On Sat, 30 Apr 2022 13:33:18 -0400 Tad via Replicant <[email protected]> wrote:
> Good morning, Hi, > I recently noticed that Replicant hadn't removed the ClearKey DRM > component. This is FOSS, but still an anti-feature. > DivestOS has had this removed since early 2017. > > I've verified it is included in your release builds. > You'll find libdrmclearkeyplugin.so in /system/vendor/lib/mediadrm. > > This in from frameworks/av, you can rm -rfv > drm/mediadrm/plugins/clearkey; There is also > drm/mediacas/plugins/clearkey, but I found an issue with protobuf > breaking without it. You can also remove the inclusions in > build/target/product/base.mk. > https://git.replicant.us/replicant/frameworks_av/tree/drm/mediadrm/plugins/clearkey > https://git.replicant.us/replicant/build/tree/target/product/base.mk#n54 Thanks a lot, I missed that. We're supposed to remove "DRM" since we follow the Free System Distribution Guidelines[1] which has: > The distro must contain no DRM, no back doors, and no spyware. Do you know how this code is supposed to implement DRM or what it does? Does it really implements restrictions? Is it supposed to talk to the TrustZone OS or nonfree libraries? Or does it only implement a standard (the ClearKey standard?) that works though https without any nonfree software? I've looked a bit on the web and and as I understand, there is a "Clearkey" standard that is part of several DRM schemes (MPEG-DASH?). And as I understand the media is sent encrypted and the key is sent in clear, but I didn't find more details yet. So if it the code implements restrictions we need to remove the code or at least remove the restrictions. If the code does nothing it would be better to remove it to avoid confusion, though it's probably not ultra urgent. And if, like with libdvdcss, it enables to read DRM content, we probably need to contact the FSF lawyer(s) to see what we could do about it. Note that I live In France where there is in practice an exception in the law that allows free software to bypass DRMs[2], but I've no idea how that works when several jurisdictions are concerned (like the USA for hosting, and all around the world for contributors and/or users). References: ----------- [1]https://www.gnu.org/distros/free-system-distribution-guidelines.html [2]https://linuxfr.org/news/le-conseil-detat-revoit-un-decret-de-la-loi-dadvsi-en-faveur-de Denis.
pgpAPIVmj6oQQ.pgp
Description: OpenPGP digital signature
_______________________________________________ Replicant mailing list [email protected] https://lists.osuosl.org/mailman/listinfo/replicant
