Slashdot Mirror


RMS and Clipperz Promoting Freedom In the Cloud

mbarulli writes "Clipperz and Richard Stallman recently launched a joint call for action to bring freedom and privacy to web applications. 'The benefits of web apps are many, but quite often users lose their freedom to study, modify and discuss the source code that powers those web apps. Furthermore, we are forced to trust third parties with our data (bookmarks, text documents, chat transcripts, financial info ... and now health records!) that no longer resides on our hard disks, but are stored somewhere in the cloud.' Clipperz and RMS urge web developers to adopt the new AGPL license and build their applications using a 'zero-knowledge architecture,' a framework for web services that has been derived from Clipperz online password manager. A smooth path toward web apps based on free software that know nothing about you and your data."

7 of 156 comments (clear)

  1. Hear hear ! by silentcoder · · Score: 5, Interesting

    Especially when one considers the evergrowing warnings about google products and sites like facebook (which makes its money out of selling private information to advertisers without even making an attempt at disguising the fact) - we need, in this age of web-apps, to push for greater openness in their design.

    It's no longer just about the source code, it's about every single aspect of our lives. Dr. Phill may get hits from doing shows about how people misrepresent themselves online - but the fact that his investigators are able to find out enough about a person to 'figure out the lies' just tell you how dangerous the system already is - and that is third parties, imagine the true power that applications like facebook or Yahoo! mail holds... it's scary.

    On the other hand, most people could care so little about their privacy these days... one may go so far as to suggest that those who do not care, do not deserve it.

    For the rest of us, why not contribute a bit to changing the picture - is there even one solid social networking tool out there that is built on open source ?

    --
    Unicode killed the ASCII-art *
  2. When I see "Clipperz"... by pongo000 · · Score: 3, Interesting

    ...I'm reminded of the sorry attempt by the US Government to introduce its version of DRM known as the "Clipper Chip." The F/OSS community isn't known for its attention-grabbing project names (think Gimp here), so this comes as no surprise. Still, am I the only one who, upon first sight, related "Clipperz" and "Clipper Chip"? Is this the best moniker the Cesares could come up with?

  3. Even if more web apps were open source by SamP2 · · Score: 4, Interesting

    How do we know that the app we use indeed came from the source they say it did?

    With desktop app, one could compile and take an MD5, or just compile and compare to the binaries distributed, or just not use the binaries at all and compile from source for their own use.

    With a web app, even if we had the source, we'd still be connecting to a 3-rd party HTTP server, and there is really no way to verify how the "real" program is run.

    1. Re:Even if more web apps were open source by apathy+maybe · · Score: 3, Interesting

      When I provide code on my website, I link to a program which displays the code on the screen.

      Using the program, you can look at any file (apart from ones that are either in a black-list, such as "settings.php", or ones that have a bit of text at the start "don't show this") any time.

      If it gets updated, you can always get the latest version.

      Of course, yes, there isn't any real way to make sure that EvilCorp doesn't fuck around and show different code to what is actually being run. But considering you can't update that code on EvilCorp's websever, there isn't anything you can do about it.

      With AGPL, you can run the code on /your/ websever.

      (The only trouble with the GNU AGPL that I can tell (that is, v3, not v2), is that it explicitly allows mixing with GPL code, and then the entire program is GPL, not AGPL. I personally think it should be the other way around. But meh.)

      --
      I wank in the shower.
  4. Re:If you don't want them sharing your data... by Anonymous Coward · · Score: 3, Interesting

    Even if I don't give them my data, other people will. What's to stop my friends/enemies from posting pictures of me online? With my name in the tag?

  5. AGPL is pointless by harlows_monkeys · · Score: 3, Interesting

    I'm going to use US copyright law in this comment, but I believe other countries have similar provisions.

    US copyright law says that the owner of a particular copy of a program can make modifications to the program in order to adapt it for use on his machine, without violating copyright. The case law has interpreted this to include modifications beyond just what is necessary to make the program run--it includes adding features if those features are necessary for what you are trying to use the program for. See 17 USC 117 for the statute itself.

    Section 9 of AGPL says this:

    You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.

    But what is modifying? That is defined in section 0:

    To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work.

    Because of 17 USC 117, and the interpretation of the scope of that in the case law, most use of AGPL software in a software as a service environment will NOT involve "modifying" the software as defined by AGPL, and you won't be required to make your changes available.

  6. Re:If you don't want them sharing your data... by Dolda2000 · · Score: 4, Interesting

    What's to stop my friends/enemies from posting pictures of me online?

    This might sound weird, but, how about you yourself?