<p>Welcome to the Mozilla Security wiki. There is not much here yet so feel free to contribute.</p>=== <h3> Security-related bugs </h3><ul><li> <a _fcknotitle="true" href==* [["Security Severity Ratings">Security Severity Ratings]] </a> * [</li><li> <a href="http://www.mozilla.org/security/#For_Developers ">How to report a security issue] </a> * [[</li><li> <a href="Security/FixMe|">Want to fix a security bug? Here is a list of old thorny bugs you can take on.]]</a></li></ul>===<h3>Security reviews for new features/products===</h3>''<p><i>Main Article: [[<a _fcknotitle="true" href="Security/Reviews">Security/Reviews]]''</a></i>* </p><ul><li> Find past reviews by [<a href="https://wiki.mozilla.org/Category:SecReview ">Category:SecReview]</a></li></ul><h4><a href====[["Security/Radar|">Security Radar]]====</a></h4>{| <table class="wikitable collapsible collapsed" style="width: 100%">! <tr><th> Unlinked Reviews|-</th></tr><tr>|<td>* [[<ul><li> <a href="Security/Reviews/Mobile/AndroidSystemStorage| "> Android System Storage]]</a>* [[</li><li> <a href="Security/Firefox/WebAPI/WebBattery| "> WebBattery]]</a>* [[</li><li> <a href="Security/Reviews/BrowserIDCAPI| "> BrowserID C API]]</a>* [[</li><li> <a href="Security/Reviews/crossoriginAttribute|">Add crossorigin attribute]]</a>* [[</li><li> <a href="Security/Reviews/Firefox10/SyncDialogue|">Sync Dialogue]]</a>* [[</li><li> <a href="Security/Reviews/JetPack2011-20/12 | "> JetPack 2011-10-12]]</a>* [[</li><li> <a href="Security/Reviews/XHRnonpost| "> XHR non-post rewrite]]</a>* [[</li><li> <a href="Security/Reviews/StubInstaller|">Stub Installer]]</a>* [[</li><li> <a href="Labs/Weave/Sync Client Security Review|">Sync Client]]</a>* [[</li><li> <a href="Firefox Sync/Weave 1.3b5 Client Security Review|">Weave 1.3b5 Client]]</a>* [[</li><li> <a href="Security/Reviews/DNSSEC-TLS|">DNSSEC-TLS]]</a>* [[</li><li> <a href="Security/Reviews/OWA-F1|">Web Activities & amp; F1]]</a>* [[</li><li> <a href="Security/Reviews/ReviewNotes/MouseLock|">MouseLock]]</a>* [[</li><li> <a href="Security/Reviews/ReviewNotes/Joystick|">Joystick]]</a>|}</li></ul></td></tr></table>{| <table class="wikitable collapsible collapsed" style="width: 100%"><tr>! <th> Unlinked Discusions|-</th></tr><tr>|<td>* [[<ul><li> <a href="Security/Discussions/WebRTC|">WebRTC]]</a>|}</li></ul></td></tr></table>===<h3>Security Feature Development===</h3> ''<p><i>Main article: [[<a _fcknotitle="true" href="Security/Roadmap]]''">Security/Roadmap</a></i> ''</p><p><i>Main article: [[<a _fcknotitle="true" href="Privacy/Roadmap">Privacy/Roadmap]]''</a></i></p>=== <h3> Security Initiatives </h3><ul><li><a _fcknotitle="true" href== *[["Security/TeamEmbedding">Security/TeamEmbedding]]</a>*</li><li>Prioritizing and driving non-feature work: [[<a _fcknotitle="true" href="Security/Driving">Security/Driving]]</a></li></ul>=== <h3> Security Resources and Blogs ===</h3>==== <h4> Mozilla Official Sites </h4><ul><li> <a href====* ["http://www.mozilla.org/security ">Mozilla Security Center]</a>* [</li><li> <a href="http://developer.mozilla.org/en/Security ">Mozilla security developer docs]</a>* [[</li><li> <a href="CA|">Mozilla CA Root Program]]</a>* [</li><li> <a href="http://blog.mozilla.com/security ">Mozilla Security blog]</a>* [</li><li> <a href="http://blog.mozilla.com/webappsec ">Mozilla WebApp Sec Blog]</a>* [</li><li> <a href="https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines ">Secure Coding Guidelines for Webapps]</a></li></ul>
<h4> Personal Security Related Blogs of Mozillians </h4>
<ul><li> <a href="http://blog.mozilla.com/ladamski">Lucas Adamski's blog</a>
</li><li> <a href="http://blog.mozilla.com/decoder">Christian Holler's blog (decoder)</a>
</li></ul>
<h4> Twitter Accounts of Security Mozillians </h4>
<ul><li> <a href="https://twitter.com/mozsec">Mozilla Security</a>
</li><li> <a href="https://twitter.com/mozwebsec">Mozilla Security</a>
</li><li> <a href="https://twitter.com/jruderman">Jesse Ruderman</a>
</li><li> <a href="https://twitter.com/curtisko">Curtis Koenig</a> (all kinds of random stuff)
</li><li> <a href="https://twitter.com/_mwc">Michael Coates</a>
</li><li> <a href="https://twitter.com/flamsmark">Tom Lowenthal</a> (privacy)
</li><li> <a href="https://twitter.com/securitae">Lucas Adamski</a>
</li><li> <a href="https://twitter.com/alexanderfowler">Alex Fowler</a>
</li><li> <a href="https://twitter.com/ygjb">Yvan Boily</a>
</li><li> <a href="https://twitter.com/dveditz">Daniel Veditz</a>
</li><li> <a href="https://twitter.com/openbuddha">Al Billings</a> (but mostly Buddhist and Hackerspace tweets)
</li><li> <a href="https://twitter.com/imelven">Ian Melven</a>
</li><li> <a href="https://twitter.com/kangsterizer">Guillaume Destuynder</a>
</li><li> <a href="https://twitter.com/nth10sd">Gary Kwong</a> (all sorts of stuff)
</li><li> <a href="https://twitter.com/mozdeco">Christian Holler (decoder)</a>
</li></ul>
<h4> Non-Mozilla Resources (blogs, news sites, twitter, tools) </h4>
<ul><li> <a href="Security/OtherSecurityResources"> Other Security Resources</a>
</li></ul>
<h3>Stuff that needs to be merged into this page properly</h3>
<h3> Meeting Notes </h3>
<h4>SecTeam Meetings</h4>
<table class="wikitable collapsible collapsed" style="width: 100%">
<tr>
<th> Meetings
</th></tr>
<tr>
<td>
<table class="wikitable collapsible collapsed" style="width: 100%">
<tr>
<th> AppSec Meetings 2012
</th></tr>
<tr>
<td>
<ul><li> <a href="Security/AppSecBiweekly/2012-02-13">2012-02-13</a>
</li></ul>
</td></tr></table>
<table class="wikitable collapsible collapsed" style="width: 100%">
<tr>
<th> SecTeam Meetings 2012
</th></tr>
<tr>
<td>
<ul><li> <a href="Security/Meetings/2012-02-01">2012-02-01</a>
</li><li> <a href="Security/Meetings/2012-01-25">2012-01-25</a>
</li><li> <a href="Security/Meetings/2012-01-18">2012-01-18</a>
</li><li> <a href="Security/Meetings/2012-01-11">2012-01-11</a>
</li><li> <a href="Security/Meetings/2012-01-04">2012-01-04</a>
</li></ul>
</td></tr></table>
<table class="wikitable collapsible collapsed" style="width: 100%">
<tr>
<th> SecTeam Meetings 2011
</th></tr>
<tr>
<td>
<ul><li> <a href="Security/Meetings/2011-12-28">2011-12-28</a>
</li><li> <a href="Security/Meetings/2011-12-21">2011-12-21</a>
</li><li> <a href="Security/Meetings/2011-12-07">2011-12-14</a>
</li><li> <a href="Security/Meetings/2011-12-07">2011-12-07</a>
</li><li> <a href="Security/Meetings/2011-11-30">2011-11-30</a>
</li><li> <a href="Security/Meetings/2011-11-23">2011-11-23</a>
</li><li> <a href="Security/Meetings/2011-11-16">2011-11-16</a>
</li><li> <a href="Security/Meetings/2011-11-09">2011-11-09</a>
</li><li> <a href="Security/Meetings/2011-11-02">2011-11-02</a>
</li><li> <a href="Security/Meetings/2011-10-26">2011-10-26</a>
</li><li> <a href="Security/Meetings/2011-10-19">2011-10-19</a>
</li><li> <a href="Security/Meetings/2011-10-12">2011-10-12</a>
</li><li> <a href="Security/Meetings/2011-10-05">2011-10-05</a>
</li><li> <a href="Security/Meetings/2011-09-28">2011-09-28</a>
</li><li> No meeting on 9/14 (All Hands) or 9/21 (Fuzzing Work Week)
</li><li> <a href="Security/Meetings/2011-09-07">2011-09-07</a>
</li><li> <a href="Security/Meetings/2011-08-31">2011-08-31</a>
</li><li> <a href="Security/Meetings/2011-08-24">2011-08-24</a>
</li><li> <a href="Security/Meetings/lifecycledisc">Life Cycle discussion</a>
</li><li> <a href="Security/Meetings/2011-08-17">2011-08-17</a>
</li><li> <a href="Security/Meetings/2011-08-10">2011-08-10</a>
</li><li> <a href="Security/Meetings/2011-07-27">2011-07-27</a>
</li><li> <a href="Security/Meetings/2011-07-20">2011-07-20</a>
</li><li> <a href="Security/Meetings/2011-07-13">2011-07-13</a>
</li><li> <a href="Security/Meetings/2011-07-06">2011-07-06</a>
</li><li> <a href="Security/Meetings/2011-06-29">2011-06-29</a>
</li><li> <a href="Security/Meetings/2011-06-22">2011-06-22</a>
</li><li> <a href="Security/Meetings/2011-06-15">2011-06-15</a>
</li><li> <a href="Security/Meetings/2011-06-08">2011-06-08</a>
</li><li> <a href="Security/Meetings/2011-06-01">2011-06-01</a>
</li></ul>
</td></tr></table>
<table class="wikitable collapsible collapsed" style="width: 100%">
<tr>
<th> Joint Secteam-Infrasec Meetings 2012
</th></tr>
<tr>
<td>
<ul><li> <a href="Security/Meetings/2012-01-12">2012-01-12</a>
</li></ul>
</td></tr></table>
<table class="wikitable collapsible collapsed" style="width: 100%">
<tr>
<th> Joint Secteam-Infrasec Meetings 2011
</th></tr>
<tr>
<td>
<ul><li> <a href="Security/Meetings/2011-12-15">2011-12-15</a>
</li><li> <a href="Security/Meetings/2011-11-17">2011-11-17</a>
</li><li> <a href="Security/Meetings/2011-10-06">2011-10-06</a>
</li><li> <a href="Security/Meetings/2011-09-08">2011-09-08</a>
</li><li> <a href="Security/Meetings/2011-08-25">2011-08-25</a>
</li><li> <a href="Security/Meetings/2011-08-11">2011-08-11</a>
</li><li> <a href="Security/Meetings/2011-07-28">2011-07-28</a>
</li><li> <a href="Security/Meetings/2011-06-16">2011-06-16</a>
</li></ul>
</td></tr></table>
</td></tr></table>
<p><br />
</p>
<p><br />
</p>
==== Twitter Accounts of Security Mozillians ====
* [https://twitter.com/mozsec Mozilla Security]
* [https://twitter.com/mozwebsec Mozilla Security]
* [https://twitter.com/jruderman Jesse Ruderman]
* [https://twitter.com/curtisko Curtis Koenig] (all kinds of random stuff)
* [https://twitter.com/_mwc Michael Coates]
* [https://twitter.com/flamsmark Tom Lowenthal] (privacy)
* [https://twitter.com/securitae Lucas Adamski]
* [https://twitter.com/alexanderfowler Alex Fowler]
* [https://twitter.com/ygjb Yvan Boily]
* [https://twitter.com/dveditz Daniel Veditz]
* [https://twitter.com/openbuddha Al Billings] (but mostly Buddhist and Hackerspace tweets)
* [https://twitter.com/imelven Ian Melven]
* [https://twitter.com/kangsterizer Guillaume Destuynder]
* [https://twitter.com/nth10sd Gary Kwong] (all sorts of stuff)
* [https://twitter.com/mozdeco Christian Holler (decoder)]
==== Non-Mozilla Resources (blogs, news sites, twitter, tools) ====
* [[Security/OtherSecurityResources| Other Security Resources]]
===Stuff that needs to be merged into this page properly===
=== Meeting Notes ===
====SecTeam Meetings====
{| class="wikitable collapsible collapsed" style="width: 100%"
! Meetings
|-
|
{| class="wikitable collapsible collapsed" style="width: 100%"
! AppSec Meetings 2012
|-
|
* [[Security/AppSecBiweekly/2012-02-13|2012-02-13]]
|}
{| class="wikitable collapsible collapsed" style="width: 100%"
! SecTeam Meetings 2012
|-
|
* [[Security/Meetings/2012-02-01|2012-02-01]]
* [[Security/Meetings/2012-01-25|2012-01-25]]
* [[Security/Meetings/2012-01-18|2012-01-18]]
* [[Security/Meetings/2012-01-11|2012-01-11]]
* [[Security/Meetings/2012-01-04|2012-01-04]]
|}
{| class="wikitable collapsible collapsed" style="width: 100%"
! SecTeam Meetings 2011
|-
|
* [[Security/Meetings/2011-12-28|2011-12-28]]
* [[Security/Meetings/2011-12-21|2011-12-21]]
* [[Security/Meetings/2011-12-07|2011-12-14]]
* [[Security/Meetings/2011-12-07|2011-12-07]]
* [[Security/Meetings/2011-11-30|2011-11-30]]
* [[Security/Meetings/2011-11-23|2011-11-23]]
* [[Security/Meetings/2011-11-16|2011-11-16]]
* [[Security/Meetings/2011-11-09|2011-11-09]]
* [[Security/Meetings/2011-11-02|2011-11-02]]
* [[Security/Meetings/2011-10-26|2011-10-26]]
* [[Security/Meetings/2011-10-19|2011-10-19]]
* [[Security/Meetings/2011-10-12|2011-10-12]]
* [[Security/Meetings/2011-10-05|2011-10-05]]
* [[Security/Meetings/2011-09-28|2011-09-28]]
* No meeting on 9/14 (All Hands) or 9/21 (Fuzzing Work Week)
* [[Security/Meetings/2011-09-07|2011-09-07]]
* [[Security/Meetings/2011-08-31|2011-08-31]]
* [[Security/Meetings/2011-08-24|2011-08-24]]
* [[Security/Meetings/lifecycledisc|Life Cycle discussion]]
* [[Security/Meetings/2011-08-17|2011-08-17]]
* [[Security/Meetings/2011-08-10|2011-08-10]]
* [[Security/Meetings/2011-07-27|2011-07-27]]
* [[Security/Meetings/2011-07-20|2011-07-20]]
* [[Security/Meetings/2011-07-13|2011-07-13]]
* [[Security/Meetings/2011-07-06|2011-07-06]]
* [[Security/Meetings/2011-06-29|2011-06-29]]
* [[Security/Meetings/2011-06-22|2011-06-22]]
* [[Security/Meetings/2011-06-15|2011-06-15]]
* [[Security/Meetings/2011-06-08|2011-06-08]]
* [[Security/Meetings/2011-06-01|2011-06-01]]
|}
{| class="wikitable collapsible collapsed" style="width: 100%"
! Joint Secteam-Infrasec Meetings 2012
|-
|
* [[Security/Meetings/2012-01-12|2012-01-12]]
|}
{| class="wikitable collapsible collapsed" style="width: 100%"
! Joint Secteam-Infrasec Meetings 2011
|-
|
* [[Security/Meetings/2011-12-15|2011-12-15]]
* [[Security/Meetings/2011-11-17|2011-11-17]]
* [[Security/Meetings/2011-10-06|2011-10-06]]
* [[Security/Meetings/2011-09-08|2011-09-08]]
* [[Security/Meetings/2011-08-25|2011-08-25]]
* [[Security/Meetings/2011-08-11|2011-08-11]]
* [[Security/Meetings/2011-07-28|2011-07-28]]
* [[Security/Meetings/2011-06-16|2011-06-16]]
|}
|}