From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Newsgroups: gmane.emacs.devel Subject: Re: gmail+imap+smtp (oauth2) Date: Fri, 6 May 2022 14:02:59 +0200 Message-ID: References: <87k0b2tkg1.fsf@mat.ucm.es> <87zgjx4qhs.fsf@gmail.com> <87bkwcgmr3.fsf@mat.ucm.es> <87levfzqj2.fsf@yale.edu> <871qx7scvi.fsf@gmail.com> <87v8ujqec5.fsf@logand.com> <87ee172fjz.fsf@gmail.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Dx1gGFVB8BgqCx0g" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="31931"; mail-complaints-to="usenet@ciao.gmane.io" To: emacs-devel@gnu.org Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Fri May 06 14:04:10 2022 Return-path: Envelope-to: ged-emacs-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nmwgs-00082J-CO for ged-emacs-devel@m.gmane-mx.org; Fri, 06 May 2022 14:04:10 +0200 Original-Received: from localhost ([::1]:57170 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nmwgr-00035w-8c for ged-emacs-devel@m.gmane-mx.org; Fri, 06 May 2022 08:04:09 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:39414) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nmwft-00023J-BV for emacs-devel@gnu.org; Fri, 06 May 2022 08:03:10 -0400 Original-Received: from mail.tuxteam.de ([5.199.139.25]:59606) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nmwfm-0002Xk-VT for emacs-devel@gnu.org; Fri, 06 May 2022 08:03:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tuxteam.de; s=mail; h=From:In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:To:Date:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=owZc/VSateiQSnSBvYIaf9PiCeKhDbVJuLMatfuD8Nk=; b=Fr+Ba/7lQ4A4s1wNFqFVbe8S+2 vpvFUhyy3Szui+aBsx4NAtNM17lQYjZl1ha3Z8v9pzHop+Lg2Fk0wBOhMeOWqkP20h99miREedjt1 qodP57qE0UIQ4UhB0aBSlnaZyWlO42OMvzHyH/cVayjWPrtntZT6Mt6Jjr6U8jPMu0AST7TmhCuz/ YYnm35Y8zRYn9dsnCPm1oo6AVa6Yg/4D9MvlSIEeOmy6V4t6Z48myd0UyAsM+BgBwZApfkFtDu/qz PpePnYavi11OEKvC0SQQgqSh5S5HzOJxN05lnzvDcD4lYNzAtSMhR3AGsR8xxAKrOib8xsAQq52kT o8xcbAUA==; Original-Received: from tomas by mail.tuxteam.de with local (Exim 4.94.2) (envelope-from ) id 1nmwfj-0000YG-7s for emacs-devel@gnu.org; Fri, 06 May 2022 14:02:59 +0200 Content-Disposition: inline In-Reply-To: Received-SPF: pass client-ip=5.199.139.25; envelope-from=tomas@tuxteam.de; helo=mail.tuxteam.de X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.io gmane.emacs.devel:289312 Archived-At: --Dx1gGFVB8BgqCx0g Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 06, 2022 at 07:38:12AM -0400, Stefan Monnier wrote: > > Problem is, Google T&C require that the application ID is kept secret. > > For open source, this is a problem because we cannot add the applicaiton > > ID and keep it secret while making the code open source. >=20 > FWIW, it's also a problem for proprietary applications since the secret > will necessarily be somewhere inside the executable as well. It's a bit > harder to find, and can be obfuscated to some extent, but as long as you > can run the code inside a debugger and you have enough time on your > hands to reverse engineer the workings of that part of the code you can > also extract the application ID. We know. They know. We know they know. They know we know they know. We've been down this drm-keys-embedded-in-application tango so many times already- Now someone explain to me: why do they nevertheless do it? Is it for having some T&C where they basically say "we'll kick you out whenever we think we want to"? I'm hard-pressed to come up with a friendlier interpretation. Cheers --=20 t --Dx1gGFVB8BgqCx0g Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQRp53liolZD6iXhAoIFyCz1etHaRgUCYnUObQAKCRAFyCz1etHa RggbAJwOxElOHzlQI0gPou1beCFhNXAn4gCfai1CGsldbEI4a/opY+/uWonpF34= =nhCg -----END PGP SIGNATURE----- --Dx1gGFVB8BgqCx0g--