Firefox/Privacy and Security Front-End/OKRs/2017Q4

From MozillaWiki
Jump to: navigation, search


2017Q4 OKR Progress

Objective Key Result Champion Confidence Tracking/Meta Bug Notes
Oct 30 Nov 13 Nov 27 Dec 11 Score
1. Protect users from password theft and stay competitive (Phishing protection) 1.1 Complete three of the seven password phishing sub-tasks required to complete this objective. Francois  ??
  • Oct 30
    • Almost completed first task.
2. Solidify 2018 strategy and approach to tracking 2.1 Complete in-flight studies and analysis on engagement and retention differences with tracking protection (with various positioning) Pdol 85%
  • Oct 30
    • Onboarding study is delayed
2.2 Obtain agreement from product, engineering and business stakeholders for what specifically will ship in the subsequent quarters Pdol & Wennie
3. Improve Private Browsing Mode 3.1 Add 2 additional privacy protections in Private Browsing Mode (and available in regular mode). Tanvi & Luke 50%
  • Disable third party cookies and strip referrer to origin only in Private Browsing Mode.
3.2 Lightbeam / Containers bug fixes and maintenance Jkt  ??
4. Develop a process to burn down sec-critical and sec-high bugs 4.1 Consistently maintain less than x number of sec-high and sec-critical bugs in monthly basis Wennie 80%
  • Oct 30
    • Process description is done. Will share it with team
5. Make Firefox Privacy controls/options more intuitive 5.1 Ensure our privacy and security setting UI match the users’ mental model and work as expected. Johann
5.2 Update individual UI components that don’t do what they appear to do (either from a user’s perspective, from the platform perspective, or both) Johann
5.3 Doorhanger for Google Hangout Permissions Johann
6. Enable Firefox developers to write secure code by default.

(Security by Default)

6.1 Set the correct triggering principal for top-level loads by completing 12 remaining bugs.
7. Enable web developers to produce secure web sites through use of relevant web standards, increased test coverage via web-platform tests & parity with other browsers 7.1 Update Mixed Content Implementation per Spec
7.2 Land CSP Violation reports and enable web-platform tests Ethan 75%
  • already have patch and has been reviewed. Spec is missing core aspects. Email thread circulating. Might have to revise spec.
7.3 Land CSP worker-src
8. Protect users from data: URI phishing attacks 8.1 Enable toplevel data: URI navigation blocker
9. Enable Firefox developers to query referrer (including policy) information from a single source of truth. 9.1 Revamp referrer policy setup Tanvi
10. Lay foundation for shipping Breach Alerts 10.1 File all bugs for the shipment MVP with published UI spec Nihanth
11. Improve Firefox privacy by implementing W3C spec of Referrer Policy 11.1 Land Referrer Policy support for CSS Ethan 100%
11.2 Land Referrer Policy support for downloads Ethan 100%
12. Provide Firefox users an approach to protect against browser fingerprinting 12.1 Ship Fingerprinting Resistance MVP (parity with Tor Browser) in Firefox 59 Ethan 75%
  • Technical difficulties- solutions for TOR browsers are under review and have not yet received a review+
12.2 Deliver a development plan for Fingerprinting Resistance Phase 2 (to improve the feature by minimizing web breakages and being more user-friendly) Ethan 100%
  • Document to be done