canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Meetings/SecurityAssurance/2013-02-26: Difference between revisions
Security/Meetings/SecurityAssurance/2013-02-26 (view source)
Revision as of 16:14, 27 February 2013
, 27 February 2013no edit summary
(Created page with "{{SecAssuranceMeetingInfo}} {{TOC right}}") |
No edit summary |
||
| Line 1: | Line 1: | ||
{{SecAssuranceMeetingInfo}} | {{SecAssuranceMeetingInfo}} | ||
{{TOC right}} | {{TOC right}} | ||
=Agenda= | |||
* [curtis] Django stuff https://bugzilla.mozilla.org/show_bug.cgi?id=843345 | |||
* Goals - Please keep status up to date - https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdEI4SlE0eGRWdkN5bXBpbV8wcjNzNUE | |||
* Metrics | |||
** Review Security Radar Page - https://wiki.mozilla.org/Security/Radar <-- nothing to see here, move along | |||
* Data Protection Program - https://mana.mozilla.org/wiki/display/SECURITY/Data+Protection | |||
* Preparing for pwn2own | |||
==PTO/Travel== | |||
* Some people are at BSidesVancouver and CanSecWest (+pwn2own) next week. | |||
* RSA is this week. | |||
* PT off friday 1st/monday 4th | |||
=Upcoming Speaking Engagements= | |||
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks ) | |||
* Raymond Forbes : Feb 27 - March 2 : Nullcon : Bug Bounty Programs | |||
=Planned Blog Posts= | |||
* [https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c Google Doc] | |||
=Security Review Status (curtisk)= | |||
* Completed in Q4 2012: 50 | |||
* Completed this Quarter 45 | |||
https://security-review-statistics.vcap.mozillalabs.com/weekly | |||
=Operations Security Update (Joe Stevensen)= | |||
=Project Updates = | |||
Please add your name to the update so we know who to follow up with | |||
== Firefox Desktop == | |||
Java CTP | |||
== Firefox Mobile == | |||
== Firefox OS == | |||
MWC! :) | |||
Gaia sec reviews due by 13th | |||
V1.0.1 reviews due end of quarter (existing goal) | |||
Weekly notes: https://etherpad.mozilla.org/firefoxossecteammtg | |||
Documentation is also focus atm: https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/Security (review, read, contribute etc please) | |||
== Firefox Core == | |||
* [cdiehl, choller] Resolved multiple blockers for TSan (Thread Sanitizer v2) on Firefox | |||
** Bugs filed so far: https://bugzilla.mozilla.org/buglist.cgi?quicksearch=OPEN%20sw%3A%5Btsan | |||
* [gkw, choller] Fuzzing Baseline Compiler | |||
** New bugs this week: http://tinyurl.com/ab5h2jr 14 issues | |||
* [choller] Fuzzing Odinmonkey | |||
** New bugs this week: http://tinyurl.com/azzpz3v 16 issues | |||
* [gkw] We now have the ability to properly fuzz threadsafe builds by default, at least on Mac 64-bit | |||
== MarketPlace == | |||
== Web Apps == | |||
== Services == | |||
== Operation Security == | |||
== Cool Stuff == | |||
* Call out for JSfunfuzz at BsidesSF yesterday (page 5): http://deadliestwebattacks.files.wordpress.com/2013/02/javascript-security-html5.pdf | |||