuts> I would be surprised, be we can ask and see 11:46:22 <boklm> maybe mozilla has some numbers 11:46:28 <richard> folks who do tor trainings can probably tell us what they've seen in that regard as well 11:46:57 <richard> PieroV; can said script supported be added by bundling more fonts? 11:47:04 <PieroV> richard: yes 11:47:21 <Jeremy_Rand_Talos_> richard, maybe try putting a Win7-user-specific notice in the splash page for some months before making a decision to drop support 11:48:34 <Jeremy_Rand_Talos_> Also note that Mozilla nums may differ from Tor Browser nums, because a lot of users who didn't upgrade to Win10 made that choice for privacy reasons 11:48:45 <boklm> bundling more fonts sounds fine, if not increasing the size of the bundle too much 11:49:40 <PieroV> BTW: https://support.mozilla.org/en-US/kb/firefox-version-100-on-windows-7 11:50:10 <PieroV> Firefox is requiring updates on Windows 7, we may have to do a similar page for 12 11:50:43 * richard reading tor-browser#41022 11:51:05 <richard> from that page: Note: If you install Firefox without Microsoft security update KB4474419, you may notice an orange or yellow warning message in the UAC (User Account Control) prompt, indicating that the installer is not properly signed. The Firefox installation, however, will complete and Firefox will work. 11:51:23 <richard> looks like it may just be a root certificate thing 11:52:05 <donuts> what's the UAC prompt? 11:52:21 <PieroV> The one to run things with administrator privileges 11:53:17 <donuts> okay, sounds like the installation works either way 11:53:18 <richard> donuts: like the graphical sudo prompt on linux/macOS 11:53:34 <donuts> got it, ty 11:54:02 <richard> donuts: and it seems like it only affects the installer, so until we need to update our windows code-signing key we should be good 11:54:21 <donuts> yep 11:54:23 <richard> anyway 11:54:41 <richard> ok five more minutes 11:55:30 <PieroV> For the eTLDs the only important thing for the moment is: they exist, and we should correctly deal with them, if we want to rewrite .onion 11:55:52 <richard> boklm: one thing I forgot, it is on your list but I would like you to prioritize looking at the Android signing process, and streamlining that as much as possible for us 11:56:17 <richard> PieroV: so real quick, what is a n eTLD vs a TLD? 11:56:33 <PieroV> richard: they're effective TLDs 11:56:52 <Jeremy_Rand_Talos_> richard, co.uk is an eTLD but not a TLD 11:56:53 <PieroV> from a practical point of view, it's that securedrop.tor.onion, tor.onion and similar must be treated as TLDs 11:56:58 <richard> ooh ok ok 11:57:06 <PieroV> Or also those hosts that offer free third level domains 11:57:08 <donuts> so it's not an electronic TLD? 11:57:14 <PieroV> Nope, effective 11:57:16 <richard> so we would want tihs as part of the onion rewrite/about:rulesets feature 11:57:23 <donuts> ^^ 11:57:31 <Jeremy_Rand_Talos_> richard, they're also called Public Suffixes 11:57:34 <boklm> richard: ok 11:57:39 <PieroV> Yes, and that's a reason for one of our Tor Browser patch to exist 11:58:00 <donuts> https://en.wikipedia.org/wiki/Public_Suffix_List 11:58:17 <PieroV> If we can patch at runtime, instead, we could drop that patch. Also, that patch may be moved from Base Browser to Tor Browser 11:58:32 <Jeremy_Rand_Talos_> richard, FPI is keyed to the eTLD+1 of a hostname 11:58:41 <Jeremy_Rand_Talos_> hence why Tor Browser cares about it 11:58:49 <richard> yep that makes sense 11:58:57 <PieroV> Yes, they're needed for whatever is domain-scoped 11:59:04 <PieroV> So I think also FPI 11:59:18 <PieroV> (I've seen that cookies for example need this functionality) 11:59:44 <Jeremy_Rand_Talos_> And stream isolation usernames 11:59:53 <richard> ok, this all seems reasonable to me 11:59:59 <PieroV> So far the patches are okay-ish but could be improved 12:00:14 <PieroV> And in the future improving them may become a necessity 12:00:22 <richard> well that is the hour+1 minute 12:00:32 <richard> so I will call it 12:01:03 <richard> runtime eTLD's sound great let's plan on making a plan for a patch 12:01:06 <richard> #endmeeting