STATUS COLOR CODE:
- GREEN = WILL GET DONE BY EOM
- YELLOW = MOST OF IT DONE BUT NOT FINISHED BY EOM
- RED = EITHER DECIDED TO DROP IT OR JUST STARTED THE TASK OR IS MOVING TO THE NEXT MONTH
Previous Roadmaps
- 2016 Winter Dev Meeting Tor Browser Roadmap
- 2015 Summer Dev Meeting Tor Browser Roadmap
- 2015 Winter Dev Meeting Tor Browser Roadmap
Current Roadmap for Tor Browser
Deliverables from proposals submitted
Proposal 1
Timeline: 12 months
The roadmap below was done at the Seattle Tor Meeting for a contract that starts Dec 2016 and ends on Nov 2017. It got amended during the Amsterdam Tor Meeting in March 2017.
Roadmap Dec 2016 - Nov 2017
December
-
Objective 3.3: Improve Browser Sandboxing
- Activity: Explore sandboxing options and adopt Mozilla’s sandbox when ready.
-
Objective 3.4: Eliminate emergent privacy holes in the browser foundation
- Activity 1: Review and alter or disable new browser features based on security and privacy risk
-
Objective 3.7: Increase response capacity for new defenses and capabilities
- Activity 1: Update our build system to handle subsequent Firefox ESR releases.
- Activity 3: Optimize build processes (switch to rbm)
January:
IMPORTANT DATE: 2017-01-24 where we probably want to get 6.5 out
-
Objective 3.6: Patch cleanup & merge with Firefox
- Activity 1: Review the new features and changes in each Firefox ESR release for privacy and Tor safety.
February:
-
Objective 3.2: Reduce exposure to unknown future vulnerabilities
- Activity 1: Continue to explore hardening compilers and hardening options.
-
Objective 3.1: Further defend against profiling through browser fingerprinting attacks
- Activity 2: Integrate a custom Panopticlick Instance.
March:
IMPORTANT DATE: 2017-03-07 where Fx 52 gets out
April:
-
Objective 3.1: Further defend against profiling through browser fingerprinting attacks
- Activity 1: Continue to improve third party tracking and fingerprinting defenses.
May:
IMPORTANT DATE: 2017-05-15 we should aim to be ready for Firefox 52.2
-
Objective 3.2: Reduce exposure to unknown future vulnerabilities
- Activity 2: Test impact and viability of hardening options.
June:
IMPORTANT DATE: 2017-06-13 where Firefox 52.2 is getting out
-
Objective 3.4: Eliminate emergent privacy holes in the browser foundation
- Activity 2: Rigorously memory safety test (eg: fuzzing) using Address Sanitizer builds.
July:
-
Objective 2.1: Improve usability of “Tor Launcher” censorship configuration wizard
- Activity: Improve usability of Tor Browser initial configuration (“Launcher”) UI.
August:
-
Objective 2.2: Improve accessibility of censorship-circumvention “Bridges”
- Activity: Implement Automatic Bridge discovery for censored users.
-
Objective 3.7: Increase response capacity for new defenses and capabilities
- Activity 2: Improve build automation and tooling to enable more builds (specifically 64 bit Windows).
September:
-
Objective 3.6: Patch cleanup & merge with Firefox
- Activity 2: Update and merge as many of our current patches with Mozilla as possible.
October:
-
Objective 3.5: Enhance Tor Browser’s “Security Slider” security configuration wizard.
-
Objective 3.2: Reduce exposure to unknown future vulnerabilities
- Activity 3: Test Undefined Behavior Sanitizer (UBSan) support.
Additional Bugs to Consider
#17400 (moved) (could be part of obj 3.7!?), #9675 (moved), #21542 (moved)