GNU bug report logs - #34565
ungoogled-chromium may contain Widevine DRM

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix; Reported by: Jason Self <j@HIDDEN>; dated Tue, 19 Feb 2019 05:28:02 UTC; Maintainer for guix is bug-guix@HIDDEN.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 12 Oct 2019 11:14:28 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Oct 12 07:14:27 2019
Received: from localhost ([127.0.0.1]:60787 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1iJFLv-0006cx-LA
	for submit <at> debbugs.gnu.org; Sat, 12 Oct 2019 07:14:27 -0400
Received: from aibo.runbox.com ([91.220.196.211]:52088)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ng0@HIDDEN>) id 1iJFLt-0006ci-Fl
 for 34565 <at> debbugs.gnu.org; Sat, 12 Oct 2019 07:14:26 -0400
Received: from [10.9.9.204] (helo=mailfront22.runbox)
 by mailtransmit02.runbox with esmtp (Exim 4.86_2)
 (envelope-from <ng0@HIDDEN>)
 id 1iJFLp-0005ES-V0; Sat, 12 Oct 2019 13:14:22 +0200
Received: by mailfront22.runbox with esmtpsa [Authenticated alias (882477)]
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1)
 id 1iJFLm-0003hv-Al; Sat, 12 Oct 2019 13:14:18 +0200
Date: Sat, 12 Oct 2019 11:14:17 +0000
From: ng0 <ng0@HIDDEN>
To: Marius Bakke <mbakke@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
Message-ID: <20191012111417.bqw7xynqpcqtawgx@uptimegirl>
References: <1550547897.31222.1.camel@HIDDEN>
 <87imxe95mc.fsf@HIDDEN>
 <87sgwims6k.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="izuehtvyinybyp2k"
Content-Disposition: inline
In-Reply-To: <87sgwims6k.fsf@HIDDEN>
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org, Leo Famulari <leo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


--izuehtvyinybyp2k
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Marius Bakke transcribed 1.2K bytes:
> Giovanni Biscuolo <g@HIDDEN> writes:
>=20
> > Hello,
> >
> > maybe Marius Bakke have something interesting to say about his
> > judgements on this "DRM matter"
>=20
> [...]
>=20
> > to sum it up: AFAIU for users to be able to use Widevine they must
> > create a custom package definition _outside_ official Guix channels
> > *and* download the shared object "libwidevinecdm.so" from Chromium,
> > installing it "manually" system wide or locally
>=20
> This analysis is correct.  For DRM to work, the user has to build with
> "enable_widevine=3Dtrue", and then somehow obtain 'libwidevinecdm.so' and
> make the browser use it.

Can this bug be closed?
The wording is very vague ("may") and for Guix to distribute widevine.so
legally, you have to get permission and sign an NDA with Google, both of
which are reportedly hard for 3rd party devs even, not sure how hard it is
for new operating systems. Your stand on software with NDAs should be clear
(as per policy not applicable, no NDAs).
So even if traces of the code to build this might still be left, you have
to master additional steps to make it work, and after having read some
of widevine.so I doubt it would work out of the box with Guix System
(elfpatching could get it to work with Guix, but you are still entering
the field where official distribution requires legal paperwork).

--izuehtvyinybyp2k
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAl2htYkACgkQ4i+bv+40
hYjG2Q//d7H86A6PbQCJ+XD+PFCaQyNNEIe8CHjqaP2Uh97s6BQ5m3fOlLYp8wzw
fKs9c5WKHU2cWhV/ifOPufTh0z3U+1jY80cpzTfbT+JmOA7Hmk/8L0oegtGgKQrj
bK2ecA3TabsB4JbtPKDsUdzuhu00XWFOlUtMtont3ur2eVZbN6Y1NhjDL71qXWk6
OVWk7/bSVDch/2W5R2S6YzbZDGl2YbMFjwHrhQD/ab06rQR3pTDLDdvYL1NzemNI
T5D6dV1NIbCbxbhf4+e6coImLygAuzCUE6Ujwy9LXVAfPcpeQvnZ7tAypeHt7jC6
CWN/+6Pq1RUV3QHL9RRE0awGR0siEJJvRJfBSho8qJJtog7dBFrbF+h0leALqoVp
iNyk/DiWUYT9IWXCaCGkjngCYmrH6ycarBvP3tkYw9viDLZQl2AA5cDFaN/ddNUe
A5qajGdJ+zMqRmxVhxDPLJr3gnsJc+ZOs/9o1cCNmU2Zs7hFMY1MdgEyGaf+KE0K
7ImAopWZNA+eDUP9/zuuwdWaWssmc2s3UopO59Q44pfrvwPB6+AbdsL1r/wtAdtZ
VHS/tlR25ssUq40rMianw77ClkLvHJTMPxRH0jG/ltLmq5DDZbJR9y/WbQQVGKfI
4zFVfyEqFgYcie3LQzCzHenYytOMgWWftH2+E7KEUj4oDignWrY=
=REzv
-----END PGP SIGNATURE-----

--izuehtvyinybyp2k--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 21 Feb 2019 07:51:15 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Feb 21 02:51:14 2019
Received: from localhost ([127.0.0.1]:58924 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwj8U-0007ea-Gb
	for submit <at> debbugs.gnu.org; Thu, 21 Feb 2019 02:51:14 -0500
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:46447)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mbakke@HIDDEN>) id 1gwj8S-0007eM-3P
 for 34565 <at> debbugs.gnu.org; Thu, 21 Feb 2019 02:51:12 -0500
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailout.nyi.internal (Postfix) with ESMTP id C623F2207E;
 Thu, 21 Feb 2019 02:51:06 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute5.internal (MEProxy); Thu, 21 Feb 2019 02:51:06 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h=
 from:to:subject:in-reply-to:references:date:message-id
 :mime-version:content-type; s=fm2; bh=ohcMOK7XN90lweidz/381BH9qX
 9hgUbb4Z7nTWxsDlY=; b=eW+dV1jJM063bo07ZdSY2gNuC2znySGIagbhksyuYj
 eRwWRlOFqhvJO7I0DeGNA/me92e5+06NliUcwzg02JhpJkKVKrli9SFNM+Qt86Eo
 mftEPVibBLL9cPXs2S95PVBi94AxML0qbBrpqyGYAwFMb1UjjDAAZcAkfaM1TIwV
 SFFCTY866c8+ghe8CBU02G/MCYtIrMCjE3yRpiJznaev67CLmZ5WsFG/MaeDUeLn
 FVsuVkWGwm0aD58Ez3qRd4UtB/x3iH601pr7zYbipLqtuITCLvGnDrGEAz0gcS83
 axMapSxelU9i+JtG931dC17Efezp+XnVJu9n9RDP5coQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=ohcMOK
 7XN90lweidz/381BH9qX9hgUbb4Z7nTWxsDlY=; b=vD5Uk4831CQ2bD8lf0R9ZZ
 NNlLi4vlidjoZBpSGf+JIQDti4TFPTa+4Jprh7ljoxVUDSdPP1gHi4/qhsJWuxDL
 qhDeSl+f8wlsKtcjfmD3GnXzFegVcx/wq1Oxy5Orf1DwkcbC2+mJRQi9l9Me1TAb
 CN0gyUBHmqhCXSgaZPuaoDJegzBw40a5i0HZO5ATZGuFQD5w7kv6ZHV0qph4MEKc
 fMFETd636WeOiqIw5B+m8MjxbvaQHlkPb73BdrdXVN5U7hwfWv0X8q6UKGz7+csr
 Z8cIOXIT6jlMm7F3N7SjCPWDpr4HcHw8VcNMQMKauyxJP9bc7gpp/RDmGKtXFU0w
 ==
X-ME-Sender: <xms:alhuXGnUM-OvKqLsekldL_3wUrzWFw63TTPM25vQhjf2KX-VkFfMiA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdejgdduudefucdltddurdegtdelrddttd
 dmucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhht
 necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufgjfhgffffkgggtsehgtd
 erredtreejnecuhfhrohhmpeforghrihhushcuuegrkhhkvgcuoehmsggrkhhkvgesfhgr
 shhtmhgrihhlrdgtohhmqeenucfkphepiedvrdduiedrvddviedrudegtdenucfrrghrrg
 hmpehmrghilhhfrhhomhepmhgsrghkkhgvsehfrghsthhmrghilhdrtghomhenucevlhhu
 shhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:alhuXHL4ER5LC50tmzFd4PBBQLmaUG-X_gL2K1dp7MwEDOiU1_1htg>
 <xmx:alhuXMqdxiFOChHpWT-ViiGFZARJm0gGGdla5JKBzz99lpmiJ9u6qw>
 <xmx:alhuXEQKnLkyQKQW7gO0Ze065bHgLbTQ4N9tRp5DDVDVTGadjHYC-Q>
 <xmx:alhuXOPqOcyzcZ4Bd54tOPfMEx2nJmdY34zxjVTxhElJ4jMp_62hjg>
Received: from localhost (140.226.16.62.customer.cdi.no [62.16.226.140])
 by mail.messagingengine.com (Postfix) with ESMTPA id B8C04E4339;
 Thu, 21 Feb 2019 02:51:05 -0500 (EST)
From: Marius Bakke <mbakke@HIDDEN>
To: Jason Self <j@HIDDEN>, 34565 <at> debbugs.gnu.org
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <1550716997.3891.12.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <87wolumspw.fsf@HIDDEN>
 <1550716997.3891.12.camel@HIDDEN>
User-Agent: Notmuch/0.28.2 (https://notmuchmail.org) Emacs/26.1
 (x86_64-pc-linux-gnu)
Date: Thu, 21 Feb 2019 08:51:04 +0100
Message-ID: <877edtmvfb.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Jason Self <j@HIDDEN> writes:

> Marius Bakke wrote:
>> not present in the Guix source.
>
> Please keep in mind I was discussing upstream Chromium in that piece.
> It's also not an exhaustive list.

I don't think upstream Chromium is relevant to this discussion.

>> I cannot find these images: grepping for CC-BY-NC-SA or 'Creative
>> Commons' did not aid.=C2=A0=C2=A0Did you record the absolute paths to th=
ese
>> files?
>
> Of course - FOSSology records everything as it recursively unpacks and
> searches files, metadata of files, etc.=C2=A0

I was not aware of FOSSology, and admit that I have not checked file
metadata.  It would be great to have this tool in Guix!

None of the reported files are present in the Guix source.  I believe
they are all scrubbed by the Ungoogled binary pruning script.

I really appreciate your effort here, but please only use this bug
tracker for problems that affect the Guix package.  Thanks!

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlxuWGgACgkQoqBt8qM6
VPo+Jgf/Sy7SS9Pl+GpZ0AJ+WEueR6dO/eVtv37l45cgppEmpMDrEg+FWoxwVcvF
NSdIXbDdkTkncFQU0PiTB0+2s4DqaoWrnofoKn0CDYsyOy5pmbBupZJP2Z5J9UbX
moTT/3VYzpP1xtKi1FhgFdSvxDk8X8NXagGl0ZeUSeQMdDJJiPlsuCq/d5SkP6LW
AA5hoAtLImRdtMcp3Btr20a+SBtgEBWNM8A0IX+lW3bHBlC3Qw0DaVWLRPMmAwL0
xY5IikT5Jv+knd/zb3iJ8kydMUHOI0Y2bEA/GPMywucuRFCXyiSBm2aisp/W7etN
wnvD32ZrLVqfsthypYjtLh0B7wYs1Q==
=T/h/
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 21 Feb 2019 02:43:22 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 21:43:22 2019
Received: from localhost ([127.0.0.1]:58863 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gweKX-0008SH-NP
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 21:43:22 -0500
Received: from bluehome.net ([96.66.250.149]:48028)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gweKU-0008S8-P7
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 21:43:20 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 64FA24B40248
 for <34565 <at> debbugs.gnu.org>; Wed, 20 Feb 2019 18:43:17 -0800 (PST)
Message-ID: <1550716997.3891.12.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Wed, 20 Feb 2019 18:43:17 -0800
In-Reply-To: <87wolumspw.fsf@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <87wolumspw.fsf@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-Evc5CrmascxenIzAzZQD"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-Evc5CrmascxenIzAzZQD
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Marius Bakke wrote:
> not present in the Guix source.

Please keep in mind I was discussing upstream Chromium in that piece.
It's also not an exhaustive list.

> I cannot find these images: grepping for CC-BY-NC-SA or 'Creative
> Commons' did not aid.=C2=A0=C2=A0Did you record the absolute paths to the=
se
> files?

Of course - FOSSology records everything as it recursively unpacks and
searches files, metadata of files, etc.=C2=A0

1.
third_party/blink/web_tests/fast/backgrounds/size/resources/SquirrelFis
h.svg has within it:
<a rel=3D"cc:attributionURL" href=3D"http://www.flickr.com/photos/goopymart
/">http://www.flickr.com/photos/goopymart/</a>; / <a rel=3D"license"
href=3D"http://creativecommons.org/licenses/by-nc-sa/2.0/">CC BY-NC-SA
2.0</a></div>

2. chrome/test/data/extensions/api_test/wallpaper_manager/test_bad.jpg
contains:
xmpRights:WebStatement=3D"http://creativecommons.org/licenses/by-nc-sa/2.
0/

3. chrome/test/data/extensions/test.jpg contains within it:
http://creativecommons.org/licenses/by-nc-sa/2.0/

4. chrome/test/data/extensions/api_test/wallpaper/test.jpg
Identified by FOSSology as being identical to file 3.

5. chrome/test/data/extensions/api_test/wallpaper_manager/test.jpg
contains within it:
http://creativecommons.org/licenses/by-nc-sa/2.0/

> My grep-fu is really failing me today.=C2=A0=C2=A0Where is this located?

chrome/test/data/import/firefox/macwin.zip/Profiles/brn6z0fz.default/ex
tensions/{3112ca9c-de6d-4884-a869-9855de68056c}/chrome/google-
toolbar.jar

chrome/test/data/import/firefox/macwin.zip/Profiles/brn6z0fz.default/ex
tensions/{3112ca9c-de6d-4884-a869-9855de68056c}/LICENSE.txt

Keep in mind this was not an exhaustive report of all of upstream
Chromium 73.0.3683.45 and there is much left out. They were intended
only as examples to show freedom problems within Chromium itself.

As for the rest I guess we'll need to wait on a response from the FSF
since I seem to be receving pushback myself.
--=-Evc5CrmascxenIzAzZQD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbhBFAAoJEJ0NsxtUWjGYjtAP/3tqhVnUuT0mv9mANEm7RBWk
8RupJmjA+LQkxoao7QDM55DcbzZL2zvlHnnvyjnoJnMyq2xwqliQ4JmBq3fJGn3T
Zw1mDnvHRmfFEFDv0yOXG1MyYLVBmr3vyBrCjOsCRnuh8BPTpA8F4WYvY3CcYnLU
jHKoUDYd7PTLffGxHYftVJbujX9tZPo2M7/6X90uVWYcLzC1W+dVRabPBlkR8Zvx
I/b6HrMIhU618zeWgUvkdhP8+UrmHlaoaFefeXkH8VThHQKuaiP8Us6aw1ohxsha
lyURXL9gXKGXDFjVrgsJQ/+ObfKIuijAwXN7d9g3FOzKp5fFnR73+SDt7y8sdMoh
S7jgpXQWKqzKscTJGlKGIdX1impVHvmxq9vmrMAnaQuQVt5UWlKn2y5tQ3bnaEpy
83ZK/IbopnE4EZ87eEq1uS+ThK/EvKfEjIY1RYjAkw/rrJI4vAj1aqCU9KuMkKD4
x7dRtjY4gtiKXhH2qpf6edKC43V/T+8g8XfX3zM3YykWHZHkw8FOnDZoLHzN7xFx
Qze7G7gtcjz+BzHnbb8WaACeCKGsJHEVPmjXsDMm9fDzE4HsM38fc9mGcp/OiSPF
je2897jfYbKYmijt1qaVuEOJM882nzHjQsIxuTkMCNZAUFchVK9A1B0sQrZlIMfj
dTjGDMmzojRO9x0LVWG6
=ezW/
-----END PGP SIGNATURE-----

--=-Evc5CrmascxenIzAzZQD--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 21 Feb 2019 02:19:40 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 21:19:40 2019
Received: from localhost ([127.0.0.1]:58831 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwdxb-0007pU-OK
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 21:19:39 -0500
Received: from bluehome.net ([96.66.250.149]:48020)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gwdxW-0007pI-Lr
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 21:19:35 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 3F23E4B40655
 for <34565 <at> debbugs.gnu.org>; Wed, 20 Feb 2019 18:19:31 -0800 (PST)
Message-ID: <1550715570.3891.5.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Wed, 20 Feb 2019 18:19:30 -0800
In-Reply-To: <87zhqq3zb1.fsf@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <1550625587.14780.2.camel@HIDDEN>
 <1550667811.25277.1.camel@HIDDEN>
 <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>
 <bc360447-79ad-87d7-181a-a25da8b7a87a@HIDDEN>
 <87zhqq3zb1.fsf@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-R4ZKrt/heJU/vNUbolKK"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-R4ZKrt/heJU/vNUbolKK
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, 2019-02-20 at 22:49 +0100, Ricardo Wurmus wrote:
> If it does after all contain objectionable files please point them
> out so that we can remove them ASAP.

That was done earlier in the thread. It might also be interesting to
try building with enable_widevine=3Dtrue.

In the context of the FSDG's "a free system distribution must not
contain browsers that implement EME, the browser functionality designed
to load DRM modules", I wonder if the browser would still be considered
as "implementing" the "functionality ... to load DRM modules" from the
FSF's viewpoint since it's only a build flag and the support for
loading the module (even if not provided by Guix since it's non-free)
seems otherwise intact.
--=-R4ZKrt/heJU/vNUbolKK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbgqzAAoJEJ0NsxtUWjGYhi4P/1pB19ZHhMp5Z/C6OuvKUlT/
foJ+vuUbltzazI6FPxwnu1VNC5pyMcDVNFd6KzzwwgGlQrEj2FOs/jkjRR2YjEfV
Oit2SyX9O0Vt5SH5S04ejquxKXLRrose7s7qO7yi84kOMfA8v7bUVM7SPdyBG4zP
GXToTodOeNVgr0HMhst3AVC9ul0YqeF56Od0EwjiTitDam0hHycKy2w9rgz0sScf
A3v1HpMzXrepXfROcwlblxHiF5Nsy4zSGiJ5MOK/UCQFz7SZLY2RINFnZHPrR2mu
njj71qQRSlXWY9ebBC0MoE/gOh9FWXgJTWWyuRVb/x+D9/NfDIlCIzp2Ztr3GUth
axArY0T8HRzh132a2sWtLnObxe1/dsjhmzm1TRhzMm7fYJkrwo+vOWUenryOHexA
kkXvrPhH4/PAIdUSZKqtoX3+FSkBzgizatylMdHuLWIKSR/BQeAetpiCTn5pj1ty
eTqNdycrdYwE+s4jSttUyO82ZEVkprZY9C9G4AxVUSmoZ5B3icjISXQVJdxdP2vG
jiofpqfkHoq0Moc3UkvFhF6ebItgd1TqsjW7gA+/m6i30e4UdDAg933I9eiQ5Gwj
lfGXhd+IIV6qLhXpjokGqVY+awaeRBkIuUtzY6QrgWCWuZ5Cgn7OVOntAGGKaebx
3MXPuzTXMU1rrA5sn4qL
=l8JR
-----END PGP SIGNATURE-----

--=-R4ZKrt/heJU/vNUbolKK--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 21:50:29 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 16:50:29 2019
Received: from localhost ([127.0.0.1]:58698 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwZl7-0007mz-EU
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 16:50:29 -0500
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21144)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@HIDDEN>) id 1gwZl5-0007mo-5J
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 16:50:27 -0500
ARC-Seal: i=1; a=rsa-sha256; t=1550699400; cv=none; d=zoho.com; s=zohoarc; 
 b=OZSbNC4i0jjWg88HALE9MktIehrqC1cfIG/3ebvZbAn7DSwYzlk6Pn4MyQzFEjV7q30qrWyPsDOtZ/XYMx/yM7n38x5MufhuxxbBbGP6ctL4k77IrC6hxhY6NiwDKdWB8FjoL4IM9IyhO+PGH2MIcSYTlOc1xyph1YI/WMqcqME=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc; t=1550699400;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results;
 bh=IqaA9y9b22gkq4OcMexJ7Uq/2ieIPNxR+ku+DFvcOfc=; 
 b=ogyEAnnbzpBRMQ43PoaR++0XCU9EYuCHBwd5XS4tGokrB9wmbRpprOmFwEoVCRQ824LKnRnoQcnXqu+KOJMVzurPWCEHmLXs7213Ru0wcDFRAc4qBbfESnsNHO6mjgmqzp7kQUEMqQuVmTYFv3+erv7gku0hmL4N47BEG5t/SzQ=
ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass  header.i=elephly.net;
 spf=pass  smtp.mailfrom=rekado@HIDDEN;
 dmarc=pass header.from=<rekado@HIDDEN> header.from=<rekado@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1550699400; 
 s=zoho; d=elephly.net; i=rekado@HIDDEN;
 h=References:From:To:Cc:Subject:In-reply-to:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;
 l=948; bh=IqaA9y9b22gkq4OcMexJ7Uq/2ieIPNxR+ku+DFvcOfc=;
 b=YJLkMIWNzP1ldcwN3mKz530gfKZtuCizn6MZyQsKqMIDGFah61I+TgBBPAJj8EI+
 P0POmxDhDFkc1Gy776DBcSqvXBhYlqgbMzp95h3h3a8hYPrDYAEIxx741ohCrTxqACh
 T8dxqyDTTxBpMIWVrbRmKhRwVvROQ5ezPGtfEKJs=
Received: from localhost (p54AD468B.dip0.t-ipconnect.de [84.173.70.139]) by
 mx.zohomail.com with SMTPS id 1550699398006736.9641772771565;
 Wed, 20 Feb 2019 13:49:58 -0800 (PST)
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <1550625587.14780.2.camel@HIDDEN>
 <1550667811.25277.1.camel@HIDDEN>
 <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>
 <bc360447-79ad-87d7-181a-a25da8b7a87a@HIDDEN>
User-agent: mu4e 1.0; emacs 26.1
From: Ricardo Wurmus <rekado@HIDDEN>
To: Adonay Felipe Nogueira <adfeno@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-reply-to: <bc360447-79ad-87d7-181a-a25da8b7a87a@HIDDEN>
X-URL: https://elephly.net
X-PGP-Key: https://elephly.net/rekado.pubkey
X-PGP-Fingerprint: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
Date: Wed, 20 Feb 2019 22:49:54 +0100
Message-ID: <87zhqq3zb1.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-ZohoMailClient: External
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org, Jason Self <j@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


Adonay Felipe Nogueira <adfeno@HIDDEN> writes:

> Em 20/02/2019 13:18, Julien Lepiller escreveu:
>> I think the situation is different though. You can see the build script
>> inside the "origin" record as the liberation procedure that anyone can
>> see and verify. It's also a procedure targeted at our build farms, so
>> that they can produce the liberated source code. Users never manipulate
>> non-free source code, unless something is wrong on the build farm side.
>
> I'm not taking any sides here, but to give some more information [=E2=80=
=A6]

I would appreciate it if this discussion could be moved elsewhere.  This
is about whether the package in Guix contains =E2=80=9CWidevine DRM=E2=80=
=9D.  As far as
I understand it does not (as a third-party binary needs to be obtained).

If it does after all contain objectionable files please point them out
so that we can remove them ASAP.

Thanks!

--
Ricardo





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 20:16:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 15:16:19 2019
Received: from localhost ([127.0.0.1]:58578 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwYHz-0003Cf-B3
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 15:16:19 -0500
Received: from relay8-d.mail.gandi.net ([217.70.183.201]:56345)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <adfeno@HIDDEN>) id 1gwYHu-0003CT-QX
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 15:16:15 -0500
X-Originating-IP: 187.181.183.29
Received: from [192.168.1.100] (unknown [187.181.183.29])
 (Authenticated sender: adfeno@HIDDEN)
 by relay8-d.mail.gandi.net (Postfix) with ESMTPSA id 0BD171BF207;
 Wed, 20 Feb 2019 20:16:11 +0000 (UTC)
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
To: 34565 <at> debbugs.gnu.org
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <1550625587.14780.2.camel@HIDDEN>
 <1550667811.25277.1.camel@HIDDEN>
 <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>
From: Adonay Felipe Nogueira <adfeno@HIDDEN>
Openpgp: preference=signencrypt
Autocrypt: addr=adfeno@HIDDEN; prefer-encrypt=mutual; keydata=
 xsPuBFSdo9IRDACmvQCvDZOHZ33gwVtn//XtEmnlcl1yR6j06qvh2E22aK3bmom1y6HfgAVq
 l+3R16sL27Y0cEeM12Xl2h1HrFiT3Hd/LGWNVC/osPAKrrs6bMRh3uUdOVWeVuM/7c6n5hvx
 PAkZ6s70w1+y1ilG19aEpezFybAb9oE7+qBLjKAZPgceHeOxUthdfqDDqc/oenCGVEQNvPzK
 jQVzE+NnB3KdbGNQKFjTuWutxHjMY61H06a824vMd4SU5ReHlDnhCfasJUYcT6ykijf5xeCU
 icLvLowZl3rCjzjxFxKGnfh/vT6LqMNlfLfTKMR8zmXKHXC+KJjQG3Ohl++7BTGxIrxZtAr6
 MKeNczQng0xJtGI/gSus+8Rt9GycMJ/TZh+CrMsRiWmleONsl2fYO5pd4P+hDcttVOmdI/dj
 H3yycUt5nzgezid+O2NzsjJNNAgDy9uxOLa01aBpaSR94IsYPCxaHh9rBo27v5L8lm2DZTmy
 CdTdJ/g7OETOSKGmrGywwmsBAO9f4sVideYrDJbEUcXkFSH19ctJYCgLHscWzpypGsQNC/9X
 iq7fMCS5kAkK/ZcsPeaI4VIDkFJAF22oJyCvJwLWpaQKXBLAFYcAltEHfjdgrrYlexlgQ7SX
 yX136hD8HJTe1oc2qHN/CXa+LDvxhhNLIgagKP13IIt8AS7U+3YsrCSgu1fjDpxoEP2+xXTS
 jjcDmnJIWv1oDjIp57OfpKokvHtEsMgXrZI4Ft3ftpzN6o/YWVQeJ7VBdVeKPkzukMfHu04q
 1O6TcfSVGLSjrSdTD8/0LcRmwEwgxRBbhp3kxmnUqV+/C/Cj1G2LurKBdqC/rGTSgR1TeQji
 rTDvV4aReZ8swQS8dGoO4CoxG3ZVz0nsLs7Nl/wRoIMXVo/yMd03LIySSJuATWD6+0LOL5PT
 gsIRYpBw3jcLTAwPsQd8M8CH9b07qGJ4roVkhEj3R09WeDmSSCLcyQERTzA3EskuaDF8qrRj
 q68/6kZwhsmssBzAH1PWnFpBAqEaoyQZUisoCffbQwM31oYt04Ng7JXqKHVE+ZchcujtijK5
 bPz9ARgL/11E5yq9Z9x+OIxVx1lhMadwH/ze2CrTUIMTo9ZAp8tBqDvXOr43FHPTYio0wycl
 /anW2D6+4Q49/gK8GQS4xWo/jZnCjOaVIPRbH+y/HE4eXBwKA9UKHpYdZuL2z1zFLYvZd/LT
 rX66q/+8YMETsu86e4J76lE0WhljWdseM4RFmKlPepSttgCS6iRcWZeuhpknqpOILBwNUtFA
 Dnqbe9y5ZQ8xETy4/nDMIeWmiHIhQ5bzm+dzOVwtqOpDpTvMzZbU3buBCsZFVrzxuXa66sJu
 W3fhc//cJ6GTlKz404tAuJrVr9q+uB4OOlkjoUYOIYnwwmKhZaqaUQDTpvK67QhWCZiDHJ/J
 bvuMCv/XCVh/1IdTbe518jVzfcYjlyxcSHFq8TxiGhJYaBFF4vPC9+vf7l2fQVhDzzpBqMVH
 5k9nGJXJ9M0mDO9e8O4CkV55YXzVQFVipiaGyd9DBKcWHAyprxj20MBkP0npXfGErkADCUEp
 1MpKt0p3U3BJkoi2Ms0uQWRvbmF5IEZlbGlwZSBOb2d1ZWlyYSA8YWRmZW5vQGh5cGVyYm9s
 YS5pbmZvPsJ6BBMRCAAiBQJZkFYUAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDI
 1uFSAe6docKxAQCAKQxT1MlVJyXdFC7sGFH00jlHeybp6qgOVfJvpqLPGgD+ITwpdjy3RD2c
 kuENzAKzvom8pnDrNW+oIIIYUaE5gMTOw00EVJ2j0hAQAPcu3bLnt0CqcF49mN0m7z13Fiqv
 wLRxJe2sEeduZl146rqyNdv4XmaCSdsbgThfw7sW60/J4Gyianv2uzm9E4DpnSh/Ie4LGqXC
 UALnIYhxeILOo8CvFW1hkF/AgZp0CNoXrP786Nh0rksHfwps0B7b6Vy/E0blioaijvUS2z3/
 DKY6CXb7D8wRi64qTMarLaifRzIR/pbX29uBB2McOeoswSFob/McMA7AHp3p+lttR5J8eLc3
 Ckj7OuJCY74XIAGq2B64RPmn617BD9ym83M3fcbEXgDBQtvLjznfKNzeMXOLXN/7/qKm1Sza
 5NpeAGDg0YvXg6qIi0iyJw4RVzdCiqacO+G3Am/Ge2XDKsuBgsEf1YjlENINGS/ZmqfZd0sH
 jCJHb/YOlEzVw8HVMzeES8aUOBDh+d2aWhYx30jXuFbMqvuOh4t7JZjBy8TQVuvVhIps0Qyu
 /YnNxKzZ2F9keaN854KRtcGxaD/wOGpgoAOlyhH+pXVTTl3GCMCHonJ6Sn+jNGa6+oX7HF8h
 wSevwzQ11WThTPmUTlPU96jN5kqE6qLKBo2msu2MxVQRo1kLlHCRfjvbNGf2iZXRKI+RARgv
 a+7NZPtYDs1Sg/zw7HgUowImT6JGcN0ZgAMqw/V2nALvW+Caq03GCNiWR2elB/jmhHR+3Brj
 18fsc25HAAMFEADViuPfdUqFHzmKgVdRH5A8NIZNTT/MMrYCqv5PAkEhnsXLXeHHV7a0cbfx
 3yf86Pv8XMtBItShUVQ9UPVvmFW3ew5cqCCUF5MzrbOXrrso+78yflYjbh55Sf1HelG11eBT
 xs2auCgMWVsxRjgk9sbzh0j+R9MCMXHw0H/x63BS+due6Z0PYlsgXxbtWxB0P7kiYekXn6xo
 MeJco9CbWufnWdK4J5WylILQPNwI8uwrj56TUmh3PFnC2UmUa+KQ9m5gWHOIybWYZf4TTXBi
 N6gvhUqN9IpGFaNG26sWWiOpEWAiVTwPE/lSB+yibouSfE3XLw1Q+FH7TqwmtVS6Kj+yC4Z7
 GlDcmqlQxJhBdXTEpTk0rA1Bs4okjqVoQRpLPYUFkhVA15jJGrewUJuUhL128gL2Ek0A14FW
 +zmi0Wi3tIrUQXovGy7eorIgq7M3/ri0ibbrS5jE4yfIZG/8nb1S/RX5JEwEaoe7izi+1GIi
 GkCRkzGT3VqG78ppH2166Bq9qDwGf3T/CmLMDNpxsc1qt857nz7RFBMM+dNs5h/Bh0t++i01
 JJd/ykqdfUL8nHRwDO1Fkz/R5wugeJ/dB0TcqpnArjtTc+KVN/lRYfltEc5j0DqvFRwk3Ztd
 5KocWrWD/MBAvZVYKzJ9Bov9FGRUIGDDTJyo5VVCSe1IeSYa9sJhBBgRCgAJBQJUnaPSAhsM
 AAoJEMjW4VIB7p2h7ewBAMBCaE8lh2MyK8PBZ2rOSEYIQNjxADPt9Mri7CLnZxtPAQCwCO+a
 x4WXJV0T1ZOOFa/esCB72RkEVZ7ArkTKQDnVng==
Message-ID: <bc360447-79ad-87d7-181a-a25da8b7a87a@HIDDEN>
Date: Wed, 20 Feb 2019 17:15:15 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Icedove/52.9.1
MIME-Version: 1.0
In-Reply-To: <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="fo4N6xMxY23BiGZjd2VfApmWyfvYLYmBK"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
Cc: Jason Self <j@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--fo4N6xMxY23BiGZjd2VfApmWyfvYLYmBK
Content-Type: multipart/mixed; boundary="WhmOiffMcXX1dadplzfTZATpPXP5566sS";
 protected-headers="v1"
From: Adonay Felipe Nogueira <adfeno@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Cc: Jason Self <j@HIDDEN>
Message-ID: <bc360447-79ad-87d7-181a-a25da8b7a87a@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <1550625587.14780.2.camel@HIDDEN>
 <1550667811.25277.1.camel@HIDDEN>
 <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>
In-Reply-To: <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>

--WhmOiffMcXX1dadplzfTZATpPXP5566sS
Content-Type: text/plain; charset=utf-8
Content-Language: pt-BR
Content-Transfer-Encoding: quoted-printable

Em 20/02/2019 13:18, Julien Lepiller escreveu:
> I think the situation is different though. You can see the build script=

> inside the "origin" record as the liberation procedure that anyone can
> see and verify. It's also a procedure targeted at our build farms, so
> that they can produce the liberated source code. Users never manipulate=

> non-free source code, unless something is wrong on the build farm side.=


I'm not taking any sides here, but to give some more information, if for
example you do `guix edit ungoogled-chromium' you will be presented to
the package definition of Ungoogled-Chromium, taking that as an example
you can see that it has a "source (origin ...) ...)" definition, inside
the inner part (the "origin") you have:

* the upstream download location and method, see (method ...), (uri ...)
and (sha256 ...);
* patches that should be applied immediatelly after downloading and
extracting the source files, per (patches ...);
* snippets and modules to be used with these, also to be applied
immediatelly after downloading and extracting the source files, as seen
in (snippet ...) and (modules ...).

When `guix build -S ungoogled-chromium' is done, first it checks the
build farms for the "prepared" source that matches the given package
definition, version, hash and so on; and lastly it tries to "prepare"
the source according to (patches ...) and (snippet ...) declarations
before even telling the user that the download is ready/done.

Having the (origin ...) visible in this way brings the advantages that
the people of Guix told about here, but as far as I can tell, the user
also sees the original location of the non-free source from upstream if
they do `guix edit ungoogled-chromium'.


--=20
- P=C3=A1gina com formas de contato:
  https://libreplanet.org/wiki/User:Adfeno#vCard
- Ativista do software livre (n=C3=A3o confundir com o gratuito). Avaliad=
or
  da liberdade de software e de sites.
- P=C3=A1gina com lista de contribui=C3=A7=C3=B5es:
  https://libreplanet.org/wiki/User:Adfeno#Contribs
- Para uso em escrit=C3=B3rios e trabalhos, favor enviar arquivos do padr=
=C3=A3o
  internacional OpenDocument/ODF 1.2 (ISO/IEC 26300-1:2015 e
  correlatos). S=C3=A3o os .odt/.ods/.odp/odg. O LibreOffice =C3=A9 a su=C3=
=ADte de
  escrit=C3=B3rio recomendada para editar tais arquivos.
- Para outros formatos de arquivos, veja:
  https://libreplanet.org/wiki/User:Adfeno#Arquivos
- Gosta do meu trabalho? Contrate-me ou doe algo para mim!
  https://libreplanet.org/wiki/User:Adfeno#Suporte
- Use comunica=C3=A7=C3=B5es sociais federadas padronizadas, onde o "soci=
al"
  permanece independente do fornecedor. #DeleteWhatsApp. Use #XMPP
  (https://libreplanet.org/wiki/XMPP.pt), #DeleteFacebook
  #DeleteInstagram #DeleteTwitter #DeleteYouTube. Use #ActivityPub via
  #Mastodon (https://joinmastodon.org/).
- #DeleteNetflix #CancelNetflix. Evite #DRM:
  https://www.defectivebydesign.org/


--WhmOiffMcXX1dadplzfTZATpPXP5566sS--

--fo4N6xMxY23BiGZjd2VfApmWyfvYLYmBK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iF4EAREIAAYFAlxttV4ACgkQyNbhUgHunaHNVwEA41S4hXRwXV64gR+YMLqtJdwt
L3X1++Sj49YqiYJBGIwBAJH3LRRFBKPIszF460JesVZxb8zomm/yGCUjZ3GXCSTB
=TSBl
-----END PGP SIGNATURE-----

--fo4N6xMxY23BiGZjd2VfApmWyfvYLYmBK--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 16:19:04 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 11:19:04 2019
Received: from localhost ([127.0.0.1]:58353 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwUaO-0005hb-6s
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 11:19:04 -0500
Received: from lepiller.eu ([89.234.186.109]:51402)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <julien@HIDDEN>) id 1gwUaM-0005h9-2t
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 11:19:02 -0500
Received: from webmail.lepiller.eu (static-176-182-42-79.ncc.abo.bbox.fr
 [176.182.42.79]) by lepiller.eu (OpenSMTPD) with ESMTPSA id 873aeaff
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); 
 Wed, 20 Feb 2019 16:18:57 +0000 (UTC)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
Date: Wed, 20 Feb 2019 17:18:56 +0100
From: Julien Lepiller <julien@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <1550667811.25277.1.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <1550625587.14780.2.camel@HIDDEN>
 <1550667811.25277.1.camel@HIDDEN>
Message-ID: <ece143d1e11fcb21e4c91ea33e959a3c@HIDDEN>
X-Sender: julien@HIDDEN
User-Agent: Roundcube Webmail/1.3.8
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Le 2019-02-20 14:03, Jason Self a écrit :
> Jason Self wrote:
>> I should probably add on that this position comes from my interaction
>> with the FSF in 2010: When LibreWRT was founded in 2010 (before it
>> later merged into libreCMC) we submitted a similar question to the
>> FSF,as to if it was sufficient for the LibreWRT build scripts (which
>> would be run by the person building the firmware image from source
>> and would have completely automated, just like how someone might
>> instruct Guix to build from source) to download Linux and then run
>> the Linux-libre deblobbing scripts on it vs having the build scripts
>> instead download tarballs that were already cleaned up. I can't seem
>> to find the email from back then but the response was that we needed
>> to use already cleaned-up tarballs, not ask the user to clean up the
>> software afterward even if automated. So that was what we did. Guix
>> should do something similar.
> 
> I haven't been able to find this conversation in my email. As it seems
> to be directly relevant to Guix, since it seems to also be the exact
> same method they use, I have emailed the FSF asking if they can locate
> this in their ticketing system and to re-send the conversation to me.
> More to come.

I think the situation is different though. You can see the build script
inside the "origin" record as the liberation procedure that anyone can
see and verify. It's also a procedure targeted at our build farms, so
that they can produce the liberated source code. Users never manipulate
non-free source code, unless something is wrong on the build farm side.

Essentially, users only download the liberated sources, and build the
package from that, or they download the sources from the build farm
and build the package from that. The source they download is the
one that `guix build -S foo` gives you, and the semantics is
"give me the sources to build foo", not "build the sources of foo".

I think that this way is more transparent, since we can independently,
altough with tooling not provided by guix, check and re-run the
liberation procedure that is documented as part of the guix package
recipe. This is much better than trusting someone to have actually
run the right liberation procedure as you can examine both the result
and the procedure itself.

I hope this is clearer now :)

Well, I'm still interested by that discussion on libreWRT.




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 14:49:03 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 09:49:03 2019
Received: from localhost ([127.0.0.1]:57297 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwTBH-0001IO-AI
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 09:49:03 -0500
Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:42691)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mbakke@HIDDEN>) id 1gwTBG-0001Hv-0S
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 09:49:02 -0500
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailout.west.internal (Postfix) with ESMTP id 5703C3255;
 Wed, 20 Feb 2019 09:48:55 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute5.internal (MEProxy); Wed, 20 Feb 2019 09:48:55 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h=
 from:to:cc:subject:in-reply-to:references:date:message-id
 :mime-version:content-type; s=fm2; bh=t1agAVtylsoXEHQY7gho52B+5D
 2WB3cw/41WeQbp/fo=; b=YfRi1d250BDSMTmLmlqHLnJsJz0rrBg9LI6INSlWnI
 Zy18CrTeFwnBsbv7/GkrP+l+IRUFOyF7xj79ZTsQExmaeY/t5NRvnKMFB61dqJIw
 xMGw32NfoTdGgCnhi7NtZdGhxCLmdsr+Uhrmv4ThUStKbkZ6xu8u9UAxN0GKXeXJ
 Xr6aRDGZ03YVvLic71D9YXa/z8+Es3lJvjjPR1lRjn7hhKI30aAbhni4Z4+5d6RG
 UWOsfgwUeGOayOQ6msrE0Bn4674ZUyPFybw4TuZd2Wc/IDvrIHsKaDjaBUE519Ex
 Je5LZJqXW8AE2EnVL6FF2SK2S8+AkrifS7rU389BL1GA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=t1agAV
 tylsoXEHQY7gho52B+5D2WB3cw/41WeQbp/fo=; b=S7+83SdVvlpiNLmx8Bpe0N
 vtt0Gm7lYGQZo1AusMfpNIfZvt1MHh2VdADU/Fmx0ZYLrsVs3WGzdl5VO1S3bTxw
 YUp1rgPvrWRRCTcrlGYMTqVBWO28QyIf0D3GBvKXMSgiuyYoM6jG/PuWgKkCTxxt
 0e2ivjOwGo29T+YPUmdLu6PlYygDo289un1S8scJgvgTgcfme8DKiHr2yXf0R1lY
 46ekMz4SvEf8BE1LphC7o/3SaeQ7Njrpw7kCTcSM01/UznLyy+5hOl02ObVFXmLW
 lqp13XZR6Xv/fzrTNvDGSb11g2cWVfWFs4ebMJ9zUvqHoWApg6qQjGwImULXvguA
 ==
X-ME-Sender: <xms:1WhtXAy0sb3MYpzGeaGTS4ZHo0gaCDHZCiwu_OOTSpKbEA8M-izLRQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdeigdeikeculddtuddrgedtledrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffujghffgffkfggtgesghdtre
 ertdertdenucfhrhhomhepofgrrhhiuhhsuceurghkkhgvuceomhgsrghkkhgvsehfrghs
 thhmrghilhdrtghomheqnecukfhppeeivddrudeirddvvdeirddugedtnecurfgrrhgrmh
 epmhgrihhlfhhrohhmpehmsggrkhhkvgesfhgrshhtmhgrihhlrdgtohhmnecuvehluhhs
 thgvrhfuihiivgeptd
X-ME-Proxy: <xmx:1WhtXMfDRJ6TVXQAUJYQ6TrCi29K8_ziAvUZWMxW3N0KqxQX3LmUFw>
 <xmx:1WhtXJo36Tdgzigqb5pwdkusPAIEguMGFBP8J_J1ROLTWb4vrwbKiw>
 <xmx:1WhtXMMuKnSmgjJZvpGUkFECF_8v381ixNwZt2tuy7B1j8QfLBL6Kg>
 <xmx:1mhtXLuK9iCYdmjdUVlv6CulAp-z1OSGD9vLoOK12YcJS7b73SD0HA>
Received: from localhost (140.226.16.62.customer.cdi.no [62.16.226.140])
 by mail.messagingengine.com (Postfix) with ESMTPA id 1854DE4549;
 Wed, 20 Feb 2019 09:48:52 -0500 (EST)
From: Marius Bakke <mbakke@HIDDEN>
To: Giovanni Biscuolo <g@HIDDEN>, Leo Famulari <leo@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <87imxe95mc.fsf@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <87imxe95mc.fsf@HIDDEN>
User-Agent: Notmuch/0.28.2 (https://notmuchmail.org) Emacs/26.1
 (x86_64-pc-linux-gnu)
Date: Wed, 20 Feb 2019 15:48:51 +0100
Message-ID: <87sgwims6k.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

--=-=-=
Content-Type: text/plain

Giovanni Biscuolo <g@HIDDEN> writes:

> Hello,
>
> maybe Marius Bakke have something interesting to say about his
> judgements on this "DRM matter"

[...]

> to sum it up: AFAIU for users to be able to use Widevine they must
> create a custom package definition _outside_ official Guix channels
> *and* download the shared object "libwidevinecdm.so" from Chromium,
> installing it "manually" system wide or locally

This analysis is correct.  For DRM to work, the user has to build with
"enable_widevine=true", and then somehow obtain 'libwidevinecdm.so' and
make the browser use it.

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlxtaNMACgkQoqBt8qM6
VPotoAgAwQNR32dh2V6rnTLfpdqzb4INoSKuM6Z2LLwqrFJDd0UZnS7EqBWduZ4A
MBkRWvS/B2kN6v65x1rUT/2XN41vYzoEfTMEit5or8eH4XqnqFL7WkpeEVmjacVh
Nwk16giGflLlVwahyIMgHDzaiasZUeoqB/lGLHA+669GVAywPQ48dsLuecTz+FRP
KDaGGhSccTStHja6lDrDuG5LULPXbtZ+VKjV44lEFrC+mN697NujfT3UaJCLLJ+I
QmPgEObPiK8PCBYdRYdXMuJNnAw0K6zU0x7hdvGXpX7g0LG3gkYygshMHzyHZIBe
dQqv7TfA/5N9J+KaySHqLMFZtahrJA==
=DLQ4
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 14:37:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 09:37:32 2019
Received: from localhost ([127.0.0.1]:57289 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwT07-00011a-JX
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 09:37:31 -0500
Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:44573)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mbakke@HIDDEN>) id 1gwT04-00011M-Se
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 09:37:29 -0500
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailout.west.internal (Postfix) with ESMTP id E06CC3345;
 Wed, 20 Feb 2019 09:37:22 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute5.internal (MEProxy); Wed, 20 Feb 2019 09:37:23 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fastmail.com; h=
 from:to:subject:in-reply-to:references:date:message-id
 :mime-version:content-type; s=fm2; bh=FOFxL3AfQMDSiBikSIAd1ULixZ
 xdgOrHO5zmWMSRTQg=; b=1HyjEGe86mgLPVgTPsvvMAaeYfqHOW22B8VXHZSIFs
 1fVKizmfsv5Fs4BSBFrOIhdNNDHE+1r+6sOS108pxXzKBt++iIy/NB95sOUD/qH2
 UNtBlPiNBpzNBvnLtVKsiViTwSEwqX31nUvo3V/zV4Ldd19vanzPAQbf4IszmMiJ
 RAgKvibT9Jjd0GxlufDXLOIvX5ctnT3mPO7lBdlCh8/4RDcD0e8oEZmWipUaDK4A
 I8gqlQc+yTLopiMseTRQh611oiNywv8/pxBHVSPwoxFoQlDbc3g0kI7xac3qaJDG
 EC5ZU9up41Cf8mwf7Li9uRqTLppPDPs6V+0KrT9tAd4w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=FOFxL3
 AfQMDSiBikSIAd1ULixZxdgOrHO5zmWMSRTQg=; b=O2/FfdGz58zU4dhv4ueGrx
 NPTuLyJu9k8iv2FVC6C87/nlrToisS4gd0NTRkKHMuic/xvDfx/kb3K+sKeFS8Zw
 vi7bk39t+peyNsXRZr7KllmnOE7D1KPEobBMEmAbUIwBKoSSYScvfe8Oe6KNEGz3
 9Ribp2QUFwlPlRxFiZDjpVUgXy4xFCkNwneGQ49DJzw0J6kPKiw44OkiXAuGFVP4
 6mwAE4F6EIx60XFpyU4N6wqNM0QKrDwnIp0X0Ox9iKT19JaryKP0ICr83hJMNdlU
 e1T+5goN8BSs1h80L622PeQAIINoMWhH9IhODK7g/BvPN2hUILrZsbh1veVn8o/g
 ==
X-ME-Sender: <xms:ImZtXFa2z5hpuW49rhyEpZ1eG5c7bTjcWw31h0GbAPTd_Z88m_4jDA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdeigdeiheculddtuddrgedtledrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffujghffgffkfggtgesghdtre
 ertdertdenucfhrhhomhepofgrrhhiuhhsuceurghkkhgvuceomhgsrghkkhgvsehfrghs
 thhmrghilhdrtghomheqnecukfhppeeivddrudeirddvvdeirddugedtnecurfgrrhgrmh
 epmhgrihhlfhhrohhmpehmsggrkhhkvgesfhgrshhtmhgrihhlrdgtohhmnecuvehluhhs
 thgvrhfuihiivgeptd
X-ME-Proxy: <xmx:ImZtXAiJfxP36IjS4sFxJQoSWktE-7zBDrnxIEfHkuxseVm3Q8KagQ>
 <xmx:ImZtXE9HD28TKu-Hg9sNCYHZUige69L5C5pw1xl2yZ6rKqRdebM5cA>
 <xmx:ImZtXOPyRwUJVncOio40N5gV8HJ8ORzjIkMLCmOR7KfriyVLZECh2g>
 <xmx:ImZtXOhSoqS1DbenGZqugNe40656n7lFtYuWgOWH4IdfZMIWLNB3HQ>
Received: from localhost (140.226.16.62.customer.cdi.no [62.16.226.140])
 by mail.messagingengine.com (Postfix) with ESMTPA id 79983E4068;
 Wed, 20 Feb 2019 09:37:21 -0500 (EST)
From: Marius Bakke <mbakke@HIDDEN>
To: Jason Self <j@HIDDEN>, 34565 <at> debbugs.gnu.org
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <1550625137.14138.3.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN>
User-Agent: Notmuch/0.28.2 (https://notmuchmail.org) Emacs/26.1
 (x86_64-pc-linux-gnu)
Date: Wed, 20 Feb 2019 15:37:15 +0100
Message-ID: <87wolumspw.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

--=-=-=
Content-Type: text/plain

Jason Self <j@HIDDEN> writes:

> A different but related matter is the build process itself. I
> understand this is not exactly related to the DRM matter but it does
> seem similiar. I can open another bug over this if needed. I have
> recently submitted upstream's Chromium 73.0.3683.45 into my FOSSology
> instance for analysis. Actually, less than a third of the total files
> were classified as "BSD-like". In total it found 162 unique licenses.
> Of course, automated licenses analysis is never perfect and I have not
> fully vetted any particular results but it does help to at least
> indicate that which is very clearly free software and that which needs
> further investigation.

To avoid duplicate work, it would be useful if you ran this analysis on
the tarball produced by `guix build --source ungoogled-chromium`.

> Even in the short time I was reviewing it I found a number of freedom
> problems. I don't mean that to be an exhaustive list of everything,
> merely an indicator of a symptom:
>
> * unrar (license denies freedom 0)

UnRAR is not present in the Guix source.

> * third_party/blink has some images under CC-BY-NC-SA-2.0

I cannot find these images: grepping for CC-BY-NC-SA or 'Creative
Commons' did not aid.  Did you record the absolute paths to these files?

> * Google Toolbar is in there, with a non-free EULA

My grep-fu is really failing me today.  Where is this located?

> Taking this and considering Guix's build process: The method of
> building seems to involve downloading Chromium, then runnning
> ungoogled-chromium over it, and then building. I'm not sure if any
> other packages have their freedom problems fixed in this way but this,
> just like build flags, should not be sufficient. Freedom problems
> should not be hidden/removed after the fact by asking the user to run a
> clean-up program after downloading the source, even if that has been
> automated by the package manager. What is sent to the end user to
> compile should itself be 100% free software and FSDG compliant from the
> beginning. If not it still amounts to distributing non-free software to
> the user when they want to, for example, do guix build -S chromium.

As Leo says, `guix build --source` should never return nonfree software
as a matter of policy.  Ungoogled-Chromium is no different: running
`guix build --source ungoogled-chromium` will run the pruning scripts
and generate a sanitized tarball, or (more likely) transparently
download an already-processed source from the build farm.

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAlxtZhsACgkQoqBt8qM6
VPqsOgf/SymCu2BiYdx8tadD4zwI1gkUYVznrflJYFeHTQuF6cx7vmMxL0HPyPTM
gEQEm8q3EXdvHOpY/j5eW/KwSv5O5/ICwaHk36zvA3AVQTgzpXfvQNjjtxRT5rIq
eSzVDEGtbsX1X+mZCeXsIv1qoJzAaOT0E9kV8qONEcYvdUh084GAGKyku+2kO452
yW+2iyKGbljWWwevx3IcDpP5Vuy8IctY224sXIH6p5LrEibEX2Cw/3PWohjse1j2
GOrVPAD39oggU4hIoHbXKYMYX/fDAHZlfFLW2mjS5cjEzOV9IZpld1rHS1w0W5i+
PEp+/7Vq8B/SvX/AxXV1zRLKljw60g==
=AyoI
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 13:03:42 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 08:03:42 2019
Received: from localhost ([127.0.0.1]:57253 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwRXK-0007ET-FN
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 08:03:42 -0500
Received: from bluehome.net ([96.66.250.149]:47690)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gwRXI-0007EK-2T
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 08:03:41 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 61C124B402F9
 for <34565 <at> debbugs.gnu.org>; Wed, 20 Feb 2019 05:03:32 -0800 (PST)
Message-ID: <1550667811.25277.1.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Wed, 20 Feb 2019 05:03:31 -0800
In-Reply-To: <1550625587.14780.2.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <1550625587.14780.2.camel@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-K9avsEVh8YTzFyKp6qqp"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-K9avsEVh8YTzFyKp6qqp
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Jason Self wrote:
> I should probably add on that this position comes from my interaction
> with the FSF in 2010: When LibreWRT was founded in 2010 (before it
> later merged into libreCMC) we submitted a similar=C2=A0question to the
> FSF,as to if it was sufficient for the LibreWRT build scripts (which
> would be run by the person building the firmware image from source
> and would have completely automated, just like how someone might
> instruct Guix to build from source) to download Linux and then run
> the Linux-libre deblobbing scripts on it vs having the build scripts
> instead download tarballs that were already cleaned up. I can't seem
> to find the email from back then but the response was that we needed
> to use already cleaned-up tarballs, not ask the user to clean up the
> software afterward even if automated. So that was what we did. Guix
> should do something similar.

I haven't been able to find this conversation in my email. As it seems
to be directly relevant to Guix, since it seems to also be the exact
same method they use, I have emailed the FSF asking if they can locate
this in their ticketing system and to re-send the conversation to me.
More to come.
--=-K9avsEVh8YTzFyKp6qqp
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbVAkAAoJEJ0NsxtUWjGYn2gP/ixSgVt8SsabNCn8CLnq0wXd
cwnudZoYBrvVc26fsO+px1yH+Om24UHXRlwKjfsEnaZEW8G6EUSbYMWbqOxwVvHB
ktinWyp0INAriLPsdCy6PgHnOy5rSA0JVLkFTopY4Gfefn4ha/VBmXeedb8uODeZ
a1Uaijnr18j6F6Db1Hoe0cLp/9iM2WbpkoQ0SFwdxWCXNRq1w8r/Xd2ZEvds/l+B
bWEF1c2Yr0MonG8krXQukfzhgIHEg+f6LUHlO53wr2YQMXYM97H5BF6EKqlSCc6k
EEI0FZpCCPpBphDz9DJMh79rqXL6r8XrDJDet7jhVJ20Qg5onJqsaBL6W+chIs3q
BmqWuVEHa3nvURerNBEMgZiPDZt0SfbHaZrDxjoA9zUBbKMRm1d4vJtK2NNXauNQ
Nc0059VUN2jslCO+AsEL1SCP4C4YRiMxRQGgBbeU8mefDSIM8k3+9N+dQhwESVpU
5i5qRpkngIHf+S8aOA43vDP7bXrupgu9T6awX6og0Ptsw6lxsUihBiX6peVDvYTG
ePzyWuQb2XpxGqPkGTVD9ihlaoLRypnY3X7rKwtgRcqb2qm+IsqUs1kuykzuSQqS
fz1mLF4Rlbv4Ss7dIeJtz2JgLPX7jUc3GPtpTmNQVG9gXhlrIFqIW64Wcpoyyxpj
xyFNQT/BjuAO+3tykA0Q
=Lshi
-----END PGP SIGNATURE-----

--=-K9avsEVh8YTzFyKp6qqp--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 10:09:28 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 05:09:28 2019
Received: from localhost ([127.0.0.1]:57199 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwOog-0000vf-3b
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 05:09:28 -0500
Received: from mail1.fsfe.org ([217.69.89.151]:46256)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <jlicht@HIDDEN>) id 1gwOod-0000vV-Nr
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 05:09:24 -0500
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <20190220051536.GA7782@HIDDEN>
 <1550640947.21795.7.camel@HIDDEN>
User-agent: mu4e 1.0; emacs 26.1
From: Jelle Licht <jlicht@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-reply-to: <1550640947.21795.7.camel@HIDDEN>
Date: Wed, 20 Feb 2019 11:09:20 +0100
Message-ID: <87a7iqdb5b.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -6.0 (------)


Jason Self <j@HIDDEN> writes:

> Leo Famulari wrote:
>> To clarify this general point about Guix for anyone who is reading
>> along, as a matter of policy the end user does not receive non-free
>> source code from Guix.
>
> Right; the source is downloaded from commondatastorage.googleapis.com
> but that is a technicality. What I'm saying is that the recipe should
> be updated to cause it to download an already-cleaned up version
> directly from Guix (it could be hosted somewhere on gnu.org for example
> but exactly where can be up for negotiation) and that this excuse of

I would argue that this way of thinking is one of the issues Guix and
the broader reproducible builds community is trying to solve (in an
ethical way). Practical software freedom also includes the possibility
of not being dependent on even the gnu.org infrastructure.

> "they're getting it elsewhere" shouldn't be usable as an excuse to
> sidestep the FSDG. It's still causing the user to download the software
> due to the recipes provided by Guix.

The implied tone of your message comes across as needlessly
aggressive. I am not sure if the GNU Kind Communications Guidelines
apply here, but I still urge you to give the broader Guix community the
benefit of the doubt in that they are committed to the FSDG and
everything it entails.

This is like arguing that curl could be used to download proprietary
software; An unmodified Guix will never present a user with non-free
software. If it does, this can be considered a bug and should be fixed
ASAP. Your proposal implies that someone else still downloads the
nonfree upstream sources to modify them, so I see this as even more of a
case of working around the spirit of the FSDG.

>
>> The tools provided by Guix to access source code only return source
>> code that is freely licensed. If the sources have to be modified to
>> ensure this, the unodified source code is not provided to the user.
>
> It's still being downloaded into their computer and then being cleaned
> up after the fact. If there weren't freedom problems with it there
> wouldn't be a need for a clean-up program (ungoogled-chromium in this
> case) to be running -- as a process on the user's computer -- to do
> this.

I do not really get the point you are trying to make, because the
software has to be downloaded at some point in time. Offering a
transparent solution in the form of the Guix store, where the
problematic bits of software only exist in a transient state seems like
it improves the situation across the board.

Whether this fits the letter of the FSDG is an interesting discussion to
be had, but arguing that it goes against the core principles is simply
silly :).

>
> And inhttps://www.gnu.org/distros/free-system-distribution-guidelines.
> htmlwe have:
>
> "For instance, a free system distribution must not contain browsers that implement EME, the browser functionality designed to load DRM modules."
>
> So that should make it quite clear.

I feel most folks here agree on this, at least, so if ungoogled-chromium
still implements a functioning EME, that is a bug.

Respectfully yours,
- Jelle




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 09:22:53 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 04:22:53 2019
Received: from localhost ([127.0.0.1]:57183 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwO5X-0008DI-PF
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 04:22:51 -0500
Received: from ns13.heimat.it ([46.4.214.66]:49674)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <g@HIDDEN>) id 1gwO5S-0008D0-69
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 04:22:46 -0500
Received: from localhost (ip6-localhost [127.0.0.1])
 by ns13.heimat.it (Postfix) with ESMTP id 1469730056B;
 Wed, 20 Feb 2019 09:22:36 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at ns13.heimat.it
Received: from ns13.heimat.it ([127.0.0.1])
 by localhost (ns13.heimat.it [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id AHVAEoApjYUP; Wed, 20 Feb 2019 09:22:31 +0000 (UTC)
Received: from bourrache.mug.xelera.it (unknown [93.56.161.211])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by ns13.heimat.it (Postfix) with ESMTPSA id 9DD31300101;
 Wed, 20 Feb 2019 09:22:31 +0000 (UTC)
Received: from roquette.mug.biscuolo.net (roquette.mug.biscuolo.net
 [10.38.2.14])
 by bourrache.mug.xelera.it (Postfix) with SMTP id D0B09300056;
 Wed, 20 Feb 2019 10:22:29 +0100 (CET)
Received: (nullmailer pid 13354 invoked by uid 1000);
 Wed, 20 Feb 2019 09:22:29 -0000
From: Giovanni Biscuolo <g@HIDDEN>
To: Leo Famulari <leo@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <20190220054219.GA9386@HIDDEN> (message from Leo Famulari on
 Wed, 20 Feb 2019 00:42:19 -0500)
Organization: Xelera.eu
Date: Wed, 20 Feb 2019 10:22:19 +0100
Message-ID: <87imxe95mc.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Hello,

maybe Marius Bakke have something interesting to say about his
judgements on this "DRM matter"

indeed, this is a pretty ignorant (aka me) comment:

Leo Famulari <leo@HIDDEN> writes:

[...]

> I think the next steps for this subject are to first, in general, figure
> out where Widevine comes from, and then, more specifically, decide what
> to do about the files you mentioned.=20
>
> As I mentioned already, other distros seem to get Widevine by extracting
> its binary from Chrome, even when using it for Chromium. It seems
> reasonable to assume that if Widevine were included in Chromium they
> would not be downloading a whole 'nother browser for that one
> component.

ungoogle-chromium FAQs [1] confirms that in order to install Widevine
users have to download a shared object (libwidevinecdm.so) and install
it system wide in /usr/lib/chromium or in $HOME/.local/lib/

I tried to install ungoogled-chromium from Guix but failed (another
story...) so I cannot see myself, but AFAIU there is no way for a user
to enable Widevine from the user interface *nor* manually

I don't know if the libwidevinecdm.so user loading must be forbidden
**programmatically** [2] to be FSDG compliant: what is the case with the
linux-libre kernel? are users forbidden to "insmod proprietery_module"
they _independently_ downloded or developed?

anyway, as Julien Lepiller already verified (Guix package definition is
there for anyone to check, and checking is very easy), Widevine stuff
only gets built when the ENABLE_WIDEVINE build option is set... and it's
not this case, so it's unlikely that users will be able to install
Widevine even following the above mentioned procedure

last but not least: AFAIU ungoogled-chromium Guix package documentation
nor Guix Manual contains information on how to obtain proprierary
extensions to any software; am I wrong?

> As for the specific files listed by Julien, they may be harmless, or
> not, we should figure out what they do and if they need to be removed.

AFAIU that code allows dynamically linking Widevine (sorry cannot still
check myself), but it is _disabled_ at build time

is this enough to be FSDG compliant?

given all the above, it seems to me that ungoogled-chromium binaries
provided by Guix substitute servers _and_ sources provided by Guix build
farms (are provided by them, right?) does not ship with DRM enabled

to sum it up: AFAIU for users to be able to use Widevine they must
create a custom package definition _outside_ official Guix channels
*and* download the shared object "libwidevinecdm.so" from Chromium,
installing it "manually" system wide or locally

HTH!
Ciao
Giovanni


[1]
https://ungoogled-software.github.io/ungoogled-chromium-wiki/faq#how-do-i-i=
nstall-widevine-cdm

[2] I mean by stripping away any bit of source code that allows users to
dynamically link potentially proprietary shared objects in the software

=2D-=20
Giovanni Biscuolo

Xelera IT Infrastructures

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERcxjuFJYydVfNLI5030Op87MORIFAlxtHEwACgkQ030Op87M
ORJl5w/+JddYSZeBKTdqiGMOuJo6h1oWsJB5UgW5+h8EBsrbZSRRRO9RtF2UDLus
HAQwJX3JDowo4lMb5DUERHUHPnbACvKQFWBwDeuWK+jRdo+/naodu4UPX7/gHerq
pwyYjn30Zxn6GXtdnKkISGOPXrGqpi5dJChcIpSDwaQkTn8G7guPM3KC/+mMjDeE
OnDTzhoqXfM/YyKQIXcOU823HH9Jvb0vJiEfzBmg1Gty7KzM6jJew6yxFPtzaseN
SiD0hZj4U+9ZAcGhEFE0zn7BXTsadUUsX09pk687vevi2Kk69fskLviZJ6Id56yc
ebuRZ7C2Ao/2g+nr8nU2cNWKi6DDOYEKF8YXbZfheT28s0ojkLTGH87M7q6sZNVg
IE5Cmp4pxTXKE8LvcPhED/QODzw4Ez+nVEozT3/+JBoUuhkl4NZbgNN+Wuz7rEcz
C4XZpc075JhdnnudzY4P9mbt9lJnHWwSrX/xIpRlTRguRrnSV671LkHUa7HWmVQA
tNO8tLWXHlKRRxIAVOPCsyvoP8PRlpxugrIaoORVC1f4YqX7XT91aQshTWiygtrp
6NBCLmpG6AvTj6yUOoMiJFB3iFNfPLVuyMC3AwdR/hHok2xpG0ae2QQY9My131I2
49z9IiGNxYM6F+TDbkgxSH5Uak0NvQuSF+Emc4GmQcWWmohNC/Q=
=3yTE
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 07:59:27 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 02:59:27 2019
Received: from localhost ([127.0.0.1]:57151 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwMmt-0004DW-Cr
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 02:59:27 -0500
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21138)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rekado@HIDDEN>) id 1gwMmr-0004DO-EZ
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 02:59:26 -0500
ARC-Seal: i=1; a=rsa-sha256; t=1550649547; cv=none; d=zoho.com; s=zohoarc; 
 b=n7GAySEB+i2ZidEcVuyNMpqePSYBrBwaKGeUdL9wtRjXLt3Iqt3ucOI9omb7kKDmgQBfGx6Wytu1am6O1ltghR9ZATVIszOSzUjrE8fWZLy7Yic9xrt/uxss4LteCQHQHS17P0dnTm3s90MN3lds1Eun40GWe7zJgtS5Y3gXxi0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc; t=1550649547;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results;
 bh=JzbNcNBGBsiSlmpgcn0fQDw5llZq5DrAw3NZ8WjgMSk=; 
 b=YWSW0RcHCF3/sWfUbeuzNZ73X6BHajO+LsvMQJJAV2EiLxswETESINvaD2z5InFV4qWKe3Thksr8iIQMrh6s4xjZ+Bp51TbLHZJ/GV/m4RBBQLTbtFMOy+dTb0UfubXXIh3vqRNvcz9+t3tCGP+zarCbegpy5PTd2Vn9QpxCjOg=
ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass  header.i=elephly.net;
 spf=pass  smtp.mailfrom=rekado@HIDDEN;
 dmarc=pass header.from=<rekado@HIDDEN> header.from=<rekado@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1550649547; 
 s=zoho; d=elephly.net; i=rekado@HIDDEN;
 h=References:From:To:Cc:Subject:In-reply-to:Date:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding;
 l=1180; bh=JzbNcNBGBsiSlmpgcn0fQDw5llZq5DrAw3NZ8WjgMSk=;
 b=U9lFhCixl0pSmKabwphq4oe8nRHXmi/WXmoSQgyRoORmhyjSaCqgPLjeuHVizYnK
 xsxGe3GoKB8LNB7DSJTChwHZXwyqKQ/lA+padagXwJjTdabESF2/zOYcMMw9SoLbD+I
 ClOcsWg2IFVH+t5Mt9sBIOZkdW8tmci5GEbj8yzQ=
Received: from localhost (p54AD468B.dip0.t-ipconnect.de [84.173.70.139]) by
 mx.zohomail.com with SMTPS id 1550649545548802.8040730294048;
 Tue, 19 Feb 2019 23:59:05 -0800 (PST)
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <20190220051536.GA7782@HIDDEN>
 <1550640947.21795.7.camel@HIDDEN>
User-agent: mu4e 1.0; emacs 26.1
From: Ricardo Wurmus <rekado@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium might contain remnants of Widevine
 DRM
In-reply-to: <1550640947.21795.7.camel@HIDDEN>
X-URL: https://elephly.net
X-PGP-Key: https://elephly.net/rekado.pubkey
X-PGP-Fingerprint: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
Date: Wed, 20 Feb 2019 08:59:00 +0100
Message-ID: <8736oivqkb.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-ZohoMailClient: External
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


Jason Self <j@HIDDEN> writes:

> Leo Famulari wrote:
>> To clarify this general point about Guix for anyone who is reading
>> along, as a matter of policy the end user does not receive non-free
>> source code from Guix.
>
> Right; the source is downloaded from commondatastorage.googleapis.com
> but that is a technicality. What I'm saying is that the recipe should
> be updated to cause it to download an already-cleaned up version
> directly from Guix (it could be hosted somewhere on gnu.org for example
> but exactly where can be up for negotiation) and that this excuse of
> "they're getting it elsewhere" shouldn't be usable as an excuse to
> sidestep the FSDG. It's still causing the user to download the software
> due to the recipes provided by Guix.

Please do not claim that Guix sidesteps or aims to sidestep the FSDG.
This is not the case as we are committed to abiding by the FSDG.

What users get when using =E2=80=9Cguix build --source=E2=80=9D is the proc=
essed source
code from the Guix build farm.  The fallback is to fetch the original
sources directly and process them (which is what the build farm does as
well).

--
Ricardo





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 05:42:33 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 00:42:33 2019
Received: from localhost ([127.0.0.1]:57077 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwKeP-0007BG-AA
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 00:42:33 -0500
Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:47233)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@HIDDEN>) id 1gwKeM-0007B2-Ef
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 00:42:31 -0500
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.west.internal (Postfix) with ESMTP id 5CCDC3182;
 Wed, 20 Feb 2019 00:42:24 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Wed, 20 Feb 2019 00:42:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=F3mfbOFV0DHad9pPLn1XmppS
 KzkHNwda9jBObUjg9d4=; b=UVbH2ZZ+xRBp4GRafN5cY7QvEaq0CQEuaRfDuycl
 YW0F6S+W7bRYtk5+5IGMyoCf+ZWAhxyCH6T0GCtgRtwS/UPl05AIBYAGLQJFCBvn
 2tqoWp5SkPUxukYfx/n/Lyu5bu/Pf8vjM4a1Vii1CZjgzd58V/L/WpCobCdafcwI
 vq0=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=F3mfbO
 FV0DHad9pPLn1XmppSKzkHNwda9jBObUjg9d4=; b=roox1wURoHbw8O4xpuYqPu
 FnjzNcmDuIVCDml+QjEjd7eenxYkSaTXSp/xXhcM0lNeNSSKlButcH+/nfGYvIxe
 QDEr+7PFhX9WSe26qVTRkUClGYOROzZbOUvZAWs1DAy2mJ4pkc9+chmu1xRscwuY
 BDyRzFdgS0Zt4F8XhT32m/78wcjnx6ydAXxTucv7Q0m5vgrIqjiWxjL3W9LF9jFK
 s9UTrVyQ9cSFGVWphA5i3A1fubncJCYhhKJtLJ8/VNv1899h29cqj/k/hIOwTAJ7
 BRpz0uRVMBRXYWTzS5AXPLBlxwYID7MUzhJMz9f5f9bioCoavYA0Gn7h/HfcFxKg
 ==
X-ME-Sender: <xms:vOhsXH8Xg0VBw70rPe7lqZLN9KKVlSkKdp6lrCvq0gKotEs1rmkEbg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdehgdekkeculddtuddrgedtledrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhepfffhvffukfhfgggtuggjfgesghdtreertdervdenucfhrhhomhepnfgvohcu
 hfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhirdhnrghmvgeqnecukfhppeejie
 druddvgedrvddtvddrudefjeenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgr
 mhhulhgrrhhirdhnrghmvgenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:vOhsXMGzRZWADx-kTG_3CeSNudbyc2ywuNXhY06xWbr1p2cI7toNZA>
 <xmx:vOhsXHNH3Wxaj8nIzEiNyf_4v7A2hPMgf2RBv-LXHYsMviWVwGjROQ>
 <xmx:vOhsXLTvyrG5kKxsADG_pwK80NZ_4gG6G8Tpv3BhyreNoTE-Qa9EiA>
 <xmx:v-hsXIIEP8rX4aDXgHFM0anAdoQncMswl4CW3v976MNyMoh-vVSucg>
Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id 9B575E4210;
 Wed, 20 Feb 2019 00:42:20 -0500 (EST)
Date: Wed, 20 Feb 2019 00:42:19 -0500
From: Leo Famulari <leo@HIDDEN>
To: Julien Lepiller <julien@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
Message-ID: <20190220054219.GA9386@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN>
 <1550582906.5431.7.camel@HIDDEN>
 <ea3643bd3575de03e15d3c82c1aefe8c@HIDDEN>
 <aba259a44a52136939babd3f3cfee6be@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="rwEMma7ioTxnRzrJ"
Content-Disposition: inline
In-Reply-To: <aba259a44a52136939babd3f3cfee6be@HIDDEN>
User-Agent: Mutt/1.11.2 (2019-01-07)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


--rwEMma7ioTxnRzrJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Feb 19, 2019 at 03:44:17PM +0100, Julien Lepiller wrote:
> So I've downloaded the source tarball with `guix build -S chromium`
> and here's what I found in it:

[...]

Thanks for taking a look, Julien!

We need to find out if Widevine DRM is actually included in the Guix
ungoogled-chromium package or not.

Obviously the intent was to not include it, and it does not work in
practice. Widevine videos do not play and there is no prompt to install
or enable DRM, unlike in some other browsers that use DRM.

I think the next steps for this subject are to first, in general, figure
out where Widevine comes from, and then, more specifically, decide what
to do about the files you mentioned.=20

As I mentioned already, other distros seem to get Widevine by extracting
its binary from Chrome, even when using it for Chromium. It seems
reasonable to assume that if Widevine were included in Chromium they
would not be downloading a whole 'nother browser for that one component.

As for the specific files listed by Julien, they may be harmless, or
not, we should figure out what they do and if they need to be removed.

--rwEMma7ioTxnRzrJ
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlxs6LsACgkQJkb6MLrK
fwhX7hAAkH8/9+45iJyItVt5t/tP/qHhK34m+Vc+tkrk3+BaCev2AFP45h8i57oI
wVXq8VGff++j575zGbZRV0+PHaOinAEo15mTWIWbpes56LM/LToOrpepd+E1ikQN
TJGqzWeus2VFWW1rjwPNM5YWcjNBBOQMSENkJkOWT5p9HS+oFaKsXsl8q5A9+bFP
cruwMyp0wmU59tdoSibik5zKcX2bI4SgWW69vGhh57lVLHtm7sKUSPySamnthTEY
wSOzBMuIYOv6W3TS7cuiMqYqT8hpPbUxddJyysfrQjNQNQ2sWv5CqVj5gSSNXQRy
H/OGQ6j5tnn+tuvSSAsP1c7d2P0NfgB/PdrmfIj2gzy9J3mxfHF2ZLzjsuRpzowG
OlxgoEF2XlZtESMvDXrDyFtRlk7KwPL5qsVOwIOW9UbEfs4sCPiUhB2iXFOQWqwJ
wwTRycbefAwzNckMsrd08Z5tegq2QMYE/yHaFCEr+p4tjFdnXWExe03sd/3IrSE2
F0DR/eRQaXf0fNP/ZqMYmG0+NvXBy4lc6GCmApgq5cJS6hkw2mtkhUNiiPKz/1hs
NyHHNNnTmJ4rR3NpGzfnXTPjPmftWk+S/hP/6uCNRPUWcXlLrfSq6xLR5aESHJBF
fuLzS9Agw+sb3j2Hcno6alIXxF5fMrTTyGV4rgR0uypx8IZejh8=
=24ni
-----END PGP SIGNATURE-----

--rwEMma7ioTxnRzrJ--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 05:35:52 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 00:35:52 2019
Received: from localhost ([127.0.0.1]:57072 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwKXw-000720-GQ
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 00:35:52 -0500
Received: from bluehome.net ([96.66.250.149]:47518)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gwKXt-00071q-IX
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 00:35:50 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 043254B400A0
 for <34565 <at> debbugs.gnu.org>; Tue, 19 Feb 2019 21:35:48 -0800 (PST)
Message-ID: <1550640947.21795.7.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Tue, 19 Feb 2019 21:35:47 -0800
In-Reply-To: <20190220051536.GA7782@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN> <20190220051536.GA7782@HIDDEN>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Leo Famulari wrote:
> To clarify this general point about Guix for anyone who is reading
> along, as a matter of policy the end user does not receive non-free
> source code from Guix.

Right; the source is downloaded from commondatastorage.googleapis.com
but that is a technicality. What I'm saying is that the recipe should
be updated to cause it to download an already-cleaned up version
directly from Guix (it could be hosted somewhere on gnu.org for example
but exactly where can be up for negotiation) and that this excuse of
"they're getting it elsewhere" shouldn't be usable as an excuse to
sidestep the FSDG. It's still causing the user to download the software
due to the recipes provided by Guix.

> The tools provided by Guix to access source code only return source
> code that is freely licensed. If the sources have to be modified to
> ensure this, the unodified source code is not provided to the user. 

It's still being downloaded into their computer and then being cleaned
up after the fact. If there weren't freedom problems with it there
wouldn't be a need for a clean-up program (ungoogled-chromium in this
case) to be running -- as a process on the user's computer -- to do
this.

And in https://www.gnu.org/distros/free-system-distribution-guidelines.
html we have:

"For instance, a free system distribution must not contain browsers that implement EME, the browser functionality designed to load DRM modules."

So that should make it quite clear.




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.
Changed bug title to 'ungoogled-chromium may contain Widevine DRM' from 'ungoogled-chromium contains Widevine DRM' Request was from Leo Famulari <leo@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 05:15:49 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Feb 20 00:15:49 2019
Received: from localhost ([127.0.0.1]:57058 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwKEX-0004Xz-2o
	for submit <at> debbugs.gnu.org; Wed, 20 Feb 2019 00:15:49 -0500
Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:36633)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@HIDDEN>) id 1gwKEU-0004Xk-Ek
 for 34565 <at> debbugs.gnu.org; Wed, 20 Feb 2019 00:15:47 -0500
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.west.internal (Postfix) with ESMTP id DC3F43627;
 Wed, 20 Feb 2019 00:15:39 -0500 (EST)
Received: from mailfrontend2 ([10.202.2.163])
 by compute4.internal (MEProxy); Wed, 20 Feb 2019 00:15:40 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=web75sLD/KWI41Te0/nyU6e8
 q0KUEkRGmzgnUNBMTQ0=; b=FtR2DVB+RImB9RBKjQdDLl1mznZbGYChnFUss12G
 n5WlFv56o+YWX9rRm11hHcKF3BPywoCjeafCkQdmhOOai7Nof6W8q7lEq89dtg2K
 KBt2z76SSEewupIU+vTVmJJQnxY+gR/FoEiI3QWN8cHDTkP6yuPTcfaWXn/JBcCG
 CwU=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=web75s
 LD/KWI41Te0/nyU6e8q0KUEkRGmzgnUNBMTQ0=; b=AhLcb1NI76BzNhMItDaeiR
 S5cu3YAmrglgHjcswv51KvUAGC2n5lgoqZCAljUfjmotYYaDuHhvonh8mclCVhg/
 lJ9uQCl5PjxEkyLFhIGdqyEOAg7QqsPcZnhYwxgFvIPxoxP7Lo3mrzJgOQjfQaS8
 YT5rzTcoj5+wAyRdSSEdAFttuqL0NsjZiR2EL7TlON4OJcw4e/V7dw4vx9BjOlXc
 CiQb+/Xax3mtNEPTeTNsmnCDTkUaNv/OYnlZx8Gx9dlEj12id6/gCBb4Lcbr7VU3
 rME2B0c41N8B+INXZMfmIoHp0xDizCxCnvScETkwke6NyG6G8okAVoWdwcr3BmMQ
 ==
X-ME-Sender: <xms:euJsXDrwkzWhABgktXel7lL30xE9OtEQb2ou6h4grHqnjpteiXllRQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdehgdekgeculddtuddrgedtledrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujggfsehgtd
 erredtredvnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhl
 rghrihdrnhgrmhgvqeenucfkphepjeeirdduvdegrddvtddvrddufeejnecurfgrrhgrmh
 epmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgvnecuvehluhhsthgv
 rhfuihiivgeptd
X-ME-Proxy: <xmx:euJsXHCwr0zWzAT3lqFQIiTR9pRXpz2UFq8PbFAdWwXlFje7jWmCWQ>
 <xmx:euJsXIv9kRb9hWHoBzdFJdWAG4Hzfe-JFoVHr8G2OvElCfJ1gbDe2g>
 <xmx:euJsXGZUUEg_jQphBg4K5zEAegNPXH-py88gpG_EbrS9K_wzXnFMPg>
 <xmx:e-JsXPe0pkpqmTw7z5p04P7iLKfWDEVkEP4OC-BMbIlVdCr7LvhRIw>
Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id 7B93010311;
 Wed, 20 Feb 2019 00:15:38 -0500 (EST)
Date: Wed, 20 Feb 2019 00:15:36 -0500
From: Leo Famulari <leo@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
Message-ID: <20190220051536.GA7782@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN>
 <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN>
 <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="liOOAslEiF7prFVr"
Content-Disposition: inline
In-Reply-To: <1550625137.14138.3.camel@HIDDEN>
User-Agent: Mutt/1.11.2 (2019-01-07)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


--liOOAslEiF7prFVr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Tue, Feb 19, 2019 at 05:12:17PM -0800, Jason Self wrote:
> Taking this and considering Guix's build process: The method of
> building seems to involve downloading Chromium, then runnning
> ungoogled-chromium over it, and then building. I'm not sure if any
> other packages have their freedom problems fixed in this way but this,
> just like build flags, should not be sufficient. Freedom problems
> should not be hidden/removed after the fact by asking the user to run a
> clean-up program after downloading the source, even if that has been
> automated by the package manager. What is sent to the end user to
> compile should itself be 100% free software and FSDG compliant from the
> beginning. If not it still amounts to distributing non-free software to
> the user when they want to, for example, do guix build -S chromium.

To clarify this general point about Guix for anyone who is reading
along, as a matter of policy the end user does not receive non-free
source code from Guix.

The tools provided by Guix to access source code only return source code
that is freely licensed. If the sources have to be modified to ensure
this, the unodified source code is not provided to the user. Guix is
specifically designed to do it this way.

--liOOAslEiF7prFVr
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlxs4nUACgkQJkb6MLrK
fwhsPw//TGH5826MuUVxzsxjlYgNWfcLworp6z7LEQmhq9SjjyX2gCa76bCQTyHi
+wAGo2GCnYIGuV/jMAZj/dyTrpsJjd48DQhYeEUdilQPh6ktWN5LOxj/R68mp7eP
BVTizKe+vEbJ1iJcK3B4F7UNAlRWp7ur+4gSqmFdGSd3y9EIwPgfVBTMjp0qleVk
ddJYhRYpHNmcVPcgVbyb8JewFn7ctOPsBGfpZqieirbDJRq+sjVDs2DsZzE+l+dk
C2U86gQfLM6/vGwCV9Ly7yXpxf0XvdVZrowrU8M+iGeBmpvBCBY+RwF/jE8EKg/7
i+I00wMEF8XtzC0eP3JyPxGOjjD/0/PMIhtuOE0DNW4TFkYhKKfy57ZnTA1P+8Co
yvZUyl5eJMuGy6QgYUGLbrVERS9ib7CVTWEAUoP4CBuBuj4X+LfnTyrHDRUY76FR
3SAgWQIvGkGQ8Bn+uii2UxgYhZWK6r8wTirGuu5Zjzy1vNcdaxNr5EQDu0jcxfBl
QpthGuq1fZX8U8kRyJ/OCSFyUdE2hpcDLYL9xzF4d1/J30s2s6X3LU+CBhy9c86a
05ZJNHY8wTxMtWBkq80r7HSC4jf80R2bHzjc2C0uUzpImhdQXdaFQ+dmmPLuUd5p
h9dtxEu2CgEhrDvennldvD6my8ZSA/ig6scVOy+FbjWm56/pnc4=
=vUdq
-----END PGP SIGNATURE-----

--liOOAslEiF7prFVr--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 01:19:53 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 20:19:53 2019
Received: from localhost ([127.0.0.1]:56946 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwGYA-00070f-Sm
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 20:19:51 -0500
Received: from bluehome.net ([96.66.250.149]:47390)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gwGY8-00070X-Ps
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 20:19:49 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id CC6BF4B40319
 for <34565 <at> debbugs.gnu.org>; Tue, 19 Feb 2019 17:19:47 -0800 (PST)
Message-ID: <1550625587.14780.2.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Tue, 19 Feb 2019 17:19:47 -0800
In-Reply-To: <1550625137.14138.3.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
 <1550625137.14138.3.camel@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-FL3Ud8YXXQFaqXtTAp91"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-FL3Ud8YXXQFaqXtTAp91
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

> should not be hidden/removed after the fact by asking the user to run
> a clean-up program after downloading the source, even if that has
> been automated by the package manager. What is sent to the end user
> to compile should itself be 100% free software and FSDG compliant
> from the beginning. If not it still amounts to distributing non-free
> software to the user when they want to, for example, do guix build -S
> chromium.

I should probably add on that this position comes from my interaction
with the FSF in 2010: When LibreWRT was founded in 2010 (before it
later merged into libreCMC) we submitted a similar=C2=A0question to the FSF=
,
as to if it was sufficient for the LibreWRT build scripts (which would
be run by the person building the firmware image from source and would
have completely automated, just like how someone might instruct Guix to
build from source) to download Linux and then run the Linux-libre
deblobbing scripts on it vs having the build scripts instead download
tarballs that were already cleaned up. I can't seem to find the email
from back then but the response was that we needed to use already
cleaned-up tarballs, not ask the user to clean up the software after
ward even if automated. So that was what we did. Guix should do
something similar.
--=-FL3Ud8YXXQFaqXtTAp91
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbKszAAoJEJ0NsxtUWjGYptMP/03CoxIb6qFWOuDbHi1bf4CS
VyWKv/OFofuPghUSWnoNWs8ugvZZma3bc4Ak3UYsR9XCWIR4lIvn30qgSczA60oT
gfB8MVUp/k0c87fufQ8qbZQRt0DdOdkYGkJOll6oZOqh8qSyRX+3DUGq9rL4wvi9
hjfELcTThu+0YIZBt+QKLSQmlPEnvMbUtJSDZ5UizUXVNktxSvbLdhg813yBEjAl
prWr9Fe1GdUrmCeCpz/OHMJGpkr157ALxI2Wal7JmaeGKH3oFMzIOAqvAL6TWEJY
wD3sWArALoLKGrbtlu/dMpbB7J2qhyR0CH2hKASixwyl+pjd8mSzPDwyHK+/YQWo
2CZX4hipXPTsb9ksTr4dh5Ai9OawjEtIMU0NohZ2oErPAW25sXmZWjkTpZm/MMet
ur8sBsBcvCA7Bq5tawDh8FTMXGbBXiy3qBH8IyxGvPevs4NovybzkoZpqLfs9ySa
0lzyklJYPrxPSeLTdCcNAKp1lUxkunMsQO7gv3jFLRvgQJXD8cHZFqXfJ0NnFkdd
ak1r95g9woP3QrwKcVz5xn99Kz+ZdS9YhUVC01OGr8Oq7Y7n2yxCYfWNTkahwcyl
2olj1CDhT8Hj62ZRC2iUtmzSiizNl/be2d9TEiUZO+YjG34jpHBMiFcDKIC1cUj6
bYdauzexlozdupfqcGB4
=NaxA
-----END PGP SIGNATURE-----

--=-FL3Ud8YXXQFaqXtTAp91--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 01:12:23 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 20:12:23 2019
Received: from localhost ([127.0.0.1]:56942 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwGQw-0006q6-Tq
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 20:12:23 -0500
Received: from bluehome.net ([96.66.250.149]:47388)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gwGQt-0006pv-In
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 20:12:21 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 3DF784B400A0
 for <34565 <at> debbugs.gnu.org>; Tue, 19 Feb 2019 17:12:18 -0800 (PST)
Message-ID: <1550625137.14138.3.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Tue, 19 Feb 2019 17:12:17 -0800
In-Reply-To: <1550623152.12316.5.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN> <1550623152.12316.5.camel@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-uOLl35LSDQMCsKmHFb2A"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-uOLl35LSDQMCsKmHFb2A
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

A different but related matter is the build process itself. I
understand this is not exactly related to the DRM matter but it does
seem similiar. I can open another bug over this if needed. I have
recently submitted upstream's Chromium 73.0.3683.45 into my FOSSology
instance for analysis. Actually, less than a third of the total files
were classified as "BSD-like". In total it found 162 unique licenses.
Of course, automated licenses analysis is never perfect and I have not
fully vetted any particular results but it does help to at least
indicate that which is very clearly free software and that which needs
further investigation.

Even in the short time I was reviewing it I found a number of freedom
problems. I don't mean that to be an exhaustive list of everything,
merely an indicator of a symptom:

* unrar (license denies freedom 0)
* third_party/blink has some images under CC-BY-NC-SA-2.0
* Google Toolbar is in there, with a non-free EULA

Taking this and considering Guix's build process: The method of
building seems to involve downloading Chromium, then runnning
ungoogled-chromium over it, and then building. I'm not sure if any
other packages have their freedom problems fixed in this way but this,
just like build flags, should not be sufficient. Freedom problems
should not be hidden/removed after the fact by asking the user to run a
clean-up program after downloading the source, even if that has been
automated by the package manager. What is sent to the end user to
compile should itself be 100% free software and FSDG compliant from the
beginning. If not it still amounts to distributing non-free software to
the user when they want to, for example, do guix build -S chromium.
--=-uOLl35LSDQMCsKmHFb2A
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbKlyAAoJEJ0NsxtUWjGYiNMQALC0+q6+B4fntdDAW8GLGdg3
NVD4OHfUVWce4bdinEdYLo8G44m6hUxyGAVHVi+VJWKUbFu9z1GZoOKDTCfW7qJl
NO2w3wphY2vzu5DtWfBVzX20PnAvvOo1+C3t9QoJDBJQFfJ2zy8qtq8b28Mvz3em
OagcbyQE3TAktpC3HFuqqlQV9Hdabm5knavdepYyncQbaXmr48epZtARpYsUu+nb
D/ANT2kf6kGgAc/Pg/8TW5qDMYufXZQdfeys3jLHoxYiHi2pxDEPsWNnIoUbXiwY
gRNQ4eRFWG7zFuE4BZboimjJFnWYnTI2MDrCZ+lECukQEWDIjCUd38Waa8RmJUFB
g6p0tf9LwEBRcDr+JIWCZMlw8+Ph+0HQGetx2DtjQDb59cJYgo+C6L+Xl5JhgSx3
zykZPPpQpZRf8k5uY+HtTJK9/0xyaarEJhafGE7fK0KuwW62qbwj2Evnx0Tw+8jQ
oeEjVouZb+SkpUvQUJazGtsCi3UPqD3yIBXfBik/zdSUGptpMrUzCOHBm7q/1BsB
2hegh1nVsvBVM0HLDrgwTqxBsYaD/c+ZP0YII2MJjl94F9eBiJ17FRy3mWNlgfg3
mtVnyjGwhA+EK0gn05YsnsPm2WXfJu92w+BF2vY5oSGiBIXxGrM8VMwkKkd7J3Fe
RhzK3O7wtTW2/Bff/PUP
=IL5v
-----END PGP SIGNATURE-----

--=-uOLl35LSDQMCsKmHFb2A--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 20 Feb 2019 00:39:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 19:39:16 2019
Received: from localhost ([127.0.0.1]:56930 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gwFut-00062g-RD
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 19:39:16 -0500
Received: from bluehome.net ([96.66.250.149]:47360)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gwFus-00062X-5V
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 19:39:14 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 987F84B4069C
 for <34565 <at> debbugs.gnu.org>; Tue, 19 Feb 2019 16:39:12 -0800 (PST)
Message-ID: <1550623152.12316.5.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Tue, 19 Feb 2019 16:39:12 -0800
In-Reply-To: <20190219144342.GA2688@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <20190219144342.GA2688@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-pzz+1IqxJ3m8isCv+19H"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-pzz+1IqxJ3m8isCv+19H
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Based on=C2=A0http://issues.guix.info/issue/28004#2=C2=A0it is disabled at =
build
time; but not removed. The person said they thought this was FSDG
compliant but a reading of "the distro must contain no DRM" from the
FSDG could be taken to mean the distro still "contains" it, since it's
still within the source code of the program. "Disabled by default"
shouldn't be good enough IMHO; build flags should not be used to hide
freedom problems. The source code represents what the software *is*,
not the build flags.
--=-pzz+1IqxJ3m8isCv+19H
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbKGwAAoJEJ0NsxtUWjGYmGAP+wTXJ80sklDLx8lp9VPxPELo
Uhu4JVBHN53JNEe/I1Q5J5Xu9AzFGbThNoGleL+CPmXGBQVym5KI+2rNQ/LHfNym
qvOGn9twPY7jCh/RhZUt7bSmm0kcKQFdfWAQDb2FaJO1dOEtV9pooWxwMwjgOzNw
1FINrdBHdDfWtjvQ2vafmQAVbjaqK9mjNTW4sE26GGKOgscRsD3uoFm2HQFEptku
Md/2I6te4KZnLm+320DGvSgWKcC5AQwVsEtHcTB21LfAk4rGZwn8XGtdH+Xagsm2
NVKevpYDtepTrxwQuxY1Cd1NSQ0VaDcCs8DrKX6SZaWCmQiXKSrvp+yhEX3P69di
orldJkCqFLNGymGEmzyQ6LPaSYIlcpFHdxZQQ7kop/z7tUyxBdsQeMjPMcyHWLt3
+OkDHGDO6jBQHxPhxsUsAK9gqCe5xW7zWk5BQZzj59WurajTXaJXR/lYlHzs+EAG
PS6VQ9RQZ0dQQWObag8HbuTW2xyRwO8xFY/o0u7+r2iB5zg26BjJhFELouP0oT2P
omcEgF8Y+4OWgnO0FE7U5M+74f6ACNKQ++PrLNw9dkur89dHIsvDd3MCp6yEuKfq
mG2zJX+P+Jg+hhPVDXA99jaJ3b3Uw85+Ldvrz+QLEuXT6+z5oH8d59RfgYTdPL2l
HnGfn+otxauemJ2jE30H
=zN5H
-----END PGP SIGNATURE-----

--=-pzz+1IqxJ3m8isCv+19H--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 19 Feb 2019 14:44:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 09:44:25 2019
Received: from localhost ([127.0.0.1]:54039 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gw6dF-0007Ml-3H
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 09:44:25 -0500
Received: from lepiller.eu ([89.234.186.109]:51382)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <julien@HIDDEN>) id 1gw6dD-0007Mb-FT
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 09:44:24 -0500
Received: from webmail.lepiller.eu (static-176-182-42-79.ncc.abo.bbox.fr
 [176.182.42.79]) by lepiller.eu (OpenSMTPD) with ESMTPSA id cf91b538
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO)
 for <34565 <at> debbugs.gnu.org>; Tue, 19 Feb 2019 14:44:17 +0000 (UTC)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
Date: Tue, 19 Feb 2019 15:44:17 +0100
From: Julien Lepiller <julien@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <ea3643bd3575de03e15d3c82c1aefe8c@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
 <ea3643bd3575de03e15d3c82c1aefe8c@HIDDEN>
Message-ID: <aba259a44a52136939babd3f3cfee6be@HIDDEN>
X-Sender: julien@HIDDEN
User-Agent: Roundcube Webmail/1.3.8
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Le 2019-02-19 14:42, Julien Lepiller a écrit :
> Le 2019-02-19 14:28, Jason Self a écrit :
>> On Tue, 2019-02-19 at 02:06 -0500, Leo Famulari wrote:
>> Why do you think this is the case?
>> 
>> We know Chromium comes with it. Have you looked through ungoogled-
>> chromium to see where it's being deleted?
> 
> Our package definition has two widevine-related headers listed as
> preserved third-party stuff... I'm not sure how widevine normally
> gets into chromium, but if we don't have it, I guess we should
> not need these headers? There might actually be an issue, but
> I'm not sure how to check. Where is widevine in upstream (non
> ungoogled) chromium? Is it downloaded at runtime?
> 
> IIUC, the rest of this widevine directory is removed before
> building anything, so maybe there's nothing to worry about
> after all?

So I've downloaded the source tarball with `guix build -S chromium`
and here's what I found in it:

$ find -name cdm
./media/cdm
./third_party/widevine/cdm
./chrome/android/java/src/org/chromium/chrome/browser/media/cdm
./chrome/browser/media/android/cdm
./content/renderer/media/cdm
./chromecast/media/cdm
./components/cdm

$ find -name widevine
./third_party/widevine

$ find -name '*widevine*'
./third_party/widevine
./third_party/widevine/cdm/android/widevine_cdm_version.h
./third_party/widevine/cdm/widevinecdmadapter.ver
./third_party/widevine/cdm/stub/widevine_cdm_version.h
./third_party/widevine/cdm/widevine.gni
./third_party/widevine/cdm/widevine_cdm_version.h
./third_party/widevine/cdm/widevine_cdm_common.h
./chrome/common/widevine_cdm_constants.h
./chrome/common/widevine_cdm_constants.cc
./chrome/browser/component_updater/widevine_cdm_component_installer.cc
./chrome/browser/component_updater/widevine_cdm_component_installer.h
./components/cdm/common/widevine_drm_delegate_android.cc
./components/cdm/common/widevine_drm_delegate_android.h
./components/cdm/renderer/widevine_key_system_properties.cc
./components/cdm/renderer/widevine_key_system_properties.h


This 
./chrome/browser/component_updater/widevine_cdm_component_installer.cc
looks particularly suspicious to me...

Now, it seems that widevine stuff only gets built when the 
ENABLE_WIDEVINE
option is set, and it doesn't seem to be the case in guix' package. 
Since
I don't understand how the browser gets built, so I'm not sure about the
default. In any case, it would be good to get rid of these files even
if they aren't built.

HTH!




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 19 Feb 2019 14:43:54 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 09:43:54 2019
Received: from localhost ([127.0.0.1]:54035 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gw6cj-0007LV-QB
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 09:43:53 -0500
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:46973)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@HIDDEN>) id 1gw6ch-0007LI-9c
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 09:43:52 -0500
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id B023822157;
 Tue, 19 Feb 2019 09:43:45 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Tue, 19 Feb 2019 09:43:45 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=l5eCWl2t9vAJP0Q1YHC382Ls
 8sXzKB0A4ncdM385CgE=; b=W+ub/KBQ2iZ0zO/T2q3Xy9oFNC/6vh3nddEq/hrU
 j/5bMYGuuaqmaDhrTJocKjNuNiJId2WYZxPEk7dyNyQXsFQYe3I6U1mDNRPHnpK6
 f821BZGe46DdF6urH9kOpXhaj0O8JSRdScsYI8kEzMQAW4PWESCZgKfBrPewRNzp
 RGA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=l5eCWl
 2t9vAJP0Q1YHC382Ls8sXzKB0A4ncdM385CgE=; b=kZxoXqplXRrlhhX8ZVX++I
 Pir/oaWOX2LVmgID2R3QTfMIm3iypJ59b/ZkboB8NP2SNK6rGVHWVqwsz3d57n0o
 8lsluzQt6ob5OtYe+1nvW5evClQsFXP9FgSUVz0enK8FXSVv4gMvvxUVL6mGtGQO
 dXiIWtaPKb1eTZcoiQZjD9zI/4gEidRz8fSzsNfxVa/tGUJLBIVxb+fbdmMXeo03
 ShPRa8IxFd+xuC6eNxtrKgEKnUEvDhr5/1yZllInCU2lyq9p8G14yqAiVNXxX9wY
 sgY0Orz6nGaLM2cVZPVv/U+LEiOJiG7CrewZlN0JIJ2R36yedmOzbaBrwRAM5ZUw
 ==
X-ME-Sender: <xms:IRZsXBmH4yKCFMrFqXxZET1FQB1ohAkLjoqSFvjSI4oS-jIw74UTSQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdeggdeiieculddtuddrgedtledrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujggfsehgtd
 erredtredunecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhl
 rghrihdrnhgrmhgvqeenucfkphepjeeirdduvdegrddvtddvrddufeejnecurfgrrhgrmh
 epmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgvnecuvehluhhsthgv
 rhfuihiivgeptd
X-ME-Proxy: <xmx:IRZsXOdaXMN_jwrWOST75ygIyXHxbYvtAAXQyiWK15bBL39C2OirLg>
 <xmx:IRZsXGXo4-opPMxJx3WCm-Fshs7EEPi4wD_PkfbvpI3h_SORZwCtsg>
 <xmx:IRZsXKEI6FDZkXavtrxA49ShxbQ355QAm1_3YPHTPvVMVB2FfCTwBg>
 <xmx:IRZsXIq1CymPAxUCjHQjr5gmtHicCXStFxAeEaJ_TylhJR0UT_ZnYQ>
Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id D4340E4240;
 Tue, 19 Feb 2019 09:43:44 -0500 (EST)
Date: Tue, 19 Feb 2019 09:43:42 -0500
From: Leo Famulari <leo@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
Message-ID: <20190219144342.GA2688@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN>
 <1550582906.5431.7.camel@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="YZ5djTAD1cGYuMQK"
Content-Disposition: inline
In-Reply-To: <1550582906.5431.7.camel@HIDDEN>
User-Agent: Mutt/1.11.2 (2019-01-07)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Feb 19, 2019 at 05:28:26AM -0800, Jason Self wrote:
> We know Chromium comes with it. Have you looked through=A0ungoogled-
> chromium to see where it's being deleted?

Please show us the paths in our package's source code. We need to remove
it if it is there.

I looked and cannot find it.

I looked at how some other distros do it.

They get the Widevine binaries by extracting them from a download of the
Google Chrome browser, which is not the browser that has been packaged
for Guix.

--YZ5djTAD1cGYuMQK
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlxsFhsACgkQJkb6MLrK
fwj3sA/9G+BmgkEAnYEe41qMs90eVYG2jtYDRvS9S6AkXVSdKUv1TecFDAvaMddl
ymWaML/6YvRPW/9c09g+iUjkToBYTcymdD59c7GWhR73MKcZb3i0DScU/nDllxhs
dh6MqRnElK9D9Ej4Z/66y7NrrSD/5X62FXfmPDiNTP0BbAS+8FPKWLkItle3LSzA
tJUmr47wvBl+fxtSf7r3eWzj5PZk1wvBmyKHC+a8JvylK2gcg1PKVF8GnqQhgdKF
t/bQ5gnG1Gq1u9Um0rprza17gQjC6U+AG7W7VA9CkcBLVkY+FyQte2C1XmPSfIyD
LQQ3V+EL8l6bNEuE7c+x4OWWudSkRqp8xG9JbfBvGycISBUnhzZdS/C7Po59uh4S
mrGqYr1pqmIF1S/KvfphOpPt1gs0SV2ixMvPrgr4WM2lxX9UdOhpJf6PYUtLC3Yp
AB6s/fXxC2QEKBUsu6ba6SzH5660jXU9We+ywb2TliluHql7tcsivUOX3lEWc44w
A++8TltYRhdgvufgIQRqa/41SxGH7H2DiLIRC2oMqfr3wNDty1+deeCwg1NclCAV
qLUhvuEw4rOS3+VdxZcTbP4Jc/qN1Lgj9x5JnBGGucxwz3yB/H3l/szUPEz11UlB
pZvPEY9BzuP0jkLlM+qHlLGQsXmJVm834SihYPsOvdD2RJzk22M=
=Wnx/
-----END PGP SIGNATURE-----

--YZ5djTAD1cGYuMQK--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 19 Feb 2019 13:42:49 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 08:42:49 2019
Received: from localhost ([127.0.0.1]:54010 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gw5fd-0005nq-4k
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 08:42:49 -0500
Received: from lepiller.eu ([89.234.186.109]:51374)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <julien@HIDDEN>) id 1gw5fc-0005ng-2J
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 08:42:48 -0500
Received: from webmail.lepiller.eu (static-176-182-42-79.ncc.abo.bbox.fr
 [176.182.42.79]) by lepiller.eu (OpenSMTPD) with ESMTPSA id fee2c52b
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); 
 Tue, 19 Feb 2019 13:42:43 +0000 (UTC)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8;
 format=flowed
Content-Transfer-Encoding: 8bit
Date: Tue, 19 Feb 2019 14:42:42 +0100
From: Julien Lepiller <julien@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
In-Reply-To: <1550582906.5431.7.camel@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN> <1550582906.5431.7.camel@HIDDEN>
Message-ID: <ea3643bd3575de03e15d3c82c1aefe8c@HIDDEN>
X-Sender: julien@HIDDEN
User-Agent: Roundcube Webmail/1.3.8
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Le 2019-02-19 14:28, Jason Self a écrit :
> On Tue, 2019-02-19 at 02:06 -0500, Leo Famulari wrote:
> Why do you think this is the case?
> 
> We know Chromium comes with it. Have you looked through ungoogled-
> chromium to see where it's being deleted?

Our package definition has two widevine-related headers listed as
preserved third-party stuff... I'm not sure how widevine normally
gets into chromium, but if we don't have it, I guess we should
not need these headers? There might actually be an issue, but
I'm not sure how to check. Where is widevine in upstream (non
ungoogled) chromium? Is it downloaded at runtime?

IIUC, the rest of this widevine directory is removed before
building anything, so maybe there's nothing to worry about
after all?




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 19 Feb 2019 13:28:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 08:28:32 2019
Received: from localhost ([127.0.0.1]:54005 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gw5Rn-0005Rc-O7
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 08:28:32 -0500
Received: from bluehome.net ([96.66.250.149]:47136)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gw5Rk-0005RP-GR
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 08:28:29 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id E19324B400A0
 for <34565 <at> debbugs.gnu.org>; Tue, 19 Feb 2019 05:28:26 -0800 (PST)
Message-ID: <1550582906.5431.7.camel@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: 34565 <at> debbugs.gnu.org
Date: Tue, 19 Feb 2019 05:28:26 -0800
In-Reply-To: <20190219070601.GA8273@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
 <20190219070601.GA8273@HIDDEN>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-bQbHQjUQ1oknBjrz4YAY"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 34565
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)


--=-bQbHQjUQ1oknBjrz4YAY
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Tue, 2019-02-19 at 02:06 -0500, Leo Famulari wrote:
Why do you think this is the case?

We know Chromium comes with it. Have you looked through=C2=A0ungoogled-
chromium to see where it's being deleted?
--=-bQbHQjUQ1oknBjrz4YAY
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJcbAR6AAoJEJ0NsxtUWjGYe9QQAISDtgdlS9ieMNmlYCNB1VON
D/TssfVcjWwMLkwPoYQ6nmojja0UtpVNPTs+4nvm/+dELwwCjIxVioLa335iWZk6
4D3chC6y/6lgybLFC+QV2asnqz/qGfOqKHAbwpPTXWKZ5A7rA7DBva4I/5nGEquN
LEIPpML4u6O3PqEpKZvgie6IWKMsFiJ1TjSa+7nTB5v9n78T1p6GHsIyoef7tXxK
pF7JIhv4QEys/gYpVkRRsyeF6NIyPo7BFECqBf5slZDQCeWChTXnlV+eQGJoFMn5
biSQziysBdSyviHMDQ7j8bt4ECE8WuCj4GOxVzYhOpa8t5Zh7IZ9e9eL0ti7Q7Pg
uGguUrJmL9cNrJYQYjJ2fQOxYnZ/B6/ECCDRuCDjmCoF0oRe5BC+f0UYzMAvnmkF
5+ufm91g5tO1WtV1YfyCzZ3tzqLd7ON0nUxiaqtsRfA6zekQAclqhnMnTCy2Q0vX
edIzFOtfthWAoR86d8IBW1wTH9QwtJJ/ku/+W1R7LorlQT1kEvojaOsTLrjTYPC1
EqL8AXIy5hMEJboEW1druos+r49ARGQ7+GM8WGEgy8TLZ6g9/WTfa2w1hJpc3ZG1
m83psCDaFDAwROAKASDD9yStL8qe+e8OLi7A4PCvPM1MlBYKvnOpi1gX+iG+01VP
Exlw9keWXMQjsBwOlJS/
=OPaZ
-----END PGP SIGNATURE-----

--=-bQbHQjUQ1oknBjrz4YAY--





Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at 34565 <at> debbugs.gnu.org:


Received: (at 34565) by debbugs.gnu.org; 19 Feb 2019 07:06:17 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 02:06:17 2019
Received: from localhost ([127.0.0.1]:53757 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gvzTt-0006p1-1S
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 02:06:17 -0500
Received: from out2-smtp.messagingengine.com ([66.111.4.26]:42119)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@HIDDEN>) id 1gvzTo-0006ol-Ix
 for 34565 <at> debbugs.gnu.org; Tue, 19 Feb 2019 02:06:15 -0500
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id 3952F22E76;
 Tue, 19 Feb 2019 02:06:07 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162])
 by compute4.internal (MEProxy); Tue, 19 Feb 2019 02:06:07 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-type:in-reply-to; s=mesmtp; bh=CpozGXLbO+gfL2njNjf+ITGO
 wu5w+12v8A7x7ZKoXwc=; b=BJZY4qpKD3/mFJ8DmKk3v/x6sQtL05WGV6nUT9yh
 6Rt7yP72rCFKkGOz8btOi+lHFFHYt7P/0+LKmGZ7gd9zoXI31ELU89M+R0Y45eof
 JrWr7GH4vH/d06xHfnKdK4JWAjDZ+19RC1saK0q20OBsURhBVMgDiVJLT3wtHPZl
 CtY=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=CpozGX
 LbO+gfL2njNjf+ITGOwu5w+12v8A7x7ZKoXwc=; b=RVOaNoUDLAkIdfpMFiyoKz
 n1db9TD/LzYXvYIWDlxOsW36g4/9sMB1bNAysf4V80MpBDPiZ9UjTIr5pkubM/qc
 pRUgojM+/Js7XUJr+amMhO7Gf481Xpx19aUkrSpyB+fJLZ8UsZkB2g5zr6TVRm2s
 c9OvQh5NyrpYIe3YrKsoXXzZGr2sSWY9QF3G5rzsVKQTaPPRBzmgjMk2qLdRDVD7
 YRSF4+sIROqB3Ai2KTH0xXOiXzDmpaAFhCvf/wzQzO6EAnwm/EU8L+BVrlNeCx5j
 aYKFhYXGSmHA1/9N0m47Wnf8oG8LKXLksIbd59MUnZn/ZJ6eGlnxVEHcVEAc7i3w
 ==
X-ME-Sender: <xms:26prXPv8kyNcWllLzHgNedWCcJ0E94j4IkadQJeUovlti42EsxSslg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrtdefgddvjeculddtuddrgedtledrtddtmd
 cutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthen
 uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujggfsehgtd
 erredtredvnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhl
 rghrihdrnhgrmhgvqeenucfkphepjeeirdduvdegrddvtddvrddufeejnecurfgrrhgrmh
 epmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgvnecuvehluhhsthgv
 rhfuihiivgeptd
X-ME-Proxy: <xmx:26prXMSj4bnHFYogy_b1SnypgmSK7UJOkFUvNShIAXmp2O6snWdA3Q>
 <xmx:26prXOILNpcYa8N2EwmIZQ6WInEbw-VsWBmUZXYsLwLowlMBhzjDRQ>
 <xmx:26prXHtYthPtKEN53Kp_1fZNYqDc_C4KBA4iyuFF6kbrXAJI3JJ_Ww>
 <xmx:36prXOWQqLk7aS1DTii0KWUI9wz4DVcpSvLkNIUhdLprRL6r4yaMDw>
Received: from localhost (c-76-124-202-137.hsd1.pa.comcast.net
 [76.124.202.137])
 by mail.messagingengine.com (Postfix) with ESMTPA id 6D78DE422E;
 Tue, 19 Feb 2019 02:06:03 -0500 (EST)
Date: Tue, 19 Feb 2019 02:06:01 -0500
From: Leo Famulari <leo@HIDDEN>
To: Jason Self <j@HIDDEN>
Subject: Re: bug#34565: ungoogled-chromium contains Widevine DRM
Message-ID: <20190219070601.GA8273@HIDDEN>
References: <1550547897.31222.1.camel@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="SUOF0GtieIMvvwua"
Content-Disposition: inline
In-Reply-To: <1550547897.31222.1.camel@HIDDEN>
User-Agent: Mutt/1.11.2 (2019-01-07)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 34565
Cc: 34565 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)


--SUOF0GtieIMvvwua
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Mon, Feb 18, 2019 at 07:44:57PM -0800, Jason Self wrote:
> Unless I am mistaken, ungoogled-chromium is not removing Widevine DRM
> from upstream Chromium. Guix should remove that if upstream won't, as I
> believe this goes against "the distro must contain no DRM..." in the
> FSDG.

Why do you think this is the case? It doesn't work for me on any of the
Widevine demos I can find, unlike an installation of Google Chrome.

--SUOF0GtieIMvvwua
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlxrqskACgkQJkb6MLrK
fwgzrA/9H0FJab93kOmGGYimb34J9kyy4Eu0WPw1E1owf80l6HFt6cCBsbxoEwxl
n3kgryTH5eUfcEuhErUUY19SnduA7hRgHz77VUpZHw47HFN5s2Psk0Q/OlyKRQ0R
uccDXD4NOhS0s7gmM9wcaEQjccolYDcurdfKcvpRPqJZCoNk7y2CYZclX81ELIwF
0JBK2vQ0zypoXza0+i6uqWwAxjZ9VxH+r68+s/X2j0TApeoS3HS/ssIEYsbVKuUT
heCKsx/pJjX0jE/krV0k3554KnIyhn/VvMXWOV7oQvujWjrTzbsxpXLltxkHyNkl
l2d/ny4SjqUWzkfMfYgSwwzMTdUeMflbRKaXlPRAcNN92tKEkrImX11NBDMnZhh4
9CTaoHe4unR4UUy5M+Ek4xb9sh9T4lUcQ2puNFB5SSFth+OdcwVC/EAwtLx0+OIM
HBhSCw4c1l//7zB9Sh2dC0c64fRtAN5Zd5sS3FQ3PSiLRF/XJIHqXr1dlUFnSzAv
241g+tNuTJvpwwndy7a9fVPNfa0b2Sbqs7+rWAz53CtDjYKJFYokug2ZTUntltS0
rqq0lHvVpAtSgsqNTnh3JOtSWCFsZ2HJJbDWCRxIUrOEJDBSzx1D2gpvLXcuRnhg
d3KqFIduVTaW79JEIx0kqpvgLqZLUBBhi2mGJsA5wZBlAzRP+6g=
=v/ZO
-----END PGP SIGNATURE-----

--SUOF0GtieIMvvwua--




Information forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 19 Feb 2019 05:27:24 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 19 00:27:24 2019
Received: from localhost ([127.0.0.1]:53712 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1gvxwA-0002jV-Lr
	for submit <at> debbugs.gnu.org; Tue, 19 Feb 2019 00:27:24 -0500
Received: from bluehome.net ([96.66.250.149]:46846)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <j@HIDDEN>) id 1gvwL5-0006lz-LI
 for submit <at> debbugs.gnu.org; Mon, 18 Feb 2019 22:45:00 -0500
Received: from pc.lan (pc.lan [10.0.0.51])
 by bluehome.net (Postfix) with ESMTPSA id 49C014B40319
 for <submit <at> debbugs.gnu.org>; Mon, 18 Feb 2019 19:44:57 -0800 (PST)
Message-ID: <1550547897.31222.1.camel@HIDDEN>
Subject: ungoogled-chromium contains Widevine DRM
From: Jason Self <j@HIDDEN>
To: submit <at> debbugs.gnu.org
Date: Mon, 18 Feb 2019 19:44:57 -0800
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.18.5.2-0ubuntu3.2 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Tue, 19 Feb 2019 00:27:18 -0500
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Package: guix

Unless I am mistaken, ungoogled-chromium is not removing Widevine DRM
from upstream Chromium. Guix should remove that if upstream won't, as I
believe this goes against "the distro must contain no DRM..." in the
FSDG.




Acknowledgement sent to Jason Self <j@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-guix@HIDDEN. Full text available.
Report forwarded to bug-guix@HIDDEN:
bug#34565; Package guix. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Sat, 12 Oct 2019 11:30:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.