#tor-meeting2 log

17:32:08 <GeKo> #startmeeting tor browser 6/24/2019
17:32:08 <MeetBot> Meeting started Mon Jun 24 17:32:08 2019 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:32:08 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
17:32:24 <GeKo> sysrqb2: :(
17:32:33 <sisbell> hi
17:32:37 <antonela> hello
17:32:42 <sysrqb2> i am optimistic :)
17:32:44 <boklm> hi
17:32:49 <sysrqb2> but it is taking longer than i hoped
17:32:58 <sysrqb2> the backups are promising
17:33:03 <sisbell> I had to go through laptop recovery a few weeks ago, took several days
17:33:10 <GeKo> https://storm.torproject.org/shared/tHoN4Ii7rLSjPE0OP4gydX4cMGadsXmRQNc-6lwru0N is teh pad
17:33:12 <sisbell> And then hardware failure, 2 weeks
17:33:24 <GeKo> please add your items and mark things bold you want to talk about
17:35:39 <GeKo> okay, let's go
17:36:06 <GeKo> it seems i am the only one with something bolded, so i'll be first
17:36:30 <GeKo> i thought about giving a summary about the all hands weeks from a browser perspective so that we are roughly on the same page at least
17:36:37 <pili> hi
17:36:42 <pili> sorry, got distracted, I'm here
17:37:12 <boklm> hmm, it seems we have two "Week of June 24, 2019" on the pad
17:37:40 <pospeselr> weird
17:37:47 <pospeselr> looks like it got copied down
17:38:18 <pospeselr> fixed
17:38:19 <GeKo> okay
17:38:35 <GeKo> i sent a mail about the fennex/fenix transition to eveyone with my sessions notes
17:38:52 <GeKo> pili: i just fwded that one to you as i forgot to add you in the first place
17:39:03 <GeKo> that was one of the bigger sessions
17:39:32 <GeKo> we set down with tjr and the uplift team and went over the fingerprinting bugs and prioitized them + thought about potential solutions
17:39:47 <GeKo> it's not clear yet how much time the uplift team will have to work on those
17:40:02 <pili> (I added one minor bold item for after, btw)
17:40:09 <GeKo> but if there is time we have a plan and priorities which is good
17:40:37 <GeKo> it realized that not all of our fingerprinting bugs are on file in bugzilla (in particular the recent locale related ones i filed)
17:40:48 <GeKo> so, i guess we should fix that at some point
17:41:10 <GeKo> but, anyways, it should not affect the priorities and thus is not so urgent
17:42:00 <GeKo> the other big meeting was about the future of first-party isolation (fpi) and enhanced tracking protection (etp) which made me a bit nervous
17:42:28 <GeKo> because i did not have the feeling that mozilla thought fpi was worthwhile and focused on etp instead
17:43:04 <GeKo> i was very pleased to see that i was wrong and work is under way inside of mozilla to use (dynamic) fpi together with etp
17:43:51 <GeKo> i promised to help with testing and filing bugs where we know about fpi breaks
17:44:10 <GeKo> so that we can test whether the dynamic version helps
17:44:27 <GeKo> dynamic = relaxing the requirements a bit for those things that would break with fpi
17:45:16 <GeKo> the interface for etp in firefox is currently confusing as that option is under the privacy options but is talking about performance as well
17:45:34 <GeKo> and it's not exactly clear what is disabled where in the particular options
17:45:45 <mcs> What mechanism is used to decide to relax the requirements? Is that based on a list of domains or ?
17:46:02 <GeKo> however, that got me thinking and i feel if we communicate that properly then using etp for _performance_ reasons is fine with me
17:46:42 <GeKo> mcs: not a list, i think some heuristics. however, i'd need to look up exactly how this is supposed to work
17:47:12 <antonela> what is the timeline for enable it in tor browser?
17:47:14 <mcs> GeKo: OK; thanks. Using heuristics sounds promising
17:47:29 <sysrqb2> it sounded similar to Webkit/Safari's ITP, relying on user "interaction" with a frame from a 3rd party
17:47:34 <sysrqb2> but it wasn't clear
17:47:40 <GeKo> anyway, i filed #30939 for the general idea
17:47:41 <sysrqb2> i'm not sure they know the heuristic yet
17:47:46 <GeKo> input is welcome
17:47:51 <GeKo> antonela: there is no timeline yet
17:47:56 <antonela> we may want to figure out how two shields will co-live at the same chrome
17:48:03 <GeKo> but i  think starting to work on that this year is not unreasonable
17:48:12 <antonela> i also linked some ux/ui docs regarding that feature
17:48:35 <GeKo> i then had a chat with luke who is responsible for wasm
17:48:36 <antonela> cool, we can talk about it during the dev meeting
17:48:51 <GeKo> and i think we can enable wasm in tor browser 9
17:48:58 <GeKo> and bind it to the sec settings
17:49:08 <GeKo> and we found a way to allow extensions to use wasm
17:49:19 <GeKo> which "just" needs a patch :)
17:50:07 <GeKo> sysrqb2 showed some first work on using selenium for tor browser performance measurements which looks promising
17:50:24 <GeKo> as a result i filed #30392
17:50:30 <GeKo> err
17:50:32 <GeKo> #30932
17:50:46 <GeKo> i think that's all from me for that
17:50:53 <GeKo> questions? amendments?
17:51:02 <GeKo> sysrqb2: tjr: ^
17:51:15 <sysrqb2> neat. thanks GeKo
17:51:23 <antonela> i don't think i got the fennec/fenix email, could i?
17:51:56 <GeKo> oh, indeed, sorry
17:52:03 <GeKo> let me fwd it to you as well
17:52:10 <antonela> thank you
17:53:42 <GeKo> pili: you are next
17:53:45 <pili> hi
17:54:08 <pili> I just wanted to check that everything is on track for the fundraising banner to be released with the next "planned" release :)
17:54:15 <pili> I believe antonela provided some assets today
17:54:34 <GeKo> yes, we should figure out who will implement the changes
17:54:46 <antonela> yes, i did
17:54:52 <GeKo> i guess we should do that this week
17:55:03 <GeKo> to have time for review and translations
17:55:04 <pili> and emmapeel "did something" :) so that the copy will be in the translation memory
17:55:25 <pili> let me dig up what she did so we're all on the same page
17:56:34 <pili> oh yeah, she added it to the tweet file
17:56:43 <pili> so I'm hoping it's being translated... :)
17:56:57 <GeKo> what is a tweet file?
17:57:47 <pili> I guess it's a file they have with a list of tweets to be translated?
17:57:58 <pili> but apparently this allows the string to be added to the translation memory
17:58:03 <GeKo> well, i don't know :)
17:58:34 <pili> me neither ;)
17:58:35 <pili> emmapeel is afk until 6th July
17:58:53 <GeKo> okay
17:59:04 <pili> but apparently this should allow it to be translated and picked up while she is away
17:59:09 <GeKo> acat: can you put adding the banner on your list for this week?
17:59:16 <pili> ready for the time of the release (fingers crossed... :/)
17:59:30 <GeKo> i'd do it otherwise but i really want to get the esr68 things reviewed
17:59:45 <GeKo> so we have a first pass done of a lot of the  parts
18:00:16 <acat> GeKo: sure
18:00:25 <GeKo> great
18:00:42 <GeKo> i guess we can reuse a lot of the logic for our yearly donation banners
18:00:59 <GeKo> although this one is not as sophisticated it seems
18:01:26 <GeKo> so, maybe look at the revert of the last donation banner changes earlier this year in torbutton
18:01:40 <GeKo> and get some inspiration
18:01:57 <mcs> There is a “Tor Project tweets” resource on Transifex.
18:02:01 <GeKo> boklm: so what do we plan to do with #28672?
18:02:17 <GeKo> should we just land what we have so we can think about nightly builds?
18:02:31 <GeKo> or do you want to track down the repro issues first?
18:02:43 <pili> mcs: that sounds like the one ;)
18:04:16 <boklm> ah, I missed the updates on #28672. I should look at the repro issues this week.
18:04:34 <GeKo> okay, please do
18:05:01 <GeKo> regarding toolchain issues: i think a good that would be figuring out how we can produce 32bit mar-tools
18:05:06 <GeKo> that's important
18:05:17 <GeKo> and i am not sure how best we can do that
18:05:26 <GeKo> ideally, we'd use the build process we have right now
18:05:27 <boklm> do we have a ticket for this?
18:05:52 <boklm> in which cases do we need 32bit mar-tools?
18:06:32 <GeKo> not a separate one. i collect all the linux issues in #30321 right now
18:06:37 <GeKo> see last commit
18:06:54 <GeKo> without 32bit mar-tools there is no release signing at the moment
18:07:02 <boklm> ah ok
18:07:05 <GeKo> hence the importance
18:07:14 <boklm> I can look at this
18:07:22 <GeKo> thanks
18:07:31 <GeKo> feel free to file a new ticket for that if you want
18:07:43 <boklm> ok
18:08:00 <GeKo> up to now it was so hackish that i was not sure whether to file a ticket or just fix it while doing the transition work
18:08:33 <GeKo> okay, other status updates, comments, questions?
18:10:15 <GeKo> boklm: linux_esr68_v7 is the latest tor-browser-build branch i have
18:10:27 <GeKo> let's move on to discussion then
18:10:28 <boklm> ok
18:10:31 <GeKo> i have two items
18:11:35 <GeKo> apparently users are starting to use tor browser on a prerelease macOS 10.15 version
18:11:38 <GeKo> which is great
18:11:55 <GeKo> the drawback is that this is currently busted due to signing changes
18:12:24 <GeKo> #30126 is the current bug on our side
18:12:30 <GeKo> there are many pieces to it
18:12:58 <GeKo> part if it might be a firefox bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1556733)
18:13:25 <GeKo> but i fear the new scheme will be enforced in the version that will be releases later this year
18:13:57 <GeKo> and if so, it seems we need to upgrade our macos version on the signing machine or need a newer one
18:14:08 <GeKo> i think at least 10.13.5
18:14:41 <GeKo> and i am not sure whether it would be working at all as it seems we need to be able to reach a timestamping server while signing
18:14:59 <GeKo> which is currently not possible in our setup as we locked it down that way
18:15:05 <GeKo> so, we need a plan
18:15:38 <GeKo> currently the one i have contains 3 pieces
18:15:49 <GeKo> 1) we need to investigate the exact requirements
18:16:06 <GeKo> 2) we need to think about getting those working in our signing setup
18:16:32 <GeKo> 3) we need to think about a fallback solution in case we don't get it working in time
18:17:07 <GeKo> 3) could involve having someone just a properly set up macOS system to be able to sign bundles in the mean time
18:17:40 <GeKo> comments? suggestions?
18:17:53 <GeKo> mcs: brade: my plan was to put you on 1)
18:18:00 <mcs> I don’t know a lot about this, but it seems like notarization is something you do after the “traditional” gatekeeper signing.
18:18:12 <GeKo> as i assume you need to investigate that stuff for your other work anyway
18:18:25 <boklm> do we know when this macOS version will be published as stable?
18:18:38 <GeKo> probably end of september
18:18:47 <mcs> GeKo: Sure, we can take a look.
18:18:51 <GeKo> so we have like three months during esr transition
18:18:58 <sisbell> I think you can disable timestamp server option
18:19:03 <GeKo> mcs: yes, but not as a separate thing
18:19:12 <sisbell> But that may have changes since I last checked
18:19:28 <GeKo> dunno, might be a first stopgap if possible
18:20:42 <mcs> I assume the signing machine is not connected to the network, but notarization requires sending bits to Apple.
18:21:02 <mcs> (but I am just starting to learn about this too)
18:21:05 <GeKo> yes
18:21:10 <GeKo> i started with https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution
18:21:40 <GeKo> https://bugzilla.mozilla.org/show_bug.cgi?id=1556733 leads to all the other bugs in bugzilla
18:22:04 <GeKo> concerned with the new signing scheme and might provide further reading material
18:22:11 <mcs> GeKo: Kathy and I saw those bugs but haven’t made time to dig in.
18:22:20 <GeKo> no worries
18:22:30 <GeKo> but we should start with that plan now-ish
18:22:53 <GeKo> to have some time to think about workaround if needed
18:23:06 <GeKo> *workarounds
18:23:17 <GeKo> okay, that was the first platform related item
18:23:22 <GeKo> the other is concerned about windows
18:23:27 <mcs> Do we need this for Tor Browser 8.x or “just” the esr68-based one?
18:23:32 <mcs> Tming is close....
18:23:54 <mcs> Timing
18:24:01 <GeKo> i suspect we need it for the last esr60 version, too
18:24:10 <mcs> GeKo: OK; thanks.
18:24:29 <GeKo> but i suspect as well that we'd get all the necessary things from mozilla as they'd need it for esr60, too
18:24:41 <GeKo> but i might be wrong on both accounts
18:25:13 <GeKo> so windows
18:25:44 <GeKo> we get lately more and more bug reports that tor browser on windows is not working in some capacity
18:26:02 <GeKo> like bookmarks don't get saved and it does not start properly
18:26:40 <GeKo> the interesting part is that a lot of those problems can be solved if moving the bundle to somewhere else
18:26:45 <GeKo> this is on windows 10 fwiw
18:27:08 <GeKo> i think that happens because ms is starting to lock down folders for read-only access
18:27:13 <GeKo> for security reasons
18:27:18 <GeKo> and the desktop is one of them
18:27:44 <pospeselr> relevant ticket #s?
18:27:49 <GeKo> i forgot about where i read that but i think teor posted once a link to that feature in a comment to one of our bugs
18:28:22 <GeKo> pospeselr: i can look but there is no ticket with "locking down desktop breaks on win 10" yet
18:28:34 <GeKo> some of those issues were resolved on irc, too
18:28:41 <GeKo> so, the questions is waht we do about that
18:29:08 <GeKo> an obvious answer would be "follow the macos model"
18:29:28 <GeKo> another option would be looking for a different canonical location to put our bundle
18:29:57 <pospeselr> what is the macOS model in this context?
18:30:10 <pospeselr> and why do we have the desktop as the default install location to begin with?
18:30:16 <GeKo> to have it still self-contained (which we would lose if we go the macOS model where we have the binaries in /Applications and the profile dir in the usual profile location)
18:30:37 <GeKo> pospeselr: we have it as we wanted to give users a) a self-contained bundle
18:30:38 <pospeselr> ah I see
18:30:45 <GeKo> and b) at a place where they can easily find it
18:31:16 <GeKo> otherwise they install it and later on need to search their c:\ to figure out where it actually is
18:32:29 <pospeselr> well the canonical place to put it would be %ProgramFiles% (but that does require a separate place for the profile)
18:32:43 <mcs> #18367 is the ticket for moving our data out of the application directory on Windows
18:33:06 <GeKo> yes
18:33:07 <pospeselr> yeah sure
18:33:36 <mcs> It would be good to understand why only some users encounter this issue.
18:33:46 <mcs> Maybe some AV or Windows Defender setting?
18:34:06 <sysrqb2> also, %ProgramFiles% requires admin privileges, right?
18:34:17 <pospeselr> to write to o
18:34:30 <sysrqb2> ("installing")..yeah, k
18:34:31 <pospeselr> doesn't chrome actaully install itself to the profile somewhere?
18:34:36 <pospeselr> iirc?
18:34:52 <pospeselr> it's been awhile since I used windows beyond testing tb
18:35:09 <sysrqb2> seems like something that needs more investigation
18:35:17 <GeKo> mcs: good point this stuff could also interfere
18:35:41 <GeKo> so, i guess i should start with filing a ticket just for that issue
18:36:02 <pospeselr> it would be a good idea to outline what properties we want to have with respect to tor browser and the installer
18:36:04 <GeKo> and we can collect all the info there and start then with finding a startegy forward
18:36:13 <GeKo> pospeselr: yes, agreed
18:37:10 <mcs> I found this, which looks interesting (but might be unrelated): https://www.windowscentral.com/how-enable-controlled-folder-access-windows-10-fall-creators-update
18:37:13 <pospeselr> ie, right now you can 'install' tor browser on a pc you don't have admin privileges to, but that has downsides (ie the weirdness w/ respect to read-only desktop)
18:37:36 <mcs> (Windows Defender has a “Controlled folder access” option)
18:37:52 <GeKo> yeah, that might totally be it
18:37:55 <pospeselr> yeah that looks suspect
18:38:43 <GeKo> okay, i'll try to get all the info we have into one place
18:38:50 <GeKo> and we can start from there
18:38:52 <GeKo> thanks
18:38:57 <GeKo> anything else for today?
18:39:14 <mcs> Not from me
18:39:27 <pospeselr> nope
18:40:52 <sysrqb2> nope2
18:41:03 <boklm> nope3
18:41:10 <pili> I'm good
18:41:17 <GeKo> okay, i am calling it then (sorry it took a bit longer this time) *baf*
18:41:20 <GeKo> #endmeeting