Читаем Free Software, Free Society: selected essays of Richard M. Stallman. 2nd edition. полностью

With free software, we, the users, take back control of our computing. Proprietary software still exists, but we can exclude it from our lives and many of us have done so. However, we now face a new threat to our control over our computing: Software as a Service. For our freedom’s sake, we have to reject that too.

How Software as a Service Takes Away Your Freedom

Software as a Service (SaaS) means that someone sets up a network server that does certain computing tasks—running spreadsheets, word processing, translating text into another language, etc.—then invites users to do their computing on that server. Users send their data to the server, which does their computing on the data thus provided, then sends the results back or acts on them directly.

These servers wrest control from the users even more inexorably than proprietary software. With proprietary software, users typically get an executable file but not the source code. That makes it hard for programmers to study the code that is running, so it’s hard to determine what the program really does, and hard to change it.

With SaaS, the users do not have even the executable file: it is on the server, where the users can’t see or touch it. Thus it is impossible for them to ascertain what it really does, and impossible to change it.

Furthermore, SaaS automatically leads to harmful consequences equivalent to the malicious features of certain proprietary software. For instance, some proprietary programs are “spyware”: the program sends out data about users’ computing activities. Microsoft Windows sends information about users’ activities to Microsoft. Windows Media Player and RealPlayer report what each user watches or listens to.

Unlike proprietary software, SaaS does not require covert code to obtain the user’s data. Instead, users must send their data to the server in order to use it. This has the same effect as spyware: the server operator gets the data. He gets it with no special effort, by the nature of SaaS.

Some proprietary programs can mistreat users under remote command. For instance, Windows has a back door with which Microsoft can forcibly change any software on the machine. The Amazon Kindle e-book reader (whose name suggests it’s intended to burn people’s books) has an Orwellian back door that Amazon used in 2009 to remotely delete Kindle copies of Orwell’s books 1984 and Animal Farm which the users had purchased from Amazon.[1] SaaS inherently gives the server operator the power to change the software in use, or the users’ data being operated on. Once again, no special code is needed to do this.

Thus, SaaS is equivalent to total spyware and a gaping wide back door, and gives the server operator unjust power over the user. We can’t accept that.

Untangling the SaaS Issue from the Proprietary Software Issue

SaaS and proprietary software lead to similar harmful results, but the causal mechanisms are different. With proprietary software, the cause is that you have and use a copy which is difficult or illegal to change. With SaaS, the cause is that you use a copy you don’t have.

These two issues are often confused, and not only by accident. Web developers use the vague term “web application” to lump the server software together with programs run on your machine in your browser. Some web pages install nontrivial or even large JavaScript programs temporarily into your browser without informing you. When these JavaScript programs are nonfree, they are as bad as any other nonfree software. Here, however, we are concerned with the problem of the server software itself.

Many free software supporters assume that the problem of SaaS will be solved by developing free software for servers. For the server operator’s sake, the programs on the server had better be free; if they are proprietary, their owners have power over the server. That’s unfair to the operator, and doesn’t help you at all. But if the programs on the server are free, that doesn’t protect you as the server’s user from the effects of SaaS. They give freedom to the operator, but not to you.

Releasing the server software source code does benefit the community: suitably skilled users can set up similar servers, perhaps changing the software. But none of these servers would give you control over computing you do on it, unless it’s your server. The rest would all be SaaS. SaaS always subjects you to the power of the server operator, and the only remedy is, Don’t use SaaS! Don’t use someone else’s server to do your own computing on data provided by you.

Distinguishing SaaS from Other Network Services

Does condemning SaaS mean rejecting all network servers? Not at all. Most servers do not raise this issue, because the job you do with them isn’t your own computing except in a trivial sense.