[Tails-project] Report: Tor dev meeting, 2017-03

intrigeri intrigeri at boum.org
Wed Mar 29 16:23:46 CEST 2017


Hi,

here's some bits from Tor dev meeting. Generally it was quite relaxed
for me: there were many discussions I wanted to have with many people,
but didn't feel any of the insisting peer-pressure that killed the fun
of the last Tor dev meeting I had attended :)

* Lead, with Linda, a discussion about Tor Browser's Security Slider
  usability and security:
  https://trac.torproject.org/projects/tor/wiki/org/meetings/2017Amsterdam/Notes/SecuritySliderUsability
  Some more discussion is now happening on
  https://bugs.torproject.org/21034. Too bad some of the key people
  could not attend the corresponding session, looks like this would
  have been a game-changer.

* anonym lead a session about our test suite. I expect he'll tell you
  more in his own report.

* Had a nice conversation about "secure" operating systems with Joanna
  from Qubes OS, Ola Bini, Patrick from Whonix, and 3 other Tails
  people. As a result #12403 was filed and integration work done
  there, and some (vague) longer-term plans drawn. The idea of having
  a meeting + hacking time gathering desktop "secure" OS:es was
  revived (tentatively: autumn 2017, southern Europe). sajolida will
  follow-up on this.

* Discussed writing, packaging and integrating applications built on
  top of Tor (Torbirdy, OnionShare, OnionCircuits, etc.) and control
  port filtering with anonym, Sukhbir and Patrick. We reached some
  conclusions but realized only later that we had missed important
  aspects, so the discussion goes on privately until we have something
  worth submitting for requests.

* Discussed with some members of one of the ThoughtWorks' "strike
  teams" how they could help them, and looked a bit closer at robust
  time sync'ing + persistent Tor state. Stay tuned.

* Got a crash course at communication strategy from Josh, the new
  communications director at Tor. Wow, so many new things to learn.
  Thankfully the methodology seems quite similar to UX so it's not
  *that* new. sajolida took notes, perhaps he'll follow-up and file
  some tickets. On my side I've filed #12406 and subtasks to ensure
  we're ready for any successful communication campaign (even though
  it appears that we should target more specifically people who should
  use Tails, but still don't, instead of the general public, at least
  this year).

* Discussed with one of our fiscal sponsors the current state of
  affairs, backlog and various requirements that needed clarifying;
  drawn plans to migrate to another fiscal sponsor.

* Discussed our reproducible builds effort and status with Ximin and
  other people. The main output was #12409.

* Attended a session about onboarding new (paid) contributors.
  The main output for me was adding stuff on #11768.

* Identified more clearly the need some people have to run Tails from
  internal hard drives. Summed it up on
  https://labs.riseup.net/code/issues/8422#note-9, reopened
  that ticket.

* Got some ARM Chromebooks as a gift from a friendly project.
  Next steps will be tracked on #10972.

* Discussed my upcoming keynote at CryptoRave with various people.
  tl;dr: it won't be about "the state of secure OS:es", contrary to
  what folks on Twitter seem to believe currently.

* Probably lots of other things I'm forgetting right now :)

Cheers,
-- 
intrigeri


More information about the Tails-project mailing list