[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/philosophy government-free-software.pl.html...
|
From: |
GNUN |
|
Subject: |
www/philosophy government-free-software.pl.html... |
|
Date: |
Sat, 6 Aug 2016 05:28:49 +0000 (UTC) |
CVSROOT: /web/www
Module name: www
Changes by: GNUN <gnun> 16/08/06 05:28:49
Modified files:
philosophy : government-free-software.pl.html
surveillance-vs-democracy.nl.html
who-does-that-server-really-serve.lt.html
philosophy/po : government-free-software.pl-diff.html
Added files:
philosophy/po : surveillance-vs-democracy.nl-diff.html
who-does-that-server-really-serve.lt-diff.html
Log message:
Automatic update by GNUnited Nations.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/government-free-software.pl.html?cvsroot=www&r1=1.20&r2=1.21
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/surveillance-vs-democracy.nl.html?cvsroot=www&r1=1.2&r2=1.3
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/who-does-that-server-really-serve.lt.html?cvsroot=www&r1=1.2&r2=1.3
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/po/government-free-software.pl-diff.html?cvsroot=www&r1=1.2&r2=1.3
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/po/surveillance-vs-democracy.nl-diff.html?cvsroot=www&rev=1.1
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/po/who-does-that-server-really-serve.lt-diff.html?cvsroot=www&rev=1.1
Patches:
Index: government-free-software.pl.html
===================================================================
RCS file: /web/www/www/philosophy/government-free-software.pl.html,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -b -r1.20 -r1.21
--- government-free-software.pl.html 1 Mar 2016 04:27:37 -0000 1.20
+++ government-free-software.pl.html 6 Aug 2016 05:28:48 -0000 1.21
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE"
value="/philosophy/government-free-software.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/philosophy/po/government-free-software.pl.po">
+ https://www.gnu.org/philosophy/po/government-free-software.pl.po</a>'
+ --><!--#set var="ORIGINAL_FILE"
value="/philosophy/government-free-software.html"
+ --><!--#set var="DIFF_FILE"
value="/philosophy/po/government-free-software.pl-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2016-06-07" --><!--#set
var="ENGLISH_PAGE" value="/philosophy/government-free-software.en.html" -->
<!--#include virtual="/server/header.pl.html" -->
<!-- Parent-Version: 1.77 -->
@@ -9,6 +14,7 @@
<!--#include virtual="/philosophy/po/government-free-software.translist" -->
<!--#include virtual="/server/banner.pl.html" -->
+<!--#include virtual="/server/outdated.pl.html" -->
<h2>Årodki, jakich mogÄ
użyÄ rzÄ
dy, by promowaÄ wolne oprogramowanie</h2>
<p><a href="http://www.stallman.org/";><strong>Richard Stallman</strong></a></p>
@@ -310,7 +316,7 @@
<p class="unprintable"><!-- timestamp start -->
Aktualizowane:
-$Date: 2016/03/01 04:27:37 $
+$Date: 2016/08/06 05:28:48 $
<!-- timestamp end -->
</p>
Index: surveillance-vs-democracy.nl.html
===================================================================
RCS file: /web/www/www/philosophy/surveillance-vs-democracy.nl.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- surveillance-vs-democracy.nl.html 24 May 2016 03:58:41 -0000 1.2
+++ surveillance-vs-democracy.nl.html 6 Aug 2016 05:28:48 -0000 1.3
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE"
value="/philosophy/surveillance-vs-democracy.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/philosophy/po/surveillance-vs-democracy.nl.po">
+ https://www.gnu.org/philosophy/po/surveillance-vs-democracy.nl.po</a>'
+ --><!--#set var="ORIGINAL_FILE"
value="/philosophy/surveillance-vs-democracy.html"
+ --><!--#set var="DIFF_FILE"
value="/philosophy/po/surveillance-vs-democracy.nl-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2016-06-07" --><!--#set
var="ENGLISH_PAGE" value="/philosophy/surveillance-vs-democracy.en.html" -->
<!--#include virtual="/server/header.nl.html" -->
<!-- Parent-Version: 1.77 -->
@@ -9,6 +14,7 @@
<!--#include virtual="/philosophy/po/surveillance-vs-democracy.translist" -->
<!--#include virtual="/server/banner.nl.html" -->
+<!--#include virtual="/server/outdated.nl.html" -->
<h2>Hoeveel controle kan onze democratie verdragen?</h2>
<p>door <a href="http://www.stallman.org/";>Richard Stallman</a></p>
@@ -574,7 +580,7 @@
<p class="unprintable"><!-- timestamp start -->
Bijgewerkt:
-$Date: 2016/05/24 03:58:41 $
+$Date: 2016/08/06 05:28:48 $
<!-- timestamp end -->
</p>
Index: who-does-that-server-really-serve.lt.html
===================================================================
RCS file: /web/www/www/philosophy/who-does-that-server-really-serve.lt.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- who-does-that-server-really-serve.lt.html 8 Feb 2016 21:05:11 -0000
1.2
+++ who-does-that-server-really-serve.lt.html 6 Aug 2016 05:28:48 -0000
1.3
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE"
value="/philosophy/who-does-that-server-really-serve.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/philosophy/po/who-does-that-server-really-serve.lt.po">
+ https://www.gnu.org/philosophy/po/who-does-that-server-really-serve.lt.po</a>'
+ --><!--#set var="ORIGINAL_FILE"
value="/philosophy/who-does-that-server-really-serve.html"
+ --><!--#set var="DIFF_FILE"
value="/philosophy/po/who-does-that-server-really-serve.lt-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2016-06-07" --><!--#set
var="ENGLISH_PAGE"
value="/philosophy/who-does-that-server-really-serve.en.html" -->
<!--#include virtual="/server/header.lt.html" -->
<!-- Parent-Version: 1.77 -->
@@ -9,6 +14,7 @@
<!--#include
virtual="/philosophy/po/who-does-that-server-really-serve.translist" -->
<!--#include virtual="/server/banner.lt.html" -->
+<!--#include virtual="/server/outdated.lt.html" -->
<h2>KÄ
tas serveris iš tikrųjų aptarnauja?</h2>
<p>pagal <strong>Richard Stallman</strong></p>
@@ -481,7 +487,7 @@
<p class="unprintable"><!-- timestamp start -->
Atnaujinta:
-$Date: 2016/02/08 21:05:11 $
+$Date: 2016/08/06 05:28:48 $
<!-- timestamp end -->
</p>
Index: po/government-free-software.pl-diff.html
===================================================================
RCS file: /web/www/www/philosophy/po/government-free-software.pl-diff.html,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -b -r1.2 -r1.3
--- po/government-free-software.pl-diff.html 29 Feb 2016 19:59:29 -0000
1.2
+++ po/government-free-software.pl-diff.html 6 Aug 2016 05:28:48 -0000
1.3
@@ -98,7 +98,11 @@
well as standardized ones.) For example, they must not distribute
audio or video recordings in formats that require Flash or nonfree
codecs, and public libraries must not distribute works with Digital
-Restrictions Management.</p></li>
+Restrictions <span
class="removed"><del><strong>Management.</p></li></strong></del></span>
<span class="inserted"><ins><em>Management.</p>
+
+<p>To support the policy of distributing publications and works in
+freedom-respecting formats, the state must insist that all reports
+developed for it be delivered in freedom-respecting
formats.</p></li></em></ins></span>
<li><p><b>Untie computers from licenses</b><br />
Sale of computers must not require purchase of a proprietary
@@ -160,8 +164,7 @@
<p>The computational sovereignty (and security) of the state includes
control over the computers that do the state's work. This requires
avoiding <a href="/philosophy/who-does-that-server-really-serve.html">
-<span class="removed"><del><strong>Software</strong></del></span>
-<span class="inserted"><ins><em>Service</em></ins></span> as a <span
class="removed"><del><strong>Service</a>,</strong></del></span> <span
class="inserted"><ins><em>Software Substitute</a>,</em></ins></span>
unless the service is run by a state
+Service as a Software Substitute</a>, unless the service is run by a
state
agency under the same branch of government, as well as other practices
that diminish the state control over its computing. Therefore,</p>
@@ -211,7 +214,7 @@
restrictions prevent users from developing, installing and using
replacements for any and all of the installed software that the
manufacturer could upgrade. This would apply, in particular, to any
-device on which “jailbreaking” is needed to install a
+device on which <span
class="removed"><del><strong>“jailbreaking”</strong></del></span>
<span class="inserted"><ins><em><a
href="/proprietary/proprietary-jails.html">“jailbreaking”</a></em></ins></span>
is needed to install a
different operating system, or in which the interfaces for some
peripherals are secret.
</p></li>
@@ -264,19 +267,17 @@
information on coordinating and submitting translations of this
article.</p>
</div>
-<p>Copyright © <span
class="removed"><del><strong>2011</strong></del></span> <span
class="inserted"><ins><em>2011, 2015, 2016</em></ins></span> Free Software
Foundation, Inc.</p>
+<p>Copyright © 2011, 2015, 2016 Free Software Foundation,
Inc.</p>
<p>This page is licensed under a <a rel="license"
-<span
class="removed"><del><strong>href="http://creativecommons.org/licenses/by-nd/3.0/us/">Creative</strong></del></span>
-<span
class="inserted"><ins><em>href="http://creativecommons.org/licenses/by-nd/4.0/">Creative</em></ins></span>
-Commons <span class="removed"><del><strong>Attribution-NoDerivs 3.0 United
States License</a>.
-</p></strong></del></span> <span
class="inserted"><ins><em>Attribution-NoDerivatives 4.0 International
License</a>.</p></em></ins></span>
+href="http://creativecommons.org/licenses/by-nd/4.0/">Creative
+Commons Attribution-NoDerivatives 4.0 International
License</a>.</p>
<!--#include virtual="/server/bottom-notes.html" -->
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2016/02/29 19:59:29 $
+$Date: 2016/08/06 05:28:48 $
<!-- timestamp end -->
</p>
</div>
Index: po/surveillance-vs-democracy.nl-diff.html
===================================================================
RCS file: po/surveillance-vs-democracy.nl-diff.html
diff -N po/surveillance-vs-democracy.nl-diff.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ po/surveillance-vs-democracy.nl-diff.html 6 Aug 2016 05:28:48 -0000
1.1
@@ -0,0 +1,553 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
+<!-- Generated by GNUN -->
+<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>/philosophy/surveillance-vs-democracy.html-diff</title>
+<style type="text/css">
+span.removed { background-color: #f22; color: #000; }
+span.inserted { background-color: #2f2; color: #000; }
+</style></head>
+<body><pre>
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.77 -->
+<title>How Much Surveillance Can Democracy Withstand?
+- GNU Project - Free Software Foundation</title>
+<!--#include virtual="/philosophy/po/surveillance-vs-democracy.translist"
-->
+<!--#include virtual="/server/banner.html" -->
+<h2>How Much Surveillance Can Democracy Withstand?</h2>
+
+<p>by <a href="http://www.stallman.org/">Richard
Stallman</a></p>
+
+<!-- rms: I deleted the link because of Wired's announced
+ anti-ad-block system -->
+<blockquote><p>A version of this article was first published in
Wired
+in October 2013.</p></blockquote>
+
+<p>Thanks to Edward Snowden's disclosures, we know that the current
+level of general surveillance in society is incompatible with human
+rights. The repeated harassment and prosecution of dissidents,
+sources, and journalists in the US and elsewhere provides
+confirmation. We need to reduce the level of general surveillance,
+but how far? Where exactly is the
+<em>maximum tolerable level of surveillance</em>, which we must
ensure
+is not exceeded? It is the level beyond which surveillance starts to
+interfere with the functioning of democracy, in that whistleblowers
+(such as Snowden) are likely to be caught.</p>
+
+<p>Faced with government secrecy, we the people depend on
+whistleblowers
+to <a href="https://www.eff.org/deeplinks/2013/11/reddit-tpp-ama">tell
+us what the state is doing</a>. However, today's surveillance
+intimidates potential whistleblowers, which means it is too much. To
+recover our democratic control over the state, we must reduce
+surveillance to the point where whistleblowers know they are safe.</p>
+
+<p>Using free/libre
+software, <a href="/philosophy/free-software-even-more-important.html">as
+I've advocated for 30 years</a>, is the first step in taking control
+of our digital lives, and that includes preventing surveillance. We
+can't trust nonfree software; the NSA
+<a
href="http://www.computerworlduk.com/blogs/open-enterprise/how-can-any-company-ever-trust-microsoft-again-3569376/">uses</a>
+and
+even <a
href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">creates</a>
+security weaknesses in nonfree software to invade our own computers
+and routers. Free software gives us control of our own computers,
+but <a href="http://www.wired.com/opinion/2013/10/149481/">that won't
+protect our privacy once we set foot on the Internet</a>.</p>
+
+<p><a
+href="http://www.theguardian.com/world/2013/oct/10/nsa-surveillance-patriot-act-author-bill">Bipartisan
+legislation to “curtail the domestic surveillance
+powers”</a> in the U.S. is being drawn up, but it relies on
+limiting the government's use of our virtual dossiers. That won't
+suffice to protect whistleblowers if “catching the
+whistleblower” is grounds for access sufficient to identify him
+or her. We need to go further.</p>
+
+<h3>The Upper Limit on Surveillance in a Democracy</h3>
+
+<p>If whistleblowers don't dare reveal crimes and lies, we lose the
+last shred of effective control over our government and institutions.
+That's why surveillance that enables the state to find out who has
+talked with a reporter is too much surveillance—too much for
+democracy to endure.</p>
+
+<p>An unnamed U.S. government official ominously told journalists in
+2011 that
+the <a
href="http://www.rcfp.org/browse-media-law-resources/news-media-law/news-media-and-law-summer-2011/lessons-wye-river">U.S.
would
+not subpoena reporters because “We know who you're talking
+to.”</a>
+Sometimes <a
href="http://www.theguardian.com/media/2013/sep/24/yemen-leak-sachtleben-guilty-associated-press">journalists'
+phone call records are subpoenaed</a> to find this out, but Snowden
+has shown us that in effect they subpoena all the phone call records
+of everyone in the U.S., all the
+time, <a
href="http://www.theguardian.com/world/interactive/2013/jun/06/verizon-telephone-data-court-order">from
+Verizon</a>
+and <a
href="http://www.marketwatch.com/story/nsa-data-mining-digs-into-networks-beyond-verizon-2013-06-07">from
+other companies too</a>.</p>
+
+<p>Opposition and dissident activities need to keep secrets from
+states that are willing to play dirty tricks on them. The ACLU has
+demonstrated the U.S. government's <a
+href="http://www.aclu.org/files/assets/Spyfiles_2_0.pdf">systematic
+practice of infiltrating peaceful dissident groups</a> on the pretext
+that there might be terrorists among them. The point at which
+surveillance is too much is the point at which the state can find who
+spoke to a known journalist or a known dissident.</p>
+
+<h3>Information, Once Collected, Will Be Misused</h3>
+
+<p>When people recognize that the level of general surveillance is too
+high, the first response is to propose limits on access to the
+accumulated data. That sounds nice, but it won't fix the problem, not
+even slightly, even supposing that the government obeys the rules.
+(The NSA has misled the FISA court, which said it
+was <a
href="http://www.wired.com/threatlevel/2013/09/nsa-violations/">unable
+to effectively hold the NSA accountable</a>.) Suspicion of a crime
+will be grounds for access, so once a whistleblower is accused of
+“espionage,” finding the “spy” will provide an
+excuse to access the accumulated material.</p>
+
+<p>In addition, the state's surveillance staff will misuse the data for
+personal reasons. Some NSA
+agents <a
href="http://www.theguardian.com/world/2013/aug/24/nsa-analysts-abused-surveillance-systems">used
+U.S. surveillance systems to track their lovers</a>—past,
+present, or wished-for—in a practice called
+“LOVEINT.” The NSA says it has caught and punished this a
+few times; we don't know how many other times it wasn't caught. But
+these events shouldn't surprise us, because police have
+long <a href="http://www.sweetliberty.org/issues/privacy/lein1.htm">used
+their access to driver's license records to track down someone
+attractive</a>, a practice known as “running a plate for a
+date.” This practice has expanded with <a
href="https://theyarewatching.org/issues/risks-increase-once-data-shared">new
digital systems</a>.
+</p>
+
+<p>Surveillance data will always be used for other purposes, even if
+this is prohibited. Once the data has been accumulated and the state
+has the possibility of access to it, it can misuse that data in
+dreadful ways, as shown by examples
+from <a
href="http://falkvinge.net/2012/03/17/collected-personal-data-will-always-be-used-against-the-citizens/">Europe</a>
+and <a
href="https://en.wikipedia.org/wiki/Japanese_American_internment">the
+US </a>.</p>
+
+<p>Personal data collected by the state is also likely to be obtained
+by outside crackers that break the security of the servers, even
+by <a
href="https://www.techdirt.com/articles/20150612/16334231330/second-opm-hack-revealed-even-worse-than-first.shtml">crackers
+working for hostile states</a>.</p>
+
+<p>Governments can easily use massive surveillance capability
+to <a
href="http://www.nytimes.com/2015/06/22/world/europe/macedonia-government-is-blamed-for-wiretapping-scandal.html">subvert
+democracy directly</a>.</p>
+
+<p>Total surveillance accessible to the state enables the state to
+launch a massive fishing expedition against any person. To make
+journalism and democracy safe, we must limit the accumulation of data
+that is easily accessible to the state.</p>
+
+<h3>Robust Protection for Privacy Must Be Technical</h3>
+
+<p>The Electronic Frontier Foundation and other organizations propose
+a set of legal principles designed to <a
+href="https://en.necessaryandproportionate.org/text">prevent the
+abuses of massive surveillance</a>. These principles include,
+crucially, explicit legal protection for whistleblowers; as a
+consequence, they would be adequate for protecting democratic
+freedoms—if adopted completely and enforced without exception
+forever.</p>
+
+<p>However, such legal protections are precarious: as recent history
+shows, they can be repealed (as in the FISA Amendments Act),
+suspended, or <a
+href="http://www.nytimes.com/2009/04/16/us/16nsa.html">ignored</a>.</p>
+
+<p>Meanwhile, demagogues will cite the usual excuses as grounds for
+total surveillance; any terrorist attack, even one that kills just a
+handful of people, can be hyped to provide an opportunity.</p>
+
+<p>If limits on access to the data are set aside, it will be as if
+they had never existed: years worth of dossiers would suddenly become
+available for misuse by the state and its agents and, if collected by
+companies, for their private misuse as well. If, however, we stop the
+collection of dossiers on everyone, those dossiers won't exist, and
+there will be no way to compile them retroactively. A new illiberal
+regime would have to implement surveillance afresh, and it would only
+collect data starting at that date. As for suspending or momentarily
+ignoring this law, the idea would hardly make sense.</p>
+
+<h3>First, Don't Be Foolish</h3>
+
+<p>To have privacy, you must not throw it away: the first one who has
+to protect your privacy is you. Avoid identifying yourself to web
+sites, contact them with Tor, and use browsers that block the schemes
+they use to track visitors. Use the GNU Privacy Guard to encrypt the
+contents of your email. Pay for things with cash.</p>
+
+<p>Keep your own data; don't store your data in a company's
+“convenient” server. It's safe, however, to entrust a
+data backup to a commercial service, provided you put the files in an
+archive and encrypt the whole archive, including the names of the
+files, with free software on your own computer before uploading
+it.</p>
+
+<p>For privacy's sake, you must avoid nonfree software since, as a
+consequence of giving others control of your computing, it
+is <a href="/philosophy/proprietary-surveillance.html">likely to spy
+on you</a>.
+Avoid <a
href="/philosophy/who-does-that-server-really-serve.html">service
+as a software substitute</a>; as well as giving others control of your
+computing, it requires you to hand over all the pertinent data to the
+server.</p>
+
+<p>Protect your friends' and acquaintances' privacy,
+too. <a
href="http://bits.blogs.nytimes.com/2014/05/21/in-cybersecurity-sometimes-the-weakest-link-is-a-family-member/">Don't
+give out their personal information</a> except how to contact them,
+and never give any web site your list of email or phone contacts.
+Don't tell a company such as Facebook anything about your friends that
+they might not wish to publish in a newspaper. Better yet, don't be
+used by Facebook at all. Reject communication systems that require
+users to give their real names, even if you are going to give yours,
+since they pressure other people to surrender their privacy.</p>
+
+<p>Self-protection is essential, but even the most rigorous
+self-protection is insufficient to protect your privacy on or from
+systems that don't belong to you. When we communicate with others or
+move around the city, our privacy depends on the practices of society.
+We can avoid some of the systems that surveil our communications and
+movements, but not all of them. Clearly, the better solution is to
+make all these systems stop surveilling people other than legitimate
+suspects.</p>
+
+<h3>We Must Design Every System for Privacy</h3>
+
+<p>If we don't want a total surveillance society, we must consider
+surveillance a kind of social pollution, and limit the surveillance
+impact of each new digital system just as we limit the environmental
+impact of physical construction.</p>
+
+<p>For example: “smart” meters for electricity are touted
+for sending the power company moment-by-moment data about each
+customer's electric usage, including how usage compares with users in
+general. This is implemented based on general surveillance, but does
+not require any surveillance. It would be easy for the power company
+to calculate the average usage in a residential neighborhood by
+dividing the total usage by the number of subscribers, and send that
+to the meters. Each customer's meter could compare her usage, over
+any desired period of time, with the average usage pattern for that
+period. The same benefit, with no surveillance!</p>
+
+<p>We need to design such privacy into all our digital systems.</p>
+
+<h3>Remedy for Collecting Data: Leaving It Dispersed</h3>
+
+<p>One way to make monitoring safe for privacy is
+to <a name="dispersal">keep the data dispersed and inconvenient to
+access</a>. Old-fashioned security cameras were no threat to
privacy(<a href="#privatespace">*</a>).
+The recording was stored on the premises, and kept for a few weeks at
+most. Because of the inconvenience of accessing these recordings, it
+was never done massively; they were accessed only in the places where
+someone reported a crime. It would not be feasible to physically
+collect millions of tapes every day and watch them or copy them.</p>
+
+<p>Nowadays, security cameras have become surveillance cameras: they
+are connected to the Internet so recordings can be collected in a data
+center and saved forever. This is already dangerous, but it is going
+to get worse. Advances in face recognition may bring the day when
+suspected journalists can be tracked on the street all the time to see
+who they talk with.</p>
+
+<p>Internet-connected cameras often have lousy digital security
+themselves, <span class="removed"><del><strong>so</strong></del></span> <span
class="inserted"><ins><em>which
+means</em></ins></span> <a
+<span
class="removed"><del><strong>href="http://www.networkworld.com/article/2221934/microsoft-subnet/cia-wants-to-spy-on-you-through-your-appliances.html">anyone
+could</strong></del></span> <span
class="inserted"><ins><em>href="http://www.networkworld.com/community/blog/cia-wants-spy-you-through-your-appliances">anyone
+can</em></ins></span> watch what <span class="removed"><del><strong>the camera
sees</a>. To restore privacy,</strong></del></span> <span
class="inserted"><ins><em>those cameras see</a>. This makes
internet-connected
+cameras a major threat to security as well as privacy. For privacy's
+sake,</em></ins></span> we should ban the use of Internet-connected cameras
aimed where
+and when the public is admitted, except when carried by people.
+Everyone must be free to post photos and video recordings
+occasionally, but the systematic accumulation of such data on the
+Internet must be limited.</p>
+
+<p><a name="privatespace"><b>*</b></a>I assume
here that the security
+camera points at the inside of a store, or at the street. Any camera
+pointed at someone's private space by someone else violates privacy,
+but that is another issue.</p>
+
+<h3 id="digitalcash">Remedy for Internet Commerce Surveillance</h3>
+
+<p>Most data collection comes from people's own digital activities.
+Usually the data is collected first by companies. But when it comes
+to the threat to privacy and democracy, it makes no difference whether
+surveillance is done directly by the state or farmed out to a
+business, because the data that the companies collect is
+systematically available to the state.</p>
+
+<p>The NSA, through PRISM,
+has <a href="https://www.commondreams.org/headline/2013/08/23-2">gotten
+into the databases of many large Internet corporations</a>. AT&T
+has saved all its phone call records since 1987
+and <a
href="http://www.nytimes.com/2013/09/02/us/drug-agents-use-vast-phone-trove-eclipsing-nsas.html?_r=0">makes
+them available to the DEA</a> to search on request. Strictly
+speaking, the U.S. government does not possess that data, but in
+practical terms it may as well possess it. Some companies are praised
+for <a
href="https://www.eff.org/who-has-your-back-government-data-requests-2015">resisting
+government data requests to the limited extent they can</a>, but that
+can only partly compensate for the harm they do to by collecting that
+data in the first place. In addition, many of those companies misuse
+the data directly or provide it to data brokers.</p>
+
+<p>The goal of making journalism and democracy safe therefore requires
+that we reduce the data collected about people by any organization,
+not just by the state. We must redesign digital systems so that they
+do not accumulate data about their users. If they need digital data
+about our transactions, they should not be allowed to keep them more
+than a short time beyond what is inherently necessary for their
+dealings with us.</p>
+
+<p>One of the motives for the current level of surveillance of the
+Internet is that sites are financed through advertising based on
+tracking users' activities and propensities. This converts a mere
+annoyance—advertising that we can learn to ignore—into a
+surveillance system that harms us whether we know it or not.
+Purchases over the Internet also track their users. And we are all
+aware that “privacy policies” are more excuses to violate
+privacy than commitments to uphold it.</p>
+
+<p>We could correct both problems by adopting a system of anonymous
+payments—anonymous for the payer, that is. (We don't want to
+help the payee dodge
+taxes.) <a
href="http://www.wired.com/opinion/2013/05/lets-cut-through-the-bitcoin-hype/">Bitcoin
+is not anonymous</a>, though there are efforts to develop ways to pay
+anonymously with Bitcoin. However, technology
+for <a
href="http://www.wired.com/wired/archive/2.12/emoney_pr.html">digital
+cash was first developed in the 1980s</a>; we need only suitable
+business arrangements, and for the state not to obstruct them.</p>
+
+<p>A further threat from sites' collection of personal data is that
+security breakers might get in, take it, and misuse it. This includes
+customers' credit card details. An anonymous payment system would end
+this danger: a security hole in the site can't hurt you if the site
+knows nothing about you.</p>
+
+<h3>Remedy for Travel Surveillance</h3>
+
+<p>We must convert digital toll collection to anonymous payment (using
+digital cash, for instance). License-plate recognition systems
+recognize all license plates, and
+the <a
href="http://news.bbc.co.uk/2/hi/programmes/whos_watching_you/8064333.stm">data
+can be kept indefinitely</a>; they should be required by law to notice
+and record only those license numbers that are on a list of cars
+sought by court orders. A less secure alternative would record all
+cars locally but only for a few days, and not make the full data
+available over the Internet; access to the data should be limited to
+searching for a list of court-ordered license-numbers.</p>
+
+<p>The U.S. “no-fly” list must be abolished because it is
+<a
href="https://www.aclu.org/blog/national-security-technology-and-liberty-racial-justice/victory-federal-court-recognizes">punishment
+without trial</a>.</p>
+
+<p>It is acceptable to have a list of people whose person and luggage
+will be searched with extra care, and anonymous passengers on domestic
+flights could be treated as if they were on this list. It is also
+acceptable to bar non-citizens, if they are not permitted to enter the
+country at all, from boarding flights to the country. This ought to
+be enough for all legitimate purposes.</p>
+
+<p>Many mass transit systems use some kind of smart cards or RFIDs for
+payment. These systems accumulate personal data: if you once make the
+mistake of paying with anything but cash, they associate the card
+permanently with your name. Furthermore, they record all travel
+associated with each card. Together they amount to massive
+surveillance. This data collection must be reduced.</p>
+
+<p>Navigation services do surveillance: the user's computer tells the
+map service the user's location and where the user wants to go; then
+the server determines the route and sends it back to the user's
+computer, which displays it. Nowadays, the server probably records
+the user's locations, since there is nothing to prevent it. This
+surveillance is not inherently necessary, and redesign could avoid it:
+free/libre software in the user's computer could download map data for
+the pertinent regions (if not downloaded previously), compute the
+route, and display it, without ever telling anyone where the user is
+or wants to go.</p>
+
+<p>Systems for borrowing bicycles, etc., can be designed so that the
+borrower's identity is known only inside the station where the item
+was borrowed. Borrowing would inform all stations that the item is
+“out,” so when the user returns it at any station (in
+general, a different one), that station will know where and when that
+item was borrowed. It will inform the other station that the item is
+no longer “out.” It will also calculate the user's bill,
+and send it (after waiting some random number of minutes) to
+headquarters along a ring of stations, so that headquarters would not
+find out which station the bill came from. Once this is done, the
+return station would forget all about the transaction. If an item
+remains “out” for too long, the station where it was
+borrowed can inform headquarters; in that case, it could send the
+borrower's identity immediately.</p>
+
+<h3>Remedy for Communications Dossiers</h3>
+
+<p>Internet service providers and telephone companies keep extensive
+data on their users' contacts (browsing, phone calls, etc). With
+mobile phones, they
+also <a
href="http://www.zeit.de/digital/datenschutz/2011-03/data-protection-malte-spitz">record
+the user's physical location</a>. They keep these dossiers for a long
+time: over 30 years, in the case of AT&T. Soon they will
+even <a
href="http://www.wired.com/opinion/2013/10/the-trojan-horse-of-the-latest-iphone-with-the-m7-coprocessor-we-all-become-qs-activity-trackers/">record
+the user's body activities</a>. It appears that
+the <a
href="https://www.aclu.org/blog/national-security-technology-and-liberty/it-sure-sounds-nsa-tracking-your-location">NSA
+collects cell phone location data</a> in bulk.</p>
+
+<p>Unmonitored communication is impossible where systems create such
+dossiers. So it should be illegal to create or keep them. ISPs and
+phone companies must not be allowed to keep this information for very
+long, in the absence of a court order to surveil a certain party.</p>
+
+<p>This solution is not entirely satisfactory, because it won't
+physically stop the government from collecting all the information
+immediately as it is generated—which is what
+the <a
href="http://www.guardian.co.uk/world/2013/jun/06/nsa-phone-records-verizon-court-order">U.S.
does
+with some or all phone companies</a>. We would have to rely on
+prohibiting that by law. However, that would be better than the
+current situation, where the relevant law (the PAT RIOT Act) does not
+clearly prohibit the practice. In addition, if the government did
+resume this sort of surveillance, it would not get data about
+everyone's phone calls made prior to that time.</p>
+
+<p>For privacy about who you exchange email with, a simple partial
+solution is for you and others to use email services in a country that
+would never cooperate with your own government, and which communicate
+with each other using encryption. However, Ladar Levison (owner of
+the mail service Lavabit that US surveillance sought to corrupt
+completely) has a more sophisticated idea for an encryption system
+through which your email service would know only that you sent mail to
+some user of my email service, and my email service would know only
+that I received mail from some user of your email service, but it
+would be hard to determine that you had sent mail to me.</p>
+
+<h3>But Some Surveillance Is Necessary</h3>
+
+<p>For the state to find criminals, it needs to be able to investigate
+specific crimes, or specific suspected planned crimes, under a court
+order. With the Internet, the power to tap phone conversations would
+naturally extend to the power to tap Internet connections. This power
+is easy to abuse for political reasons, but it is also necessary.
+Fortunately, this won't make it possible to find whistleblowers after
+the fact, if (as I recommend) we prevent digital systems from accumulating
+massive dossiers before the fact.</p>
+
+<p>Individuals with special state-granted power, such as police,
+forfeit their right to privacy and must be monitored. (In fact,
+police have their own jargon term for perjury,
+“<a
href="https://en.wikipedia.org/w/index.php?title=Police_perjury&oldid=552608302">testilying</a>,”
+since they do it so frequently, particularly about protesters
+and <a
href="http://photographyisnotacrime.com/">photographers</a>.)
+One city in California that required police to wear video cameras all
+the time
+found <a
href="http://www.motherjones.com/kevin-drum/2013/08/ubiquitous-surveillance-police-edition">their
+use of force fell by 60%</a>. The ACLU is in favor of this.</p>
+
+<p><a
+href="http://action.citizen.org/p/dia/action3/common/public/?action_KEY=12266">Corporations
+are not people, and not entitled to human rights</a>. It is
+legitimate to require businesses to publish the details of processes
+that might cause chemical, biological, nuclear, fiscal, computational
+(e.g., <a href="http://DefectiveByDesign.org">DRM</a>) or political
+(e.g., lobbying) hazards to society, to whatever level is needed for
+public well-being. The danger of these operations (consider the BP
+oil spill, the Fukushima meltdowns, and the 2008 fiscal crisis) dwarfs
+that of terrorism.</p>
+
+<p>However, journalism must be protected from surveillance even when
+it is carried out as part of a business.</p>
+
+<hr />
+
+<p>Digital technology has brought about a tremendous increase in the
+level of surveillance of our movements, actions, and communications.
+It is far more than we experienced in the 1990s, and <a
+href="https://hbr.org/2013/06/your-iphone-works-for-the-secret-police">far
+more than people behind the Iron Curtain experienced</a> in the 1980s,
+and proposed legal limits on state use of the accumulated data would
+not alter that.</p>
+
+<p>Companies are designing even more intrusive surveillance. Some
+project that pervasive surveillance, hooked to companies such as
+Facebook, could have deep effects on <a
+href="https://www.theguardian.com/technology/2015/aug/10/internet-of-things-predictable-people">how
+people think</a>. Such possibilities are imponderable; but the threat
+to democracy is not speculation. It exists and is visible today.</p>
+
+<p>Unless we believe that our free countries previously suffered from
+a grave surveillance deficit, and ought to be surveilled more than the
+Soviet Union and East Germany were, we must reverse this increase.
+That requires stopping the accumulation of big data about people.</p>
+
+</div><!-- for id="content", starts in the include above -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:address@hidden"><address@hidden></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a
href="mailto:address@hidden"><address@hidden></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:address@hidden">
+ <address@hidden></a>.</p>
+
+ <p>For information on coordinating and submitting translations of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and submitting translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2015, 2016 Richard Stallman</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by-nd/4.0/">Creative
+Commons Attribution-NoDerivatives 4.0 International
License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2016/08/06 05:28:48 $
+<!-- timestamp end -->
+</p>
+</div>
+</div>
+</body>
+</html>
+</pre></body></html>
Index: po/who-does-that-server-really-serve.lt-diff.html
===================================================================
RCS file: po/who-does-that-server-really-serve.lt-diff.html
diff -N po/who-does-that-server-really-serve.lt-diff.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ po/who-does-that-server-really-serve.lt-diff.html 6 Aug 2016 05:28:48
-0000 1.1
@@ -0,0 +1,484 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
+<!-- Generated by GNUN -->
+<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>/philosophy/who-does-that-server-really-serve.html-diff</title>
+<style type="text/css">
+span.removed { background-color: #f22; color: #000; }
+span.inserted { background-color: #2f2; color: #000; }
+</style></head>
+<body><pre>
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.77 -->
+<title>Who Does That Server Really Serve?
+- GNU Project - Free Software Foundation</title>
+
+<!--#include
virtual="/philosophy/po/who-does-that-server-really-serve.translist" -->
+<!--#include virtual="/server/banner.html" -->
+
+<h2>Who does that server really serve?</h2>
+
+<p>by <strong>Richard Stallman</strong></p>
+
+<blockquote><p>(The first version was published
+in <a
href="http://www.bostonreview.net/richard-stallman-free-software-DRM">
+Boston Review</a>.)</p></blockquote>
+
+<p><strong>On the Internet, proprietary software isn't the only
way to
+lose your freedom. Service as a Software Substitute, or SaaSS, is
+another way to give someone else power over your
computing.</strong></p>
+
+<span class="removed"><del><strong>SaaSS</strong></del></span>
+
+<span class="inserted"><ins><em><p>The basic point is, you can have
control over a program someone else
+wrote (if it's free), but you can never have control over a service
+someone else runs, so never use a service where in principle a program
+would do.</p>
+
+
+<p>SaaSS</em></ins></span> means using a service implemented by someone
else as a
+substitute for running your copy of a program. The term is ours;
+articles and ads won't use it, and they won't tell you whether a
+service is SaaSS. Instead they will probably use the vague and
+distracting term “cloud”, which lumps SaaSS together with
+various other practices, some abusive and some ok. With the
+explanation and examples in this page, you can tell whether a service
+is <span class="removed"><del><strong>SaaSS.</strong></del></span> <span
class="inserted"><ins><em>SaaSS.</p></em></ins></span>
+
+<h3>Background: How Proprietary Software Takes Away Your
Freedom</h3>
+
+<p>Digital technology can give you freedom; it can also take your
+freedom away. The first threat to our control over our computing came
+from <em>proprietary software</em>: software that the users cannot
+control because the owner (a company such as Apple or Microsoft)
+controls it. The owner often takes advantage of this unjust power by
+inserting malicious features such as spyware, back doors, and <a
+href="http://DefectiveByDesign.org">Digital Restrictions Management
+(DRM)</a> (referred to as “Digital Rights Management” in
+their propaganda).</p>
+
+<p>Our solution to this problem is developing <em>free
software</em>
+and rejecting proprietary software. Free software means that you, as
+a user, have four essential freedoms: (0) to run the program as
+you wish, (1) to study and change the source code so it does what
+you wish, (2) to redistribute exact copies, and (3) to
+redistribute copies of your modified versions. (See
+the <a href="/philosophy/free-sw.html">free software
+definition</a>.)</p>
+
+<p>With free software, we, the users, take back control of our
+computing. Proprietary software still exists, but we can exclude it
+from our lives and many of us have done so. However, we are now
+offered another tempting way to cede control over our computing:
+Service as a Software Substitute (SaaSS). For our freedom's sake, we
+have to reject that too.</p>
+
+<h3>How Service as a Software Substitute Takes Away Your
Freedom</h3>
+
+<p>Service as a Software Substitute (SaaSS) means using a service as a
+substitute for running your copy of a program. Concretely, it means
+that someone sets up a network server that does certain computing
+tasks—for instance, modifying a photo, translating text into
+another language, etc.—then invites users to do computing via
+that server. A user of the server would send her data to the server,
+which does <em>her own computing</em> on the data thus provided,
then
+sends the results back to her or acts directly on her behalf.</p>
+
+<p>The computing is <em>her own</em> because, by assumption,
she
+could, in principle, have done it by running a program on her own
+computer (whether or not that program is available to her at
+present). In cases where this assumption is not so, it isn't SaaSS.</p>
+
+<p>These servers wrest control from the users even more inexorably
+than proprietary software. With proprietary software, users typically
+get an executable file but not the source code. That makes it hard to
+study the code that is running, so it's hard to determine what the
+program really does, and hard to change it.</p>
+
+<p>With SaaSS, the users do not have even the executable file that
+does their computing: it is on someone else's server, where the users
+can't see or touch it. Thus it is impossible for them to ascertain
+what it really does, and impossible to change it.</p>
+
+<p>Furthermore, SaaSS automatically leads to consequences equivalent
+to the malicious features of certain proprietary software.</p>
+
+<p> For instance, some proprietary programs are “spyware”:
+the program <a href="/philosophy/proprietary-surveillance.html">
+sends out data about users' computing activities</a>.
+Microsoft Windows sends information about users' activities to
+Microsoft. Windows Media Player reports what each user watches or
+listens to. The Amazon Kindle reports which pages of which books the
+user looks at, and when. Angry Birds reports the user's geolocation
+history.</p>
+
+<p>Unlike proprietary software, SaaSS does not require covert code to
+obtain the user's data. Instead, users must send their data to the
+server in order to use it. This has the same effect as spyware: the
+server operator gets the data—with no special effort, by the
+nature of SaaSS. Amy Webb, who intended never to post any photos of
+her daughter, made the mistake of using SaaSS (Instagram) to edit
+photos of her. Eventually
+<a
href="http://www.slate.com/articles/technology/data_mine_1/2013/09/privacy_facebook_kids_don_t_post_photos_of_your_kids_on_social_media.html">
they
+leaked from there</a>.
+</p>
+
+<p>Theoretically, homomorphic encryption might some day advance to the
+point where future SaaSS services might be constructed to be unable to
+understand some of the data that users send them. Such
+services <em>could</em> be set up not to snoop on users; this does
not
+mean they <em>will</em> do no snooping.</p>
+
+<p>Some proprietary operating systems have a universal back door,
+permitting someone to remotely install software changes. For
+instance, Windows has a universal back door with which Microsoft can
+forcibly change any software on the machine. Nearly all portable
+phones have them, too. Some proprietary applications also have
+universal back doors; for instance, the Steam client for GNU/Linux
+allows the developer to remotely install modified versions.</p>
+
+<p>With SaaSS, the server operator can change the software in use on
+the server. He ought to be able to do this, since it's his computer;
+but the result is the same as using a proprietary application program
+with a universal back door: someone has the power to silently impose
+changes in how the user's computing gets done.</p>
+
+<p>Thus, SaaSS is equivalent to running proprietary software with
+spyware and a universal back door. It gives the server operator
+unjust power over the user, and that power is something we must
+resist.</p>
+
+<h3>SaaSS and SaaS</h3>
+
+<p>Originally we referred to this problematical practice as
+“SaaS”, which stands for “Software as a
+Service”. It's a commonly used term for setting up software on a
+server rather than offering copies of it to users, and we thought it
+described precisely the cases where this problem occurs.</p>
+
+<p>Subsequently we became aware that the term SaaS is sometimes used for
+communication services—activities for which this issue is not
+applicable. In addition, the term “Software as a Service”
+doesn't explain <em>why</em> the practice is bad. So we coined
the term
+“Service as a Software Substitute”, which defines the bad
+practice more clearly and says what is bad about it.</p>
+
+<h3>Untangling the SaaSS Issue from the Proprietary Software
Issue</h3>
+
+<p>SaaSS and proprietary software lead to similar harmful results, but
+the mechanisms are different. With proprietary software, the
+mechanism is that you have and use a copy which is difficult and/or
+illegal to change. With SaaSS, the mechanism is that you don't have
+the copy that's doing your computing.</p>
+
+<p>These two issues are often confused, and not only by accident. Web
+developers use the vague term “web application” to lump
+the server software together with programs run on your machine in your
+browser. Some web pages install nontrivial, even large JavaScript
+programs into your browser without informing
+you. <a href="/philosophy/javascript-trap.html">When these JavaScript
+programs are nonfree</a>, they cause the same sort of injustice as any
+other nonfree software. Here, however, we are concerned with the
+issue of using the service itself.</p>
+
+<p>Many free software supporters assume that the problem of SaaSS will
+be solved by developing free software for servers. For the server
+operator's sake, the programs on the server had better be free; if
+they are proprietary, their developers/owners have power over the
+server. That's unfair to the server operator, and doesn't help the
+server's users at all. But if the programs on the server are free,
+that doesn't protect <em>the server's users</em> from the effects
of
+SaaSS. These programs liberate the server operator, but not the
+server's users.</p>
+
+<p>Releasing the server software source code does benefit the
+community: it enables suitably skilled users to set up similar
+servers, perhaps changing the
+software. <a href="/licenses/license-recommendations.html"> We
+recommend using the GNU Affero GPL</a> as the license for programs
+often used on servers.</p>
+
+<p>But none of these servers would give you control over computing you
+do on it, unless it's <em>your</em> server (one whose software load
+you control, regardless of whether the machine is your property). It
+may be OK to trust your friend's server for some jobs, just as you
+might let your friend maintain the software on your own computer.
+Outside of that, all these servers would be SaaSS for you. SaaSS
+always subjects you to the power of the server operator, and the only
+remedy is, <em>Don't use SaaSS!</em> Don't use someone else's
server
+to do your own computing on data provided by you.</p>
+
+<p>This issue demonstrates the depth of the difference between
+“open” and “free”. Source code that is open
+source <a href="/philosophy/free-open-overlap.html">is, nearly always,
+free</a>. However, the idea of
+an <a href="http://opendefinition.org/software-service">“open
+software” service</a>, meaning one whose server software is open
+source and/or free, fails to address the issue of SaaSS.</p>
+
+<p>Services are fundamentally different from programs, and the ethical
+issues that services raise are fundamentally different from the issues
+that programs raise. To avoid confusion,
+we <a href="/philosophy/network-services-arent-free-or-nonfree.html">
+avoid describing a service as “free” or
+“proprietary.”</a></p>
+
+<h3>Distinguishing SaaSS from Other Network Services</h3>
+
+<p>Which online services are SaaSS? The clearest example is a
+translation service, which translates (say) English text into Spanish
+text. Translating a text for you is computing that is purely yours.
+You could do it by running a program on your own computer, if only you
+had the right program. (To be ethical, that program should be free.)
+The translation service substitutes for that program, so it is Service
+as a Software Substitute, or SaaSS. Since it denies you control
+over your computing, it does you wrong.</p>
+
+<p>Another clear example is using a service such as Flickr or
+Instagram to modify a photo. Modifying photos is an activity that
+people have done in their own computers for decades; doing it in a
+server you don't control, rather than your own computer, is SaaSS.</p>
+
+<p>Rejecting SaaSS does not mean refusing to use any network servers
+run by anyone other than you. Most servers are not SaaSS because the
+jobs they do are some sort of communication, rather than the user's
+own computing.</p>
+
+<p>The original idea of web servers wasn't to do computing for you, it
+was to publish information for you to access. Even today this is what
+most web sites do, and it doesn't pose the SaaSS problem, because
+accessing someone's published information isn't doing your own
+computing. Neither is use of a blog site to publish your own works,
+or using a microblogging service such as Twitter or StatusNet. (These
+services may or may not have other problems, depending on details.)
+The same goes for other communication not meant to be private, such as
+chat groups.</p>
+
+<p>In its essence, social networking is a form of communication and
+publication, not SaaSS. However, a service whose main facility is
+social networking can have features or extensions which are SaaSS.</p>
+
+<p>If a service is not SaaSS, that does not mean it is OK. There are
+other ethical issues about services. For instance, Facebook
+distributes video in Flash, which pressures users to run nonfree
+software; it requires running nonfree JavaScript code; and it gives
+users a misleading impression of privacy while luring them into baring
+their lives to Facebook. Those are important issues, different from
+the SaaSS issue.
+</p>
+
+<p>Services such as search engines collect data from around the web
+and let you examine it. Looking through their collection of data
+isn't your own computing in the usual sense—you didn't provide
+that collection—so using such a service to search the web is not
+SaaSS. However, using someone else's server to implement a search
+facility for your own site <em>is</em> SaaSS.</p>
+
+<p>Purchasing online is not SaaSS, because the computing
+isn't <em>your own</em> activity; rather, it is done jointly by and
+for you and the store. The real issue in online shopping is whether
+you trust the other party with your money and other personal
+information (starting with your name).</p>
+
+<p>Repository sites such as Savannah and SourceForge are not
+inherently SaaSS, because a repository's job is publication of data
+supplied to it.</p>
+
+<p>Using a joint project's servers isn't SaaSS because the computing
+you do in this way isn't your own. For instance, if you edit pages on
+Wikipedia, you are not doing your own computing; rather, you are
+collaborating in Wikipedia's computing. Wikipedia controls its own
+servers, but organizations as well as individuals encounter the
+problem of SaaSS if they do their computing in someone else's
+server.</p>
+
+<p>Some sites offer multiple services, and if one is not SaaSS,
+another may be SaaSS. For instance, the main service of Facebook is
+social networking, and that is not SaaSS; however, it supports
+third-party applications, some of which are SaaSS. Flickr's main
+service is distributing photos, which is not SaaSS, but it also has
+features for editing photos, which is SaaSS. Likewise, using
+Instagram to post a photo is not SaaSS, but using it to transform the
+photo is SaaSS.</p>
+
+<p>Google Docs shows how complex the evaluation of a single service
+can become. It invites people to edit a document by running a
+large <a href="/philosophy/javascript-trap.html">nonfree JavaScript
+program</a>, clearly wrong. However, it offers an API for uploading
+and downloading documents in standard formats. A free software editor
+can do so through this API. This usage scenario is not SaaSS, because
+it uses Google Docs as a mere repository. Showing all your data to a
+company is bad, but that is a matter of privacy, not SaaSS; depending
+on a service for access to your data is bad, but that is a matter of
+risk, not SaaSS. On the other hand, using the service for converting
+document formats <em>is</em> SaaSS, because it's something you
could
+have done by running a suitable program (free, one hopes) in your own
+computer.</p>
+
+<p>Using Google Docs through a free editor is rare, of course. Most
+often, people use it through the nonfree JavaScript program, which is
+bad like any nonfree program. This scenario might involve SaaSS, too;
+that depends on what part of the editing is done in the JavaScript
+program and what part in the server. We don't know, but since SaaSS
+and proprietary software do similar wrong to the user, it is not
+crucial to know.</p>
+
+<p>Publishing via someone else's repository does not raise privacy
+issues, but publishing through Google Docs has a special problem: it
+is impossible even to <em>view the text</em> of a Google Docs
document
+in a browser without running the nonfree JavaScript code. Thus, you
+should not use Google Docs to publish anything—but the reason
+is not a matter of SaaSS.</p>
+
+<p>The IT industry discourages users from making these distinctions.
+That's what the buzzword “cloud computing” is for. This
+term is so nebulous that it could refer to almost any use of the
+Internet. It includes SaaSS as well as many other network usage
+practices. In any given context, an author who writes
+“cloud” (if a technical person) probably has a specific
+meaning in mind, but usually does not explain that in other articles
+the term has other specific meanings. The term leads people to
+generalize about practices they ought to consider individually.</p>
+
+<p>If “cloud computing” has a meaning, it is not a way of
+doing computing, but rather a way of thinking about computing: a
+devil-may-care approach which says, “Don't ask questions. Don't
+worry about who controls your computing or who holds your data. Don't
+check for a hook hidden inside our service before you swallow it.
+Trust companies without hesitation.” In other words, “Be a
+sucker.” A cloud in the mind is an obstacle to clear thinking.
+For the sake of clear thinking about computing, let's avoid the term
+“cloud.”</p>
+
+<h3 id="renting">Renting a Server Distinguished from SaaSS</h3>
+
+<p>If you rent a server (real or virtual), whose software load you
+have control over, that's not SaaSS. In SaaSS, someone else decides
+what software runs on the server and therefore controls the computing
+it does for you. In the case where you install the software on the
+server, you control what computing it does for you. Thus, the rented
+server is virtually your computer. For this issue, it counts as
+yours.</p>
+
+<p>The <em>data</em> on the rented remote server is less
secure than
+if you had the server at home, but that is a separate issue from
+SaaSS.</p>
+
+<h3>Dealing with the SaaSS Problem</h3>
+
+<p>Only a small fraction of all web sites do SaaSS; most don't raise
+the issue. But what should we do about the ones that raise it?</p>
+
+<p>For the simple case, where you are doing your own computing on data
+in your own hands, the solution is simple: use your own copy of a free
+software application. Do your text editing with your copy of a free
+text editor such as GNU Emacs or a free word processor. Do your photo
+editing with your copy of free software such as GIMP. What if there
+is no free program available? A proprietary program or SaaSS would
+take away your freedom, so you shouldn't use those. You can contribute
+your time or your money to development of a free replacement.</p>
+
+<p>What about collaborating with other individuals as a group? It may
+be hard to do this at present without using a server, and your group
+may not know how to run its own server. If you use someone else's
+server, at least don't trust a server run by a company. A mere
+contract as a customer is no protection unless you could detect a
+breach and could really sue, and the company probably writes its
+contracts to permit a broad range of abuses. The state can subpoena
+your data from the company along with everyone else's, as Obama has
+done to phone companies, supposing the company doesn't volunteer them
+like the US phone companies that illegally wiretapped their customers
+for Bush. If you must use a server, use a server whose operators give
+you a basis for trust beyond a mere commercial relationship.</p>
+
+<p>However, on a longer time scale, we can create alternatives to
+using servers. For instance, we can create a peer-to-peer program
+through which collaborators can share data encrypted. The free
+software community should develop distributed peer-to-peer
+replacements for important “web applications”. It may be
+wise to release them under
+the <a href="/licenses/why-affero-gpl.html"> GNU Affero GPL</a>,
since
+they are likely candidates for being converted into server-based
+programs by someone else. The <a href="/">GNU project</a> is
looking
+for volunteers to work on such replacements. We also invite other
+free software projects to consider this issue in their design.</p>
+
+<p>In the meantime, if a company invites you to use its server to do
+your own computing tasks, don't yield; don't use SaaSS. Don't buy or
+install “thin clients”, which are simply computers so weak
+they make you do the real work on a server, unless you're going to use
+them with <em>your</em> server. Use a real computer and keep your
+data there. Do your own computing with your own copy of a free
+program, for your freedom's sake.</p>
+
+<h3>See also:</h3>
+<p><a href="/philosophy/bug-nobody-allowed-to-understand.html">The
+Bug Nobody is Allowed to Understand</a>.</p>
+
+</div><!-- for id="content", starts in the include above -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:address@hidden"><address@hidden></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a
href="mailto:address@hidden"><address@hidden></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:address@hidden">
+ <address@hidden></a>.</p>
+
+ <p>For information on coordinating and submitting translations of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and submitting translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2010, 2013, 2015, 2016 Richard Stallman</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by-nd/4.0/">Creative
+Commons Attribution-NoDerivatives 4.0 International
License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2016/08/06 05:28:48 $
+<!-- timestamp end -->
+</p>
+</div>
+</div>
+</body>
+</html>
+</pre></body></html>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- www/philosophy government-free-software.pl.html...,
GNUN <=