canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Meetings/SecurityAssurance/2012-02-21: Difference between revisions
Security/Meetings/SecurityAssurance/2012-02-21 (view source)
Revision as of 22:01, 21 February 2012
, 21 February 2012→Stuff
No edit summary |
(→Stuff) |
||
| Line 9: | Line 9: | ||
{{TOC right}} | {{TOC right}} | ||
== | =Project Updates= | ||
https://wiki.mozilla.org/Security/TeamEmbedding | |||
Include any project page links | |||
Mention blockers or major concern areas | |||
==Silent updates (rforbes / dveditz)== | |||
* Ian's concern: fallback to an updater that doesn't check signature, and an attacker can invite you to fall back | |||
** Jesse: this is an old problem, right? I wouldn't want to block silent updates on this. | |||
* Need embedded team member on update, because | |||
** Raymond & Dan??? | |||
** [Bug 728301] New: Enable new security checks only for the service | |||
==Q1 Goals == | |||
* We're half done, right? (39 days left) | |||
* https://intranet.mozilla.org/2012Q1Goals#Security_Assurance_.28Coates.29 | |||
* https://mana.mozilla.org/wiki/display/INFRASEC/2012+-+Q1+Goals | |||
==Code signing== | |||
* Coates: HSMs; improved logs for auditability(?) | |||
* Jesse: Are we signing Firefox the way Apple wants us to for Mountain Lion's Gatekeeper? It's pretty important to get this by the time Mountain Lion ships :) | |||
== B2G (Paul Theriault) == | |||
* Reviewing security model at the moment (or trying to document their approach) | |||
* Compare with web apps approach | |||
* The requirements of B2G seem different to what the Web Apps is developing - need to figure out where these two activities meet | |||
* Working on carving out pieces for security review | |||
==Thunderbird (Dan Veditz) == | |||
* "Big Files" are coming soon: https://wiki.mozilla.org/Features/Thunderbird/BigFiles | |||
==Rust (Jesse Ruderman) == | |||
* I raised concerns about unsafe blocks being less safe than C due to mixing Rust's failure/unwind/memory model with C concepts. https://github.com/mozilla/rust/wiki/Meeting-weekly-2012-02-21 | |||
* Servo seems to be interested in parallelism only; security isn't really on their minds. I guess that's part of why they're planning to use the C++ Spidermonkey rather than implementing a new JavaScript engine in Rust. (Even though a JS engine could benefit from parallelism in parsing and JIT-recompiling.) | |||
** But Servo is in proof-of-concept mode, so maybe this is fair. | |||
==Mobile (David Chan) == | |||
* beta is slipping, potential release this week | |||
* there were discussions about moving off the train schedule | |||
==Sync (David Chan & Yvan Boily) == | |||
* semi-working sync 2.0 protocol implemented | |||
** https://bugzilla.mozilla.org/show_bug.cgi?id=720964 | |||
==Services (David Chan & Yvan Boily) == | |||
* queuey and metlog threatmodeling meetings coming up | |||
* token server needs a review | |||
==Social - Pancake (Mark Goodwin) == | |||
* They've ripped out spider, headlines, etc | |||
* They've also removed MySQL for user data... and instead are using a "lightweight http user server" - which appears to currently be using sqlite (erk!) | |||
* Still very much in flux - joes have you seen any docs yet? | |||
==Jetpack, Add-on SDK, Add-on Builder (Dan Veditz) == | |||
* No mtg this week | |||
==JS (Christian Holler) == | |||
* IncrementalGC landed | |||
** Jesse is hitting IGC crashes that are hard to reproduce :( https://bugzilla.mozilla.org/show_bug.cgi?id=728976 | |||
* Focusing on IonMonkey for testing | |||
** Fuzzing by gkw and me on x86(-64) | |||
** Fuzzing on ARM soon when branch stabilizied | |||
* Found quite a few OOM bugs, we need better OOM testing (also applies to whole Firefox product), will be working on that with JS devs. | |||
* [gkw] Made substantial changes to jsfunfuzz w/ Jesse to test Incremental GC. | |||
* [gkw] Work progressing on integrating jsfunfuzz to Releng, advice from Jesse, nthomas | |||
** [gkw] Found some bugs in js shells that are created off tinderboxen | |||
==DOM, XPConnect (Jesse Ruderman) == | |||
* | |||
==Layout, Style (Jesse Ruderman) == | |||
* | |||
==Automation Tools (Gary Kwong) == | |||
* Marionette had a security review on Feb 13. | |||
* There were follow-ups on locking the pref for enabling Marionette. | |||
** Completed within a few days later. | |||
* Also poking around Peach. | |||
* [decoder] Made progress on getting jsfunfuzz/domfuzz to run on Tegra Pool with ADBFuzz, working with jmaher, ctalbert and wlach to integrate necessary changes to mozdevice. | |||
==Web Developer Tools (Mark Goodwin) == | |||
* Lots for me to learn here | |||
* Starting to look at debugger | |||
- Do we need to fuzz the wire protocol? | |||
* New commands for GCLI need reviewing - will coordinate with dchan to get this looked at | |||
== Networking ( Media / Codecs) == | |||
* | |||
== Market (Raymond Forbes) == | |||
* | |||
==Firefox APIs (Raymond Forbes) == | |||
mailed myk telling him we would be setting up a security review and asking him to foward any documentation he had that we could ramp up on. | |||
==Payment Flow (Raymond Forbes) == | |||
no update | |||
==App Sync (David Chan) == | |||
* discussion between webapps and sync team continuing | |||
* encryption may change for appsync vs sync | |||
==Dynamic API Security Model (Raymond Forbes) == | |||
* | |||
==WebRT (Raymond Forbes) == | |||
Long discussion on authorization model. Setting up meeting iwth Ian Bicking and Mike Hanson to work through the issues. | |||
==BrowserID == | |||
* No logs as of yet. | |||
== Identity Services (David Chan) == | |||
* nothing new | |||
==Addons.M.O (Raymond Forbes) == | |||
no update | |||
==Bugzilla.M.O (Mark Goodwin & Eric Parker) == | |||
* A few bugs spotted incoming; all appear to be under control | |||
* Might need some muscle to install ArcSight Connectors on zeus balancers | |||
==Mozillians (Raymond Forbes) == | |||
* | |||
==MDN (Raymond Forbes) == | |||
* | |||
==SUMO (Kitsune) () == | |||
* | |||