When a user uses a web application hosted on a server, he does not
possess the executable binary (let alone the source) of the program and
lose access to the
application if the provider goes out of business or decides not to host
This is the real threat of
Microsoft's .NET initiative and "thin-client" computing.
General Public License typically does not apply to web applications
because they are not actually distributed. We need a
license to ensure our code remains truly free in the face of
I should more properly say "web applications are given the ultimate
copy protection as a result of being deployed on servers rather than
user machines" but that wouldn't fit in the subject line (and isn't
nearly as pithy).
When you install a binary executable application on your computer,
whether it is free or proprietary, you have the actual executable
program yourself. In general, you don't need to be hooked up to the net
to run the program.
But if you use an application which is hosted on a web server, you don't
possess even the executable - you only have the ability to submit input
to it and receive output from it, you don't even do the processing
yourself, that's done on the server.
If the company that hosts the web application should go out of business,
"upgrade" to a version that no longer serves your needs, or decides that
it no longer serves its business purpose to provide the web application,
you are out of luck.
This may not be a big deal if the web application is something for which
there is ready competition (like stock quotes) or something you don't
really depend on (like idle amusement). But if it is something you
depend on for your daily work or well-being, then you're really in a
For example, there are now companies that provide small business
bookkeeping over the web. Sure this would be handy, especially if you
travel and don't always have your work machine with you, but imagine
what a fix you'd be in if this service went south on you.
Even with a proprietary program, you still have the original
installation media to use in case you need to reinstall it after the
publisher goes bust. While you won't get new support and features on a
closed-source product, it will at least continue to work until changes
to your underlying operating system or other applications it must
interface with make it eventually incompatible. I've got lots of
programs on my Mac from the 1980's that still run just fine.
Some web applications such as the slashcode are written in open source,
and many libraries for web apps are too such as the Apache XML Project, as well as some
important servers like Apache
But much of the source for web applications are provided with licenses
such as the Apache
License that allow for closed-source distribution of binaries, and -
here's the catch - even if you license your own web application source
code under the GPL, for someone simply to run a web
doesn't count as distribution - therefore the GPL's requirement
to provide source does not apply!
I should note that many people who work on open source projects are
supportive of their work being used in closed-source form. The license
you contribute code under should be very much a matter of personal
choice, or corporate policy.
Many of the corporate contributors to open source are much more
comfortable with the Apache or Mozilla license - the Xerces libraries
from the Apache XML Project were originally called XML4J and XML4C
before IBM contributed them, and of course Netscape drafted the Mozilla
license specifically to serve their own closed-source needs.
There is tons of GPL'ed code in existence, much of which may be applied
in ways unimagined by the original author to use in a web application.
And in no case does the source code need to be provided - either the
modified source or (as the GPL intends, in contrast to most other
licenses) the code to which it is linked, simply because the application
has never been distributed.
So it is very likely that much of the copylefted code many of you
reading this have already written has fallen forever into a black
Thus I see a great disaster preparing to fall upon the Free Software
community as a result of Microsoft's .NET initiative, all those folks
building "net computers" and so on.
I wrote to Richard Stallman about
this issue, suggesting The Free Software
Foundation write some kind of "server GPL" that will take force
whenever a program makes a communications connection with a program
running on a computer outside of the organization. His response showed
he'd been thinking about it but didn't have an immediate answer:
I am thinking of providing an option like this in GPL version 3.
But it cannot be soon.
And sometimes you think you've got the binary downloaded for
installation when you really don't. I discovered this the hard way when
I wanted to download
QuickTime 4 for my Windows PC over a slow 28.8 modem connection.
I saw that the download size was several megabytes so I waited until I
got into the office where I could use DSL, installed it on the machine
there, then copied the download file onto a zip disk and took it home -
but then couldn't get it to install.
The installer you get from the website is a selection and download
utility, and after picking the components that you want installed, it
downloads them all in a single file, in a proprietary installation
archive format. You cannot then reuse that download file - running the
installer utility will only make a connection with apple's web server
and won't open a previously downloaded install archive.
That meant that I had to go download the damn thing again, over a slow
modem, even though I already had the data.
That means that once Apple no longer makes Quicktime 4 available on its
website, it will no longer be possible to install. Maybe you're OK with
this, you'll be using QuickTime 5 someday - but what if it doesn't run
on your computer because you use a computer Apple no longer supports
(Microsoft doesn't support NT in the latest Windows Media Player) or if
the newer quicktime doesn't support a format that you need to use to
open files that you already possess?
Lastly I'll tell you about some of the efforts software publishers will
go to to copy protect their code. Explicit copy protection fell quickly
out of favor early in the history of personal computers - users simply
chose not to purchase it, so publishers had to ship their products
without it. Even today, reasonably effective copy protection such as
dongles are only used for expensive specialty programs.
But copy protection exists even if you think it's not there. Back in
the mid-90's, a hardware manufacturer friend of mine asked me to think
of a software product, any software product, with which he could
plausibly associate a hardware card. We'd put as much money as
necessary into development of the software product, but it would require
the hardware card to run. The hardware card might not do anything but
provide a serial number out of a PROM, or maybe it would have a cheap
accellerator like a simple DSP. The key was that we'd be marketing the
card, not the software - the software would come with the card,
but the user would think they were buying the card, not the software.
The cards wouldn't cost more than $10 apiece to manufacture but would
serve as perfect copy protection devices, and the user would neither
suspect nor object.