EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.31.08

Pulling an SCO Using Security Firms?

Posted in Free/Libre Software, FUD, Java, Microsoft, Security at 4:02 pm by Dr. Roy Schestowitz

The Fortify “Get the Facts” campaign (against Free software) was only mentioned very briefly here. It came in the form of a warning (it was also included in some link digests).

Security companies are funny creatures because they naturally love insecure software. They love breaking software apart and fear means business to them. Lying is never a problem, no matter the consequences. Moreover, Free software, which is inherently more secure, is a true danger to the business model of security agents, so they fight without tact or mercy [1, 2, 3].

Some concerned people, such as Sean at Internet News, truly wondered what Fortify had in mind. Why would it attack Free software so suddenly? Groklaw found this one, which is merely a possibility, not an explantion. It’s a vanity page bearing the headline: “FORTIFY-MICROSOFT ALLIANCE.”

Microsoft and Fortify Software are enabling software developers and testers to build and deliver more secure applications. Visual Studio 2005 Team Edition for Software Testers offers an easy-to-use yet powerful framework for testing. Fortify leverages this infrastructure and adds Web application security testing capabilities. The combination of the two effectively brings basic security testing out of the realm of specialized experts and into the hands of software testers. In addition, Fortify provides its award-winning source code analysis capabilities to Visual Studio Team Edition for Developers so security flaws discovered in development and testing can be diagnosed and fixed quickly. Working closely with the Visual Studio team has enabled Fortify Software to incorporate its innovative software security capabilities within the powerful Visual Studio

Groklaw adds: “Yes, folks. This partner of Microsoft is the same Fortify Software that put out that “study” that concluded that “Open Source” (but actually only Java) is risky.” It smells like a case of fitting data to an hypothesis and a sensationalist conclusion, and at the same time hitting two rivals of Microsoft: Java and Free software.

They didn’t assess proprietary equivalents. They wanted to encourage businesses to buy products from them. Furthermore, according to this, once/if you looked closely, you would find that proprietary products were shown to be more — not less — defective than Free software. So what has Fortify really proven?

Her main points:

1. There are other security toolkits other than Fortify. Just because you don’t use their system doesn’t mean you don’t care.
2. When reading vendor-sponsored studies consider the source. Always a wise move.
3. Open source projects in Fortify’s Open Review report fewer defects per thousand lines of code than proprietary products in the same review. I didn’t know that.

Fortify may also have some junk software patents, such as this one on “security testing”.

Fortify SCA helps security, testing and development teams pinpoint and eliminate security vulnerabilities in software applications. Fortify’s patent-pending technology delivers the most accurate and reliable results with low false positives..

“There should really be an index somewhere to tell who’s with who.”Watch who Fortify built an alliance with: Wipro, another Microsoft partner that’s joint to it by the hip and lobbies for OOXML — all against India’s interests [1, 2, 3, 4, 5].

Fortify lives in a not-so-healthy neighbourhood of proprietary software companies that combat Free software and encourage software patents.

The apple doesn’t fall so far from the tree.

With money on the table, there is no trust. Will you also believe OpenLogic and Black Duck, for example, despite being headed by former Microsoft employees? They sell open source fear. There should really be an index somewhere to tell who’s with who. It would help tremendously.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

A Single Comment

  1. aeshna23 said,

    July 31, 2008 at 6:06 pm

    Gravatar

    There is a right-wing website that would serve as a good model for a project of indexing who’s with who in the MS/proprietary software world:

    http://www.discoverthenetworks.org/

    (Pointing out this website as good model is neither an endorsement of the site nor is it to say that all information there is accurate. Most websites on the left and the right get carried away and honesty suffers.)

What Else is New


  1. Thierry Breton's Video/Live Grilling is Over, But the Grilling Continues Online

    Elite politicians aren't reluctant to give Thierry Breton the high seat (or throne); but everyone else realises that this resembles a corporate takeover more than anything



  2. The EPO's Low Patent Quality is Not Just Suicidal; It is Illegal

    With help from the besieged Boards of Appeal (BoAs), which complain that they can no longer judge cases (appeals/referrals) autonomously and independently, the Office in Munich continues to grossly violate the EPC and mimic China's ridiculously low patent bar, which even formally permits patents on algorithms



  3. Links 14/11/2019: Mesa 19.2.4 and GCC 7.5 Released

    Links for the day



  4. Microsoft is Not an Open Source Company But Microsoft Bribed and Took Over Many Open Source Authorities (Rivals' Voice Hijacked)

    Free/Open Source software (FOSS) and GNU/Linux are being taken over by Microsoft moles, bought by Microsoft Corporation, and the collective voice of the alternative to Microsoft and Windows is being muzzled (they tell us they "love" us while they're attacking us and sometimes suing us)



  5. Techrights' Interpretation of Koch v EPO: The EPO's Management Still Attacks Staff Representatives

    The EPO hopes to get its victims (of EPO abuse) to not only foot their own bills but also the EPO's



  6. Understanding Thierry Breton: “Mister Cash” Arrives at France Télécom

    The psychological harassment of the France Télécom workforce led the "suicide wave" after Breton had left France Télécom



  7. The Breton-Battistelli Relationship and Breton Hiding His Employment Record at Rothschild & Cie Banque

    EPO scoundrels such as Battistelli are closer to Breton than most people care to realise; Breton is hiding part of his career ahead of today's grilling



  8. A Lot of EPO Staff on Dutch Land Protested (Despite Abusive Threats From Management) and a Strike is Reportedly Next

    EPO management in Rijswijk tried hard to prevent workers from protesting on their free time (lunch break), reaffirming that same old belief that nothing is changing at the EPO and nothing will change without truly disruptive action



  9. IRC Proceedings: Wednesday, November 13, 2019

    IRC logs for Wednesday, November 13, 2019



  10. Links 13/11/2019: Docker Enterprise Bought, WordPress 5.3, Qt 5.12.6 Released

    Links for the day



  11. Rebranding Malware and Spyware as 'Linux' to Dilute the Brand (and the News)

    Signal-to-noise ratio continues to be reduced, as a lot of "Linux" news has nothing to do with GNU/Linux or even with Free software



  12. Understanding Thierry Breton: In the Beginning...

    Career roundup of Thierry Breton, possibly the next EU Commissioner



  13. Startpage Has Been Delisted, But it Ought to be Blacklisted

    Startpage has just warned its fans (I am a former fan) of what Startpage itself covertly became months back



  14. IRC Proceedings: Tuesday, November 12, 2019

    IRC logs for Tuesday, November 12, 2019



  15. Links 12/11/2019: Plasma 5.17.3, More Intel Defects, Bytecode Alliance

    Links for the day



  16. You've Gotta Go When You've Gotta Go

    How most staff of the European Patent Office (EPO) feels these days



  17. Teaser: Thierry Breton and His Disquieting Past

    "The company attracted notoriety and loathing in the UK for its role in assessing disability benefit eligibility."



  18. EPO and EU: People Behind the Faces

    It’s no secret that the EPO breaks the law and European officials have taken no concrete steps to intervene; to make matters worse, potentially new EPO allies may soon be put in charge of the EU Commission



  19. Maintaining the 'Delete Github' page

    "This list really is a starting point, which can hopefully increase awareness about the issue of concern."



  20. Linux Foundation Picking Money

    The dating standards of the Linux Foundation



  21. Microsoft 'Borrows' the Linux Brand

    With help from the likes of the Linux Foundation Microsoft continues to misuse and ‘dilute’ the Linux brand (and registered trademark)



  22. EPO Corruption Compared to Cocaine Scandals in Antwerp

    Days after the Dutch protest discussion is sort of 'uncorked' regarding EPO corruption (published, as usual, in the form of anonymous comments)



  23. SUEPO Showed That the Media Won't Cover EPO Corruption Until Half the Workers March in the Streets

    What ought to have been a central (if not 'the' central) issue of debate in Europe is still being treated as borderline irrelevant or marginal



  24. Meanwhile in California

    News from California is being spun by Microsoft this week, owing to weak journalism that's more like PR than journalism



  25. Privacy-Centric Services and Even Drupal/Acquia Defect to the Camp of Mass Surveillance

    In search of money [pun intended] companies and services that are supposed to respect their customers and users turn out to be doing the opposite; this merits research and public discussions



  26. IRC Proceedings: Monday, November 11, 2019

    IRC logs for Monday, November 11, 2019



  27. Links 12/11/2019: Sparky 2019.11 Special Editions and Twisted 19.10.0 Released

    Links for the day



  28. Microsoft's Abduction of the Voice of Its Opposition Highlights the Urgency of the Movement/Campaign to Delete GitHub

    Microsoft understands that by entrapping FOSS and GNU/Linux inside proprietary software platforms like GitHub and Azure it can utilise the false perception that it somehow speaks on behalf of both (whilst attacking both)



  29. IRC Proceedings: Sunday, November 10, 2019

    IRC logs for Sunday, November 10, 2019



  30. SUEPO Protests Against Management of the European Patent Office Brought Back Discussions About Corruption

    The atmosphere at the second-largest institution in Europe has long been toxic; now it is becoming a lot more visible again and comments highlight the reasons for the cover-up (gross misuse of billions of euros)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts