- Remove administrative roadblocks to acquiring and administrating new infrastructure (build machines, etc.)
- Fix contracting workflow
- What is the decision-making process for Tor?
- Who do I ask for direction on projects that need to be done?
- Dog food plan for all TPO/TPI/TPC folks (or forks?)
- Moritz would like to resume the discussion of Tor Europe.
- Settle the differences between the company and the community
- Central location for funding info: don't be a bottleneck!
- Figure out the steps for obfs4 deployment.
- Future of pluggable transports (upcoming pluggable transports, BridgeDB (?), tor improvements, etc.)
- Make plans for hidden service performance and measurement project.
- Future little-t-tor development features (single guard, hidden services, etc.)
- Land patch in Instantbird
- Define development roadmap and threat model for BridgeDB.
- Determine how BridgeDB and new bridge distribution mechanisms are going to be funded.
- Establish year 1 Sponsor Q milestones.
- Bridging Tor and OONI.
- Decide concrete directions for pluggable transport specification refactoring.
- Better planning process for little-t-tor
- Better understanding of Tor measurement needs; concrete technical ways to achieve the above
- Moritz wants help automating deployment and monitoring of Tor relays.
- OONI Q3/Q4 development roadmap
- Complete OONI trajectory of how/where to go forward with deployment
- Map out improvements to TBB bootstrapping usability
- Hoping to get funding for Tahoe-LAFS native Tor integration.
- We want to make clearer how people can contribute to Sponsor O.
- Guides: which ones need update, translation, etc.
- Get David Goulet committed to hidden-service development, and Yawning committed to pluggable transport development.
- Decide if we hire harmony and what job they would do.
- Mitigate global passive adversary threats
- Fix user interface and web page and wikipedia.org
- Make integration/testing plan for kernel/socket scheduling
- Repair and strengthen friendship with focus on (unreadable) shared positive vision
- To learn about the culture of this community. The people, the personalities. To understand.
- Ensure Tor Browser Team members are all on the same page with respect to current and future funder deliverables and internal priorities.
- Developers and trainers should have an open discussion about what Tor training covers.
- Make sure nobody gets arrested.
Tuesday afternoon session led by Gunner
(o) means something was deemed important by attendees
- Having more interaction and feedback from Tor people
- I don't even know who are my co-workers
- Building respect amongst team (oo)
- Accept apologies and then move on; stop harboring bad feelings
- We need to be civil to other orgs, because you never know who they talk to!
- People don't acknowledge problems (o)
- Tor feels hostile for conversations and lacks secure communications for everything
- People surprisingly fired (oo)
- Four months without a contract (oo)
- I don't know who is supposed to be working on what! (ooo)
- Total lack of acknowledgement for situations currently impacting workers
- Make all timesheets public, just like reports (o)
- As a volunteer, I pick my coworker. As a contractor, not so much. How's that handled?
- Where should I go when I believe someone is doing a bad job?
- We need to establish work-life balance guidelines
- Demonstrate professional respect
- No one mediates disputes (o)
- Treat each other with kindness
- Tor speaks English without common definitions, e.g.: "political"
- Lots of responsibility without power to succeed in tasks (ooo)
- People think they can do my job (o)
- I need authority to get things done (I have the responsibility) (o)
- There is no escalation procedure when people retain information
- Getting help in prioritizing tasks
- Political analysis is totally missing
- No common vision shared (oo)
- Is Tor a pure provider of technology or also a political animal? (ooo)
- Sharing and discussing common vision for Tor related projects
- Tor is impacted by our funders but we deny it.
- Tor is fighting a proxy war for the U.S. government and is internally dishonest about this truth (o)
- We don't even use our own projects company-wide (o)
- We meet too rarely and only talk about contracts but not the project
- Tor lacks forensics for incident response but also emotional support for incident response.
Establish goal setting and achievement for entire team
Establish united leadership team -- goals of organization.
How can a meeting be organized without involving people who are on the ground? (o)
Create clear communication
Fix bottleneck of communication when conversation fails (oo)
Create structure for process -- human resources, hiring, etc.
A process for common cooperation is missing for virtually all tasks (ooo)
We need a hand-off process for important decisions or relationships.
Implement liquid democracy for deciding on issues.
Provide a safe space to deal with our security situation; e.g.: pwnage; e.g.: emotional issues.
Open a physical space for humans to gather to co-work.
We accept confines (?) that are constructs. We should define them and empowered (?).
All documents should be on an (.onion) intranet (ooo)
Provide fixed weekly time(s) for discussion/addressing issues and resolving decisions
Place human resource specialist on staff/board (oo)
Agree on psychosocial care professional selection criteria. (o)
Discuss everyone's deliverables internally so we can trade/organize better.
Solution for contractor hiring; deployment should be a separate function
Focus on intentional expectation setting with all staff/volunteers roles/compensation (o)
Prioritize early and proactive notifications of issues/status change for team members
Have a veto procedure for new people
Have an open legal advisory channel for all TPI folks.
Provide mediation on demand for conflict resolution (oooo)
Have someone say yes when we get offers of help.
Announce new contracts and their deliverables to spread knowledge on who is working on what and what to expect. (ooo)
Set goals for both contractors and employees that they can achieve and are measurable so they can know they have accomplished something (oooo)
Inform people beforehand that their contract is going to expire and renewed or not renewed. (o)
Delegate budget authority and associated decision making (ooo)
Collective and improved hiring/on-boarding contractor/employees process could be improved by adding more inputs (oo)
Resolve Tor's long-term vision and priorities to inform decision making (oooooo)
Note: Please feel free to correct these items or annotate them with ticket numbers or other things. But please don't remove items, unless you really think you have to.
- Plan circuit-scheduling implementation ideas, July 31, 2014, robgjansen/andrea/nickm
- Teach developers shadow, July 31, 2014, robgjansen/nickm/andrea
- Schedule 0.2.6, July 31, 2014, nickm/andrea
- Finish trunnel (?) experiment, August 1, 2014, nickm
- Merge global circuit scheduling patch, August 15, 2014, nickm/andrea/robgjansen
- Review all pending Tor patches, August 30, 2014, nickm/andrea
- Release 0.2.5, August 30, 2014, nickm/andrea
- Test with all OpenSSL forks, August 31, 2014, ioerror
- Implement v1 of single-guard, September 15, 2014, asn
- Implement new identity-key design, September 15, 2014, nickm
- Merge towelenee's GSoC code, September 30, 2014, nickm/andrea
- Merge consensus-diff code from mvdan, September 30, 2014, nickm
- Design client-side key pinning, September 30, 2014, nickm/andrea/?
- Plan Tor side of Sponsor R, October 1, 2014, nickm/?/robgjansen/Aaron Johnson
- Merge PT improvements as needed by PT team, October 15, 2014, nickm/andrea
- Plan Tor side of Sponsor Q, October 15, 2014, nickm/?/Nick Hopper
- Converge Rob's KIST patch w/ 9xxx, October 31, 2014, robgjansen/andrea/nickm
- Design for consensus failure, November 15, 2014, ?
- Correct weighted single-guard, November 15, 2014, asn/?
- Freeze 0.2.6, December 1, 2014, nickm/andrea/?
- Hire and onboard a new Tor developer, December 31, 2014, ??
- Implement new hidden service design v1, January 31, 2015, asn/nickm/?
- Write better system tests in/for Chutney, January 31, 2015, nickm/?
- Design proposal for something eigenspeedy, Febuary 1, 2015, Nick Hopper?
- Build better hidden service -> client feedback (proposal 229), February 1, 2015 or sooner
- Get a test network running, March 1, 2015, ?/ln5/gamambel(?)
- Release 0.2.6, March 1, 2015, nickm/andrea/?
- Design for modular Tor, March 1, 2015, ?
- Design more scalable relay family system, March 1, 2015, ?
- Design better controller API for testing/inspecting relays, hidden services, directories, April 1, 2015, ?/Aaron Johnson
- Design, safe relay-level hidden service statistics v1, (unreadable), June 15, 2015, Nick Hopper
- Freeze 0.2.7, June 15, 2015, ?
- Reach at least 50% test coverage in tor, July 1, 2015, ?
- Design PQ handshake and key cascade, July 31, 2015, nickm/?
- Full automatic integration tests with Shadow and Chutney, July 31, 2015, ?
- Build DoS-resistance throughout tor, July 31, 2015, ?
- Write good developer docs, first draft, July 31, 2015, ?
- Decide whether and how to replace TLS, August 1, 2015, ?
- Design/research hidden service reliability improvements, August 1, 2015, ?
- Design new relay crypto, August 1, 2015, ?
- Enumerate and categorize security slider levels, July 15, 2014, Mike (#9387 (moved))
- Deploy existing Linux XPC shell tests, August 1, 2014, boklm (#12570 (moved))
- Secure hosting for update archives, August 1, 2014, weasel?/erinn? (#12623 (moved))
- Automate update package distribution, August 1, 2014, P.C. (?)/erinn? (#12622 (closed))
- Deploy alpha with updater, August 15, 2014, mikeperry, GeKo
- Initial UI for security slider, August 15, 2014, GeKo (#9387 (moved))
- Persona test server, August 15, 2014, isis (#12193 (closed))
- Rebuild and rebase for FF31ESR, September 1 (?), 2014, GeKo + patch owners (#12460 (moved), #12620 (moved))
- Update patches for Firefox in Bugzilla, September 1, 2014, GeKo (#12619 (moved))
- Deploy remaining Firefox tests, September 1, 2014, boklm
- Review FF31ESR, October 1, 2014, mikeperry (#12621 (moved))
- Switch to FF31ESR, October 31, 2014, GeKo
- Sandboxing, October 31, 2014, mikeperry/erinn? (#5791 (moved), #4522 (moved))
- Circuit and exit status reporting UI, October 31, 2014, Arthur Edelstein (#8641 (closed))
- Apply mixed content blocking fix, October 31, 2014, mikeperry
- Persona experiment.. (?) (captchas, blind signatures, etc.), October 31, 2014, isis (#12193 (closed))
- Schedule talk with CPP and OONI, July 8-11, 2014, vmon, hellais, aagbsn
- Run OONI in Iran, August 1, 2014, vmon
- Figure out scheduling of ooni-probe, August 14, 2014, Leif
- Design test deck for Iran, August 31, 2014, vmon
- Automated deployment of ooni-probe to PlanetLab, September 2014, David S.
- Integrate mlab-NS with OONI-backend, September 1, 2014, aagbsn
- Deploy HTTP header field manipulation on production m-lab, September 15, 2014, hellais
- Make bouncer/client aware of collector policies, end of September 30, 2014, hellais
- Analyze and visualize the bridge reachability data, October 1, 2014, aagbsn
- Setup of collector infrastructure for bridge reachability testing, October 2014, David S./aagbsn
- (unreadable) task dispatcher from bouncer to probe, November 1, 2014, hellais
- Discuss scope of OCCRP-OONI collaboration, December 31, 2014, hellais
- Add PCAP upload support to probe and backend, February 1, 2015, ?
- Tor Messenger (arlolra, sukhe)
- Merge Instantbird patch, July 7, 2014, arlolra
- Finish UI for OTR plugin (?), July 15, 2014, arlolra
- Decide on default Jabber server, July 31, 2014, ioerror
- Implement socialist millionaire protocol authentication (Tor Messenger), August 15, 2014, arlolra
- Research automated builds and testing for Tor Messenger, August 31, 2014, boklm
- Deploy nightly builds and basic testing for Tor Messenger, September 30, 2014, boklm
- Get signing cert for XPI, October 15, arlolra
- Engage iSEC partners for security audit, November 1, 2014, ioerror
- Translate Tor Messenger (Instantbird to Farsi, Tor Launcher to Farsi, French, Spanish, Arabic), November 1, 2014, arlolra/vmon
- Research sandboxing for Tor Messenger, November 15, 2014, erinn/ioerror
- Create a Tor Messenger webpage and logo, November 15, 2014, arlolra
- Write Tor Messenger User Manual, November 15, 2014, arlolra
- Research reproducible builds for Tor Messenger, December 15, 2014, arlolra
- Release Tor Messenger beta, announce on tor-talk, present at 31C3, December 26, 2014, arlolra
- Announce Tor Messenger on the blog / to the press, January 15, 2015, arlolra
- Stormy (saint)
- Solicit Stormy input from Tor community, by August 1, 2014, saint
- Review from peers + technical (Stormy), August 15, 2014, saint
- Incorporate feedback from reviewers (Stormy), September 1, 2014, saint
- Document proper usage of Stormy, September 14, 2014, saint
- Initial Stormy 1.0 release, September 15, 2014, saint
- Translate Stormy wizard and documentation, September 21, 2014, saint/vmon (Farsi)
- Get Stormy into Debian/Ubuntu, October 7, saint
- Release Stormy 1.1, December 22, 2014, saint
- Maintain Stormy until, August 1, 2015, saint
- Support and user-facing documentation (Lunar)
- Identify public user-facing documentation to be written/updated, July 31, 2014, Lunar
- Write technical writer job description for user-facing documentation, August 15, 2014, Lunar
- Rewrite download page for TBB, October 1, 2014, erinn
- Get first version of Tor Browser User Manual out in English, November 30, 2014, Lunar
- Have webchat support localized, December 1, 2014, Lunar
- Publish support templates automatically, March 1, 2015, Lunar
- Outreach and training (kel)
- Update documentation related to trainings, August 31, 2014, Kelley/phoul
- Complete training pilots, October 31, 2014, Kelley/phoul
- Document a strategy with how we are going to get learning materials into the hands of as many people as possible, September 15, 2014, Kelley/phoul
- Translate learning materials and curriculum materials, December 31, 2014, Kelley/phoul
- Complete improvement of documentation and training curriculum, December 31, 2014, Kelley/phoul
- Deploy training materials, April 30, 2015, Kelley/phoul
- Fix FTE/obfsproxy windows build (#12381 (closed)), George, July 2014
- Deploy meek (#10935 (moved)), TBB/Yawning, July 2014
- Merge scramblesuit stuff (#11271 (closed)/#8040 (closed)), George, July 2014
- Prepare procedure for hiring PT polishing person, George/Yawning/Mike/Ximin, August 2014
- Merge TOR_PT_PROXY in little-t-tor (#8402 (moved)), Yawning/Nick, August 2014
- Fix & merge wfn's patch (#9957 (moved)), Yawning, August 2014
- goptlib should expose a SOCKSv5 listener (#12535 (moved)), Yawning, August 2014
- Deploy obfs4 (#12130 (moved)), Yawning, September 2014
- Identify bridges via fingerprint not address, Ximin, October 2014
- IPv6 + PTs, Yawning/George, October 2014
- Design UDP Transport, Yawning, October 2014
- Rewrite tor-fw-helper and support libraries in Go, Yawning, October 2014
- Bridge improvements
- remember bridge details (#12600 (moved))
- update bridge IP from Auth (#12599 (moved))
- transport in normal desc (#12442 (moved))
- Obfsbridges should hide ORPort (#7349 (moved))
- 60s bugs (Are there more?)
- Roger knows more (https://lists.torproject.org/pipermail/tor-dev/2014-July/007128.html)
- George/Yawning, January 2015
- PT logging correct fix, Yawning, January 2015
- Flash proxy/WebRTC, Dev needed!!!, February 2015
- PT SOCKS metadata (Useful for non-PT stuff) AKA Prop. 22, Yawning/Nick April 2015
- Design split PT interface into transport vs transform RESEARCH, sjm/Yawning, May 2015
- PT rate limiting (important, long term, v. hard), Yawning/Polishing person, June 2015
- PT statistics (design, long term, easy. Current ones not too bad), George, June 2015
- Bridge + PT bundles (long term), Dev needed, August++ 2015
- Add support for multiple Bridge Auths to little-t tor [BridgeDB people], August++ 2015
- Clean up which pluggable transports are currently supported by BridgeDB, July 15, 2014, isis
- Finish BridgeDB Bridges.py, Dist.py refactoring, August 31, 2014, isis
- Separate BridgeDB databases/hashrings from bridge distribution, August 31, 2014, isis
- Automate BridgeDB documentation builds, August 1, 2014, isis
- Switch BridgeDB to using Redis and/or CouchDB backend (prop#226), August 1, 2014, isis
- BridgeDB has 100% documentation, August 1, 2014, isis
- Setup/configure BridgeDB test server, August 15, 2014, isis/sysrqb
- Nagios/monitoring checks for BridgeDB email distribution and HTTPS distribution, August 1, 2014, David S.
- Package BridgeDB on PyPI, August 15, 2014, isis
- BridgeDB - Bridge (unreadable) separation and API for bridge retrieval, September 1, 2014, isis
- Document BridgeDB-1.0.0 architectural changes, September 1, 2014, isis
- Configure OONI collector for bridge reachability measurements, October 1, 2014, ?
- BridgeDB 100% code coverage by unit/integration tests, October 1, 2014, isis
- Develop mechanisms for BridgeDB usage statistics, November 1, 2014, ?
- Well-defined threat model for BridgeDB and bridge distributors, November 1, 2014, ?
- Possibly hire/contract part-time BridgeDB person; blocked on funding stuff, December 1, 2014, ?
- Run BridgeDB tests on Jenkins, December 1, 2014, ?
- Packages BridgeDB in Debian, January 1, 2015, ?
- Create anonymous credential system for BridgeDB Soc.Dist., June 1, 2015, isis
- Develop client and server-side code for BridgeDB BridgeFinder Soc.Dist., ?? 2015, isis
- Add support for multiple bridge authorities to little-t-tor, ??? 2015, ?
- IPC for TorButton/Launcher to client-side BridgeFinder/Soc.Dist. (JSON thingie) or prop#199, ??? 2015--2016, ?
- TorButton/Launcher integration for BridgeFinder/SocialDistributor, ??? 2015--2016, ?
- Deploy BridgeFinger/SocialDistributor, ??? 2016, ?
- Plan continuing Tor Weekly News, July 4, 2014, arma
- Set up a dedicated yearly outreach budget, July 15, 2014, arma
- Internally shared fundraising dashboard, July 15, 2014
- Share details about Circumvention Technology Festival -> winter dev meeting, July 15, 2014, kel
- Hire/onboard part-time/intern person to assist in populating CRM, July 31, 2014, phobos/kel
- Fix Tor Wikipedia page, July 31, 2014, Asta?
- Define and document the outreach team's efforts/work, July 30, 2014
- Revise warning page (on website), July 31, 2014, Asta?
- Propose to the board a Tor Europe subsidiary plan, August 1, 2014, Pepijn/Wendy/Melissa
- Add dev meeting link to Tor website, August 3, 2014
- Identify existing program managers & gaps (same as account managers), August 1, 2014, arma
- Decide whether to be primarily tech company or a lobbying/educating/social organization, August 1, 2014
- Create a mailing list for people speaking about Tor, August 1, 2014, Lunar
- Do search engine advertising trial, August 30, 2014
- Collect funder list: who funds competition/colleagues, who we're all talking to, August 31, 2014, puffin
- Put together official Tor slideshow for crypto parties, September 30, 2014
- Populate CRM, September 1, 2014
- Hire community manager, September 30, 2014
- Create promotional material kit (funders, conferences), August 15, 2014, kel
- Foundation target proposal written, September 30, 2014
- Rewrite Tor trademark and proper uses of Tor brand, October 31, 2014
- A/B testing of donations popup/workflow on download page, October 31, 2014
- Revamp website homepage (donate, download, learn), October 1, 2014
- Beta-test Tor certification program, October 30, 2014, phobos
- Create training material kit, December 31, 2014, kel
- Hire operations manager (contracts, wire transfer, CFO), December 1, 2014, phobos
- Create presentation decks for trainers, December 31, 2014, kel
- Hire a full-time small donor coordinator, December 31, 2014, ?
- Hire devs from "Global South", January 1, 2015, ioerror
- Hire two woman devs, January 1, 2015, puffin
- Integrate CRM with donations page, February 15, 2015, puffin
- Deploy new blog and calendar, March 30, 2015, weasel?/erinn
- Develop Tor franchise program plan, June 1, 2015, phobos
- Start Tor lobbying organisation in Europe, June 1, 2015
- Hold dev meeting in Asia, June 30, 2015, ?
- Start AnonyCon in Asia, December 30, 2015
- Start AnonyCon in South America, December 30, 2015, ioerror?
Photos made by Griffin Boyce: