Security/Meetings/SecurityAssurance/2013-04-30

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week »
  • Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
  • Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
  • Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
  • Phone (Toronto): 416 848 3114 x92 Conf: 95316#
  • Phone (US): 800 707 2533 (pin 369) Conf: 95316#

Agenda

  • Planning for Las Vegas
    • Al is coordinating (?)
    • Black Hat, DEF CON, BSides (sold out), CodenomiCON (fuzzing)

Upcoming Speaking Engagements

(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )

Planned Blog Posts

Security Review Status (curtisk)

  • Completed in Q1 2013: 66

https://security-review-statistics.vcap.mozillalabs.com/weekly (26)

Operations Security Update (Joe Stevensen)

Project Updates

Please add your name to the update so we know who to follow up with

Firefox Desktop

Click to play advancing - https://bugzilla.mozilla.org/show_bug.cgi?id=867337

== Fi

Agenda

  • Planning for Las Vegas
    • Al is coordinating (?)
    • Black Hat, DEF CON, BSides (sold out), CodenomiCON (fuzzing)

Upcoming Speaking Engagements

(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )

Planned Blog Posts

Security Review Status (curtisk)

  • Completed in Q1 2013: 66

https://security-review-statistics.vcap.mozillalabs.com/weekly (26)

Operations Security Update (Joe Stevensen)

Project Updates

Please add your name to the update so we know who to follow up with

Firrefox Mobile

Firefox OS

Firefox Core

  • [decoder] ASan builds are mostly bricked due to NSPR poisoning landing (bug 866525, bug 865921), working on it
  • [decoder] ASan + ASM.js incompatiblities resolved but won't be effective until we upgrade Clang
    • Should I use locally-built ASan for now? Or disable OdinMonkey?
      • When testing the DOM, you might want to just disable OdinMonkey by setting javascript.options.experimental_asmjs to false (it's unlikely that you'll find bugs in there with DOM testing)

MarketPlace

Marketplace Anti-Malware Strategy Strategy: https://mana.mozilla.org/wiki/display/~cruetten@mozilla.com/Firefox+OS+Malware+Defense+Strategy

Web Apps

MoFoDev and nodejs

Services

Operation Security

Identity

  • Mozilla IDP expected to be live for the end of quarter
  • PiCL moving forward