EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.31.08

Pulling an SCO Using Security Firms?

Posted in Free/Libre Software, FUD, Java, Microsoft, Security at 4:02 pm by Dr. Roy Schestowitz

The Fortify “Get the Facts” campaign (against Free software) was only mentioned very briefly here. It came in the form of a warning (it was also included in some link digests).

Security companies are funny creatures because they naturally love insecure software. They love breaking software apart and fear means business to them. Lying is never a problem, no matter the consequences. Moreover, Free software, which is inherently more secure, is a true danger to the business model of security agents, so they fight without tact or mercy [1, 2, 3].

Some concerned people, such as Sean at Internet News, truly wondered what Fortify had in mind. Why would it attack Free software so suddenly? Groklaw found this one, which is merely a possibility, not an explantion. It’s a vanity page bearing the headline: “FORTIFY-MICROSOFT ALLIANCE.”

Microsoft and Fortify Software are enabling software developers and testers to build and deliver more secure applications. Visual Studio 2005 Team Edition for Software Testers offers an easy-to-use yet powerful framework for testing. Fortify leverages this infrastructure and adds Web application security testing capabilities. The combination of the two effectively brings basic security testing out of the realm of specialized experts and into the hands of software testers. In addition, Fortify provides its award-winning source code analysis capabilities to Visual Studio Team Edition for Developers so security flaws discovered in development and testing can be diagnosed and fixed quickly. Working closely with the Visual Studio team has enabled Fortify Software to incorporate its innovative software security capabilities within the powerful Visual Studio

Groklaw adds: “Yes, folks. This partner of Microsoft is the same Fortify Software that put out that “study” that concluded that “Open Source” (but actually only Java) is risky.” It smells like a case of fitting data to an hypothesis and a sensationalist conclusion, and at the same time hitting two rivals of Microsoft: Java and Free software.

They didn’t assess proprietary equivalents. They wanted to encourage businesses to buy products from them. Furthermore, according to this, once/if you looked closely, you would find that proprietary products were shown to be more — not less — defective than Free software. So what has Fortify really proven?

Her main points:

1. There are other security toolkits other than Fortify. Just because you don’t use their system doesn’t mean you don’t care.
2. When reading vendor-sponsored studies consider the source. Always a wise move.
3. Open source projects in Fortify’s Open Review report fewer defects per thousand lines of code than proprietary products in the same review. I didn’t know that.

Fortify may also have some junk software patents, such as this one on “security testing”.

Fortify SCA helps security, testing and development teams pinpoint and eliminate security vulnerabilities in software applications. Fortify’s patent-pending technology delivers the most accurate and reliable results with low false positives..

“There should really be an index somewhere to tell who’s with who.”Watch who Fortify built an alliance with: Wipro, another Microsoft partner that’s joint to it by the hip and lobbies for OOXML — all against India’s interests [1, 2, 3, 4, 5].

Fortify lives in a not-so-healthy neighbourhood of proprietary software companies that combat Free software and encourage software patents.

The apple doesn’t fall so far from the tree.

With money on the table, there is no trust. Will you also believe OpenLogic and Black Duck, for example, despite being headed by former Microsoft employees? They sell open source fear. There should really be an index somewhere to tell who’s with who. It would help tremendously.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. aeshna23 said,

    July 31, 2008 at 6:06 pm

    Gravatar

    There is a right-wing website that would serve as a good model for a project of indexing who’s with who in the MS/proprietary software world:

    http://www.discoverthenetworks.org/

    (Pointing out this website as good model is neither an endorsement of the site nor is it to say that all information there is accurate. Most websites on the left and the right get carried away and honesty suffers.)

What Else is New

  1. Links - Anti-Trust Roundups - Yahoo, Nokia, Barns and Nobel



  2. Links - MSNokia Passes Blame, Bill Gates pushes GMOs, Open Access news



  3. Links 7/2/2012: Firefox 11 Enters Beta, Canonical Disappoints KDE

    Links for the day

  4. IRC Proceedings: February 6th, 2012

    IRC logs for February 6th, 2012

  5. IRC Proceedings: February 5th, 2012

    IRC logs for February 5th, 2012

  6. Links 6/2/2012: PCLinuxOS 2012.02 and Mint KDE Reviews

    Links for the day

  7. Bill Gates Indoctrinates Youth in the United States and India, Critics Speak Out

    Backlash against the Gates Crusade to brainwash the young minds all around the world

  8. Bill Gates Uses Symbolic 'Donation' to Force Taxpayers to Pay Microsoft (of Which He Holds Shares)

    The Gates Foundation goes lobbying for Microsoft again, this time in Vietnam

  9. Monopoly as Innovation?

    Challenging the old misconception that patents are beneficial to anything but few multinationals and their patent lawyers

  10. Links 5/2/2012: Lenovo in India, Netrunner 4.1 is Out

    Links for the day

  11. IRC Proceedings: February 4th, 2012

    IRC logs for February 4th, 2012

  12. OpenStack, Microsoft, Junk Patents, Microsoft Copyrights, and Oracle Copyrights

    Another look at the OpenStack situation, why Microsoft should not be allowed to enter, and more about patent and copyright complications

  13. Apple, Which Started Patent Wars, Gets What It Deserves

    Apple products get banned (for the time being) after Apple decided to attack Linux-supporting competitors and then received some blowback

  14. Unitary Patent and the Emergence of More Junk Patents

    The rise of the junk patents and what we are taught about them by the news, including some news about the unitary patent in Europe

  15. Backlash Against Bill Gates' Lobbying for Patented Life

    GMO, a robbery of the right of reproduction (and a potential health hazard), is promoted by Bill Gates for profit, whereupon critics strike back

  16. IRC Proceedings: February 3rd, 2012

    IRC logs for February 3rd, 2012

  17. Links 4/2/2012: Ubuntu 12.04 Alpha 2 Preview, ACTA Backlash in Europe

    Links for the day

  18. A Glimpse at Executives Who Left the Sinking Novell Ship

    A roundup of news about former Novell staff and where that staff is moving these days

  19. Novell Makes New Software for Microsoft Windows and Office

    PR spin from Novell and money-grabbing moves that promote proprietary software rather than Free/Open Source software

  20. Links 3/2/2012: BT Vision Goes for Linux, Linux 3.3 With Android

    Links for the day

  21. Debt in Attachmate

    The company that bought Novell has a poor outlook, financial issues, and little signs of expansion/renaissance

  22. Longtime SUSE Executive Holger Dyroff Moves on, SUSE in a Bad State

    Key people continue to leave SUSE and the distribution is left without a compelling sales pitch

  23. Groklaw Update on Android Patent Cases and Response to FUD From Microsoft Lobbyists

    A few updates of greater importance where the Linux situation is discussed in the context of Android and Novell

  24. IRC Proceedings: February 2nd, 2012

    IRC logs for February 2nd, 2012

  25. Links 2/2/2012: DEFT Linux 7, Mozilla Firefox 10

    Links for the day

  26. IRC Proceedings: February 1st, 2012

    IRC logs for February 1st, 2012

  27. IRC Proceedings: January 31st, 2012

    IRC logs for January 31st, 2012

  28. IRC Proceedings: January 30th, 2012

    IRC logs for January 30th, 2012

  29. Bill Gates is Hijacking Open Source While Attacking It Using Lobbyists, Patents, and Patent Trolls

    Response to reputation laundering from Wired Magazine, the latest nonsense from Microsoft's lobbyist Florian Müller, an update on Microsoft's trolling against Android, and a little more of Apple's

  30. The Gates Foundation is Still Hijacking the Voice of the Poor and Effectively Runs Paid Advertisements Inside 'News'

    Money still the vehicle by which opinions get heard, so Bill Gates exploits this for fame, power, and profit

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts