• Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
• Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
• Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
• Phone (Toronto): 416 848 3114 x92 Conf: 95316#
• Phone (US): 800 707 2533 (pin 369) Conf: 95316#

Agenda

• Goals [pauljt]
• [freddy] SubResource Integrity Spec, http://w3c.github.io/webappsec/specs/subresourceintegrity/
• Conference sponsorship - can you let pauljt know (email) if there are conferences that you think we should sponsor this year
• Flash discussion
• service-/websec team discussion
• user data discussion
• dchan at AppSecCali (Jan 27-28), PTO Jan 31
• dveditz at AppSecCali (Jan 27-28) plus some PTO after

Upcoming Speaking Engagements

(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )

Planned Blog Posts

• [new] https://mana.mozilla.org/wiki/display/SECURITY/Security+Blog+Posts
• [old]https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c

Metrics

• Security Review Status (curtisk)=
  • Completed in Q1:64 / Q2: 72 / Q3:55
  • https://security-review-statistics.vcap.mozillalabs.com/weekly
    • site is down for update, so this data is old
• https://people.mozilla.com/~sarentz/p/dashboard
  • Check the status of bugs assigned to you

Operations Security Update (Joe Stevensen)

Project Updates

Please add your name to the update so we know who to follow up with

Firefox Desktop

Firefox Mobile

Firefox OS

• Big work weeks coming up next week in Poland (NFC, Payments), Taipei, elsewhere (media,
• Mainly focused

Firefox Core

MarketPlace

• [cr] mbasta (app-validator, marketplace reviewer tools) has left mozilla

Web Apps

Services

Operation Security

• all firefox accounts all the time
• jeff taking on malware domain reporting (i.e. latest-browser-update.net/Firefox et. al)
  • what does that mean exactly? let's chat directly (cr) ;-]