Security and Privacy Improvements (task 5.1)
- Experiment with the PartitionAlloc memory allocator and get it together with Mozilla into a usable state for official Firefox builds.
- Experiment with hardened builds using new compiler options available in later GCC versions (ASan, UBSan, Virtual Table Verification).
- Improve the security and package authentication properties of the Tor Browser updater.
- Adapt extensions and patches to Firefox' multi-process architecture.
- Improve fingerprinting and tracking defenses in Tor Browser.
- Evaluate new Firefox features for privacy and fingerprintability.
Overall Usability (task 5.2)
- Prioritize tasks according to feedback from the support helpdesk.
- Improve the privacy, security and configuration UI (making it simpler, reducing options and eliminating technical jargon).
- Investigate native code signing for Windows and Mac OS X.
- Investigate frequent issues encountered on specific websites due to our privacy changes.
Patch cleanup and Merge work (task 5.3)
- Follow Mozilla's requests to adapt patches (e.g. augment them to be active in Private Browsing Mode only).
- Move all privacy features out of Torbutton into C++ patches or a non-Tor extension.
- Adapt current patches and create new ones to be able to switch Tor Browser to Firefox 38ESR and Firefox 45ESR respectively.
Tor Browser Quality Assurance and Testing (task 5.4)
- Add tests for regressions as they are encountered and use the ASan instrumented and hardened builds to help find memory issues earlier in the development process.
- Better integration of Mozilla’s existing testing suites in own automation framework.
- Automated testing coverage for Mac and Windows.
- Given multi-platform automation support crowdsource automated testing to cover highly customized Windows and Mac versions found in the wild.