wiki:org/roadmaps/TorBrowser

STATUS COLOR CODE:

  • GREEN = WILL GET DONE BY EOM
  • YELLOW = MOST OF IT DONE BUT NOT FINISHED BY EOM
  • RED = EITHER DECIDED TO DROP IT OR JUST STARTED THE TASK OR IS MOVING TO THE NEXT MONTH

Previous Roadmaps

Current Roadmap for Tor Browser

Deliverables from proposals submitted

Proposal 1

Timeline: 12 months

The roadmap below was done at the Seattle Tor Meeting for a contract that starts Dec 2016 and ends on Nov 2017. It got amended during the Amsterdam Tor Meeting in March 2017.

Roadmap Dec 2016 - Nov 2017

December

  • Objective 3.3: Improve Browser Sandboxing
    • Activity: Explore sandboxing options and adopt Mozilla’s sandbox when ready.
  • Objective 3.4: Eliminate emergent privacy holes in the browser foundation
    • Activity 1: Review and alter or disable new browser features based on security and privacy risk
  • Objective 3.7: Increase response capacity for new defenses and capabilities
    • Activity 1: Update our build system to handle subsequent Firefox ESR releases.
    • Activity 3: Optimize build processes (switch to rbm)

January:

IMPORTANT DATE: 2017-01-24 where we probably want to get 6.5 out

  • Objective 3.6: Patch cleanup & merge with Firefox
    • Activity 1: Review the new features and changes in each Firefox ESR release for privacy and Tor safety.

February:

  • Objective 3.2: Reduce exposure to unknown future vulnerabilities
    • Activity 1: Continue to explore hardening compilers and hardening options.
  • Objective 3.1: Further defend against profiling through browser fingerprinting attacks
    • Activity 2: Integrate a custom Panopticlick Instance.

March:

IMPORTANT DATE: 2017-03-07 where Fx 52 gets out

April:

  • Objective 3.1: Further defend against profiling through browser fingerprinting attacks
    • Activity 1: Continue to improve third party tracking and fingerprinting defenses.

May:

IMPORTANT DATE: 2017-05-15 we should aim to be ready for Firefox 52.2

  • Objective 3.2: Reduce exposure to unknown future vulnerabilities
    • Activity 2: Test impact and viability of hardening options.

June:

IMPORTANT DATE: 2017-06-13 where Firefox 52.2 is getting out

  • Objective 3.4: Eliminate emergent privacy holes in the browser foundation
    • Activity 2: Rigorously memory safety test (eg: fuzzing) using Address Sanitizer builds.

July:

  • Objective 2.1: Improve usability of “Tor Launcher” censorship configuration wizard
    • Activity: Improve usability of Tor Browser initial configuration (“Launcher”) UI.

August:

  • Objective 2.2: Improve accessibility of censorship-circumvention “Bridges”
    • Activity: Implement Automatic Bridge discovery for censored users.

  • Objective 3.7: Increase response capacity for new defenses and capabilities
    • Activity 2: Improve build automation and tooling to enable more builds (specifically 64 bit Windows).

September:

  • Objective 3.6: Patch cleanup & merge with Firefox
    • Activity 2: Update and merge as many of our current patches with Mozilla as possible.

October:

  • Objective 3.5: Enhance Tor Browser’s “Security Slider” security configuration wizard.
  • Objective 3.2: Reduce exposure to unknown future vulnerabilities
    • Activity 3: Test Undefined Behavior Sanitizer (UBSan) support.

Additional Bugs to Consider

#17400 (could be part of obj 3.7!?), #9675, #21542

Last modified 4 months ago Last modified on Jun 5, 2017, 10:08:14 AM