\documentclass[aspectratio=169]{beamer} \mode { \usetheme{Hannover} \setbeamertemplate{authors}{} % Remove navigation symbols. \setbeamertemplate{navigation symbols}{} } % Dark theme. Comment if there's lots of ambient light. \usecolortheme{owl} \usepackage{color} \usepackage[utf8]{inputenc} \usepackage{listings} \usepackage{graphicx} \usepackage[font=tiny,skip=0pt]{caption} \usepackage{verbatim} \graphicspath{{img/}} % Use symbols instead of numerals for footnotes. \renewcommand{\thefootnote}{\fnsymbol{footnote}} % Reset footnote counter every section. \makeatletter \@addtoreset{footnote}{subsection} \makeatother \newcommand{\iconframe}[2] { \begin{minipage}[t]{2.5em} \includegraphics[width=\textwidth]{app-icons/#1} \captionof*{figure}{#2} \end{minipage} } \title[The Chromium mess meets Android]{The Chromium mess meets Android} \subtitle{Proposals on how to get a fully free WebView build or replace it by something completely new} \author{David Ludovino \and Jeremy Rand \thanks{\footnotesize with support from Andrés D and Kurtis Hanna}} \institute[Replicant]{Replicant} \date{} \logo{\includegraphics[scale=0.25]{logo}} \titlegraphic{\includegraphics[width=4em]{logo}} \begin{document} \begin{frame} \maketitle \end{frame} \section{What is WebView?} \begin{frame}[fragile] \frametitle{What is WebView?} \begin{columns} \begin{column}{0.6\textwidth} Renders web content (HTML, CSS, JavaScript) inside apps.\\\bigskip API has been around since Android 1.\\\bigskip \lstset{ language=Java, basicstyle=\scriptsize\ttfamily, keywordstyle=\color{blue}, stringstyle=\color{orange}, } \begin{lstlisting} public class MainActivity extends Activity { @Override protected void onCreate(Bundle state) { super.onCreate(state); WebView v = new WebView(this); setContentView(v); v.loadUrl("https://replicant.us"); } } \end{lstlisting} \end{column} \begin{column}{0.3\textwidth} \includegraphics[width=\textwidth]{webview-sample} \end{column} \end{columns} \end{frame} \subsection{Which apps use it?} \begin{frame} \frametitle{Which apps use WebView?} Apps that render HTML: email clients, RSS readers, etc.\\\bigskip Became pervasive with the advent of cross-platform mobile frameworks.\\\medskip \begin{block}{Half of the apps listed at PRISM Break depend on WebView} \vspace{1ex} \centering \begin{tabular}{c | c} uses WebView & does not use WebView \\ \hline \iconframe{k9mail}{K-9 Mail} \iconframe{osmand}{OsmAnd} \iconframe{nextcloud}{Nextcloud} \iconframe{ttrss}{Tiny Tiny RSS} \iconframe{i2p}{I2P} & \iconframe{orbot}{Orbot} \iconframe{fdroid}{F-Droid} \iconframe{andotp}{andOTP} \iconframe{shaarlier}{Shaarlier} \iconframe{briar}{Briar} \\ \iconframe{wallabag}{wallabag} \iconframe{openkeychain}{OpenKeychain} \iconframe{etesync}{EteSync} \iconframe{syncthing}{Syncthing} \iconframe{signal}{Signal} & \iconframe{conversations}{Conversations} \iconframe{silence}{Silence} \iconframe{tincapp}{Tinc App} \iconframe{keepassdx}{KeePass DX} \iconframe{jami}{Jami} \\ \iconframe{dandelion}{dandelion*} \iconframe{nomad}{Nomad} \iconframe{tusky}{Tusky} \iconframe{movim}{Movim} & \iconframe{bitmask}{Bitmask} \iconframe{wireguard}{Wireguard} \iconframe{fennec}{Fennec F-Droid} \iconframe{torbrowser}{Tor Browser} \iconframe{thorium}{Thorium} \\ \end{tabular} \end{block} \end{frame} \subsection{What's underneath it?} \begin{frame} \frametitle{What is underneath WebView?} \includegraphics[width=3em]{webkit} WebKit until Android 4.3 Jelly Bean (API 18).\\ \vspace{3\baselineskip} \includegraphics[width=3em]{chromium} Chromium from Android 4.4 KitKat (API 19) onwards. \end{frame} \section{What's the matter with Chromium?} \begin{frame} \frametitle{What's the matter with Chromium?} Privacy issues: \begin{itemize} \item Background requests to Google during build and run. \item Depends on Google services for several features (e.g. Safe Browsing). \item Limited privacy controls. \end{itemize} \bigskip Freedom issues: \begin{itemize} \item Pre-built binaries throughout the code base. \item Missing license in some source files. \end{itemize} \bigskip Verdict: unfit for fully free-software distributions. \end{frame} \section{WebView and Replicant} \begin{frame} \frametitle{WebView and Replicant} \begin{columns} \begin{column}{0.1\textwidth} \includegraphics[width=\textwidth]{replicant} \end{column} \begin{column}{0.9\textwidth} Replicant: \begin{itemize} \item Android distribution \item compliant with GNU Free System Distribution Guidelines (FSDG) \end{itemize} \end{column} \end{columns} \vspace{2\baselineskip} Using outdated WebView based on Chromium 43: lots of security concerns.\\ \vspace{2\baselineskip} How to create a WebView build that respects user's privacy and freedom? \end{frame} \section{Chromium forks} \subsection{Desktop Chromium} \begin{frame} \frametitle{Desktop Chromium forks} \begin{itemize} \item \includegraphics[height=2em]{chromium} ungoogled-chromium: aligned with privacy and freedom \item \includegraphics[height=2em]{bromite} Bromite: can build WebView; only focused on privacy and ad blocking \item \includegraphics[height=2em]{debian} Debian: replaces pre-builts with system libs; Google services not removed \item \includegraphics[height=2em]{iridium} Iridium: one step on every direction; not as thorough as others \end{itemize} \vspace{2\baselineskip} \begin{columns} \begin{column}{0.1\textwidth} \includegraphics[width=\textwidth]{guix} \end{column} \begin{column}{0.9\textwidth} Guix, a FSDG compliant distro, uses:\\ ungoogled-chromium + build recipe that removes some files. \end{column} \end{columns} \end{frame} \lstset{ basicstyle=\fontsize{5}{5}\ttfamily, keywordstyle=\color{brown}\bfseries\underbar, otherkeywords={google,Google} } \subsection{Android Chromium} \begin{frame} \frametitle{Android Chromium forks} Android builds require many more pre-builts and proprietary dependencies.\\ E.g.: Google Mobile Services (GMS)\\\bigskip \begin{itemize} \item \includegraphics[height=2em]{chromium} ungoogled-chromium-android: ungoogled-chromium + Android specific patches; has some remaining pre-builts \item \includegraphics[height=2em]{unobtainium} Unobtainium: aimed to be built within F-Droid (forbids pre-builts); project is unmaintained \end{itemize} \end{frame} \begin{frame}[fragile] \frametitle{Android Chromium forks} \verb;strings classes.dex | grep google; \begin{block}{Chromium 78 WebView - 227 lines} \lstinputlisting{txt/chromium78-webview-google-strings} \end{block} \end{frame} \begin{frame}[fragile] \frametitle{Android Chromium forks} \verb;strings classes.dex | grep google; \begin{block}{Bromite 78 WebView - 124 lines} \lstinputlisting{txt/bromite78-webview-google-strings} \end{block} \end{frame} \begin{frame}[fragile] \frametitle{Android Chromium forks} \verb;strings classes.dex | grep google;\\\bigskip \begin{block}{ungoogled-chromium-android 77 WebView - 10 lines} \lstinputlisting{txt/ungoogled77-webview-google-strings} \end{block} \begin{block}{Replicant 6 WebView - 7 lines} \lstinputlisting{txt/replicant6-webview-google-strings} \end{block} \end{frame} \subsection{Stepwise cleansing} \begin{frame} \frametitle{Stepwise cleansing} Still no 100\% free-software WebView apk void of privacy concerns.\\\bigskip Tentative approach: \begin{enumerate} \item Start with Guix's source code for ungoogled-chromium. \item Run Ubuntu license check on it. \item Check if original Chromium bug still applies (was mostly related to third-party code). \item Try to build WebView (will probably fail). \item Cherry pick patches from ungoogled-chromium-android and Unobtainium. \item Build everything in fdroid-server (picks leftover pre-builts). \item Send recipe for peer-review at GNU-linux-libre. \end{enumerate} \end{frame} \section{GeckoView shim} \begin{frame} \frametitle{WebView API compatibility shim for GeckoView} Chromium fork requires constant maintenance burden.\\\smallskip Google's interests do not align with ours. Check Mozilla.\\ \vspace{2\baselineskip} \begin{columns} \begin{column}{0.1\textwidth} \includegraphics[width=\textwidth]{geckoview} \end{column} \begin{column}{0.9\textwidth} GeckoView: \begin{itemize} \item Java wrapper for Gecko browser engine. \item Used in Android apps as replacement for WebView. \item API is incompatible with WebView: not meant to be a drop-in. \end{itemize} \end{column} \end{columns} \end{frame} \subsection{Mapping WebView to GeckoView} \begin{frame}[fragile] \frametitle{Mapping WebView to GeckoView} \begin{itemize} \setlength\itemsep{1em} \item<1-> Some functions have a 1:1 mapping.\\\smallskip {\small \begin{tabular}{l | l} WebView & GeckoView \\ \hline \verb|goBack()|, \verb|goForward()| & \verb|GeckoSession.NavigationDelegate|\\ \verb|loadUrl()| & \verb|GeckoSession.loadUri()|\\ \verb|stopLoading()| & \verb|GeckoSession.stop()| \end{tabular} } \item<2-> Others require emulation.\\\smallskip {\small \begin{tabular}{l | l} WebView & GeckoView \\ \hline \verb|getTitle()| & \verb|GeckoSession.HistoryDelegate.HistoryItem.getTitle()|\\ \verb|pageDown()| & \verb|PanZoomController.scrollBy(width,height)| \end{tabular} } \item<3-> Others require more features from Gecko to be exposed via GeckoView, e.g. \verb|zoomIn()|. \item<4-> Others still, added on latest Android APIs (26-29), seem too tied to Chromium, e.g. \verb|getWebViewLooper()|, \verb|getWebChromeClient()|, \verb|getWebViewClient()|. \end{itemize} \end{frame} \begin{frame} \frametitle{Mapping WebView to GeckoView} Requires a considerable effort.\\\bigskip Can pay off in the long-term: no need to constantly scout for proprietary dependencies and privacy issues.\\\bigskip Burden may be lessened by collaborations, e.g., qt5-webengine replacement with Gecko underneath. \end{frame} \section{GeckoView on apps} \begin{frame} \frametitle{GeckoView on apps} Fork apps to use GeckoView instead of WebView.\\\bigskip Impossible for the small Replicant team to maintain.\\\bigskip Would only work if app maintainers perceive GeckoView as a better alternative. \end{frame} \section{Feedback?} \begin{frame} \frametitle{Feedback?} \begin{itemize} \setlength\itemsep{1em} \item Questions \item Comments \item Ideas \item Collaboration \end{itemize} \vspace{2em} All welcomed! \end{frame} \begin{frame} \frametitle{Licenses (I)} {\scriptsize \begin{tabular}{l | l | l} item & source & license \\ \hline K-9 Mail logo & \url{https://github.com/k9mail/k-9} & Apache-2.0 \\ OsmAnd logo & \url{https://github.com/osmandapp/Osmand} & CC-BY-NC-ND 4.0 \\ Nextcloud logo & \url{https://github.com/nextcloud/android} & AGPLv3 \\ Tiny Tiny RSS logo & \url{https://gitlab.com/derSchabi/tttrsss} & GPLv3 \\ I2P logo & \url{https://github.com/i2p/i2p.android.base} & Apache-2.0 \\ Orbot logo & \url{https://gitweb.torproject.org/orbot.git} & BSD \\ F-Droid logo & \url{https://gitlab.com/fdroid/fdroidclient} & GPLv3 \\ andOTP logo & \url{https://github.com/andOTP/andOTP} & MIT \\ Shaarlier logo & \url{https://github.com/dimtion/Shaarlier} & GPLv3 \\ wallabag logo & \url{https://github.com/wallabag/android-app} & GPLv3 \\ OpenKeychain logo & \url{https://github.com/open-keychain/open-keychain} & GPLv3 \\ EteSync logo & \url{https://github.com/etesync/android} & GPLv3 \\ Syncthing logo & \url{https://github.com/syncthing/syncthing-android} & MPLv2 \\ Briar logo & \url{https://code.briarproject.org/briar/briar} & GPLv3 \\ \end{tabular} } \end{frame} \begin{frame} \frametitle{Licenses (II)} {\scriptsize \begin{tabular}{l | l | l} item & source & license \\ \hline Conversations logo & \url{https://github.com/siacs/Conversations} & GPLv3 \\ Signal logo & \url{https://github.com/signalapp/Signal-Android} & GPLv3 \\ Silence logo & \url{https://git.silence.dev/Silence/Silence-Android} & GPLv3 \\ Tinc App logo & \url{https://github.com/pacien/tincapp} & GPLv3 \\ KeePass DX logo & \url{https://github.com/Kunzisoft/KeePassDX} & GPLv3 \\ dandelion* logo & \url{https://github.com/gsantner/dandelion} & GPLv3 \\ Nomad logo & \url{https://framagit.org/disroot/AndHub} & GPLv3 \\ Tusky logo & \url{https://github.com/tuskyapp/Tusky} & GPLv3 \\ Movim logo & \url{https://github.com/movim/movim_android} & AGPLv3 \\ Jami logo & \url{https://git.jami.net/savoirfairelinux/ring-client-android} & GPLv3 \\ Bitmask logo & \url{https://0xacab.org/leap/bitmask_android} & GPLv3 \\ WireGuard logo & \url{https://git.zx2c4.com/wireguard-android} & Apache-2.0 \\ Fennec F-Droid logo & \url{https://hg.mozilla.org/releases/mozilla-esr68} & MPL-2.0 \\ Tor Browser logo & \url{https://gitweb.torproject.org/tor-browser.git} & MPL-2.0 \\ \end{tabular} } \end{frame} \begin{frame} \frametitle{Licenses (II)} {\scriptsize \begin{tabular}{l | l | l} item & source & license \\ \hline Thorium logo & \url{https://github.com/sschueller/peertube-android} & AGPLv3 \\ WebKit logo & \url{https://en.wikipedia.org/wiki/File:WebKit_logo_(2015).svg} & non-free \\ Chromium logo & \url{https://commons.wikimedia.org/wiki/File:Chromium_11_Logo.svg} & CC-BY 2.5 \\ Replicant logo & \url{https://redmine.replicant.us/projects/replicant/wiki/Artwork} & CC-BY-SA 3.0 \\ Guix logo & \url{https://git.savannah.gnu.org/cgit/guix/guix-artwork.git/} & CC-BY-SA 4.0 \\ Bromite logo & \url{https://github.com/bromite/bromite.github.io} & GPLv3 \\ Iridium logo & \url{https://github.com/iridium-browser/artwork} & non-free \\ Debian logo & \url{https://www.debian.org/logos/} & CC-BY-SA 3.0 \\ Unobtainium logo & \url{https://gitlab.com/thermatk/Unobtainium} & BSD \\ GeckoView logo & \url{https://github.com/mozilla/geckoview} & non-free \\ everything else & this slideshow & CC BY-SA 4.0 \end{tabular} } \end{frame} \end{document}