wiki:org/meetings/2014SummerDevMeeting/Roadmaps

Version 2 (modified by karsten, 6 years ago) (diff)

Transcribe goals and stickies from Tuesday afternoon session.

Meeting goals

  • Remove administrative roadblocks to acquiring and administrating new infrastructure (build machines, etc.)
  • Fix contracting workflow
  • What is the decision-making process for Tor?
  • Who do I ask for direction on projects that need to be done?
  • Dog food plan for all TPO/TPI/TPC folks (or forks?)
  • Moritz would like to resume the discussion of Tor Europe.
  • Settle the differences between the company and the community
  • Central location for funding info: don't be a bottleneck!
  • Figure out the steps for obfs4 deployment.
  • Future of pluggable transports (upcoming pluggable transports, BridgeDB (?), tor improvements, etc.)
  • Make plans for hidden service performance and measurement project.
  • Future little-t-tor development features (single guard, hidden services, etc.)
  • Land patch in Instantbird
  • Define development roadmap and threat model for BridgeDB.
  • Determine how BridgeDB and new bridge distribution mechanisms are going to be funded.
  • Establish year 1 Sponsor Q milestones.
  • Bridging Tor and OONI.
  • Decide concrete directions for pluggable transport specification refactoring.
  • Better planning process for little-t-tor
  • Better understanding of Tor measurement needs; concrete technical ways to achieve the above
  • Moritz wants help automating deployment and monitoring of Tor relays.
  • OONI Q3/Q4 development roadmap
  • Complete OONI trajectory of how/where to go forward with deployment
  • Map out improvements to TBB bootstrapping usability
  • Hoping to get funding for Tahoe-LAFS native Tor integration.
  • We want to make clearer how people can contribute to Sponsor O.
  • Guides: which ones need update, translation, etc.
  • Get David Goulet committed to hidden-service development, and Yawning committed to pluggable transport development.
  • Decide if we hire harmony and what job they would do.
  • Mitigate global passive adversary threats
  • Fix user interface and web page and wikipedia.org
  • Make integration/testing plan for kernel/socket scheduling
  • Repair and strengthen friendship with focus on (unreadable) shared positive vision
  • To learn about the culture of this community. The people, the personalities. To understand.
  • Ensure Tor Browser Team members are all on the same page with respect to current and future funder deliverables and internal priorities.
  • Developers and trainers should have an open discussion about what Tor training covers.
  • Make sure nobody gets arrested.

Tuesday afternoon session led by Gunner

(*) means something was deemed important by attendees

Morale/safe workplace

  • Having more interaction and feedback from Tor people
  • I don't even know who are my co-workers
  • Building respect amongst team ()
  • Accept apologies and then move on; stop harboring bad feelings
  • We need to be civil to other orgs, because you never know who they talk to!
  • People don't acknowledge problems (*)
  • Tor feels hostile for conversations and lacks secure (unreadable) for everything
  • People surprisingly fired ()

Personnel

  • Four months without a contract ()
  • I don't know who is supposed to be working on what! (*)
  • Total lack of acknowledgement for situations currently impacting workers
  • Make all timesheets public, just like reports (*)
  • As a volunteer, I pick my coworker. As a contractor, not so much. How's that handled?
  • Where should I go when I believe someone is doing a bad job?

Sustainability/culture

  • We need to establish work-life balance guidelines
  • Demonstrate professional respect
  • No one mediates disputes (*)
  • Treat each other with kindness
  • Tor speaks English without common definitions, e.g.: "political"

Empowerment

  • Lots of responsibility without power to succeed in tasks (*)
  • People think they can do my job (*)
  • I need authority to get things done (I have the responsibility) (*)
  • There is no escalation procedure when people retain information
  • Getting help in prioritizing tasks

Vision

  • Political analysis is totally missing
  • No common vision shared ()
  • Is Tor a pure provider of technology or also a political animal? (*)
  • Sharing and discussing common vision for Tor related projects
  • Tor is impacted by our funders but we deny it.
  • Tor is fighting a proxy war for the U.S. government and is internally dishonest (?) about this truth (?) (*)

Project

  • We don't even use our own projects company-wide (*)
  • We meet too rarely and only talk about contracts but not the project
  • Tor lacks forensics for incident response but also emotional support for incident response.

Decision making/collaboration

  • Establish goal setting and achievement for entire team
  • Establish united leadership team -- goals of organization.
  • How can a meeting be organized without involving people who are on the ground? (*)
  • Create clear communication
  • Fix bottleneck of communication when conversation fails ()
  • Create structure for process -- human resources, hiring, etc.
  • A process for common cooperation is missing for (unreadable) all tasks (*)
  • We need a hand-off process for important decisions or relationships.
  • Implement liquid democracy for deciding on issues.
  • Provide a safe space to deal with our security situation; e.g.: pwnage; e.g.: emotional issues.
  • Open a physical space for humans to gather to co-work.
  • We accept confines (?) that are constructs. We should define them and empowered (?).
  • All documents should be on an (.onion) intranet (*)
  • Provide fixed weekly time(s) for discussion/addressing issues and resolving decisions
  • Place human resource specialist on staff/board ()
  • Agree on psychosocial care professional selection criteria. (*)
  • Discuss everyone's deliverables internally so we can trade/organize better.
  • Solution for contractor hiring; deployment should be a separate function
  • Focus on intentional expectation setting with all staff/volunteers roles/compensation (*)
  • Prioritize early and proactive notifications of issues/status change for team members
  • Have a veto procedure for new people
  • Have an open legal advisory channel for all TPI folks.
  • Provide mediation on demand for conflict resolution ()
  • Have someone say yes when we get offers of help.
  • Announce new contracts and their deliverables to spread knowledge on who is working on what and what to expect. (*)
  • Set goals for both contractors and employees that they can achieve and are measurable so they can know they have accomplished something ()
  • Inform people beforehand that their contract is going to expire and renewed or not renewed. (*)
  • Delegate budget authority and associated decision making (*)
  • Collective and improved hiring/on-boarding contractor/employees process could be improved by adding more inputs ()
  • Resolve Tor's long-term vision and priorities to inform decision making ()

Roadmaps

Source

Transcription of roadmaps from photos made by Griffin Boyce:

Transcription

Note: Please feel free to correct these items or annotate them with ticket numbers or other things. But please don't remove items, unless you really think you have to.

Core Tor

  • Plan circuit-scheduling implementation ideas, July 31, 2014, robgjansen/andrea/nickm
  • Teach developers shadow, July 31, 2014, robgjansen/nickm/andrea
  • Schedule 0.2.6, July 31, 2014, nickm/andrea
  • Finish trunnel (?) experiment, August 1, 2014, nickm
  • Merge global circuit scheduling patch, August 15, 2014, nickm/andrea/robgjansen
  • Review all pending Tor patches, August 30, 2014, nickm/andrea
  • Release 0.2.5, August 30, 2014, nickm/andrea
  • Test with all OpenSSL forks, August 31, 2014, ioerror
  • Implement v1 of single-guard, September 15, 2014, asn
  • Implement new identity-key design, September 15, 2014, nickm
  • Merge towelenee's GSoC code, September 30, 2014, nickm/andrea
  • Merge consensus-diff code from mvdan, September 30, 2014, nickm
  • Design client-side key pinning, September 30, 2014, nickm/andrea/?
  • Plan Tor side of Sponsor R, October 1, 2014, nickm/?/robgjansen/Aaron Johnson
  • Merge PT improvements as needed by PT team, October 15, 2014, nickm/andrea
  • Plan Tor side of Sponsor Q, October 15, 2014, nickm/?/Nick Hopper
  • Converge Rob's KIST patch w/ 9xxx, October 31, 2014, robgjansen/andrea/nickm
  • Design for consensus failure, November 15, 2014, ?
  • Correct weighted single-guard, November 15, 2014, asn/?
  • Freeze 0.2.6, December 1, 2014, nickm/andrea/?
  • Hire and onboard a new Tor developer, December 31, 2014, ??
  • Implement new hidden service design v1, January 31, 2015, asn/nickm/?
  • Write better system tests in/for Chutney, January 31, 2015, nickm/?
  • Design proposal for something eigenspeedy, Febuary 1, 2015, Nick Hopper?
  • Build better hidden service -> client feedback (proposal 229), February 1, 2015 or sooner
  • Get a test network running, March 1, 2015, ?/ln5/gamambel(?)
  • Release 0.2.6, March 1, 2015, nickm/andrea/?
  • Design for modular Tor, March 1, 2015, ?
  • Design more scalable relay family system, March 1, 2015, ?
  • Design better controller API for testing/inspecting relays, hidden services, directories, April 1, 2015, ?/Aaron Johnson
  • Design, safe relay-level hidden service statistics v1, (unreadable), June 15, 2015, Nick Hopper
  • Freeze 0.2.7, June 15, 2015, ?
  • Reach at least 50% test coverage in tor, July 1, 2015, ?
  • Design PQ handshake and key cascade, July 31, 2015, nickm/?
  • Full automatic integration tests with Shadow and Chutney, July 31, 2015, ?
  • Build DoS-resistance throughout tor, July 31, 2015, ?
  • Write good developer docs, first draft, July 31, 2015, ?
  • Decide whether and how to replace TLS, August 1, 2015, ?
  • Design/research hidden service reliability improvements, August 1, 2015, ?
  • Design new relay crypto, August 1, 2015, ?

TBB

  • Eanmont (?) and categorize security slider levels, July 15, 2014, Mike
  • Deploy existing Linux XPC shell tests, August 1, 2014, boklm
  • Secure hosting for update archives, August 1, 2014, weasel?/erinn?
  • Automate update package distribution, August 1, 2014, P.C. (?)/erinn?
  • Deploy alpha with updater, August 15, 2014, ?
  • Initial UI for security slider, August 15, 2014, GeKo
  • Persona test server, August 15, 2014, isis
  • Rebuild and rebase for FF31ESR, September 1 (?), 2014, GeKo + (unreadable)
  • Update patches for Firefox in Bugzilla, September 1, 2014, GeKo
  • Deploy remaining Firefox tests, September 1, 2014, boklm
  • Review FF31ESR, October 1, 2014, mikeperry
  • Switch to FF31ESR, October 31, 2014, GeKo
  • Sandboxing, October 31, 2014, mikeperry/erinn?
  • Circuit and exit status reporting UI, October 31, 2014, Arthur (unreadable)
  • Apply mixed content blocking fix, October 31, 2014, mikeperry
  • Persona experiment.. (?) (captchas, blind signatures, etc.), October 31, 2014, isis

OONI

  • Schedule talk with CPP and OONI, July 8-11, 2014, vmon, hellais, aagbsn
  • Run OONI in Iran, August 1, 2014, vmon
  • Figure out scheduling of ooni-probe, August 14, 2014, Leif
  • Design test deck for Iran, August 31, 2014, vmon
  • Automated deployment of ooni-probe to PlanetLab, September 2014, David S.
  • Integrate mlab-NS with OONI-backend, September 1, 2014, aagbsn
  • Deploy HTTP header field manipulation on production m-lab, September 15, 2014, hellais
  • Make bouncer/client aware of collector policies, end of September 30, 2014, hellais
  • Analyze and visualize the bridge reachability data, October 1, 2014, aagbsn
  • Setup of collector infrastructure for bridge reachability testing, October 2014, David S./aagbsn
  • (unreadable) task dispatcher from bouncer to probe, November 1, 2014, hellais
  • Discuss scope of OCCRP-OONI collaboration, December 31, 2014, hellais
  • Add PCAP upload support to probe and backend, February 1, 2015, ?

Sponsor O

  • Merge Instantbird patch, July 7, 2014, arlolra
  • Solicit Stormy input from Tor community, July 15, 2014, saint
  • Finish UI for OTR plugin (?), July 15, 2014, arlolra
  • Identify public user-facing documentation to be written/updated, July 31, 2014, Lunar
  • Decide on default Jabber server, July 31, 2014, ioerror
  • Review from peers + technical (Stormy), July 31, 2014, saint
  • Incorporate feedback from reviewers (Stormy), August 15, 2014, saint
  • Implement socialist millionaire protocol authentication (Tor Messenger), August 15, 2014, arlolra
  • Research automated builds and testing for Tor Messenger, August 31, 2014, boklm
  • Update documentation related to trainings, August 31, 2014, kel
  • Document proper usage of Stormy, September 7, 2014, saint
  • Initial Stormy 1.0 release, September 15, 2014, saint
  • Write technical writer job description for user-facing documentation, August 15, 2014, Lunar
  • Translate Stormy wizard and documentation, September 21, 2014, saint/vmon (Farsi)
  • Deploy nightly builds and basic testing for Tor Messenger, September 30, 2014, boklm
  • Complete training pilots, October 31, 2014, kel
  • Get Stormy into Debian/Ubuntu, September 30, saint
  • Rewrite download page for TBB, October 1, 2014, erinn
  • Identify events where target audience is going to be, October 31, 2014, kel
  • Get signing cert for XPI, October 15, arlolra
  • Engage iSEC partners for security audit, November 1, 2014, ioerror
  • Translate Tor Messenger (Instantbird to Farsi, Tor Launcher to Farsi, French, Spanish, Arabic), November 1, 2014, arlolra/vmon
  • Research sandboxing for Tor Messenger, November 15, 2014, erinn/ioerror
  • Create a Tor Messenger webpage and logo, November 15, 2014, arlolra
  • Write Tor Messenger User Manual, November 15, 2014, arlolra
  • Get first version of Tor Browser User Manual out in English, November 30, 2014, Lunar
  • Translate learning materials and curriculum materials, December 31, 2014, kel
  • Have webchat support localized, December 1, 2014, Lunar
  • Release Stormy 1.1, December 15, 2014, saint
  • Research reproducible builds for Tor Messenger, December 15, 2014, arlolra
  • Complete improvement of documentation and training curriculum, December 31, 2014, kel
  • Release Tor Messenger beta, announce on tor-talk, present at 31C3, December 26, 2014, arlolra
  • Announce Tor Messenger on the blog / to the press, January 15, 2015, arlolra
  • Deploy training materials, April 30, 2015, kel
  • Publish support templates automatically, March 1, 2015, Lunar
  • Maintain Stormy until, August 1, 2015, saint

PT/BridgeDB

(parts of this will be transcribed by asn and Yawning)

Org

  • Plan continuing Tor Weekly News, July 4, 2014, arma
  • Set up a dedicated yearly outreach budget, July 15, 2014, arma
  • Hire/onboard P-T (?)/intern person to assist in populating CRM, July 31, 2014, phobos/kel
  • Fix Tor Wikipedia page, July 31, 2014, Asta?
  • Internally shared fundraising dashboard, July 15, 2014
  • Define and document the outreach team's efforts/work, July 30, 2014
  • Revise warning page (on website), July 31, 2014, Asta?
  • Share details about Circumvention Technology Festival -> winter dev meeting, July 15, 2014, kel
  • Propose to the board a Tor Europe subsidiary plan, August 1, 2014, Pepijn/Wendy/Melissa
  • Add dev meeting link to Tor website, August 3, 2014
  • Identify existing program managers: gaps (?), same as o/c mars (??), August 1, 2014, arma
  • Decide whether to be primarily tech company or a lobbying/educating/social organization, August 1, 2014
  • Create a mailing list for people speaking about Tor, August 1, 2014, Lunar
  • Do search engine advertising trial, August 30, 2014
  • Collect funder list: who funds competition/colleagues, who we're all talking to, August 31, 2014, puffin
  • Put together official Tor slideshow for crypto parties, September 30, 2014
  • Populate CRM, September 1, 2014
  • Hire community manager, September 30, 2014
  • Create promotional material kit (funders, conferences), August 15, 2014, kel
  • Foundation target proposal writ..., September 30, 2014
  • Pre-(unreadable) Tor trademark and proper needs of Tor brand, October 31, 2014
  • A/B testing of donations (unreadable)/workflow on download page, October 31, 2014
  • Revamp website homepage (donate, download, learn), October 1, 2014
  • Beta-test Tor certification program, October 30, 2014, phobos
  • Create training material kit, December 31, 2014, kel
  • Hire operations manager (contracts, wire transfer, CFO), December 1, 2014, phobos
  • Create presentation decks for trainers, December 31, 2014, kel
  • Hire a full-time small donor coordinator, December 31, 2014, ?
  • Hire devs from "Global South", January 1, 2015, ioerror
  • Hire two woman devs, January 1, 2015, puffin
  • Integrate CRM with donations page, February 15, 2015, puffin
  • Deploy new blog and calendar, March 30, 2015, weasel?/erinn
  • Develop Tor franchise program plan, June 1, 2015, phobos
  • Start Tor lobbying organisation in Europe, June 1, 2015
  • Hold dev meeting in Asia, June 30, 2015, ?
  • Start AnonyCon (?) in Asia, December 30, 2015
  • Start AnonyCon (?) in South America, December 30, 2015, ioerror?