From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »
  • Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
  • Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
  • Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
  • Phone (Toronto): 416 848 3114 x92 Conf: 95316#
  • Phone (US): 800 707 2533 (pin 369) Conf: 95316#


  • [Jesse] Self-XSS through developer tools (e.g. recent attacks against Facebook users)
  • Mountain View seating
    • Major move happening on March 14
    • Engineering, QA, and security will be on the second floor
    • Dan's team likely on the west side of the second floor ("sci-fi titles" area)
    • Security assurance together? Doug's team together? Each security team sit near the development teams they interact with? (e.g. JS/DOM?)
      • OpSec will be downstairs with IT
  • [freddy] exiting new HTML sanitizer project, dompurify
  • [yvan] pwn2own competitive program?
  • [gkw] PSA: Recent Mac nightlies very unstable, easily-reproducible Zimbra crashes
    • We should be blogging about our bounty program (ie highlight all the differences decoder just raised)
    • ++ [curtis & rforbes have bits to blog about]
    • e.g. highlight the fact that we dont want PoC
    • give better cred
    • [curtis] - sched a meeting to talk about how we can raise our visibility
  • HITB Haxpo
    • Organising Dhillon to talk to interested people
    • still looking for leads for sponsorship (halp?! ) Robyn Chau [ygjb - I suck.. I was supposed to intro the two of you - all good i got an email from her. i need to raise a bug, am doing it at the moment]
    • mgoodwin would like to be there. Happy to present, etc. May bring robots also.
    • freddyb, happy to present/showcase/talk/babysit :)
    • decoder would like to be there (I'm regularly at hitb ams)
    • arroway for whatever need to be done
  • Security Reports

Upcoming Speaking Engagements

(List it at these two locations too: & )

Planned Blog Posts

Security Review Status (curtisk)

  • Completed in Q1:23


Operations Security Update (Joe Stevensen)

Project Updates

Please add your name to the update so we know who to follow up with

Firefox Desktop

Firefox Mobile

Firefox OS

Firefox Core


Web Apps


Operation Security