Security/Meetings/SecurityAssurance/2012-10-16

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week »
  • Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
  • Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
  • Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
  • Phone (Toronto): 416 848 3114 x92 Conf: 95316#
  • Phone (US): 800 707 2533 (pin 369) Conf: 95316#

Agenda

Upcoming Speaking Engagements

Security Review Status (koenig)

Operations Security Update (Joe Stevensen)

Project Updates

Please don't leave blank. Add "No Update" if nothing has changed

Silent updates (rforbes / dveditz)

B2G (Paul Theriault, David Chan)

Thunderbird (Adam Muntner)

Rust (Jesse Ruderman)

Mobile (Mark Goodwin)

  • Secreview for Private Browsing on Monday
  • Safe Browsing in Aurora :D

Sync (Simon Bennetts)

Services (Simon Bennetts & Adam Muntner)

Social - Pancake (Mark Goodwin)

  • I think we can remove this from the template now

Jetpack, Add-on SDK, Add-on Builder (Dan Veditz)

JS (Christian Holler)

  • Regular fuzzing operations, no specific update

DOM, XPConnect (Jesse Ruderman)

Layout, Style (Jesse Ruderman)

Automation Tools (Gary Kwong)

  • Sorting out unhiding issues w/ green Valgrind tbpl builds

Web Developer Tools (Mark Goodwin)

  • Lots of work to do on remote tools
  • Waiting for last few patches to arrive for chrome debugging
  • I've been talking to Dave Camp about a non. priv UI for devtools. The remote-everything drive gives us lots of possibilities

Networking (Christoph Diehl)

  • still working on WebRTC - no updates except crashes

Graphics (Christoph Diehl) =

    • Tweaking fuzzer execution, current sample benchmark on MacOS 2.6GHz Core i7

Mutation of the ICO DataModel for 100 Files (3KB ICO with compressed PNG) Command: time ./peach.py -range 0 100 -pit Pits/Files/ICO/ico.xml Firefox -O1 debug ASan: 0m14.672s Firefox -O1 debug: 0m11.562s Firefox non-optimized debug ASan: 2m29.020s Safari release build: 0m9.248s

    • Minimising our sample suite based on coverage.

Networking ( Media / Codecs)

Market (Raymond Forbes)

Firefox APIs (Raymond Forbes)

Payment Flow (Raymond Forbes)

Dynamic API Security Model (Raymond Forbes)

WebRT (Raymond Forbes)

BrowserID

Identity Services (David Chan)

Addons.M.O (Raymond Forbes)

Bugzilla.M.O (Mark Goodwin & Eric Parker)

  • No update

Mozillians (Raymond Forbes)

MDN (Raymond Forbes)

SUMO (Kitsune) ()

AddressSanitizer (Christian Holler)

  • No update