canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Meetings/SecurityAssurance/2013-04-30: Difference between revisions
Security/Meetings/SecurityAssurance/2013-04-30 (view source)
Revision as of 11:01, 1 May 2013
, 1 May 2013no edit summary
(Created page with "{{SecAssuranceMeetingInfo}} {{TOC right}}") |
No edit summary |
||
| Line 1: | Line 1: | ||
{{SecAssuranceMeetingInfo}} | {{SecAssuranceMeetingInfo}} | ||
{{TOC right}} | {{TOC right}} | ||
=Agenda= | |||
* Introductions - Julien Vehent | |||
* Team meetup - Next week! | |||
* coordinate pick up times https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdGpJcDIwNjZrcklzNE9RamZsQkI3Z0E#gid=4 | |||
* Goals - Please keep status up to date - https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdHU3a2lJRV8xckZXclZJdkNlN3dUYVE&usp=sharing | |||
* Metrics | |||
** https://security-review-statistics.vcap.mozillalabs.com/ | |||
** https://people.mozilla.com/~sarentz/p/dashboard | |||
** Review Security Radar Page - https://wiki.mozilla.org/Security/Radar « still mostly broken due to a wiki-media bug with collapsible items - {{bug|854395}} | |||
* [pt] Marketplace Anti-Malware Strategy Strategy: https://mana.mozilla.org/wiki/display/~cruetten@mozilla.com/Firefox+OS+Malware+Defense+Strategy | |||
* Planning for Las Vegas | |||
** Al is coordinating (?) | |||
** Black Hat, DEF CON, BSides (sold out), CodenomiCON (fuzzing) | |||
=Upcoming Speaking Engagements= | |||
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks ) | |||
* [Curtisk] 18-May MOSSCON http://www.mosscon.org/sessions/security-open | |||
* | |||
=Planned Blog Posts= | |||
* https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c | |||
=Security Review Status (curtisk)= | |||
* Completed in Q1 2013: 66 | |||
https://security-review-statistics.vcap.mozillalabs.com/weekly (26) | |||
=Operations Security Update (Joe Stevensen)= | |||
=Project Updates = | |||
Please add your name to the update so we know who to follow up with | |||
== Firefox Desktop == | |||
Click to play advancing - https://bugzilla.mozilla.org/show_bug.cgi?id=867337 | |||
== Fi | |||
=Agenda= | |||
* Introductions - Julien Vehent | |||
* Team meetup - Next week! | |||
* coordinate pick up times https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdGpJcDIwNjZrcklzNE9RamZsQkI3Z0E#gid=4 | |||
* Goals - Please keep status up to date - https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdHU3a2lJRV8xckZXclZJdkNlN3dUYVE&usp=sharing | |||
* Metrics | |||
** https://security-review-statistics.vcap.mozillalabs.com/ | |||
** https://people.mozilla.com/~sarentz/p/dashboard | |||
** Review Security Radar Page - https://wiki.mozilla.org/Security/Radar « still mostly broken due to a wiki-media bug with collapsible items - {{bug|854395}} | |||
* [pt] Marketplace Anti-Malware Strategy Strategy: https://mana.mozilla.org/wiki/display/~cruetten@mozilla.com/Firefox+OS+Malware+Defense+Strategy | |||
* Planning for Las Vegas | |||
** Al is coordinating (?) | |||
** Black Hat, DEF CON, BSides (sold out), CodenomiCON (fuzzing) | |||
=Upcoming Speaking Engagements= | |||
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks ) | |||
* [Curtisk] 18-May MOSSCON http://www.mosscon.org/sessions/security-open | |||
* | |||
=Planned Blog Posts= | |||
* https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c | |||
=Security Review Status (curtisk)= | |||
* Completed in Q1 2013: 66 | |||
https://security-review-statistics.vcap.mozillalabs.com/weekly (26) | |||
=Operations Security Update (Joe Stevensen)= | |||
=Project Updates = | |||
Please add your name to the update so we know who to follow up with | |||
== Firrefox Mobile == | |||
== Firefox OS == | |||
== Firefox Core == | |||
* [decoder] ASan builds are mostly bricked due to NSPR poisoning landing (bug 866525, bug 865921), working on it | |||
* [decoder] ASan + ASM.js incompatiblities resolved but won't be effective until we upgrade Clang | |||
** Should I use locally-built ASan for now? Or disable OdinMonkey? | |||
*** When testing the DOM, you might want to just disable OdinMonkey by setting javascript.options.experimental_asmjs to false (it's unlikely that you'll find bugs in there with DOM testing) | |||
== MarketPlace == | |||
Marketplace Anti-Malware Strategy Strategy: https://mana.mozilla.org/wiki/display/~cruetten@mozilla.com/Firefox+OS+Malware+Defense+Strategy | |||
== Web Apps == | |||
MoFoDev and nodejs | |||
== Services == | |||
== Operation Security == | |||
== Identity == | |||
* Mozilla IDP expected to be live for the end of quarter | |||
* PiCL moving forward | |||