diff options
Diffstat (limited to 'talermerchantdemos/blog/articles/en/who-does-that-server-really-serve.html')
-rw-r--r-- | talermerchantdemos/blog/articles/en/who-does-that-server-really-serve.html | 473 |
1 files changed, 473 insertions, 0 deletions
diff --git a/talermerchantdemos/blog/articles/en/who-does-that-server-really-serve.html b/talermerchantdemos/blog/articles/en/who-does-that-server-really-serve.html new file mode 100644 index 0000000..3c4e1a9 --- /dev/null +++ b/talermerchantdemos/blog/articles/en/who-does-that-server-really-serve.html @@ -0,0 +1,473 @@ +<!--#include virtual="/server/header.html" --> +<!-- Parent-Version: 1.86 --> +<title>Who Does That Server Really Serve? +- GNU Project - Free Software Foundation</title> + +<!--#include virtual="/philosophy/po/who-does-that-server-really-serve.translist" --> +<!--#include virtual="/server/banner.html" --> + +<h2>Who does that server really serve?</h2> + +<p>by <strong>Richard Stallman</strong></p> + +<blockquote><p>(The first version was published +in <a href="http://www.bostonreview.net/richard-stallman-free-software-DRM"> +Boston Review</a>.)</p></blockquote> + +<p><strong>On the Internet, proprietary software isn't the only way to +lose your freedom. Service as a Software Substitute, or SaaSS, is +another way to give someone else power over your computing.</strong></p> + +<p>The basic point is, you can have control over a program someone else +wrote (if it's free), but you can never have control over a service +someone else runs, so never use a service where in principle a program +would do.</p> + + +<p>SaaSS means using a service implemented by someone else as a +substitute for running your copy of a program. The term is ours; +articles and ads won't use it, and they won't tell you whether a +service is SaaSS. Instead they will probably use the vague and +distracting term “cloud”, which lumps SaaSS together with +various other practices, some abusive and some ok. With the +explanation and examples in this page, you can tell whether a service +is SaaSS.</p> + +<h3>Background: How Proprietary Software Takes Away Your Freedom</h3> + +<p>Digital technology can give you freedom; it can also take your +freedom away. The first threat to our control over our computing came +from <em>proprietary software</em>: software that the users cannot +control because the owner (a company such as Apple or Microsoft) +controls it. The owner often takes advantage of this unjust power by +inserting malicious features such as spyware, back doors, and <a +href="http://DefectiveByDesign.org">Digital Restrictions Management +(DRM)</a> (referred to as “Digital Rights Management” in +their propaganda).</p> + +<p>Our solution to this problem is developing <em>free software</em> +and rejecting proprietary software. Free software means that you, as +a user, have four essential freedoms: (0) to run the program as +you wish, (1) to study and change the source code so it does what +you wish, (2) to redistribute exact copies, and (3) to +redistribute copies of your modified versions. (See +the <a href="/philosophy/free-sw.html">free software +definition</a>.)</p> + +<p>With free software, we, the users, take back control of our +computing. Proprietary software still exists, but we can exclude it +from our lives and many of us have done so. However, we are now +offered another tempting way to cede control over our computing: +Service as a Software Substitute (SaaSS). For our freedom's sake, we +have to reject that too.</p> + +<h3>How Service as a Software Substitute Takes Away Your Freedom</h3> + +<p>Service as a Software Substitute (SaaSS) means using a service as a +substitute for running your copy of a program. Concretely, it means +that someone sets up a network server that does certain computing +tasks—for instance, modifying a photo, translating text into +another language, etc.—then invites users to do computing via +that server. A user of the server would send her data to the server, +which does <em>her own computing</em> on the data thus provided, then +sends the results back to her or acts directly on her behalf.</p> + +<p>The computing is <em>her own</em> because, by assumption, she +could, in principle, have done it by running a program on her own +computer (whether or not that program is available to her at +present). In cases where this assumption is not so, it isn't SaaSS.</p> + +<p>These servers wrest control from the users even more inexorably +than proprietary software. With proprietary software, users typically +get an executable file but not the source code. That makes it hard to +study the code that is running, so it's hard to determine what the +program really does, and hard to change it.</p> + +<p>With SaaSS, the users do not have even the executable file that +does their computing: it is on someone else's server, where the users +can't see or touch it. Thus it is impossible for them to ascertain +what it really does, and impossible to change it.</p> + +<p>Furthermore, SaaSS automatically leads to consequences equivalent +to the malicious features of certain proprietary software.</p> + +<p> For instance, some proprietary programs are “spyware”: +the program <a href="/philosophy/proprietary-surveillance.html"> +sends out data about users' computing activities</a>. +Microsoft Windows sends information about users' activities to +Microsoft. Windows Media Player reports what each user watches or +listens to. The Amazon Kindle reports which pages of which books the +user looks at, and when. Angry Birds reports the user's geolocation +history.</p> + +<p>Unlike proprietary software, SaaSS does not require covert code to +obtain the user's data. Instead, users must send their data to the +server in order to use it. This has the same effect as spyware: the +server operator gets the data—with no special effort, by the +nature of SaaSS. Amy Webb, who intended never to post any photos of +her daughter, made the mistake of using SaaSS (Instagram) to edit +photos of her. Eventually +<a href="http://www.slate.com/articles/technology/data_mine_1/2013/09/privacy_facebook_kids_don_t_post_photos_of_your_kids_on_social_media.html"> they +leaked from there</a>. +</p> + +<p>Theoretically, homomorphic encryption might some day advance to the +point where future SaaSS services might be constructed to be unable to +understand some of the data that users send them. Such +services <em>could</em> be set up not to snoop on users; this does not +mean they <em>will</em> do no snooping.</p> + +<p>Some proprietary operating systems have a universal back door, +permitting someone to remotely install software changes. For +instance, Windows has a universal back door with which Microsoft can +forcibly change any software on the machine. Nearly all portable +phones have them, too. Some proprietary applications also have +universal back doors; for instance, the Steam client for GNU/Linux +allows the developer to remotely install modified versions.</p> + +<p>With SaaSS, the server operator can change the software in use on +the server. He ought to be able to do this, since it's his computer; +but the result is the same as using a proprietary application program +with a universal back door: someone has the power to silently impose +changes in how the user's computing gets done.</p> + +<p>Thus, SaaSS is equivalent to running proprietary software with +spyware and a universal back door. It gives the server operator +unjust power over the user, and that power is something we must +resist.</p> + +<h3>SaaSS and SaaS</h3> + +<p>Originally we referred to this problematical practice as +“SaaS”, which stands for “Software as a +Service”. It's a commonly used term for setting up software on a +server rather than offering copies of it to users, and we thought it +described precisely the cases where this problem occurs.</p> + +<p>Subsequently we became aware that the term SaaS is sometimes used for +communication services—activities for which this issue is not +applicable. In addition, the term “Software as a Service” +doesn't explain <em>why</em> the practice is bad. So we coined the term +“Service as a Software Substitute”, which defines the bad +practice more clearly and says what is bad about it.</p> + +<h3>Untangling the SaaSS Issue from the Proprietary Software Issue</h3> + +<p>SaaSS and proprietary software lead to similar harmful results, but +the mechanisms are different. With proprietary software, the +mechanism is that you have and use a copy which is difficult and/or +illegal to change. With SaaSS, the mechanism is that you don't have +the copy that's doing your computing.</p> + +<p>These two issues are often confused, and not only by accident. Web +developers use the vague term “web application” to lump +the server software together with programs run on your machine in your +browser. Some web pages install nontrivial, even large JavaScript +programs into your browser without informing +you. <a href="/philosophy/javascript-trap.html">When these JavaScript +programs are nonfree</a>, they cause the same sort of injustice as any +other nonfree software. Here, however, we are concerned with the +issue of using the service itself.</p> + +<p>Many free software supporters assume that the problem of SaaSS will +be solved by developing free software for servers. For the server +operator's sake, the programs on the server had better be free; if +they are proprietary, their developers/owners have power over the +server. That's unfair to the server operator, and doesn't help the +server's users at all. But if the programs on the server are free, +that doesn't protect <em>the server's users</em> from the effects of +SaaSS. These programs liberate the server operator, but not the +server's users.</p> + +<p>Releasing the server software source code does benefit the +community: it enables suitably skilled users to set up similar +servers, perhaps changing the +software. <a href="/licenses/license-recommendations.html"> We +recommend using the GNU Affero GPL</a> as the license for programs +often used on servers.</p> + +<p>But none of these servers would give you control over computing you +do on it, unless it's <em>your</em> server (one whose software load +you control, regardless of whether the machine is your property). It +may be OK to trust your friend's server for some jobs, just as you +might let your friend maintain the software on your own computer. +Outside of that, all these servers would be SaaSS for you. SaaSS +always subjects you to the power of the server operator, and the only +remedy is, <em>Don't use SaaSS!</em> Don't use someone else's server +to do your own computing on data provided by you.</p> + +<p>This issue demonstrates the depth of the difference between +“open” and “free”. Source code that is open +source <a href="/philosophy/free-open-overlap.html">is, nearly always, +free</a>. However, the idea of +an <a href="https://opendefinition.org/ossd/">“open +software” service</a>, meaning one whose server software is open +source and/or free, fails to address the issue of SaaSS.</p> + +<p>Services are fundamentally different from programs, and the ethical +issues that services raise are fundamentally different from the issues +that programs raise. To avoid confusion, +we <a href="/philosophy/network-services-arent-free-or-nonfree.html"> +avoid describing a service as “free” or +“proprietary.”</a></p> + +<h3>Distinguishing SaaSS from Other Network Services</h3> + +<p>Which online services are SaaSS? The clearest example is a +translation service, which translates (say) English text into Spanish +text. Translating a text for you is computing that is purely yours. +You could do it by running a program on your own computer, if only you +had the right program. (To be ethical, that program should be free.) +The translation service substitutes for that program, so it is Service +as a Software Substitute, or SaaSS. Since it denies you control +over your computing, it does you wrong.</p> + +<p>Another clear example is using a service such as Flickr or +Instagram to modify a photo. Modifying photos is an activity that +people have done in their own computers for decades; doing it in a +server you don't control, rather than your own computer, is SaaSS.</p> + +<p>Rejecting SaaSS does not mean refusing to use any network servers +run by anyone other than you. Most servers are not SaaSS because the +jobs they do are some sort of communication, rather than the user's +own computing.</p> + +<p>The original idea of web servers wasn't to do computing for you, it +was to publish information for you to access. Even today this is what +most web sites do, and it doesn't pose the SaaSS problem, because +accessing someone's published information isn't doing your own +computing. Neither is use of a blog site to publish your own works, +or using a microblogging service such as Twitter or StatusNet. (These +services may or may not have other problems, depending on details.) +The same goes for other communication not meant to be private, such as +chat groups.</p> + +<p>In its essence, social networking is a form of communication and +publication, not SaaSS. However, a service whose main facility is +social networking can have features or extensions which are SaaSS.</p> + +<p>If a service is not SaaSS, that does not mean it is OK. There are +other ethical issues about services. For instance, Facebook +distributes video in Flash, which pressures users to run nonfree +software; it requires running nonfree JavaScript code; and it gives +users a misleading impression of privacy while luring them into baring +their lives to Facebook. Those are important issues, different from +the SaaSS issue. +</p> + +<p>Services such as search engines collect data from around the web +and let you examine it. Looking through their collection of data +isn't your own computing in the usual sense—you didn't provide +that collection—so using such a service to search the web is not +SaaSS. However, using someone else's server to implement a search +facility for your own site <em>is</em> SaaSS.</p> + +<p>Purchasing online is not SaaSS, because the computing +isn't <em>your own</em> activity; rather, it is done jointly by and +for you and the store. The real issue in online shopping is whether +you trust the other party with your money and other personal +information (starting with your name).</p> + +<p>Repository sites such as Savannah and SourceForge are not +inherently SaaSS, because a repository's job is publication of data +supplied to it.</p> + +<p>Using a joint project's servers isn't SaaSS because the computing +you do in this way isn't your own. For instance, if you edit pages on +Wikipedia, you are not doing your own computing; rather, you are +collaborating in Wikipedia's computing. Wikipedia controls its own +servers, but organizations as well as individuals encounter the +problem of SaaSS if they do their computing in someone else's +server.</p> + +<p>Some sites offer multiple services, and if one is not SaaSS, +another may be SaaSS. For instance, the main service of Facebook is +social networking, and that is not SaaSS; however, it supports +third-party applications, some of which are SaaSS. Flickr's main +service is distributing photos, which is not SaaSS, but it also has +features for editing photos, which is SaaSS. Likewise, using +Instagram to post a photo is not SaaSS, but using it to transform the +photo is SaaSS.</p> + +<p>Google Docs shows how complex the evaluation of a single service +can become. It invites people to edit a document by running a +large <a href="/philosophy/javascript-trap.html">nonfree JavaScript +program</a>, clearly wrong. However, it offers an API for uploading +and downloading documents in standard formats. A free software editor +can do so through this API. This usage scenario is not SaaSS, because +it uses Google Docs as a mere repository. Showing all your data to a +company is bad, but that is a matter of privacy, not SaaSS; depending +on a service for access to your data is bad, but that is a matter of +risk, not SaaSS. On the other hand, using the service for converting +document formats <em>is</em> SaaSS, because it's something you could +have done by running a suitable program (free, one hopes) in your own +computer.</p> + +<p>Using Google Docs through a free editor is rare, of course. Most +often, people use it through the nonfree JavaScript program, which is +bad like any nonfree program. This scenario might involve SaaSS, too; +that depends on what part of the editing is done in the JavaScript +program and what part in the server. We don't know, but since SaaSS +and proprietary software do similar wrong to the user, it is not +crucial to know.</p> + +<p>Publishing via someone else's repository does not raise privacy +issues, but publishing through Google Docs has a special problem: it +is impossible even to <em>view the text</em> of a Google Docs document +in a browser without running the nonfree JavaScript code. Thus, you +should not use Google Docs to publish anything—but the reason +is not a matter of SaaSS.</p> + +<p>The IT industry discourages users from making these distinctions. +That's what the buzzword “cloud computing” is for. This +term is so nebulous that it could refer to almost any use of the +Internet. It includes SaaSS as well as many other network usage +practices. In any given context, an author who writes +“cloud” (if a technical person) probably has a specific +meaning in mind, but usually does not explain that in other articles +the term has other specific meanings. The term leads people to +generalize about practices they ought to consider individually.</p> + +<p>If “cloud computing” has a meaning, it is not a way of +doing computing, but rather a way of thinking about computing: a +devil-may-care approach which says, “Don't ask questions. Don't +worry about who controls your computing or who holds your data. Don't +check for a hook hidden inside our service before you swallow it. +Trust companies without hesitation.” In other words, “Be a +sucker.” A cloud in the mind is an obstacle to clear thinking. +For the sake of clear thinking about computing, let's avoid the term +“cloud.”</p> + +<h3 id="renting">Renting a Server Distinguished from SaaSS</h3> + +<p>If you rent a server (real or virtual), whose software load you +have control over, that's not SaaSS. In SaaSS, someone else decides +what software runs on the server and therefore controls the computing +it does for you. In the case where you install the software on the +server, you control what computing it does for you. Thus, the rented +server is virtually your computer. For this issue, it counts as +yours.</p> + +<p>The <em>data</em> on the rented remote server is less secure than +if you had the server at home, but that is a separate issue from +SaaSS.</p> + +<p>This kind of server rental is sometimes called “IaaS,” +but that term fits into a conceptual structure that downplays the issues +that we consider important.</p> + +<h3>Dealing with the SaaSS Problem</h3> + +<p>Only a small fraction of all web sites do SaaSS; most don't raise +the issue. But what should we do about the ones that raise it?</p> + +<p>For the simple case, where you are doing your own computing on data +in your own hands, the solution is simple: use your own copy of a free +software application. Do your text editing with your copy of a free +text editor such as GNU Emacs or a free word processor. Do your photo +editing with your copy of free software such as GIMP. What if there +is no free program available? A proprietary program or SaaSS would +take away your freedom, so you shouldn't use those. You can contribute +your time or your money to development of a free replacement.</p> + +<p>What about collaborating with other individuals as a group? It may +be hard to do this at present without using a server, and your group +may not know how to run its own server. If you use someone else's +server, at least don't trust a server run by a company. A mere +contract as a customer is no protection unless you could detect a +breach and could really sue, and the company probably writes its +contracts to permit a broad range of abuses. The state can subpoena +your data from the company along with everyone else's, as Obama has +done to phone companies, supposing the company doesn't volunteer them +like the US phone companies that illegally wiretapped their customers +for Bush. If you must use a server, use a server whose operators give +you a basis for trust beyond a mere commercial relationship.</p> + +<p>However, on a longer time scale, we can create alternatives to +using servers. For instance, we can create a peer-to-peer program +through which collaborators can share data encrypted. The free +software community should develop distributed peer-to-peer +replacements for important “web applications”. It may be +wise to release them under +the <a href="/licenses/why-affero-gpl.html"> GNU Affero GPL</a>, since +they are likely candidates for being converted into server-based +programs by someone else. The <a href="/">GNU project</a> is looking +for volunteers to work on such replacements. We also invite other +free software projects to consider this issue in their design.</p> + +<p>In the meantime, if a company invites you to use its server to do +your own computing tasks, don't yield; don't use SaaSS. Don't buy or +install “thin clients”, which are simply computers so weak +they make you do the real work on a server, unless you're going to use +them with <em>your</em> server. Use a real computer and keep your +data there. Do your own computing with your own copy of a free +program, for your freedom's sake.</p> + +<h3>See also:</h3> +<p><a href="/philosophy/bug-nobody-allowed-to-understand.html">The +Bug Nobody is Allowed to Understand</a>.</p> + +</div><!-- for id="content", starts in the include above --> +<!--#include virtual="/server/footer.html" --> +<div id="footer"> +<div class="unprintable"> + +<p>Please send general FSF & GNU inquiries to +<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>. +There are also <a href="/contact/">other ways to contact</a> +the FSF. Broken links and other corrections or suggestions can be sent +to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p> + +<p><!-- TRANSLATORS: Ignore the original text in this paragraph, + replace it with the translation of these two: + + We work hard and do our best to provide accurate, good quality + translations. However, we are not exempt from imperfection. + Please send your comments and general suggestions in this regard + to <a href="mailto:web-translators@gnu.org"> + <web-translators@gnu.org></a>.</p> + + <p>For information on coordinating and submitting translations of + our web pages, see <a + href="/server/standards/README.translations.html">Translations + README</a>. --> +Please see the <a +href="/server/standards/README.translations.html">Translations +README</a> for information on coordinating and submitting translations +of this article.</p> +</div> + +<!-- Regarding copyright, in general, standalone pages (as opposed to + files generated as part of manuals) on the GNU web server should + be under CC BY-ND 4.0. Please do NOT change or remove this + without talking with the webmasters or licensing team first. + Please make sure the copyright date is consistent with the + document. For web pages, it is ok to list just the latest year the + document was modified, or published. + + If you wish to list earlier years, that is ok too. + Either "2001, 2002, 2003" or "2001-2003" are ok for specifying + years, as long as each year in the range is in fact a copyrightable + year, i.e., a year in which the document was published (including + being publicly visible on the web or in a revision control system). + + There is more detail about copyright years in the GNU Maintainers + Information document, www.gnu.org/prep/maintain. --> + +<p>Copyright © 2010, 2013, 2015, 2016, 2018 Richard Stallman</p> + +<p>This page is licensed under a <a rel="license" +href="http://creativecommons.org/licenses/by-nd/4.0/">Creative +Commons Attribution-NoDerivatives 4.0 International License</a>.</p> + +<!--#include virtual="/server/bottom-notes.html" --> + +<p class="unprintable">Updated: +<!-- timestamp start --> +$Date: 2018/12/15 14:02:39 $ +<!-- timestamp end --> +</p> +</div> +</div><!-- for class="inner", starts in the banner include --> +</body> +</html> |