Security/B2G/2013 4 23

From MozillaWiki
< Security‎ | B2G
Jump to: navigation, search

FirefoxOS Security Team Meeting

1pm PST, B2G Vidyo room Prior notes are here: https://wiki.mozilla.org/Security/B2G/2013_4_17

News

- webrtc - - mozContacts bugs -- https://bugzilla.mozilla.org/show_bug.cgi?id=853709 -- https://bugzilla.mozilla.org/show_bug.cgi?id=856042

Current/upcoming Reviews

Goal Status Updates

FirefoxOS related security reviews (pauljt)

Develop and land tests for security features (dchan)

no update

Bug Bounty defined and ready to launch (freddyb)

   went through existing bug bounty faqs, tried answering similar questions for fxos
   https://docs.google.com/a/mozilla.com/document/d/1jJRk3BevGhG-WXQK9VvvKBpTEt_qspQkTkm1AyFGBpI/edit

Create Firefox OS Security Feature Tracking & Prioritization (pauljt)

Compile Firefox OS issue register (pauljt)

Continue to document Firefox OS Security (pauljt)

no update

Document Update schedule & incident response procedure (pauljt)

no updates

Firefox OS Sandboxing (kang)

   https://docs.google.com/a/mozilla.com/document/d/1U-q5Imm9TjDsoEFzByR_ctFV1Z0MIaQuknfy8rvxeMQ
   https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AhL62r-99fkxdHRRZ1pjUTBKeFhHYU5RM2pRcVZSTXc
   Marta/DT interested in sandboxing
   WebRTC "sandboxing friendly" proposal
   https://wiki.mozilla.org/Media/WebRTC/WebRTCE10S
   IRC: #boxing on irc.mozilla.org (sandboxing)

Malware Defense Strategy (cr)