Security/B2G/2013 20 5
From MozillaWiki
Contents
- 1 FirefoxOS Security Team Meeting
- 1.1 News
- 1.2 Weekly goals
- 1.3 Goal Status Updates
- 1.3.1 FirefoxOS related security reviews (pauljt)
- 1.3.2 Develop and land tests for security features (dchan)
- 1.3.3 Bug Bounty defined and ready to launch (freddyb)
- 1.3.4 Compile Firefox OS issue register (pauljt)
- 1.3.5 Continue to document Firefox OS Security (pauljt)
- 1.3.6 Document Update schedule & incident response procedure (pauljt)
- 1.3.7 Firefox OS Sandboxing (kang)
- 1.3.8 Malware Defense (cr)
FirefoxOS Security Team Meeting
1pm PST, B2G Vidyo room Prior notes are here: https://wiki.mozilla.org/Security/B2G/2013_13_5
News
feature list for 1.2 / 1.3
https://developer.mozilla.org/en-US/docs/Mozilla/Firefox_OS/Security/System_security#Content_process_sandboxing_(lowered_rights_content_processes)
Weekly goals
Last Week: Current: [dc] - mozapp iframe 751026 [dc] - tethinerg 776502
Goal Status Updates
- Q2 Review target: https://wiki.mozilla.org/Security/B2G/Reviews
- closed a bunch of reviews last week, still a few more to go
Develop and land tests for security features (dchan)
n/a
Bug Bounty defined and ready to launch (freddyb)
Compile Firefox OS issue register (pauljt)
'hardening firefox os' https://docs.google.com/a/mozilla.com/document/d/16TrBjWhjnH0AQV_6I_jEGVNJKXDmKt8T4K_P-lKx9cc/edit#
Continue to document Firefox OS Security (pauljt)
Working on updating MDN docs. (app security part mainly)
Document Update schedule & incident response procedure (pauljt)
no update
Firefox OS Sandboxing (kang)
attempting to land still :p (waiting reviews)
got commit (l3) access wee;)
discussed supervisor with marta (dt), they seem to start working on it
Malware Defense (cr)
Involved dbialer in the meta-market approach to multimarket: he likes the idea.
We might be able to get phone-specific and cryptographically relevant key data from the SIM cards. Seifert wants to deliver info. (anthony jones has mentioned this already on b2g-dev)
