Security/Meetings/SecurityAssurance/2013-06-04
From MozillaWiki
< Security | Meetings | SecurityAssurance
- Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
- Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
- Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
- Phone (Toronto): 416 848 3114 x92 Conf: 95316#
- Phone (US): 800 707 2533 (pin 369) Conf: 95316#
Contents |
Agenda
- Welcome John, our intern Minion!
- Goals - Please keep status up to date - https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdHU3a2lJRV8xckZXclZJdkNlN3dUYVE&usp=sharing
- Metrics
Upcoming Speaking Engagements
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )
- mgoodwin: June 5 OWASP EU Tour, Bucharest - The Trouble with Passwords
- psiinon: June 20 (not definite) OWASP EU tour - ZAP
- freddyb: June 21: Hack in Paris, June 19-21: "Origin Policy Enforcement in Modern Browsers"
- mgoodwin: June 26 OWASP EU Tour, Dublin - Your Browser as a Security Tool
- psiinon & freddy: August 20-23 AppSec EU - ZAP (see above)
- psiinon: November 18-21 AppSec USA - ZAP
- yvan: WebFWD, June 10th
- pauljt: ruxmon this friday http://www.ruxmon.com/sydney/
Planned Blog Posts
Security Review Status (curtisk)
- Completed in Q1 2013: 66
https://security-review-statistics.vcap.mozillalabs.com/weekly (39)
- outstanding reviews are increasing to keep pace with closed items
- without ranking is also growing
Operations Security Update (Joe Stevensen)
Project Updates
Please add your name to the update so we know who to follow up with
Firefox Desktop
Firefox Mobile
Firefox OS
- [cr] design proposal for a "soft trust core" that implements TrustZone-like features for user and device-specific key derivation and signatures: https://mana.mozilla.org/wiki/display/~cruetten@mozilla.com/TrustZone