https://wiki.mozilla.org/api.php?action=feedcontributions&user=Ethantseng&feedformat=atomMozillaWiki - User contributions [en]2024-03-28T12:22:04ZUser contributionsMediaWiki 1.27.4https://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/CookiePurging&diff=1228662Privacy/Anti-Tracking/CookiePurging2020-06-30T15:20:33Z<p>Ethantseng: Update the title of section P1 and P2 Bugs.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1594226}} - [Meta] Purging Tracking Cookies<br />
<br />
== Untriaged Bugs ==<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1594226",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/DynamicFirstPartyIsolation&diff=1226988Privacy/Anti-Tracking/DynamicFirstPartyIsolation2020-05-08T23:06:59Z<p>Ethantseng: Add a table for Bug 1590107 - [meta] Top-level site partitioning.</p>
<hr />
<div>= Dashboard =<br />
<br />
=== Meta Bugs ===<br />
* {{Bug|1549587}} - [meta] Dynamic first party isolation<br />
* {{Bug|1602922}} - [META] Breakage bugs of Dynamic First Party Isolation<br />
* {{Bug|1628486}} - Enable Dynamic FPI in Nightly<br />
* {{Bug|1590107}} - [meta] Top-level site partitioning<br />
<br />
<br />
=== Untriaged Bugs for {{Bug|1549587}} - [meta] Dynamic first party isolation ===<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1549587",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
=== P1/P2 Bugs Blocking {{Bug|1549587}} - [meta] Dynamic first party isolation ===<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P1/P2 Bugs Blocking {{Bug|1628486}} - Enable Dynamic FPI in Nightly ===<br />
<bugzilla><br />
{<br />
"blocks":"1628486",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Bugs Blocking {{Bug|1590107}} - [meta] Top-level site partitioning ===<br />
<bugzilla><br />
{<br />
"blocks":"1590107",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3/P5 Backlog for {{Bug|1549587}} - [meta] Dynamic first party isolation ===<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/DynamicFirstPartyIsolation&diff=1226892Privacy/Anti-Tracking/DynamicFirstPartyIsolation2020-05-06T12:42:03Z<p>Ethantseng: Add a table for dependent bugs for Enable Dynamic FPI in Nightly</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug<br />
* {{Bug|1549587}} - [meta] Dynamic first party isolation<br />
* {{Bug|1602922}} - [META] Breakage bugs of Dynamic First Party Isolation<br />
* {{Bug|1628486}} - Enable Dynamic FPI in Nightly<br />
* {{Bug|1590107}} - [meta] Top-level site partitioning<br />
<br />
<br />
== Untriaged Bugs ==<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1549587",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (blocking Enable Dynamic FPI in Nightly) ==<br />
<bugzilla><br />
{<br />
"blocks":"1628486",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, severity, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/DynamicFirstPartyIsolation&diff=1226879Privacy/Anti-Tracking/DynamicFirstPartyIsolation2020-05-06T00:16:41Z<p>Ethantseng: Update a title.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1549587}} - [meta] Dynamic first party isolation<br />
<br />
== Untriaged Bugs ==<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1549587",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/CookiePurging&diff=1226878Privacy/Anti-Tracking/CookiePurging2020-05-06T00:16:15Z<p>Ethantseng: Update a title.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1594226}} - [Meta] Purging Tracking Cookies<br />
<br />
== Untriaged Bugs ==<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1594226",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/CookiePurging&diff=1226877Privacy/Anti-Tracking/CookiePurging2020-05-06T00:15:44Z<p>Ethantseng: Update the query for untriaged bugs.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1594226}} - [Meta] Purging Tracking Cookies<br />
<br />
== Untriaged ==<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1594226",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/DynamicFirstPartyIsolation&diff=1226876Privacy/Anti-Tracking/DynamicFirstPartyIsolation2020-05-06T00:12:20Z<p>Ethantseng: Update the query for untriaged bug.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1549587}} - [meta] Dynamic first party isolation<br />
<br />
== Untriaged ==<br />
A bug is considered as '''untriaged''' if any of the following condition is true:<br />
* The '''Status''' field is UNCONFIRMED, or<br />
* The '''Priority''' field is not set ("--), or<br />
* The '''Severity''' field is not set ("--" for all types or "N/A" for type Defect)<br />
<br />
<bugzilla><br />
{<br />
"o8": "equals",<br />
"o5": "equals",<br />
"query_format": "advanced",<br />
"f3": "bug_status",<br />
"f4": "priority",<br />
"v7": "Defect",<br />
"o4": "equals",<br />
"v1": "1549587",<br />
"j2": "OR",<br />
"f8": "bug_severity",<br />
"o3": "equals",<br />
"f10": "CP",<br />
"f5": "bug_severity",<br />
"resolution": "---",<br />
"f7": "bug_type",<br />
"f1": "blocked",<br />
"v5": "--",<br />
"v8": "N/A",<br />
"f2": "OP",<br />
"v3": "UNCONFIRMED",<br />
"f9": "CP",<br />
"o1": "equals",<br />
"f6": "OP",<br />
"o7": "equals",<br />
"v4": "--",<br />
<br />
"include_fields": "id, type, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "id"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/DynamicFirstPartyIsolation&diff=1226871Privacy/Anti-Tracking/DynamicFirstPartyIsolation2020-05-05T22:50:36Z<p>Ethantseng: Create this page as a dashboard for dynamic FPI.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1549587}} - [meta] Dynamic first party isolation<br />
<br />
== Untriaged ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["UNCONFIRMED"], <br />
"priority":["--"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1549587",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking/CookiePurging&diff=1226870Privacy/Anti-Tracking/CookiePurging2020-05-05T22:44:33Z<p>Ethantseng: Create this dashboard.</p>
<hr />
<div>= Dashboard =<br />
<br />
Meta Bug: {{Bug|1594226}} - [Meta] Purging Tracking Cookies<br />
<br />
== Untriaged ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["UNCONFIRMED"], <br />
"priority":["--"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on"<br />
}<br />
</bugzilla><br />
<br />
== P1 and P2 Bugs (block shipping) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P1", "P2"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== P3 and P5 Bugs (backlog) ==<br />
<bugzilla><br />
{<br />
"blocks":"1594226",<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["P3", "P4", "P5"], <br />
"include_fields": "id, summary, priority, severity, status, assigned_to, depends_on",<br />
"order": "priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Privacy/Anti-Tracking&diff=1208002Privacy/Anti-Tracking2019-02-21T19:05:49Z<p>Ethantseng: Add a section for backlog bugs.</p>
<hr />
<div>== Meeting Notes ==<br />
https://docs.google.com/document/d/1AT34_fRGs41I6blia0kJqF88zua0VISmQ7tEL1SR0U4/edit<br />
<br />
== New bugs ==<br />
<bugzilla><br />
{<br />
"f1":"OP",<br />
"j1":"AND",<br />
"f2":"bug_status",<br />
"o2":"equals",<br />
"v2":"NEW", <br />
"f3":"OP",<br />
"j3":"OR",<br />
"f4": "component",<br />
"o4":"equals",<br />
"v4": "Privacy: Anti-Tracking",<br />
"f5":"status_whiteboard",<br />
"o5":"anywordssubstr",<br />
"v5":"anti-tracking",<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== Backlog bugs ==<br />
<bugzilla><br />
{<br />
"bug_status":"ASSIGNED",<br />
"status_whiteboard":"anti-tracking",<br />
"priority": "P3",<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== In-progress bugs for 67 ==<br />
<bugzilla><br />
{<br />
"bug_status":"ASSIGNED",<br />
"status_whiteboard":"anti-tracking",<br />
"target_milestone": ["Firefox 67","mozilla67"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard, target_milestone",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
<br />
== In-progress bugs for 66 ==<br />
<bugzilla><br />
{<br />
"bug_status":"ASSIGNED",<br />
"status_whiteboard":"anti-tracking",<br />
"target_milestone": ["Firefox 66","mozilla66"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard, target_milestone",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== In-progress bugs ==<br />
<bugzilla><br />
{<br />
"bug_status":"ASSIGNED",<br />
"status_whiteboard":"anti-tracking",<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
== Resolved bugs ==<br />
<bugzilla><br />
{<br />
"bug_status":"RESOLVED",<br />
"status_whiteboard":"anti-tracking",<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Fingerprinting&diff=1204006Security/Fusion/Dashboard/Fingerprinting2018-11-16T10:34:18Z<p>Ethantseng: Minor update.</p>
<hr />
<div>== Bug Tracking ==<br />
Anti-fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Tor Uplift: Fingerprinting Resistance<br />
<br><br />
<br />
The MVP is defined as the fingerprinting protection which is needed or would be used by Tor Browser. For general fingerprinting issues but not necessary to fix in Tor, we use the Whiteboard keyword "[fingerprinting]" to specify them.<br />
<br><br><br />
<br />
There are breakages caused by the fingerprinting resistance feature. They are tracked by another meta bug: <br><br />
{{Bug|1507517}} - [META] Breakage from Fingerprinting Resistance<br />
<br><br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-triaged]: Already triaged.<br />
** Priority must be set.<br />
** P1/P2 must have an assignee.<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"], <br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Fingerprinting_Breakage&diff=1203992Security/Fusion/Dashboard/Fingerprinting Breakage2018-11-15T20:43:24Z<p>Ethantseng: Update the description.</p>
<hr />
<div>=== Meta Bug ===<br />
{{Bug|1507517}} - [META] Breakage from Fingerprinting Resistance<br />
<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"], <br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Fingerprinting&diff=1203991Security/Fusion/Dashboard/Fingerprinting2018-11-15T20:40:44Z<p>Ethantseng: Update the description.</p>
<hr />
<div>== Bug Tracking ==<br />
Anti-fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Tor Uplift: Fingerprinting Resistance<br />
<br><br />
<br />
The MVP is defined as the fingerprinting protection which is needed or would be used by Tor Browser. For general fingerprinting issues but not necessary to fix in Tor, we use the Whiteboard keyword "[fingerprinting]" to specify them.<br />
<br><br><br />
<br />
There are breakages caused by the fingerprinting resistance feature. They are tracked by another meta bug: <br><br />
{{Bug|1507517}} - [META] Breakage from Fingerprinting Resistance<br />
<br><br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-triaged]: Already triaged.<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"], <br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard&diff=1203988Security/Fusion/Dashboard2018-11-15T20:27:14Z<p>Ethantseng: Add links to different dashboards.</p>
<hr />
<div><br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/Tor_Uplift '''Dashboard: Tor Uplift''']<br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/First_Party_Isolation '''Dashboard: First Party Isolation''']<br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/Fingerprinting '''Dashboard: Fingerprinting''']<br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/Fingerprinting_Breakage '''Dashboard: Fingerprinting Breakage''']</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Fingerprinting_Breakage&diff=1203987Security/Fusion/Dashboard/Fingerprinting Breakage2018-11-15T20:26:52Z<p>Ethantseng: Create this page to track breakage bugs caused by fingerprinting resistance.</p>
<hr />
<div>== Bug Tracking ==<br />
Fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1507517}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-breakage]: Breakage issues caused by fingerprinting resistance<br />
* [fp-triaged]: Already triaged<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"], <br />
"blocks":"1507517",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard&diff=1203937Security/Fusion/Dashboard2018-11-14T15:54:38Z<p>Ethantseng: Add links to dashboards.</p>
<hr />
<div>== Dashboards ==<br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/Tor_Uplift '''Tor Uplift''']<br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/First_Party_Isolation '''First Party Isolation''']<br />
* [https://wiki.mozilla.org/Security/Fusion/Dashboard/Fingerprinting '''Fingerprinting''']<br />
<br />
== Bug Tracking ==<br />
Fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-breakage]: Breakage issues caused by fingerprinting resistance<br />
* [fp-triaged]: Already triaged<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED"], <br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/First_Party_Isolation&diff=1203936Security/Fusion/Dashboard/First Party Isolation2018-11-14T15:51:04Z<p>Ethantseng: Create this page to track First Party Isolation bugs.</p>
<hr />
<div>== Bug Tracking ==<br />
First Party Isolation bugs are tracked under the meta bug: <br><br />
{{Bug|1299996}} - [META] Support Tor first-party isolation<br />
<br><br />
<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"blocks":"1299996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"blocks":"1299996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"blocks":"1299996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"], <br />
"blocks":"1299996",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Tor_Uplift&diff=1203935Security/Fusion/Dashboard/Tor Uplift2018-11-14T15:27:47Z<p>Ethantseng: Update the order sorting for closed bugs.</p>
<hr />
<div>== Bug Tracking ==<br />
Tor Uplift bugs are tracked under the meta bug: <br><br />
{{Bug|1260929}} - [META] Tor Patch Uplifting<br />
<br><br />
<br />
=== Open Bugs ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"],<br />
"blocks":"1260929",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"],<br />
"blocks":"1260929",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Fingerprinting&diff=1203934Security/Fusion/Dashboard/Fingerprinting2018-11-14T15:26:17Z<p>Ethantseng: Create this page to track fingerprinting resistance bugs.</p>
<hr />
<div>== Bug Tracking ==<br />
Fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-breakage]: Breakage issues caused by fingerprinting resistance<br />
* [fp-triaged]: Already triaged<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"], <br />
"blocks":"1329996",<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard/Tor_Uplift&diff=1203933Security/Fusion/Dashboard/Tor Uplift2018-11-14T15:17:51Z<p>Ethantseng: Create this page to track Tor Uplift bugs.</p>
<hr />
<div>== Bug Tracking ==<br />
Tor Uplift bugs are tracked under the meta bug: <br><br />
{{Bug|1260929}} - [META] Tor Patch Uplifting<br />
<br><br />
<br />
=== Open Bugs ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"],<br />
"blocks":"1260929",<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED", "VERIFIED", "CLOSED"],<br />
"blocks":"1260929",<br />
"include_fields": "id, summary, priority, status, resolution, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fingerprinting&diff=1203039Security/Fingerprinting2018-10-29T17:03:19Z<p>Ethantseng: Add Pointer Event</p>
<hr />
<div>== Cross-Origin Fingerprinting Unlinkability ==<br />
The anti-fingerprinting project is part of the Tor Uplift project. <br><br />
Its goal is to build up the same level of fingerprinting resistance as the Tor Browser in Firefox. <br><br />
Refer to the design and implementation document of the Tor Browser: <br><br />
https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability<br />
<br />
== Technical Details ==<br />
<br />
This page contains technical details about the things we do in Resist fingerprinting mode. It is up to date as of March 7, 2018<br />
<br />
<br />
=== Terse List ===<br />
<br />
* Complicated (see below)<br />
** Canvas image extraction is blocked<br />
** Absolute Screen Coordinates are obscured<br />
** Window Dimensions are rounded to a multiple of 200x100, and a warning is shown when maximizing<br />
** We only allow specific system fonts to be used, and we ship them to the user using kinto<br />
<br />
* Non-Trivial (see below)<br />
** The performance API is mostly disabled<br />
** Time Precision is reduced to 100ms, with up to 100ms of jitter<br />
** mozAddonManager may be blocked {{Bug|1384330}}<br />
** Media Devices are spoofed {{Bug|1372073}}<br />
** WebGL is limited {{Bug|1217290}}<br />
** The Keyboard Layout is spoofed <br />
** The Locale is spoofed to en-US<br />
** If you customize the preferred language list (Accept-Language), you will be warned {{Bug|1039069}}<br />
** System Media Queries will never match {{Bug|1479240}}<br />
** The Pointer Event is spoofed {{Bug|1363508}} and also pointerEvent.pointerid {{Bug|1492766}}<br />
<br />
* Trivial<br />
** The browser version is reported to be the most recent ESR version (but the OS is not spoofed)<br />
** Timezone is spoofed to 'UTC'<br />
** The gamepad API is disabled<br />
** All device sensors are disabled<br />
** The WebSpeech API is disabled<br />
** WEBGL_debug_renderer_info extension is disabled {{Bug|1337157}}<br />
** navigator.hardwareConcurrency is spoofed to 2<br />
** Site-specific zoom is disabled {{Bug|1369357}}<br />
** MediaError.message is restricted to a whitelist {{Bug|1354633}}<br />
** The Network Information API reports an 'Unknown' connection type, and the ontypechange event is suppressed {{Bug|1372072}}<br />
** The Media Statistics API will report calculated numbers not reflecting reality {{Bug|1369309}}<br />
** Web Extensions are able to toggle privacy.resistFingerprinting<br />
** Geolocation is disabled {{Bug|1372069}} - but this will be reverted {{Bug|1441295}}<br />
** screen.orientation.type is spoofed as 'landscape-primary' and screen.orientation.angle is spoofed to '0' {{Bug|1281949}} but also {{Bug|1433815}}<br />
** navigator.plugins and navigator.mimeTypes are reported as empty {{Bug|1281963}} and {{Bug|1324044}}<br />
** prefers-reduced-motion always returns false {{Bug|1478158}}<br />
<br />
=== Details ===<br />
<br />
==== Canvas Fingerprinting Detection ====<br />
<br />
==== Absolute Screen Coordinates ====<br />
<br />
{{Bug|1382499}}<br />
<br />
==== Window Dimensions ====<br />
<br />
{{Bug|1330882}}<br />
<br />
==== Fonts ====<br />
<br />
TODO<br />
<br />
==== Performance API ====<br />
<br />
Most performance APIs are disabled, but not all of them. TODO more details.<br />
<br />
==== Time Precision Reduction ====<br />
<br />
TODO more details<br />
<br />
* animation API - {{Bug|1382545}}<br />
<br />
==== mozAddonManager ====<br />
<br />
window.navigator.mozAddonManager is only exposed to addons.mozilla.org. In Resist Fingerprinting mode, we keep it exposed; however if the additional preference 'privacy.resistFingerprinting.block_mozAddonManager' is true, then it is not exposed to AMO<br />
<br />
==== Media Devices ====<br />
<br />
When RFP is enabled, enumerateDevices reports that the user has one camera (named 'Internal Camera') and one microphone (named 'Internal Microphone'). The devicechange event is also suppressed.<br />
<br />
==== WebGL ====<br />
<br />
TODO<br />
<br />
==== Keyboard Layout ====<br />
<br />
{{Bug|1222285}}, {{Bug|1438795}}, {{Bug|1409974}}, {{Bug|1433592}}<br />
<br />
==== Locale ====<br />
<br />
{{Bug|867501}}, {{Bug|1330892}}, {{Bug|1369330}}, {{Bug|1409973}}<br />
<br />
==== Accept-Languages ====<br />
<br />
== Project Schedule ==<br />
* Complete the implementation of MVP in '''Firefox 57 (2017-09-20)'''<br />
** This is being tracked by three milestones M1, M2, and M3<br />
* Feature stabilization and refinement in '''Firefox 58 (2017-11-13)'''<br />
** Perform integration test to identify regressions and Web compatibility issues<br />
** Perform tests to verify the effectiveness of fingerprinting protection<br />
** Fix regressions and any other issues<br />
** Figure out the product strategy of Firefox to roll out this functionality<br />
* Ship the feature in '''Firefox 59 (2018-01-15)<br />
** Tor Browser will be using Firefox ESR 59<br />
<br />
== Bug Tracking ==<br />
All fingerprinting bugs are being tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Priority Definition'''<br />
* P1: MVP (Minimum Viable Product)<br />
* P2: Nice to Have<br />
* P3: Backlog<br />
* Any bug which is marked as [fp:m1-3] in the Whiteboard is also MVP, regardless of its Priority<br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Indicate this is a fingerprinting bug<br />
* [fp:m1]: Target milestone is M1 (2017-06-12 Firefox 55)<br />
* [fp:m2]: Target milestone is M2 (2017-08-02 Firefox 56)<br />
* [fp:m3]: Target milestone is M3 (2017-09-20 Firefox 57)<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Dashboard ==<br />
=== MVP: M1 Bugs List (2017-06-12 Firefox 55) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m1"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M2 Bugs List (2017-08-07 Firefox 56) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m2"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M3 Bugs List (2017-09-25 Firefox 57) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m3"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: Bugs To Be Triaged ===<br />
The following bugs are MVP bugs which are not specified priority yet.<br />
<bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"priority":["--"],<br />
"whiteboard":["fp:m"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Fingerprinting P2 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P2"], <br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting P3-P5 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P3", "P4", "P5", "--"], <br />
"include_fields": "id, summary, status, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Breakage ===<br />
<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"whiteboard":["fingerprinting-breakage"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== All Open Tagged Fingerprinting Bugs ===<br />
<br />
<disabled-bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"],<br />
"whiteboard":["fingerprinting"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Resolved Bugs ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["RESOLVED", "VERIFIED"], <br />
"include_fields": "id, summary, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "assigned_to"<br />
}<br />
</disabled-bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard&diff=1198307Security/Fusion/Dashboard2018-08-01T15:24:03Z<p>Ethantseng: Add a section for closed bugs</p>
<hr />
<div>== Bug Tracking ==<br />
Fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-breakage]: Breakage issues caused by fingerprinting resistance<br />
* [fp-triaged]: Already triaged<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Closed Bugs ===<br />
<bugzilla><br />
{<br />
"status":["RESOLVED"], <br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, resolution, assigned_to, whiteboard",<br />
"order": "resolution, priority, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard&diff=1198002Security/Fusion/Dashboard2018-07-26T11:04:18Z<p>Ethantseng: Only query fingerprinting bugs for now</p>
<hr />
<div>== Bug Tracking ==<br />
Fingerprinting MVP bugs are tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Fingerprinting bugs<br />
* [fp-breakage]: Breakage issues caused by fingerprinting resistance<br />
* [fp-triaged]: Already triaged<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Fingerprinting Bugs ==<br />
=== Open P1 Bugs (We are actively working on them) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P1",<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Open P2 Bugs (Important. We will work on them ASAP) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":"P2",<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== P3-P5 Bugs (Backlog) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"priority":["--", "P3", "P4", "P5"],<br />
"whiteboard":["fingerprint"],<br />
"include_fields": "id, summary, priority, status, assigned_to, whiteboard",<br />
"order": "priority, status, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion/Dashboard&diff=1196847Security/Fusion/Dashboard2018-07-08T00:04:25Z<p>Ethantseng: Create this page</p>
<hr />
<div>=== Tor Related Bugs (whiteboard contains "[tor") ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"whiteboard":["[tor"],<br />
"include_fields": "id, summary, status, priority, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Fingerprinting Bugs (whiteboard contains "finger") ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"], <br />
"whiteboard":["finger"],<br />
"include_fields": "id, summary, status, priority, assigned_to, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fingerprinting&diff=1190222Security/Fingerprinting2018-03-12T21:54:30Z<p>Ethantseng: Fixed a typo</p>
<hr />
<div>== Cross-Origin Fingerprinting Unlinkability ==<br />
The anti-fingerprinting project is part of the Tor Uplift project. <br><br />
Its goal is to build up the same level of fingerprinting resistance as the Tor Browser in Firefox. <br><br />
Refer to the design and implementation document of the Tor Browser: <br><br />
https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability<br />
<br />
== Technical Details ==<br />
<br />
This page contains technical details about the things we do in Resist fingerprinting mode. It is up to date as of March 7, 2018<br />
<br />
<br />
=== Terse List ===<br />
<br />
* Complicated (see below)<br />
** Canvas image extraction is blocked<br />
** Absolute Screen Coordinates are obscured<br />
** Window Dimensions are rounded to a multiple of 200x100, and a warning is shown when maximizing<br />
** We only allow specific system fonts to be used, and we ship them to the user using kinto<br />
<br />
* Non-Trivial (see below)<br />
** The performance API is mostly disabled<br />
** Time Precision is reduced to 100ms, with up to 100ms of jitter<br />
** mozAddonManager may be blocked {{Bug|1384330}}<br />
** Media Devices are spoofed {{Bug|1372073}}<br />
** WebGL is limited {{Bug|1217290}}<br />
** The Keyboard Layout is spoofed <br />
** The Locale is spoofed to en-US<br />
** If you customize the preferred language list (Accept-Language), you will be warned {{Bug|1039069}}<br />
<br />
* Trivial<br />
** The browser version is reported to be the most recent ESR version (but the OS is not spoofed)<br />
** Timezone is spoofed to 'UTC'<br />
** The gamepad API is disabled<br />
** All device sensors are disabled<br />
** The WebSpeech API is disabled<br />
** navigator.hardwareConcurrency is spoofed to 2<br />
** Site-specific zoom is disabled {{Bug|1369357}}<br />
** MediaError.message is restricted to a whitelist {{Bug|1354633}}<br />
** The Network Information API reports an 'Unknown' connection type, and the ontypechange event is suppressed {{Bug|1372072}}<br />
** The Media Statistics API will report calculated numbers not reflecting reality {{Bug|1369309}}<br />
** Web Extensions are able to toggle privacy.resistFingerprinting<br />
** Geolocation is disabled {{Bug|1372069}} - but this will be reverted {{Bug|1441295}}<br />
** screen.orientation.type is spoofed as 'landscape-primary' and screen.orientation.angle is spoofed to '0' {{Bug|1281949}} but also {{Bug|1433815}}<br />
** navigator.plugins and navigator.mimeTypes are reported as empty {{Bug|1281963}} and {{Bug|1324044}}<br />
<br />
=== Details ===<br />
<br />
==== Canvas Fingerprinting Detection ====<br />
<br />
==== Absolute Screen Coordinates ====<br />
<br />
{{Bug|1382499}}<br />
<br />
==== Window Dimensions ====<br />
<br />
{{Bug|1330882}}<br />
<br />
==== Fonts ====<br />
<br />
TODO<br />
<br />
==== Performance API ====<br />
<br />
Most performance APIs are disabled, but not all of them. TODO more details.<br />
<br />
==== Time Precision Reduction ====<br />
<br />
TODO more details<br />
<br />
* animation API - {{Bug|1382545}}<br />
<br />
==== mozAddonManager ====<br />
<br />
window.navigator.mozAddonManager is only exposed to addons.mozilla.org. In Resist Fingerprinting mode, we keep it exposed; however if the additional preference 'privacy.resistFingerprinting.block_mozAddonManager' is true, then it is not exposed to AMO<br />
<br />
==== Media Devices ====<br />
<br />
When RFP is enabled, enumerateDevices reports that the user has one camera (named 'Internal Camera') and one microphone (named 'Internal Microphone'). The devicechange event is also suppressed.<br />
<br />
==== WebGL ====<br />
<br />
TODO<br />
<br />
==== Keyboard Layout ====<br />
<br />
{{Bug|1222285}}, {{Bug|1438795}}, {{Bug|1409974}}, {{Bug|1433592}}<br />
<br />
==== Locale ====<br />
<br />
{{Bug|867501}}, {{Bug|1330892}}, {{Bug|1369330}}, {{Bug|1409973}}<br />
<br />
==== Accept-Languages ====<br />
<br />
== Project Schedule ==<br />
* Complete the implementation of MVP in '''Firefox 57 (2017-09-20)'''<br />
** This is being tracked by three milestones M1, M2, and M3<br />
* Feature stabilization and refinement in '''Firefox 58 (2017-11-13)'''<br />
** Perform integration test to identify regressions and Web compatibility issues<br />
** Perform tests to verify the effectiveness of fingerprinting protection<br />
** Fix regressions and any other issues<br />
** Figure out the product strategy of Firefox to roll out this functionality<br />
* Ship the feature in '''Firefox 59 (2018-01-15)<br />
** Tor Browser will be using Firefox ESR 59<br />
<br />
== Bug Tracking ==<br />
All fingerprinting bugs are being tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Priority Definition'''<br />
* P1: MVP (Minimum Viable Product)<br />
* P2: Nice to Have<br />
* P3: Backlog<br />
* Any bug which is marked as [fp:m1-3] in the Whiteboard is also MVP, regardless of its Priority<br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Indicate this is a fingerprinting bug<br />
* [fp:m1]: Target milestone is M1 (2017-06-12 Firefox 55)<br />
* [fp:m2]: Target milestone is M2 (2017-08-02 Firefox 56)<br />
* [fp:m3]: Target milestone is M3 (2017-09-20 Firefox 57)<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Dashboard ==<br />
=== MVP: M1 Bugs List (2017-06-12 Firefox 55) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m1"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M2 Bugs List (2017-08-07 Firefox 56) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m2"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M3 Bugs List (2017-09-25 Firefox 57) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m3"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: Bugs To Be Triaged ===<br />
The following bugs are MVP bugs which are not specified priority yet.<br />
<bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"priority":["--"],<br />
"whiteboard":["fp:m"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Fingerprinting P2 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P2"], <br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting P3-P5 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P3", "P4", "P5", "--"], <br />
"include_fields": "id, summary, status, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Breakage ===<br />
<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"whiteboard":["fingerprinting-breakage"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== All Open Tagged Fingerprinting Bugs ===<br />
<br />
<disabled-bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"],<br />
"whiteboard":["fingerprinting"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Resolved Bugs ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["RESOLVED", "VERIFIED"], <br />
"include_fields": "id, summary, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "assigned_to"<br />
}<br />
</disabled-bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1186366Security/Fusion2018-01-08T06:43:37Z<p>Ethantseng: Polish the rhetoric.</p>
<hr />
<div><br />
[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''USI'''ng '''ON'''ions) is a Mozilla project, in collaboration with [https://www.torproject.org/ the Tor Project], to bring the cutting-edge security and privacy features to Firefox users by leveraging the technologies of Tor Browser and Tor Proxy.<br />
<br />
This project is experimental and in the beginning phases.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams are long-time collaborators. The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by adding privacy-enhancing patches to [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR]. When this process first began, the Tor Browser team would have to update these patches each time a new version of Firefox was released, which was very time intensive.<br />
<br />
In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift project'''] to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, the Firefox team takes the change Tor Browser needs and adds it to Firefox. These changes in Firefox are disabled by default but can be enabled in preferences. Because preferences can be changed rather than updating each patch, the Tor Uplift project saves the Tor Browser team a lot of work.<br />
<br />
The primary targets of the Tor Uplift project were two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
Tor Uplift also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience. That's the goal of '''Fusion''', the next big step of the collaboration between Mozilla and Tor.<br />
<br />
Fusion was initiated in 2018. Mozilla and the Tor Project are working closely on this project.<br />
<br />
= Project Vision =<br />
Mozilla and the Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* The Tor Project's mission is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world by bringing cutting-edge privacy enhancing technology to more users.<br />
<br />
= Project Goals =<br />
Although this project is still experimental and in beginning phases, the ultimate long-term goal of Fusion is to integrate full Tor Browser features in Firefox. There are many potential paths for our project, including enabling some features by default and others only in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode].<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''We will improve Fingerprinting Resistance by'''<br />
** making fingerprinting resistance more user-friendly,<br />
** minimizing Web breakages caused by fingerprinting resistance, and<br />
** conducting a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''We will implement a proxy bypass testing framework for Firefox'''<br />
* '''We will determine how best to integrate the Tor proxy into Firefox'''<br />
* '''We will allow First Party Isolation and Fingerprinting Resistance to be enabled only in Private Browsing Mode'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features ([https://www.torproject.org/projects/torbrowser/design/#identifier-linkability Cross-Origin Identifier Unlinkability]). <br><br />
First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference '''"privacy.firstparty.isolate"'''. It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature ([https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Cross-Origin Fingerprinting Unlinkability]). <br><br />
Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference '''"privacy.resistFingerprinting"'''. It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]<br />
<br />
https://arthuredelstein.net/fusion2_small.jpg</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fingerprinting&diff=1185796Security/Fingerprinting2017-12-14T20:34:26Z<p>Ethantseng: Enable the query for Fingerprinting Breakage</p>
<hr />
<div>== Cross-Origin Fingerprinting Unlinkability ==<br />
The anti-fingerprinting project is part of the Tor Uplift project. <br><br />
Its goal is to build up the same level of fingerprinting resistance as the Tor Browser in Firefox. <br><br />
Refer to the design and implementation document of the Tor Browser: <br><br />
https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability<br />
<br />
== Project Schedule ==<br />
* Complete the implementation of MVP in '''Firefox 57 (2018-09-20)'''<br />
** This is being tracked by three milestones M1, M2, and M3<br />
* Feature stabilization and refinement in '''Firefox 58 (2017-11-13)'''<br />
** Perform integration test to identify regressions and Web compatibility issues<br />
** Perform tests to verify the effectiveness of fingerprinting protection<br />
** Fix regressions and any other issues<br />
** Figure out the product strategy of Firefox to roll out this functionality<br />
* Ship the feature in '''Firefox 59 (2018-01-15)<br />
** Tor Browser will be using Firefox ESR 59<br />
<br />
<br />
== Bug Tracking ==<br />
All fingerprinting bugs are being tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Priority Definition'''<br />
* P1: MVP (Minimum Viable Product)<br />
* P2: Nice to Have<br />
* P3: Backlog<br />
* Any bug which is marked as [fp:m1-3] in the Whiteboard is also MVP, regardless of its Priority<br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Indicate this is a fingerprinting bug<br />
* [fp:m1]: Target milestone is M1 (2017-06-12 Firefox 55)<br />
* [fp:m2]: Target milestone is M2 (2017-08-02 Firefox 56)<br />
* [fp:m3]: Target milestone is M3 (2017-09-20 Firefox 57)<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Dashboard ==<br />
=== MVP: M1 Bugs List (2017-06-12 Firefox 55) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m1"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M2 Bugs List (2017-08-07 Firefox 56) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m2"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M3 Bugs List (2017-09-25 Firefox 57) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m3"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: Bugs To Be Triaged ===<br />
The following bugs are MVP bugs which are not specified priority yet.<br />
<bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"priority":["--"],<br />
"whiteboard":["fp:m"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Fingerprinting P2 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P2"], <br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting P3-P5 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P3", "P4", "P5", "--"], <br />
"include_fields": "id, summary, status, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Breakage ===<br />
<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"whiteboard":["fingerprinting-breakage"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== All Open Tagged Fingerprinting Bugs ===<br />
<br />
<disabled-bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"],<br />
"whiteboard":["fingerprinting"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Resolved Bugs ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["RESOLVED", "VERIFIED"], <br />
"include_fields": "id, summary, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "assigned_to"<br />
}<br />
</disabled-bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185788Security/Fusion2017-12-14T18:49:27Z<p>Ethantseng: Polish some statements.</p>
<hr />
<div><br />
[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''USI'''ng '''ON'''ions) is a Mozilla project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of the Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more privacy options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ the Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
Mozilla and the Tor Project are long-time collaborators. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target of the Tor Uplift project was two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and the Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* The Tor Project's mission is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies, supporting their unrestricted availability and use, and furthering their scientific and popular understanding."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential paths to this. For example, enabling some features by default and but other options only in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. <br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''We will improve Fingerprinting Resistance by'''<br />
** making fingerprinting resistance more user-friendly,<br />
** minimizing Web breakages caused by fingerprinting resistance, and<br />
** conducting a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''We will implement a proxy bypass testing framework for Firefox'''<br />
* '''We will determine how best to integrate the Tor proxy into Firefox'''<br />
* '''We will allow First Party Isolation and Fingerprinting Resistance to be enabled only in Private Browsing Mode'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features ([https://www.torproject.org/projects/torbrowser/design/#identifier-linkability Cross-Origin Identifier Unlinkability]). <br><br />
First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference '''"privacy.firstparty.isolate"'''. It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature ([https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Cross-Origin Fingerprinting Unlinkability]). <br><br />
Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference '''"privacy.resistFingerprinting"'''. It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]<br />
<br />
https://arthuredelstein.net/fusion2_small.jpg</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185708Security/Fusion2017-12-12T20:08:44Z<p>Ethantseng: Update the acronym.</p>
<hr />
<div><br />
[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''USI'''ng '''ON'''ions) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target of the Tor Uplift project was two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential paths to this. For example, enabling some features by default and but other options only in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. <br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''We will improve Fingerprinting Resistance by'''<br />
** making fingerprinting resistance more user-friendly,<br />
** minimizing Web breakages caused by fingerprinting resistance, and<br />
** conducting a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''We will implement a proxy bypass testing framework for Firefox'''<br />
* '''We will determine how best to integrate the Tor proxy into Firefox'''<br />
* '''We will allow First Party Isolation and Fingerprinting Resistance to be enabled only in Private Browsing Mode'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features ([https://www.torproject.org/projects/torbrowser/design/#identifier-linkability Cross-Origin Identifier Unlinkability]). <br><br />
First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference '''"privacy.firstparty.isolate"'''. It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature ([https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Cross-Origin Fingerprinting Unlinkability]). <br><br />
Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference '''"privacy.resistFingerprinting"'''. It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]<br />
<br />
https://arthuredelstein.net/fusion2_small.jpg</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185533Security/Fusion2017-12-07T16:19:41Z<p>Ethantseng: Minor update for a typo.</p>
<hr />
<div><br />
[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target of the Tor Uplift project was two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''We will improve Fingerprinting Resistance by'''<br />
** making fingerprinting resistance more user-friendly,<br />
** minimizing Web breakages caused by fingerprinting resistance, and<br />
** conducting a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''We will implement a proxy bypass testing framework for Firefox'''<br />
* '''We will design the Tor proxy for Firefox'''<br />
* '''We hope to enable First Party Isolation and Fingerprinting Resistance in Private Browsing Mode'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features ([https://www.torproject.org/projects/torbrowser/design/#identifier-linkability Cross-Origin Identifier Unlinkability]). <br><br />
First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference '''"privacy.firstparty.isolate"'''. It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature ([https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Cross-Origin Fingerprinting Unlinkability]). <br><br />
Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference '''"privacy.resistFingerprinting"'''. It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]<br />
<br />
https://arthuredelstein.net/fusion2_small.jpg</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185532Security/Fusion2017-12-07T16:14:26Z<p>Ethantseng: Polish the section Project Goals.</p>
<hr />
<div><br />
[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project was two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''We will improve Fingerprinting Resistance by'''<br />
** making fingerprinting resistance more user-friendly,<br />
** minimizing Web breakages caused by fingerprinting resistance, and<br />
** conducting a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''We will implement a proxy bypass testing framework for Firefox'''<br />
* '''We will design the Tor proxy for Firefox'''<br />
* '''We hope to enable First Party Isolation and Fingerprinting Resistance in Private Browsing Mode'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features ([https://www.torproject.org/projects/torbrowser/design/#identifier-linkability Cross-Origin Identifier Unlinkability]). <br><br />
First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference '''"privacy.firstparty.isolate"'''. It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature ([https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Cross-Origin Fingerprinting Unlinkability]). <br><br />
Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference '''"privacy.resistFingerprinting"'''. It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]<br />
<br />
https://arthuredelstein.net/fusion2_small.jpg</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Firefox/Privacy_and_Security_Front-End/OKRs/2017Q4&diff=1185281Firefox/Privacy and Security Front-End/OKRs/2017Q42017-12-05T02:20:29Z<p>Ethantseng: Add meta bug for CSP violation event</p>
<hr />
<div><br />
<!--==Overall Q4 Score: '''80.42%'''==--><br />
<br />
== 2017Q4 OKR Progress ==<br />
<br />
<!--Should explain WHY for the health/status reported above. Items covered here may be covered in more detail further down in the report. If senior management were to look at nothing but this section, they should be able to tell what is going on with the project.--><br />
<br />
{| class="wikitable" style="color:#000000; background-color: #FFFFFF; padding: 10"<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Objective''' <br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Key Result'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Champion'''<br />
|colspan=5; style="text-align: center; background-color: #f9d9a8"| '''Confidence'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Tracking/Meta Bug'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Notes'''<br />
|-<br />
|style="text-align: center; background-color: #f9d9a8"|Oct 30<br />
|style="text-align: center; background-color: #f9d9a8"|Nov 13 <br />
|style="text-align: center; background-color: #f9d9a8"|Dec 4<br />
|style="text-align: center; background-color: #f9d9a8"|Dec 11<br />
|style="text-align: center; background-color: #f9d9a8"|Score<br />
|-<br />
| 1. Protect users from password theft and stay competitive (Phishing protection)<br />
| align="left"|1.1 Complete three of the seven password phishing [https://public.etherpad-mozilla.org/p/passwordphishing sub-tasks] required to complete this objective.<br />
| Francois<br />
|align="center"| ??<br />
|align="center"| <br />
|align="center"|<br />
|align="center"| <br />
|align="left"|<br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Almost completed first task.<br />
|-<br />
|rowspan=2| 2. Solidify 2018 strategy and approach to tracking<br />
| align="left"|2.1 Complete in-flight studies and analysis on engagement and retention differences with tracking protection (with various positioning)<br />
| Pdol<br />
|align="center"| 85%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Onboarding study is delayed<br />
|-<br />
|align="left"| 2.2 Obtain agreement from product, engineering and business stakeholders for what specifically will ship in the subsequent quarters<br />
| Pdol & Wennie<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=2| 3. Improve Private Browsing Mode<br />
| align="left"|3.1 Add 2 additional privacy protections in Private Browsing Mode (and available in regular mode).<br />
| Tanvi & Luke<br />
|align="center"| 50%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* Disable third party cookies and strip referrer to origin only in Private Browsing Mode.<br />
|<br />
* <br />
|-<br />
| align="left"|3.2 Lightbeam / Containers bug fixes and maintenance <br />
| Jkt<br />
|align="center"| ??<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| 4. Develop a process to burn down sec-critical and sec-high bugs<br />
|align="left"| 4.1 Consistently maintain less than x number of sec-high and sec-critical bugs in monthly basis<br />
| Wennie<br />
|align="center"| 80%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Process description is done. Will share it with team<br />
|-<br />
|rowspan=3| 5. Make Firefox Privacy controls/options more intuitive<br />
|align="left"| 5.1 Ensure our privacy and security setting UI match the users’ mental model and work as expected.<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.2 Update individual UI components that don’t do what they appear to do (either from a user’s perspective, from the platform perspective, or both)<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.3 Doorhanger for Google Hangout Permissions<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
*<br />
|<br />
* <br />
|-<br />
| 6. Enable Firefox developers to write secure code by default.<br />
(Security by Default)<br />
|align="left"| 6.1 Set the correct triggering principal for top-level loads by completing 12 remaining bugs.<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 7. Enable web developers to produce secure web sites through use of relevant web standards, increased test coverage via web-platform tests & parity with other browsers<br />
|align="left"| 7.1 Update Mixed Content Implementation per Spec<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.2 Land CSP Violation reports and enable web-platform tests<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 75%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://bugzilla.mozilla.org/show_bug.cgi?id=1037335 Bug 1037335 - CSP: Implement security violation events]<br />
|<br />
* already have patch and has been reviewed. Spec is missing core aspects. Email thread circulating. Might have to revise spec.<br />
|-<br />
|align="left"| 7.3 Land CSP worker-src<br />
|<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 8. Protect users from data: URI phishing attacks<br />
|align="left"| 8.1 Enable toplevel data: URI navigation blocker<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 9. Enable Firefox developers to query referrer (including policy) information from a single source of truth.<br />
|align="left"| 9.1 Revamp referrer policy setup<br />
| Tanvi<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 10. Lay foundation for shipping Breach Alerts<br />
|align="left"| 10.1 File all bugs for the shipment MVP with published UI spec<br />
| Nihanth<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 11. Improve Firefox privacy by implementing W3C spec of Referrer Policy<br />
|align="left"| 11.1 Land Referrer Policy support for CSS<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 100%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://bugzilla.mozilla.org/show_bug.cgi?id=1330487 Bug 1330487 - Implement referrer policy for CSS]<br />
|<br />
*<br />
|-<br />
|align="left"| 11.2 Land Referrer Policy support for downloads<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 100%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://bugzilla.mozilla.org/show_bug.cgi?id=1073187 Bug 1073187 - add referrer policy support to Downloads.jsm]<br />
|<br />
*<br />
|-<br />
|rowspan=2| 12. Provide Firefox users an approach to protect against browser fingerprinting<br />
|align="left"| 12.1 Ship Fingerprinting Resistance MVP (parity with Tor Browser) in Firefox 59<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 75%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://wiki.mozilla.org/Security/Fingerprinting#Dashboard Dashboard of Anti-Fingerprinting MVP]<br />
|<br />
* Technical difficulties- solutions for TOR browsers are under review and have not yet received a review+<br />
|-<br />
|align="left"| 12.2 Deliver a development plan for Fingerprinting Resistance Phase 2 (to improve the feature by minimizing web breakages and being more user-friendly)<br />
|Ethan<br />
|align="center"| <br />
|align="center"| 100%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* Document to be done<br />
|<br />
*<br />
|-<br />
|}<br />
<br />
<br />
<br />
[[Category:Wikipage templates]]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185148Security/Fusion2017-12-01T15:18:46Z<p>Ethantseng: Edit the section Project Lists.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project was two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features ([https://www.torproject.org/projects/torbrowser/design/#identifier-linkability Cross-Origin Identifier Unlinkability]). <br><br />
First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference '''"privacy.firstparty.isolate"'''. It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature ([https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability Cross-Origin Fingerprinting Unlinkability]). <br><br />
Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference '''"privacy.resistFingerprinting"'''. It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185147Security/Fusion2017-12-01T15:12:30Z<p>Ethantseng: Edit the section Background.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project was two features: [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] and [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']. First Party Isolation was shipped in Firefox 52 (off by default); the MVP of Fingerprinting Resistance will be shipped in Firefox 59 (also off by default).<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features, which the Tor Project called [https://www.torproject.org/projects/torbrowser/design/#identifier-linkability '''Cross-Origin Identifier Unlinkability'''].<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature, which the Tor Project called [https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability '''Cross-Origin Fingerprinting Unlinkability'''].<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185146Security/Fusion2017-12-01T15:04:09Z<p>Ethantseng: Change the name Project Links to Project Lists.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
= Project Lists =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features, which the Tor Project called [https://www.torproject.org/projects/torbrowser/design/#identifier-linkability '''Cross-Origin Identifier Unlinkability'''].<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature, which the Tor Project called [https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability '''Cross-Origin Fingerprinting Unlinkability'''].<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185145Security/Fusion2017-12-01T15:02:49Z<p>Ethantseng: Add a section Project Links.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
= Project Links =<br />
== Tor Uplift ==<br />
The [https://wiki.mozilla.org/Security/Tor_Uplift '''Tor Uplift'''] project is aimed at landing all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork.<br />
<br />
== First Party Isolation ==<br />
The [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation'''] project is part of the Tor Uplift initiative. <br><br />
It implements one of the Tor Browser core features, which the Tor Project called [https://www.torproject.org/projects/torbrowser/design/#identifier-linkability '''Cross-Origin Identifier Unlinkability'''].<br />
<br />
== Fingerprinting Resistance == <br />
The [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance'''] project is part of the Tor Uplift initiative. <br><br />
It implements another Tor Browser core feature, which the Tor Project called [https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability '''Cross-Origin Fingerprinting Unlinkability'''].<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185144Security/Fusion2017-12-01T14:42:43Z<p>Ethantseng: Polish the section Getting Involved</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: '''fusion@mozilla.com'''<br />
* the '''#tor''' or '''#security''' IRC channels on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185143Security/Fusion2017-12-01T14:39:55Z<p>Ethantseng: Add sections Getting Involved and External Links</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing On'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
<br />
= Getting Involved =<br />
The easiest way to get involved in the Fusion project is to help us writing code, running tests and filing bugs.<br />
<br />
If you are interested in contributing to Fusion, drop by:<br />
* the mailing list: fusion@mozilla.com<br />
* the #tor IRC channel on [https://wiki.mozilla.org/IRC Mozilla's IRC server]<br />
<br />
= External Links =<br />
* [https://www.youtube.com/watch?v=JWII85UlzKw Video: How Tor Browser Protects Your Privacy and Identity Online]<br />
* [https://www.torproject.org/projects/torbrowser/design/ The Design and Implementation of the Tor Browser]<br />
* [https://blog.torproject.org/tor-heart-firefox Tor Blog, Tor at the Heart: Firefox]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1185007Security/Fusion2017-11-29T16:53:33Z<p>Ethantseng: Add the section Project Goals.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing O'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technologies of Tor Project, especially the ones in the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a positive, significant impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
Ultimately, we hope to integrate full Tor Browser features in Firefox. There are many potential solutions. For example, enabling some features by default and providing options for other features in [https://support.mozilla.org/en-US/kb/private-browsing-use-firefox-without-history Private Browsing Mode]. We can also consider creating a WebExtension for using Tor features.<br />
<br />
We need a lot of research and experiments to support the decision-making for the final solution. However, the clear short and mid-term goals are:<br />
* '''Improvement in Fingerprinting Resistance'''<br />
** make fingerprinting resistance more user-friendly<br />
** minimize Web breakages caused by fingerprinting resistance<br />
** conduct a browser fingerprinting analysis research project to help us figure out the best defense strategy<br />
* '''Enable First Party Isolation in Private Browsing Mode'''<br />
* '''Enable Fingerprinting Resistance in Private Browsing Mode'''<br />
* '''Proxy bypass testing framework for Firefox'''<br />
* '''Design the Tor proxy prototype for Firefox'''<br />
<br />
= Roadmap =<br />
TBD.<br />
<br />
= Getting Involved =</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1184704Security/Fusion2017-11-24T04:13:58Z<p>Ethantseng: Update Project Vision.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing O'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technology of Tor Project, especially the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
* The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
* One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
We believe the collaboration between Mozilla and Tor can create a significant and positive impact on the world, and help users to regain their privacy.<br />
<br />
= Project Goals =<br />
<br />
= Roadmap =<br />
<br />
= Getting Involved =</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fusion&diff=1184703Security/Fusion2017-11-24T04:01:00Z<p>Ethantseng: Create the Fusion project wiki page.</p>
<hr />
<div>[[File:fusion.jpeg|thumb|200px]]<br />
'''Fusion''' ('''F'''irefox '''Us'''ing O'''ion'''s) is a Mozilla's project to build the cutting-edge security and privacy features for Firefox users. <br><br />
Fusion will leverage the technology of Tor Project, especially the Tor Browser and Tor Proxy, to bring more defense options for users.<br />
<br />
Fusion was initiated in 2018. Mozilla and [https://www.torproject.org/ Tor Project] are working closely on this project.<br />
<br />
= Background =<br />
The Firefox and Tor Browser teams have collaborated for a long time. In 2016, we started the [https://wiki.mozilla.org/Security/Tor_Uplift Tor Uplift project] to take this collaboration to the next level, bringing Firefox and Tor Browser closer together than ever before.<br />
<br />
The Tor Browser team builds [https://www.torproject.org/projects/torbrowser.html Tor Browser] by taking [https://www.mozilla.org/en-US/firefox/organizations/ Firefox ESR] and applying some patches to it. These changes add valuable privacy features for Tor Browser users. But having these changes means that every time the Tor Browser team wants to use a new version of Firefox, they have to update the patches to work with the new version. These updates take up a substantial fraction of the effort involved in producing Tor Browser.<br />
<br />
In 2016, we started the Tor Uplift project to take the Tor Browser patches and "uplift" them to Firefox. When a patch gets uplifted, we take the change that Tor Browser needs and we add it to Firefox in such a way that it is disabled by default, but can be enabled by changing a preference value. The Tor Uplift project saves the Tor Browser team work since they can just change preferences instead of updating patches. It also gives the Firefox team a way to experiment with the advanced privacy features that Tor Browser team is building, to see if we can bring them to a much wider audience.<br />
<br />
The primary target in the Tor Uplift project is two features.<br />
* [https://wiki.mozilla.org/Security/FirstPartyIsolation '''First Party Isolation''']<br />
** First Party Isolation (also called "double keying") was incorporated in Firefox 52 with the preference "privacy.firstparty.isolate". It provides a very strong anti-tracking protection by preventing third parties from tracking users across multiple sites.<br />
* [https://wiki.mozilla.org/Security/Fingerprinting '''Fingerprinting Resistance''']<br />
** Fingerprinting Resistance (also called "anti-fingerprinting") was incorporated in Firefox 59 with the preference "privacy.resistFingerprinting". It is a defense against browser fingerprinting, which is a widely used Web tracking technology to identify individuals.<br />
<br />
'''Fusion''' is the next big step of the Mozilla and Tor collaboration. We hope to move the needle on Web privacy based on the success of the Tor Uplift work.<br />
<br />
= Project Vision =<br />
The fourth principle of [https://www.mozilla.org/en-US/about/manifesto/ The Mozilla Manifesto] is '''"Individuals’ security and privacy on the Internet are fundamental and must not be treated as optional."'''<br />
<br />
One of the Tor Project vision is '''"to advance human rights and freedoms by creating and deploying free and open anonymity and privacy technologies."'''<br />
<br />
Mozilla and Tor Project are aligned with each other on the mission to protect user privacy on the Web.<br />
<br />
<br />
= Project Goals =<br />
<br />
= Roadmap =<br />
<br />
= Getting Involved =</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Tor_Uplift&diff=1184702Security/Tor Uplift2017-11-24T03:11:35Z<p>Ethantseng: Update contributors.</p>
<hr />
<div>== Tor Uplift Project ==<br />
Tor Browser is a privacy-enhancing web browser based on Firefox, with more than a million users. <br><br />
<br />
At the Tor Project, the Tor Browser team maintain and develop several dozen patches to Firefox that provide Tor<br />
Browser users with extra protections for their privacy and security. These patches, among other things, provide protection against cross-site tracking (by a measure known as First Party Isolation), fingerprinting resistance, avoidance of storing private data on disk, and of course a connection to the Tor network. Tor Browser is based on Firefox ESR; as Mozilla releases each new ESR version, the Tor Browser team needs to<br />
rebase their Tor Browser patches, which involves painstakingly adapting them to the new codebase. <br><br />
<br />
The intention of Tor Uplift project is to land all Tor Browser patches so that Tor can directly use Firefox main trunk instead of a fork. <br><br><br />
<br />
== Project Wiki and Dashboards ==<br />
* https://wiki.mozilla.org/Security/FirstPartyIsolation<br />
* https://wiki.mozilla.org/Security/Fingerprinting<br />
* https://wiki.mozilla.org/Security/Fennec%2BTor_Project<br />
* https://wiki.mozilla.org/Security/Tor_Uplift/Tracking<br />
<br><br />
<br />
== Main Contributors ==<br />
* Tom Ritter (Tech Lead)<br />
* Ethan Tseng (Engineering Manager)<br />
* Chung-Sheng Fu (Engineer)<br />
* Jonathan Hao (Engineer)<br />
* Tim Huang (Engineer)<br />
<br />
== Communication Channel ==<br />
* IRC: #tor<br />
* Mailing list: tbb@mozilla.com<br />
* IRC at Tor Project: https://www.oftc.net/<br />
** Channel: #tor, #tor-dev, #tor-project<br />
<br />
== Tor Repositories ==<br />
* https://gitweb.torproject.org/tor.git<br />
* https://gitweb.torproject.org/tor-browser.git<br />
* https://gitweb.torproject.org/https-everywhere.git<br />
<br />
== References ==<br />
* '''Tor Browser Patches List'''<br />
** https://docs.google.com/spreadsheets/d/1rF4Gah_OEequYDfPedoQu3oETM5Gj4NagxDuKQG-IOk/edit#gid=0<br />
* '''Tor Project Bug Tracker'''<br />
** https://trac.torproject.org/projects/tor/report<br />
* '''The Design and Implementation of the Tor Browser'''<br />
** https://www.torproject.org/projects/torbrowser/design/<br />
* '''The Tor Browser Hacking Guide'''<br />
** https://trac.torproject.org/projects/tor/wiki/doc/TorBrowser/Hacking<br />
* '''HTTPS Everywhere'''<br />
** https://www.eff.org/https-everywhere<br />
* '''Pluggable Transports'''<br />
** https://trac.torproject.org/projects/tor/wiki/doc/AChildsGardenOfPluggableTransports<br />
<br></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Tor_Uplift/Tracking&diff=1184701Security/Tor Uplift/Tracking2017-11-24T03:10:29Z<p>Ethantseng: Disable some bugzilla queries to speed up the page loading.</p>
<hr />
<div>== Tor Uplift ==<br />
To uplift all of the Tor Browser patches to mainline Firefox. The general approach is to add preferences for anything that breaks the web and set them to default "off" so that the behavior of default Firefox does not change. All bugs are tagged with [tor]. The Tor Browser design document is [https://www.torproject.org/projects/torbrowser/design/index.html.en here].<br />
<br />
=== Active Bugs ===<br />
Bugs which are assigned and being worked on.<br />
<br />
<bugzilla><br />
{<br />
"include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",<br />
"f1":"status_whiteboard",<br />
"query_format":"advanced",<br />
"o1":"substring",<br />
"v1":"[tor",<br />
"order": "assigned_to,bug_id",<br />
"status":["ASSIGNED","REOPENED","UNCONFIRMED"],<br />
"emailtype1":"notsubstring",<br />
"emailassigned_to1":"1",<br />
"email1":"nobody@mozilla.org",<br />
"keywords_type":"nowords",<br />
"keywords":"meta"<br />
}<br />
</bugzilla><br />
<br />
=== Assigned, but not started ===<br />
These bugs have an owner, but their status is 'NEW' indicating that they are not being worked on yet.<br />
<br />
<bugzilla><br />
{<br />
"include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",<br />
"f1":"status_whiteboard",<br />
"query_format":"advanced",<br />
"o1":"substring",<br />
"v1":"[tor",<br />
"order": "assigned_to,bug_id",<br />
"status":["NEW"],<br />
"emailtype1":"notsubstring",<br />
"emailassigned_to1":"1",<br />
"email1":"nobody@mozilla.org",<br />
"keywords_type":"nowords",<br />
"keywords":"meta"<br />
}<br />
</bugzilla><br />
<br />
=== Backlog (all unowned) ===<br />
Bugs looking for an owner. <br><br />
<disabled-bugzilla><br />
{<br />
"include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",<br />
"f1":"status_whiteboard",<br />
"f2":"status_whiteboard",<br />
"query_format":"advanced",<br />
"o1":"substring",<br />
"v1":"[TOR]",<br />
"o2":"notsubstring",<br />
"v2":"[OA-testing]",<br />
"order": "bug_id",<br />
"status":["__open__"],<br />
"assigned_to":"nobody@mozilla.org",<br />
"keywords_type":"nowords",<br />
"keywords":"meta"<br />
}<br />
</disabled-bugzilla><br />
<br />
<br />
=== Testing Bugs ===<br />
Origin Testing bugs are tagged with [tor-testing]<br />
<bugzilla><br />
{<br />
"include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",<br />
"f1":"status_whiteboard",<br />
"query_format":"advanced",<br />
"o1":"substring",<br />
"v1":"[tor-testing]",<br />
"order": "bug_id",<br />
"status":["__open__"],<br />
"assigned_to":"nobody@mozilla.org",<br />
"keywords_type":"nowords",<br />
"keywords":"meta"<br />
}<br />
</bugzilla><br />
<br />
=== Meta Bugs ===<br />
This list is here for completeness.<br />
<br />
<bugzilla><br />
{<br />
"id":["1260929"],<br />
"include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Completed Bugs ===<br />
Patches that have been successfully uplifted (or [tor] tickets otherwise fixed) <br><br />
<disabled-bugzilla><br />
{<br />
"include_fields": "id, whiteboard, summary, status, resolution, priority, assigned_to",<br />
"f1":"status_whiteboard",<br />
"query_format":"advanced",<br />
"o1":"substring",<br />
"v1":"[tor",<br />
"order": "assigned_to,bug_id",<br />
"status":["RESOLVED"],<br />
"keywords_type":"nowords",<br />
"keywords":"meta",<br />
"resolution":["fixed", "duplicate"]<br />
}<br />
</disabled-bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=File:Fusion.jpeg&diff=1184700File:Fusion.jpeg2017-11-24T02:18:17Z<p>Ethantseng: The logo of the Fusion project.</p>
<hr />
<div>The logo of the Fusion project.</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=File:Firefox-tor-stickerRGB.svg&diff=1184699File:Firefox-tor-stickerRGB.svg2017-11-24T02:12:43Z<p>Ethantseng: The logo of Fusion project.</p>
<hr />
<div>The logo of Fusion project.</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Security/Fingerprinting&diff=1184621Security/Fingerprinting2017-11-22T03:39:16Z<p>Ethantseng: Disable some bugzilla queries to speed up the page loading. This page only shows MVP bugs now.</p>
<hr />
<div>== Cross-Origin Fingerprinting Unlinkability ==<br />
The anti-fingerprinting project is part of the Tor Uplift project. <br><br />
Its goal is to build up the same level of fingerprinting resistance as the Tor Browser in Firefox. <br><br />
Refer to the design and implementation document of the Tor Browser: <br><br />
https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability<br />
<br />
== Project Schedule ==<br />
* Complete the implementation of MVP in '''Firefox 57 (2018-09-20)'''<br />
** This is being tracked by three milestones M1, M2, and M3<br />
* Feature stabilization and refinement in '''Firefox 58 (2017-11-13)'''<br />
** Perform integration test to identify regressions and Web compatibility issues<br />
** Perform tests to verify the effectiveness of fingerprinting protection<br />
** Fix regressions and any other issues<br />
** Figure out the product strategy of Firefox to roll out this functionality<br />
* Ship the feature in '''Firefox 59 (2018-01-15)<br />
** Tor Browser will be using Firefox ESR 59<br />
<br />
<br />
== Bug Tracking ==<br />
All fingerprinting bugs are being tracked under the meta bug: <br><br />
{{Bug|1329996}} - [META] Support anti-fingerprinting protection<br />
<br><br />
<br />
'''Priority Definition'''<br />
* P1: MVP (Minimum Viable Product)<br />
* P2: Nice to Have<br />
* P3: Backlog<br />
* Any bug which is marked as [fp:m1-3] in the Whiteboard is also MVP, regardless of its Priority<br />
<br />
'''Whiteboard Definition'''<br />
* [fingerprinting]: Indicate this is a fingerprinting bug<br />
* [fp:m1]: Target milestone is M1 (2017-06-12 Firefox 55)<br />
* [fp:m2]: Target milestone is M2 (2017-08-02 Firefox 56)<br />
* [fp:m3]: Target milestone is M3 (2017-09-20 Firefox 57)<br />
* [fp-backlog]: Backlog bugs<br />
<br />
== Dashboard ==<br />
=== MVP: M1 Bugs List (2017-06-12 Firefox 55) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m1"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M2 Bugs List (2017-08-07 Firefox 56) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m2"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: M3 Bugs List (2017-09-25 Firefox 57) ===<br />
<bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"whiteboard":["fp:m3"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== MVP: Bugs To Be Triaged ===<br />
The following bugs are MVP bugs which are not specified priority yet.<br />
<bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"priority":["--"],<br />
"whiteboard":["fp:m"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</bugzilla><br />
<br />
=== Fingerprinting P2 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P2"], <br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting P3-P5 Bugs List ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"], <br />
"priority":["P3", "P4", "P5", "--"], <br />
"include_fields": "id, summary, status, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Breakage ===<br />
<br />
<disabled-bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED", "RESOLVED", "VERIFIED"],<br />
"whiteboard":["fingerprinting-breakage"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== All Open Tagged Fingerprinting Bugs ===<br />
<br />
<disabled-bugzilla><br />
{<br />
"status":["NEW", "ASSIGNED", "REOPENED"],<br />
"whiteboard":["fingerprinting"],<br />
"include_fields": "id, summary, status, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "status, assigned_to"<br />
}<br />
</disabled-bugzilla><br />
<br />
=== Fingerprinting Resolved Bugs ===<br />
<disabled-bugzilla><br />
{<br />
"blocks":"1329996",<br />
"status":["RESOLVED", "VERIFIED"], <br />
"include_fields": "id, summary, priority, product, component, assigned_to, depends_on, whiteboard",<br />
"order": "assigned_to"<br />
}<br />
</disabled-bugzilla></div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Firefox/Privacy_and_Security_Front-End/OKRs/2017Q4&diff=1184506Firefox/Privacy and Security Front-End/OKRs/2017Q42017-11-21T02:57:04Z<p>Ethantseng: Add links to tracking/meta bugs column</p>
<hr />
<div><br />
<!--==Overall Q4 Score: '''80.42%'''==--><br />
<br />
== 2017Q4 OKR Progress ==<br />
<br />
<!--Should explain WHY for the health/status reported above. Items covered here may be covered in more detail further down in the report. If senior management were to look at nothing but this section, they should be able to tell what is going on with the project.--><br />
<br />
{| class="wikitable" style="color:#000000; background-color: #FFFFFF; padding: 10"<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Objective''' <br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Key Result'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Champion'''<br />
|colspan=5; style="text-align: center; background-color: #f9d9a8"| '''Confidence'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Tracking/Meta Bug'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Notes'''<br />
|-<br />
|style="text-align: center; background-color: #f9d9a8"|Oct 30<br />
|style="text-align: center; background-color: #f9d9a8"|Nov 13 <br />
|style="text-align: center; background-color: #f9d9a8"|Nov 27<br />
|style="text-align: center; background-color: #f9d9a8"|Dec 11<br />
|style="text-align: center; background-color: #f9d9a8"|Score<br />
|-<br />
| 1. Protect users from password theft and stay competitive (Phishing protection)<br />
| align="left"|1.1 Complete three of the seven password phishing [https://public.etherpad-mozilla.org/p/passwordphishing sub-tasks] required to complete this objective.<br />
| Francois<br />
|align="center"| ??<br />
|align="center"| <br />
|align="center"|<br />
|align="center"| <br />
|align="left"|<br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Almost completed first task.<br />
|-<br />
|rowspan=2| 2. Solidify 2018 strategy and approach to tracking<br />
| align="left"|2.1 Complete in-flight studies and analysis on engagement and retention differences with tracking protection (with various positioning)<br />
| Pdol<br />
|align="center"| 85%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Onboarding study is delayed<br />
|-<br />
|align="left"| 2.2 Obtain agreement from product, engineering and business stakeholders for what specifically will ship in the subsequent quarters<br />
| Pdol & Wennie<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=2| 3. Improve Private Browsing Mode<br />
| align="left"|3.1 Add 2 additional privacy protections in Private Browsing Mode (and available in regular mode).<br />
| Tanvi & Luke<br />
|align="center"| 50%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* Disable third party cookies and strip referrer to origin only in Private Browsing Mode.<br />
|<br />
* <br />
|-<br />
| align="left"|3.2 Lightbeam / Containers bug fixes and maintenance <br />
| Jkt<br />
|align="center"| ??<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| 4. Develop a process to burn down sec-critical and sec-high bugs<br />
|align="left"| 4.1 Consistently maintain less than x number of sec-high and sec-critical bugs in monthly basis<br />
| Wennie<br />
|align="center"| 80%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Process description is done. Will share it with team<br />
|-<br />
|rowspan=3| 5. Make Firefox Privacy controls/options more intuitive<br />
|align="left"| 5.1 Ensure our privacy and security setting UI match the users’ mental model and work as expected.<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.2 Update individual UI components that don’t do what they appear to do (either from a user’s perspective, from the platform perspective, or both)<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.3 Doorhanger for Google Hangout Permissions<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
*<br />
|<br />
* <br />
|-<br />
| 6. Enable Firefox developers to write secure code by default.<br />
(Security by Default)<br />
|align="left"| 6.1 Set the correct triggering principal for top-level loads by completing 12 remaining bugs.<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 7. Enable web developers to produce secure web sites through use of relevant web standards, increased test coverage via web-platform tests & parity with other browsers<br />
|align="left"| 7.1 Update Mixed Content Implementation per Spec<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.2 Land CSP Violation reports and enable web-platform tests<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 75%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* already have patch and has been reviewed. Spec is missing core aspects. Email thread circulating. Might have to revise spec.<br />
|-<br />
|align="left"| 7.3 Land CSP worker-src<br />
|<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 8. Protect users from data: URI phishing attacks<br />
|align="left"| 8.1 Enable toplevel data: URI navigation blocker<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 9. Enable Firefox developers to query referrer (including policy) information from a single source of truth.<br />
|align="left"| 9.1 Revamp referrer policy setup<br />
| Tanvi<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 10. Lay foundation for shipping Breach Alerts<br />
|align="left"| 10.1 File all bugs for the shipment MVP with published UI spec<br />
| Nihanth<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 11. Improve Firefox privacy by implementing W3C spec of Referrer Policy<br />
|align="left"| 11.1 Land Referrer Policy support for CSS<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 100%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://bugzilla.mozilla.org/show_bug.cgi?id=1330487 Bug 1330487 - Implement referrer policy for CSS]<br />
|<br />
*<br />
|-<br />
|align="left"| 11.2 Land Referrer Policy support for downloads<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 100%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://bugzilla.mozilla.org/show_bug.cgi?id=1073187 Bug 1073187 - add referrer policy support to Downloads.jsm]<br />
|<br />
*<br />
|-<br />
|rowspan=2| 12. Provide Firefox users an approach to protect against browser fingerprinting<br />
|align="left"| 12.1 Ship Fingerprinting Resistance MVP (parity with Tor Browser) in Firefox 59<br />
| Ethan<br />
|align="center"| <br />
|align="center"| 75%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* [https://wiki.mozilla.org/Security/Fingerprinting#Dashboard Dashboard of Anti-Fingerprinting MVP]<br />
|<br />
* Technical difficulties- solutions for TOR browsers are under review and have not yet received a review+<br />
|-<br />
|align="left"| 12.2 Deliver a development plan for Fingerprinting Resistance Phase 2 (to improve the feature by minimizing web breakages and being more user-friendly)<br />
|Ethan<br />
|align="center"| <br />
|align="center"| 100%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* Document to be done<br />
|<br />
*<br />
|-<br />
|}<br />
<br />
<br />
<br />
[[Category:Wikipage templates]]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Firefox/Privacy_and_Security_Front-End/OKRs/2017Q4&diff=1184503Firefox/Privacy and Security Front-End/OKRs/2017Q42017-11-21T02:11:03Z<p>Ethantseng: Correct champion's names</p>
<hr />
<div><br />
<!--==Overall Q4 Score: '''80.42%'''==--><br />
<br />
== 2017Q4 OKR Progress ==<br />
<br />
<!--Should explain WHY for the health/status reported above. Items covered here may be covered in more detail further down in the report. If senior management were to look at nothing but this section, they should be able to tell what is going on with the project.--><br />
<br />
{| class="wikitable" style="color:#000000; background-color: #FFFFFF; padding: 10"<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Objective''' <br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Key Result'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Champion'''<br />
|colspan=5; style="text-align: center; background-color: #f9d9a8"| '''Confidence'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Features'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Notes'''<br />
|-<br />
|style="text-align: center; background-color: #f9d9a8"|Oct 30<br />
|style="text-align: center; background-color: #f9d9a8"|Nov 13 <br />
|style="text-align: center; background-color: #f9d9a8"|Nov 27<br />
|style="text-align: center; background-color: #f9d9a8"|Dec 11<br />
|style="text-align: center; background-color: #f9d9a8"|Score<br />
|-<br />
| 1. Protect users from password theft and stay competitive (Phishing protection)<br />
| align="left"|1.1 Complete three of the seven password phishing [https://public.etherpad-mozilla.org/p/passwordphishing sub-tasks] required to complete this objective.<br />
| Francois<br />
|align="center"| ??<br />
|align="center"| <br />
|align="center"|<br />
|align="center"| <br />
|align="left"|<br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Almost completed first task.<br />
|-<br />
|rowspan=2| 2. Solidify 2018 strategy and approach to tracking<br />
| align="left"|2.1 Complete in-flight studies and analysis on engagement and retention differences with tracking protection (with various positioning)<br />
| Pdol<br />
|align="center"| 85%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Onboarding study is delayed<br />
|-<br />
|align="left"| 2.2 Obtain agreement from product, engineering and business stakeholders for what specifically will ship in the subsequent quarters<br />
| Pdol & Wennie<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=2| 3. Improve Private Browsing Mode<br />
| align="left"|3.1 Add 2 additional privacy protections in Private Browsing Mode (and available in regular mode).<br />
| Tanvi & Luke<br />
|align="center"| 50%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* Disable third party cookies and strip referrer to origin only in Private Browsing Mode.<br />
|<br />
* <br />
|-<br />
| align="left"|3.2 Lightbeam / Containers bug fixes and maintenance <br />
| Jkt<br />
|align="center"| ??<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| 4. Develop a process to burn down sec-critical and sec-high bugs<br />
|align="left"| 4.1 Consistently maintain less than x number of sec-high and sec-critical bugs in monthly basis<br />
| Wennie<br />
|align="center"| 80%<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* Oct 30<br />
** Process description is done. Will share it with team<br />
|-<br />
|rowspan=3| 5. Make Firefox Privacy controls/options more intuitive<br />
|align="left"| 5.1 Ensure our privacy and security setting UI match the users’ mental model and work as expected.<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.2 Update individual UI components that don’t do what they appear to do (either from a user’s perspective, from the platform perspective, or both)<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.3 Doorhanger for Google Hangout Permissions<br />
| Johann<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
*<br />
|<br />
* <br />
|-<br />
| 6. Enable Firefox developers to write secure code by default.<br />
(Security by Default)<br />
|align="left"| 6.1 Set the correct triggering principal for top-level loads by completing 12 remaining bugs.<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 7. Enable web developers to produce secure web sites through use of relevant web standards, increased test coverage via web-platform tests & parity with other browsers<br />
|align="left"| 7.1 Update Mixed Content Implementation per Spec<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.2 Land CSP Violation reports and enable web-platform tests<br />
|<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.3 Land CSP worker-src<br />
|<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 8. Protect users from data: URI phishing attacks<br />
|align="left"| 8.1 Enable toplevel data: URI navigation blocker<br />
| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 9. Enable Firefox developers to query referrer (including policy) information from a single source of truth.<br />
|align="left"| 9.1 Revamp referrer policy setup<br />
| Tanvi<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 10. Lay foundation for shipping Breach Alerts<br />
|align="left"| 10.1 File all bugs for the shipment MVP with published UI spec<br />
| Nihanth<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 11. Improve Firefox privacy by implementing W3C spec of Referrer Policy<br />
|align="left"| 11.1 Land Referrer Policy support for CSS<br />
| Ethan<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|align="left"| 11.2 Land Referrer Policy support for downloads<br />
| Ethan<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 12. Provide Firefox users an approach to protect against browser fingerprinting<br />
|align="left"| 12.1 Ship Fingerprinting Resistance MVP (parity with Tor Browser) in Firefox 59<br />
| Ethan<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|align="left"| 12.2 Deliver a development plan for Fingerprinting Resistance Phase 2 (to improve the feature by minimizing web breakages and being more user-friendly)<br />
|Ethan<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|}<br />
<br />
<br />
<br />
[[Category:Wikipage templates]]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Firefox/Privacy_and_Security_Front-End/OKRs/2017Q4&diff=1183939Firefox/Privacy and Security Front-End/OKRs/2017Q42017-11-13T07:11:41Z<p>Ethantseng: Minor update for a typo</p>
<hr />
<div><br />
<!--==Overall Q4 Score: '''80.42%'''==--><br />
<br />
== 2017Q4 OKR Progress ==<br />
<br />
<!--Should explain WHY for the health/status reported above. Items covered here may be covered in more detail further down in the report. If senior management were to look at nothing but this section, they should be able to tell what is going on with the project.--><br />
<br />
{| class="wikitable" style="color:#000000; background-color: #FFFFFF; padding: 10"<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Objective''' <br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Key Result'''<br />
|colspan=5; style="text-align: center; background-color: #f9d9a8"| '''Confidence'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Features'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Notes'''<br />
|-<br />
|style="text-align: center; background-color: #f9d9a8"|Oct 30<br />
|style="text-align: center; background-color: #f9d9a8"|Nov 13 <br />
|style="text-align: center; background-color: #f9d9a8"|Nov 27<br />
|style="text-align: center; background-color: #f9d9a8"|Dec 11<br />
|style="text-align: center; background-color: #f9d9a8"|Score<br />
|-<br />
| 1. Protect users from password theft and stay competitive (Phishing protection)<br />
| align="left"|1.1 Complete three of the seven password phishing [https://public.etherpad-mozilla.org/p/passwordphishing sub-tasks] required to complete this objective.<br />
|align="center"|<br />
|align="center"| <br />
|align="center"|<br />
|align="center"| <br />
|align="left"|<br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 2. Solidify 2018 strategy and approach to tracking<br />
| align="left"|2.1 Complete in-flight studies and analysis on engagement and retention differences with tracking protection (with various positioning)<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 2.2 Obtain agreement from product, engineering and business stakeholders for what specifically will ship in the subsequent quarters<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 3. Improve Private Browsing Mode<br />
| align="left"|3.1 Add 2 additional privacy protections in Private Browsing Mode (and available in regular mode).<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| align="left"|3.2 Lightbeam / Containers bug fixes and maintenance <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| align="left"|3.3 Web Extension API changes for Privacy<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| 4. Develop a process to burn down sec-critical and sec-high bugs<br />
|align="left"| 4.1 Consistently maintain less than x number of sec-high and sec-critical bugs in monthly basis<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=3| 5. Make Firefox Privacy controls/options more intuitive<br />
|align="left"| 5.1 Ensure our privacy and security setting UI match the users’ mental model and work as expected.<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.2 Update individual UI components that don’t do what they appear to do (either from a user’s perspective, from the platform perspective, or both)<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.3 Permissions / VR<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 6. Enable Firefox developers to write secure code by default.<br />
(Security by Default)<br />
|align="left"| 6.1 Set the correct triggering principal for top-level loads by completing 12 remaining bugs.<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 7. Enable web developers to produce secure web sites through use of relevant web standards, increased test coverage via web-platform tests & parity with other browsers<br />
|align="left"| 7.1 Update Mixed Content Implementation per Spec<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.2 Land CSP Violation reports and enable web-platform tests<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.3 Land CSP worker-src<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 8. Protect users from data: URI phishing attacks<br />
|align="left"| 8.1 Enable toplevel data: URI navigation blocker<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 9. Enable Firefox developers to query referrer (including policy) information from a single source of truth.<br />
|align="left"| 9.1 Revamp referrer policy setup<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 10. Lay foundation for shipping Breach Alerts<br />
|align="left"| 10.1 File all bugs for the shipment MVP with published UI spec<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 11. Improve Firefox privacy by implementing W3C spec of Referrer Policy<br />
|align="left"| 11.1 Land Referrer Policy support for CSS<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|align="left"| 11.2 Land Referrer Policy support for downloads<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 12. Provide Firefox users an approach to protect against browser fingerprinting<br />
|align="left"| 12.1 Ship Fingerprinting Resistance MVP (parity with Tor Browser) in Firefox 59<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|align="left"| 12.2 Deliver a development plan for Fingerprinting Resistance Phase 2 (to improve the feature by minimizing web breakages and being more user-friendly)<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|}<br />
<br />
<br />
<br />
[[Category:Wikipage templates]]</div>Ethantsenghttps://wiki.mozilla.org/index.php?title=Firefox/Privacy_and_Security_Front-End/OKRs/2017Q4&diff=1183858Firefox/Privacy and Security Front-End/OKRs/2017Q42017-11-10T08:17:54Z<p>Ethantseng: Minor update</p>
<hr />
<div><br />
<!--==Overall Q4 Score: '''80.42%'''==--><br />
<br />
== 2017Q4 OKR Progress ==<br />
<br />
<!--Should explain WHY for the health/status reported above. Items covered here may be covered in more detail further down in the report. If senior management were to look at nothing but this section, they should be able to tell what is going on with the project.--><br />
<br />
{| class="wikitable" style="color:#000000; background-color: #FFFFFF; padding: 10"<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Objective''' <br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Key Result'''<br />
|colspan=5; style="text-align: center; background-color: #f9d9a8"| '''Confidence'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Features'''<br />
|rowspan=2; style="text-align: center; background-color: #f9d9a8"| '''Notes'''<br />
|-<br />
|style="text-align: center; background-color: #f9d9a8"|Oct 30<br />
|style="text-align: center; background-color: #f9d9a8"|Nov 13 <br />
|style="text-align: center; background-color: #f9d9a8"|Nov 27<br />
|style="text-align: center; background-color: #f9d9a8"|Dec 11<br />
|style="text-align: center; background-color: #f9d9a8"|Score<br />
|-<br />
| 1. Protect users from password theft and stay competitive (Phishing protection)<br />
| align="left"|1.1 Complete three of the seven password phishing [https://public.etherpad-mozilla.org/p/passwordphishing sub-tasks] required to complete this objective.<br />
|align="center"|<br />
|align="center"| <br />
|align="center"|<br />
|align="center"| <br />
|align="left"|<br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 2. Solidify 2018 strategy and approach to tracking<br />
| align="left"|2.1 Complete in-flight studies and analysis on engagement and retention differences with tracking protection (with various positioning)<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 2.2 Obtain agreement from product, engineering and business stakeholders for what specifically will ship in the subsequent quarters<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 3. Improve Private Browsing Mode<br />
| align="left"|3.1 Add 2 additional privacy protections in Private Browsing Mode (and available in regular mode).<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| align="left"|3.2 Lightbeam / Containers bug fixes and maintenance <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| align="left"|3.3 Web Extension API changes for Privacy<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
| 4. Develop a process to burn down sec-critical and sec-high bugs<br />
|align="left"| 4.1 Consistently maintain less than x number of sec-high and sec-critical bugs in monthly basis<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="left"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=3| 5. Make Firefox Privacy controls/options more intuitive<br />
|align="left"| 5.1 Ensure our privacy and security setting UI match the users’ mental model and work as expected.<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.2 Update individual UI components that don’t do what they appear to do (either from a user’s perspective, from the platform perspective, or both)<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 5.3 Permissions / VR<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 6. Enable Firefox developers to write secure code by default.<br />
(Security by Default)<br />
|align="left"| 6.1 Set the correct triggering principal for top-level loads by completing 12 remaining bugs.<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|rowspan=3| 7. Enable web developers to produce secure web sites through use of relevant web standards, increased test coverage via web-platform tests & parity with other browsers<br />
|align="left"| 7.1 Update Mixed Content Implementation per Spec<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.2 Land CSP Violation reports and enable web-platform tests<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
|align="left"| 7.3 Land CSP worker-src<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 8. Protect users from data: URI phishing attacks<br />
|align="left"| 8.1 Enable toplevel data: URI navigation blocker<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 9. Enable Firefox developers to query referrer (including policy) information from a single source of truth.<br />
|align="left"| 9.1 Revamp referrer policy setup<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
* <br />
|-<br />
| 10. Lay foundation for shipping Breach Alerts<br />
|align="left"| 10.1 File all bugs for the shipment MVP with published UI spec<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 11. Improve Firefox security by implementing W3C spec of Referrer Policy<br />
|align="left"| 11.1 Land Referrer Policy support for CSS<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|align="left"| 11.2 Land Referrer Policy support for downloads<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|rowspan=2| 12. Provide Firefox users an approach to protect against browser fingerprinting<br />
|align="left"| 12.1 Ship Fingerprinting Resistance MVP (parity with Tor Browser) in Firefox 59<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|align="left"| 12.2 Deliver a development plan for Fingerprinting Resistance Phase 2 (to improve the feature by minimizing web breakages and being more user-friendly)<br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|align="center"| <br />
|<br />
* <br />
|<br />
*<br />
|-<br />
|}<br />
<br />
<br />
<br />
[[Category:Wikipage templates]]</div>Ethantseng