SecurityEngineering: Difference between revisions

Latest revision as of 21:54, 21 February 2018

We build security and user sovereignty into Firefox. Through this work, we encourage and promote these values on the open web.

We focus hard on ways to improve the privacy and security of all web users, in a Mozilla way that engages the community in our design and implementation decisions. These priorities are reflected in the projects this team manages, public evangelism and participation in relevant standards bodies to maximize adoption of new privacy & security mechanisms.

The open web is powerful; the huge number of people working on web standards and software is astonishing, and the rapid advancement of new businesses and technologies online magnifies the need for advances in mechanisms that enable secure systems and users' control over their presence online.

Who is involved

Security Engineering is led by Wennie Leung. Work is divided between these main teams:

Privacy and Security Engineering: website & browser security features (Containers, Password Manager, etc.), DOM security (CSP, SRI, Cookies, Mixed Content Blocking, origin, etc), Content Blocking (Safe Browsing, Download Protection and Tracking Protection), revamp of security hooks, Tor Uplift and Sandbox Hardening.
Communications security (Lead:JC Jones): TLS stack, communications security, WebCrypto, PSM, NSS, Error Reporting and OneCRL
Defensive Security Engineering (Lead: Tom Ritter): implementing changes to Firefox that improve our security posture.
Mozilla's CA Certificate Program (Program Manager: Kathleen Wilson)

To connect with us directly, you can our contact details on Mozillians.

How We Work

The Security Engineering team works publicly like other Mozilla engineering teams. Continuously, we are focused on four top-level activities:

Implement and Deploy
Consult on Architecture and Design
Research new Ideas
Evangelize what we do

For more details, check out our strategy.

What we work on

The core security guarantee of the web is that it’s safe to browse. You can run a web browser and connect to any web server on the planet, and whatever that server sends you, it won’t be able to harm you.

Delivering on this promise requires many layers of assurance:

That the browser itself is safe to run -- that no malicious code has been introduced, and that we find and fix vulnerabilities before they can be exploited.
That the browser is protecting web content as it’s delivered over the network.
That that web content is forced to play by our rules, including assuring that privacy-sensitive actions that web pages take are gated on a user’s permission.
That we’re providing a user experience that helps people understand the risks and how they can stay safe.

For details of our projects in these four areas, see the security roadmap.

How to participate

Discuss: We hang out on #security and #contentsecurity on irc.mozilla.org, and our primary mailing list is mozilla.dev.security.

Follow our work: To see our current progress against features please see the Mozilla Security Blog.

Contribute: Wanna pitch in, maybe do a project? Check out the good first bugs list and if one interests you, contact us!

Experimental Things

We have a few feature proposals for things we might want to add to Firefox but that aren't currently scheduled:

Security Bugs

If you've found a security bug please see http://www.mozilla.org/security/#For_Developers

@@ Line 1: / Line 1: @@
 __NOTOC__
+''We build security and user sovereignty into Firefox. Through this work, we encourage and promote these values on the open web.''
-==Security Engineering==
+We focus hard on ways to improve the privacy and security of all web users, in a Mozilla way that engages the community in our design and implementation decisions. These priorities are reflected in the projects this team manages, public evangelism and participation in relevant standards bodies to maximize adoption of new privacy & security mechanisms.
-Our team is tasked with building secure operation and user sovereignty into the web platform and also leveraging the open web to bring these attributes to more environments.  We focus hard on ways to improve the privacy and security of all web users, in a Mozilla way that engages the community in our design and implementation decisions. These priorities are reflected in the [[Privacy/Roadmap_2011|Privacy]] and [[Security/Roadmap|Security]] roadmaps
-this team manages, public evangelism and participation in relevant standards bodies to maximize adoption of new privacy & security mechanisms.
 The open web is powerful; the huge number of people working on web standards and software is astonishing, and the rapid advancement of new businesses and technologies online magnifies the need for advances in mechanisms that enable secure systems and users' control over their presence online.
 ==Who is involved==
-Security Engineering is led by Sid Stamm, and mainly driven by Monica Chew, David Dahl, Meadhbh Hamrick, David Keeler, Ian Melven, Garrett Robinson, Brian Smith, Camilo Viecco, Tanvi Vyas, and Kathleen Wilson.  But our team isn't limited to these people -- there are many others out there in the community who help us accomplish more than we can alone, and we thrive on their passion, interest and help.
+Security Engineering is led by Wennie Leung. Work is divided between these main teams:
+* Privacy and Security Engineering: website & browser security features ([[Security/Contextual_Identity_Project/Containers|Containers]], [[CloudServices/Password_Manager|Password Manager]], etc.), DOM security ([[Security/CSP|CSP]], [[Security/Subresource_Integrity|SRI]], Cookies, [[Security/Features/Mixed_Content_Blocker|Mixed Content Blocking]], origin, etc), Content Blocking ([[Security/Safe Browsing|Safe Browsing]], [[Security/Application_Reputation|Download Protection]] and [[Security/Tracking_protection|Tracking Protection]]), [[Security/Features/Revamp_Security_Hooks|revamp of security hooks]], [[Security/Tor_Uplift/Tracking|Tor Uplift]] and [[Security/Sandbox/Hardening|Sandbox Hardening]].
+* [[Security/CryptoEngineering|Communications security]] (Lead:[https://mozillians.org/en-US/u/jcjones/ JC Jones]): TLS stack, communications security, WebCrypto, [[PSM:Topics|PSM]], [[NSS]], [[SecurityEngineering/TLS_Error_Reports|Error Reporting]] and OneCRL
+* Defensive Security Engineering (Lead: Tom Ritter): implementing changes to Firefox that improve our security posture.
+* [[CA:Overview|Mozilla's CA Certificate Program]] (Program Manager: [https://mozillians.org/en-US/u/kwilson/ Kathleen Wilson])
+To connect with us directly, you can our contact details on [https://mozillians.org/en-US/group/securityengineeringstaff/ Mozillians].
 ==How We Work==
 The Security Engineering team works publicly like other Mozilla engineering teams.
+Continuously, we are focused on four top-level activities:
-Our team is driven by our roadmaps:
+* Implement and Deploy
-* [[Privacy/Roadmap|Privacy Roadmap]]
+* Consult on Architecture and Design
-* [[Security/Roadmap|Security Roadmap]]
+* Research new Ideas
-If something is not on our roadmaps and prioritized as a P1, we aren't working on it. If it should be, please let us know (keeping in mind our resources are finite).
-Continuously, we are focused on four top-level activities:
 * Evangelize what we do
-* Research new Ideas
-* Consult on Architecture and Design
-* Implement and Deploy
-We are not always the best team to implement a given privacy or security feature, so another important role we play is to champion privacy and security features throughout the Mozilla community.
+For more details, check out our [[SecurityEngineering/Strategy|strategy]].
-Current major efforts:
+==What we work on==
+The core security guarantee of the web is that it’s safe to browse.  You can run a web browser and connect to any web server on the planet, and whatever that server sends you, it won’t be able to harm you.
-{|class="wikitable"
+Delivering on this promise requires many layers of assurance:
-| [[Image:Blushingfox.png|75px|alt=autoprivatemode.]]
+* That the browser itself is safe to run -- that no malicious code has been introduced, and that we find and fix vulnerabilities before they can be exploited.
-| [[Security/Contextual_Identity_Project|Contextual Identity]]
+* That the browser is protecting web content as it’s delivered over the network.
-| Lead: [[User:Mmc|Monica Chew]]
+* That that web content is forced to play by our rules, including assuring that privacy-sensitive actions that web pages take are gated on a user’s permission.
-| Many people have multiple "me"s depending on their activity.  We want to understand how people think about their identities and help them manage 'em.  Current projects include: [https://github.com/mozilla/blushproof/wiki Blushproof].
+* That we’re providing a user experience that helps people understand the risks and how they can stay safe.
-|-
-| [[Image:Foxinabox.png|75px|alt=The fox cannot escape the box.]]
-| [[FoxInABox|Sandboxing]]
-| Lead: [[User:Imelven|Ian Melven]]
-|
-|}
-Some recent highlights:
+For details of our projects in these four areas, see the [[Security/Roadmap|security roadmap]].
-* [https://blog.mozilla.org/security/2013/01/29/putting-users-in-control-of-plugins/ Click to Play Plugins] (See {{bug|738698}})
-* [https://blog.mozilla.org/security/2013/02/15/announcing-version-2-1-of-mozilla-ca-certificate-policy/ CA Certificate Policy version 2.1]
-* <code>crypto.getRandomValues</code> (See {{bug|440046}})
-* [https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/ Mixed content blocking] (See {{bug|815321}})
 ==How to participate==
-'''Discuss:''' We hang out on #security on [http://irc.mozilla.org irc.mozilla.org], and our primary mailing list is mozilla.dev.security.  Milestone reviews and other meetings will be announced on mozilla.dev.security.
+'''Discuss:''' We hang out on #security and #contentsecurity on [http://irc.mozilla.org irc.mozilla.org], and our primary mailing list is [https://www.mozilla.org/en-US/about/forums/#dev-security mozilla.dev.security].
-'''Follow our work:''' To see our current progress against features please see our blogs: [http://blog.sidstamm.com Sid's], [https://blog.mozilla.org/tanvi/ Tanvi's], [https://blog.mozilla.org/imelven/ Ian's], [http://monica-at-mozilla.blogspot.com Monica's], and the [https://blog.mozilla.org/security/ Mozilla Security Blog]. Also, feel free to take a peek at our roadmaps: [[Privacy/Roadmap|Privacy Roadmap]] & [[Security/Roadmap|Security Roadmap]].  Our weekly meeting notes for previous meetings are located here: [[SecurityEngineering/MeetingNotes]]
+'''Follow our work:''' To see our current progress against features please see the [https://blog.mozilla.org/security/ Mozilla Security Blog].
-'''Contribute:''' Wanna pitch in, maybe do a project?  Check out [[SecurityEngineering/Projects]] or the [https://bugzil.la/sw:%5Bgood%20first%20bug%5D%20security good first bugs list] and if one interests you, contact us!
+'''Contribute:''' Wanna pitch in, maybe do a project?  Check out the [https://bugzil.la/sw:%5Bgood%20first%20bug%5D%20security good first bugs list] and if one interests you, contact us!
 == Experimental Things ==
-From time to time we make add-ons to try out experimental features.  Here are a few; let us know what you think!
-* [https://addons.mozilla.org/en-us/firefox/addon/force-tls/ Force-TLS] ([https://code.google.com/p/force-tls/ get the code])
+We have a few feature proposals for things we might want to add to Firefox but that aren't currently scheduled:
-* User CSP
+* [[Security/Foreign_Certificate_Warning|Foreign Certificate Warning]]
+* [[CloudServices/Password_Manager/Master_Password|Master Password]] in the Password Manager
+* [[Security/Automatic_Private_Browsing_Upgrades|Automatic Private Browsing Upgrades]]
 ==Security Bugs==
 If you've found a security bug please see http://www.mozilla.org/security/#For_Developers