I think calling this spyware is a pretty far stretch. We're talking about SAAS platforms that want to record events based on user behavior for a myriad of purposes; these are platforms that you are choosing to use, not tracking pixels dropped all across the web.
There are dozens of valid uses for this beyond ad-tech. Where we use Segment it barely even touches with marketing. Most of the value for Segment is piping user lifecycle events around to every platform and service you use to help enrich customer experience. Sure, call it sales or marketing or ad-tech, but that's really just an umbrella for trying to maximize revenue-per-customer - and isn't that the point of a SAAS platform?
I think we should be cautious about throwing the terms "spyware" and "malware" around right now; there are lots of very valid cases that should be labeled as such, but if we over-use the word it just makes it harder for us to delineate between powerful tools being used for good/valid purposes or deceptive ones.
Jitsu certainly can be used to build spyware (and Linux too, probably 90% of spyware is running on Linux servers), but following this logic any OSS project can be accused of being spyware. I
Yes, jitsu can be deployed at custom domain such as track.yourcompany.com. And while some AdBlockers will block *.segment.com, track.yourcompany.com will remain functional. We don't consider this feature unethical, though. It depends on how data collected by Jitsu is used. If the app owner sells it without telling end-users that's probably bad. However, I believe most of our users using the data to improve product experience. And Jitsu can be configured to respect do-not-track/gdpr settings.
I mean, that's a common difference between a SaaS and a self-hosted solution. For a SaaS service a block list can include *.somesaas.com vs a self-hosted service that has it's own domain per owner, meaning you'd have to add every single one to the list. You can always find a common pattern in the URL (e.g. the API), and block based on something else. There's also an issue[0] to block based on POST body.
This line alone is enough to infuriate me. So I am unable to block spying and data collection now?
I don't understand why we are still praising spyware tools?