Hi Lucile,

I think "open source cloud computing" is used, at least in most of the
cases, as a short way to say "open source software for building private
and public clouds". OpenStack (http://www.openstack.org/) is, maybe, the
main example of that.
Do you think there is any other meaning for that expression?

Best regards

Vicen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.fsfeurope.org/pipermail/discussion/attachments/20140212/571e17fd/attachment.html>

Well, I often see it in the context of pubic bodies, but it fits with
your explanation. For example:

https://joinup.ec.europa.eu/community/osor/news/improve-it-security-ep-demands-open-source

So it would mean a "private cloud" at the scale of their institutions
(European Parliament..) ? Self hosted free software cloud solutions
would be more appropriate then..

To answer my own question, I found something about standardisation:
https://joinup.ec.europa.eu/community/osor/news/etsi-open-source-clouds-worth-considering

Lucile
--
Lucile Falgueyrac - Free Software Foundation Europe
FSFE, Sch?nhauser Allee 6/7, 10119 Berlin
XMPP : lucile.falg at jabber.fsfe.org

Support FSFE! https://fsfe.org/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://mail.fsfeurope.org/pipermail/discussion/attachments/20140212/b560c54e/attachment.pgp>

That's because what's being offered is often purposefully unclear so the
organization making the offer can change service terms without tying
themselves down to something one can hold against them later. The usual
framing of the issue is narrowed so user convenience is paramount and
user's software freedom is left out entirely. There's typically no
mention of the freedoms would-be users must give up in exchange. What
the services seem to have in common is using programs that qualify as
"open source" to provide a service as a substitute for software one
probably ought to run themselves instead. But you'll never get a copy of
the complete corresponding source code for those programs, only those
within the service provider's organization will.
I think the FSF's many papers and remarks on both "open source" and
"cloud computing" do a good job of explaining both terms.

https://www.gnu.org/philosophy/open-source-misses-the-point.html

https://www.gnu.org/philosophy/words-to-avoid.html#CloudComputing

Any remotely hosted service on a computer one does not own would serve
as an example here: email hosting service, calendar sharing service, web
hosting service, any file hosting service, the list goes on and on. Of
course, the details of what one intends to host determine the relevant
threats; not all hosting services pose problems for all uses.

For a few years Richard Stallman has been giving talks about how
"digital inclusion" can be a bad thing. In these talks he outlines
classes of major problems quite well and his classification of threats
address your questions. I recall one such RMS talk from 11 October 2011
-- http://audio-video.gnu.org/video/stallman-sciencespo-freesociety.webm
-- I suggest finding this and other talks on audio-video.gnu.org.
The service owner's software freedom might be respected, depending on
the details, but:

1. The open source movement doesn't talk about software freedom. That's
part of the reason why that movement exists -- to not bring up software
freedom as an ethical issue because that movement's proponents think
such talk interferes with talking to businesses. See
https://www.gnu.org/philosophy/open-source-misses-the-point.html for
more on this.

2. It's unlikely that any remote service will respect a user's software
freedom or give the users a chance to know exactly which threats they
face in using the service. Such users are essentially handing the
service data without knowing how that data will be processed. Perhaps
the data will be shared without the user's knowledge? Perhaps the
service will misrepresent the user in some way? Perhaps information
about the use of the service will be shared in a way the user would not
approve of?
Any standards I've read about focus on technical issues and on helping
service providers make it difficult for users to migrate off of the
service with their data intact.
Yes, all the problems of giving one's data to be handled by someone
else's computer (software as a service substitute --
https://www.gnu.org/philosophy/who-does-that-server-really-serve.html)
remain including:
- one can't be sure what happens to the data, regardless of what the
terms of service claim.
- one can't be sure what happens to the data (or records describing the
data) after the service relationship ends.
- one has (quite rightly) no control over the service provider's
computer -- there is no way to give multiple people complete and
exclusive control over someone else's computer.

The concept of owner's rights work against those who seek to have
someone else do their computing for them while retaining control of the
other person's computer. One can't justly demand control of someone
else's computer without tacitly supporting losing control of one's own
computer as well.