Security/B2G/2014 01 4
From MozillaWiki
Contents
FirefoxOS Security Team Meeting
1pm PST, B2G Vidyo room Prior notes are here: https://wiki.mozilla.org/Security/B2G/2013_12_17
Agenda Items
News
- [cr] *Another* security researcher wants to do phd work on the market place. Bhargava Shastry [:basintea] of TU Berlin will be focusing on FxOS app security (while Daniel DeFreez wants to cover malware detection)
- [:cr] potential new app-validator dev taking over Matt Basta's responsibilities: Mark Striemer, mstriemer@mozilla.com
- [freddy], additional traction to implement csp within chrome pages (like about:newtab). I met with the DOM team and :grobinson as well as :bz will cover some of the gnarly bugs, that involve changing the SystemPrincipal (see blockers to https://bugzilla.mozilla.org/show_bug.cgi?id=923902)
- [arroway] System frontend workweek is happening in Paris, if you have questions to forward
New roadmap: https://wiki.mozilla.org/Security/Roadmap Gecko Reviews https://docs.google.com/a/mozilla.com/document/d/1QPjPn2As9c3XB_J8yJw13Qk1B91aeW1RWe9MVwxBULc/edit# Reviews Hardening: https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0Ap-jgPe0UrMhdG5SMFJIckJBNnJfNlJHWUtLZFBMN3c#gid=0
Notes
Previous Action Items
New Action Items
Goal Status Updates
- [cr] Started collecting info on Android rooting tools, researching the vulnerabilities they exploit. Notes here: https://wiki.mozilla.org/Security/B2G/RootingTools