Intent to Implement System Add-on: SHIELD/Normandy
Michael Kelly
mkelly at mozilla.com
Mon Oct 3 17:26:36 UTC 2016
What do you mean by subpeona-proof? I don't quite understand how that
relates to your second paragraph.
With regards to your second paragraph, the source code for actions is
part of the service's repo and can be built by users and compared to the
actions being sent by the server to see if they're getting the same
code. However, I'm not certain whether our build process for JS actually
reproduces the same code each run. It's probably a good thing to test
out, but I don't think I'd consider it a launch blocker.
I'm not super-familiar with those topics, but does that address your
question?
- Mike Kelly
On 10/2/16 12:32 AM, Florian Weimer wrote:
> * Michael Kelly:
>
>> Let me know if you have any questions. Mythmon is the lead developer on
>> the add-on and can also answer questions.
>
> Do you intend to make this subpoena-proof in some way?
>
> At least parts of the industry are moving in a completely different
> direction, attempting to prove (using approaches such as binary
> transparency) that particular users did *not* receive targeted
> “fixes”.
>
More information about the firefox-dev
mailing list