[p2p-research] Fwd: exchange on ethicality of cloud computing with richard stallman

Michel Bauwens michelsub2004 at gmail.com
Mon Mar 30 12:46:14 CEST 2009 

Hi Sepp,

If you have time to contribute to our blog, now is a really good time, I
have a hard time keeping up and will be on the road until mid-april,

this is a possible interesting subject, see below, it appeared on a mailing
list archive in the public domain,

Michel

---------- Forwarded message ----------
From: Dave Crossland <dave at lab6.com>
Date: Mon, Mar 30, 2009 at 4:19 PM
Subject: Re: [Autonomo.us] so... how was it?
To: "autonomo.us discussion mailing list" <discuss at lists.autonomo.us>


2009/3/24 Evan Prodromou <evan at prodromou.name>:
>
> Clearly, if I have complete physical control the remote server (say, it's
in
> my closet), there should be little problem Freedom-wise with me using
> whatever-the-heck input method I want to access the software on that
> computer. I don't think any of us think that remote control of software
> makes that software non-free. (Or maybe some of us do.)
>
> For me personally, I get great advantage from using software on a remote
> server. I use Roundcube for remote access to my email, and a remote
> calendaring tool, too.
>
> What about if I don't have physical control -- say, for a leased server in
> someone else's data centre?

I was chatting to RMS about this back last year, and perhaps its
useful to everyone here, so here is the unfinished thread with
permission:

---------- Forwarded message ----------
From: Dave Crossland <dave at lab6.com>
Date: 2008/9/30
Subject: Cloud Computing?
To: Richard Stallman <rms at gnu.org>


Hi!

I was glad to see the article in the Guardian you were features in
yesterday, about Cloud Computing. I saw this via the blog post at
http://autonomo.us/2008/09/rms-on-cloud-computing-stupidity/ which
disagrees with you.

I have been thinking about this issue and I have some questions
relating to this quote from the Guardian article:

"Do your own computing on your own computer with your copy of a
freedom-respecting program. If you use a proprietary program or
somebody else's web server, you're defenceless. You're putty in the
hands of whoever developed that software."

If a user wants to use network applications in freedom, they can do
their own computing on their own computer with their copy of a
freedom-respecting network-accessed program if their computer is a
network server. Is this ethical?

I think it is. I have been suggesting that this can conveniently be
their GNU/Linux desktop computer if they just leave it turned on all
the time and ask their ISP to set a static IP address so they can
point a domain name at it for convenient access.

But I wonder about using a computer located in a 'telehouse' server
hosting facility, for reliable network access, electricity saving,
etc. There are a range of common scenarios, and I wonder if you think
there is a distinction between them:

Telehouse companies offer 'colocation' services where you can post
them a computer and they will connect it. Would this be ethical?

These companies also offer renting a physical computer from them,
which is cheaper. Would this be ethical?

These companies also offer renting a virtualised operating system from
them, which is still cheaper. Would this be ethical?

---------- Forwarded message ----------
From: Richard M. Stallman <rms at gnu.org>
Date: 2008/10/1
Subject: Re: Cloud Computing?
To: Dave Crossland <dave at lab6.com>


 If a user wants to use network applications in freedom, they can do
 their own computing on their own computer with their copy of a
 freedom-respecting network-accessed program if their computer is a
 network server. Is this ethical?

I think "ethical" is the wrong adjective; it poses the wrong question.
For instance, I would not say that doing your computing on some
company's network server is "unethical".  It only hurts you, not
others.  I would call it harmful and foolish.

Using your own network server is not harmful or foolish.  In fact, I
see nothing wrong with it.  But that's not what most of the "cloud
computing" boosters are trying to get you to do!

 Telehouse companies offer 'colocation' services where you can post
 them a computer and they will connect it. Would this be ethical?

It is probably not harmful or foolish.  The question is, basically, do
you trust them not to let the bad guys (such as the police) into your
machine.

 These companies also offer renting a physical computer from them,
 which is cheaper. Would this be ethical?

I'd say basically the same about that.  The only difference between
these two scenarios might be a legal one.  It is possible that, in
some countries, the police might need a court order to mess with a
computer you own, and might not need one to mess with a computer you
rent.

I do not know whether such a country exists; I only mention the
possibility.

 These companies also offer renting a virtualised operating system from
 them, which is still cheaper. Would this be ethical?

This is pretty much in the same ballpark as the other two possibilities.


---------- Forwarded message ----------
From: Dave Crossland <dave at lab6.com>
Date: 2008/10/1
Subject: Re: Cloud Computing?
To: rms at gnu.org


On 01/10/2008, Richard M. Stallman <rms at gnu.org> wrote:
>     If a user wants to use network applications in freedom, they can do
>     their own computing on their own computer with their copy of a
>     freedom-respecting network-accessed program if their computer is a
>     network server. Is this ethical?
>
> I think "ethical" is the wrong adjective; it poses the wrong question.
> For instance, I would not say that doing your computing on some
> company's network server is "unethical".  It only hurts you, not
> others.  I would call it harmful and foolish.

That is a good point; I'll be sure to refer to network apps as a
freedom issue rather than an ethical issue from now on.

In the past I asked about using a freely redistributable program that
does not have accompanying source code, and you said that this has a
secondary ethical aspect, akin to pollution, because it suggests to
others that doing so is not harmful and foolish.

Does that also apply here?

> Using your own network server is not harmful or foolish.  In fact, I
> see nothing wrong with it.  But that's not what most of the "cloud
> computing" boosters are trying to get you to do!

No, indeed. I think that is what we "cloud computing" detractors
should be trying to get users to do, though.

Amazon offers a popular "elastic cloud computing" virtual server
hosting service, where users upload a GNU/Xen-Linux system disk image
which is booted but for which bandwidth, storage disk and processing
power is 'elastic' - can scale arbitrarily, and on demand.

I have not used this service, but I hear it is very simple to use with
a pre-configured disk image. I wonder if putting a system disk image
together for services like this, consisting of only free software
suitable for the common tasks people use proprietary cloud computing
for (email, calendars, blog publishing, collaborative
authoring/spreadsheets, task management), and that is configurable
with an 'installation wizard,' would be a good way to provide a
practical alternative to cloud computing.

Do you think this is a good idea?

> The question is, basically, do
> you trust them not to let the bad guys (such as the police) into your
> machine.

I am not sure how to answer that question, and my uncertainly is
summarised as: would you trust Amazon?

I've written out some of my ideas, if you'd like to comment on them
I'd appreciate it but if you are too busy that's fine :-)

A small personable and 'trustworthy' ISP seems just as vulnerable to
surveillance requests as a large corporate 'faceless' ISP to me.

I also wonder about why any bad guys would want access to the machine.
Simple vandals trawl the net for unpatched computers, but a personal
network server would have a simple authentication lock that would
adequately prevent such vandals from accessing out of date server
programs.

The simplest, cheapest and most common way for the police to get into
a machine is to seize it. People who meet active stifling of their
political network activity, say like The Pirate Bay, adequately
mitigate that with backups in multiple jurisdictions, so that when any
server is seized, another is put online within in a few days.

If the state wants to have covert access without disconnecting the
machine, that also seems straightforward, although more expensive; the
way the UK surveillance law works, citizens made complicit in
surveillance activity (eg, being forced to reveal crypto passwords)
face up to 2 years in jail if they tell anyone about it. And police
ask for things without forcing them and routinely get them; I suppose
thats the difference between a small personable company and a
backstabbing corporate one. And for unlawful forced access, I think it
is impossible to totally secure against that, since individuals acting
alone have annually gained illicit root access to
governmentally-secret computers the last 30 years.

But getting into machines covertly seems unnecessary anyway; the tap
is better done 'upstream.' And its well known that spy agencies have
total access to all network traffic with systems like Echelon and
Carnivore. (So if I was involved in serious political dissent, then
probably I would avoid using computer networks. The Unabomber did
alright that way... ;-)

I agree it is good to mention this issue when publicizing the problems
of cloud computing. But it seems to me that in the current political
climate the answer to the question is always, "I do not trust the
computer landlord not to let the bad guys (such as the police) into my
rented machine," but avoiding cloud computing with programs you
control but on servers you rent does anything to help resolve it.



---------- Forwarded message ----------
From: Richard M. Stallman <rms at gnu.org>
Date: 2008/10/2
Subject: Re: Cloud Computing?
To: Dave Crossland <dave at lab6.com>


 >     their own computing on their own computer with their copy of a
 >     freedom-respecting network-accessed program if their computer is a
 >     network server. Is this ethical?
 >
 > I think "ethical" is the wrong adjective; it poses the wrong question.
 > For instance, I would not say that doing your computing on some
 > company's network server is "unethical".  It only hurts you, not
 > others.  I would call it harmful and foolish.

 That is a good point; I'll be sure to refer to network apps as a
 freedom issue rather than an ethical issue from now on.

You have changed the viewpoint in your wording.  Before, you were
talking about _using_ a "network app".  Now you're talking about the
network apps themselves.

The issue is a freedom issue and it is an ethical issue.
However, _using_ the network app is not very unethical,
because you're the victim.

 In the past I asked about using a freely redistributable program that
 does not have accompanying source code, and you said that this has a
 secondary ethical aspect, akin to pollution, because it suggests to
 others that doing so is not harmful and foolish.

 Does that also apply here?

Yes, it does apply.


---------- Forwarded message ----------
From: Richard M. Stallman <rms at gnu.org>
Date: 2008/10/2
Subject: Re: Cloud Computing?
To: Dave Crossland <dave at lab6.com>


  I have not used this service, but I hear it is very simple to use with
  a pre-configured disk image. I wonder if putting a system disk image
  together for services like this, consisting of only free software
  suitable for the common tasks people use proprietary cloud computing
  for (email, calendars, blog publishing, collaborative
  authoring/spreadsheets, task management), and that is configurable
  with an 'installation wizard,' would be a good way to provide a
  practical alternative to cloud computing.

  Do you think this is a good idea?

I don't know.  It's a matter of whether you can trust Amazon with your data.

(I need to take that back -- because I don't know enough about that
service to be confident of that conclusion.  Maybe it's only a matter
of whether you can trust Amazon with your data.  Maybe there is
another issue too.  I can't be sure.)

  I also wonder about why any bad guys would want access to the machine.

Perhaps you are discussing a planned protest and the bad guys want to
sabotage it.  They give lip service to democracy, but really they're
against it.

  The simplest, cheapest and most common way for the police to get into
  a machine is to seize it.

Yes, but for that they at least need to get a court order.  They
could get a court order to seize your personal machine, too.

Thus, what I am concerned about is possibilities for surveillance that
bypass court orders.  Like the U SAP AT RIOT act, for instance.

I am also concerned that the bad guys will simply ask a corporation to
"cooperate" by handing over data about you, calling that "being a good
corporate citizen".

I think a small ISP that you pay is less likely to do this than a big
one to whom you are nothing.

  climate the answer to the question is always, "I do not trust the
  computer landlord not to let the bad guys (such as the police) into my
  rented machine," but avoiding cloud computing with programs you
  control but on servers you rent does anything to help resolve it.

I can't parse that.
_______________________________________________
Discuss mailing list
Discuss at lists.autonomo.us
http://lists.autonomo.us/mailman/listinfo/discuss



-- 
Working at http://en.wikipedia.org/wiki/Dhurakij_Pundit_University -
http://www.dpu.ac.th/dpuic/info/Research.html -
http://www.asianforesightinstitute.org/index.php/eng/The-AFI

Volunteering at the P2P Foundation:
http://p2pfoundation.net  - http://blog.p2pfoundation.net -
http://p2pfoundation.ning.com

Monitor updates at http://del.icio.us/mbauwens

The work of the P2P Foundation is supported by SHIFTN,
http://www.shiftn.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listcultures.org/pipermail/p2presearch_listcultures.org/attachments/20090330/215e99a6/attachment-0001.html>

More information about the p2presearch mailing list