Bonum Certa Men Certa
The Latest Microsoft Strategy: Embrace, Extend, Deceive, Abuse and Diffuse | Links 7/2/2015: Manjaro 0.8.12, Korora 21

Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Skulls



Summary: Parasites that take advantage of public panic and lack of comprehension are occupying paper space, as usual

LAST WEEK we wrote about the overblown threat called/dubbed "GHOST" (all capital letters) by the company seeking to make money from it despite being only the third to discover it and knowing it was not much of a big deal. We have not yet heard about any major exploit, which pretty much can be said about the OpenSSL bug as well (this one too was discovered by two entities before a Microsoft-connected firm irresponsibly publicised it, giving it a name and a logo to sell its own services and spread FOSS-hostile FUD for many months to come). What unifies the GLibC and OpenSSL bugs is that they got "brand recognition" very quickly. It was like a marketing campaign rather than a non-alarmist discussion about security -- something that non-technical/technically-illiterate journalists would surely fail at.



"As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame."Days ago we saw the most FOSS-hostile IDG Web site becoming a platform of Black Duck, a Microsoft-connected firm that sells proprietary software by spreading and accentuating fear of FOSS. The article at hand uses bugs with "branding" to spook FOSS users while Black Duck, paying to publish this self-promotional press release on the same day, is still pretending to be an authority in FOSS.

The bugs with "branding" were also exploited by Veracode in this article (on the same day) and as Eric Lorenzo pointed out: "If businesses don't update legacy software, often they will will have bugs fixed in later versions! Shock!"

"I wonder what percentage of businesses are using obsolete Windows without updates," he added.

As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame. It not only sports back doors but is also badly designed and won't patch known critical holes. It is basically designed to be not secure.

When it comes to reporting on computer security, the corporate press has almost zero legitimacy. All it knows is brands and it is eager to promote corporate partners that piggyback those brands (like "heartbleed") or stories (Anthem, Sony, etc.), claiming to be experts and offering remedies other than patches which were already issued and are free to apply by all.

The Latest Microsoft Strategy: Embrace, Extend, Deceive, Abuse and Diffuse | Links 7/2/2015: Manjaro 0.8.12, Korora 21

Recent Techrights' Posts

CISA Has a Microsoft Conflict of Interest Problem (CISA Cannot Achieve Its Goals, It Protects the Worst Culprit)
people from Microsoft "speaking for" "Open Source" and for "security"
[Video] Time to Acknowledge Debian Has a Real Problem and This Problem Needs to be Solved
it would make sense to try to resolve conflicts and issues, not exacerbate these
Daniel Pocock elected on ANZAC Day and anniversary of Easter Rising (FSFE Fellowship)
Reprinted with permission from Daniel Pocock
 
Mark Shuttleworth, Elio Qoshi & Debian/Ubuntu underage girls
Reprinted with permission from disguised.work
Karen Sandler, Outreachy & Debian Money in Albania
Reprinted with permission from disguised.work
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, April 25, 2024
IRC logs for Thursday, April 25, 2024
Links 26/04/2024: Facebook Collapses, Kangaroo Courts for Patents, BlizzCon Canceled Under Microsoft
Links for the day
Gemini Links 26/04/2024: Music, Philosophy, and Socialising
Links for the day
Microsoft Claims "Goodwill" Is an Asset Valued at $119,163,000,000, Cash Decreased From $34,704,000,000 to $19,634,000,000 and Total Liabilities Grew to $231,123,000,000
Earnings Release FY24 Q3
More Microsoft Cuts: Events Canceled, Real Sales Down Sharply
So they will call (or rebrand) everything "AI" or "Azure" or "cloud" while adding revenues from Blizzard to pretend something is growing
Links 25/04/2024: South Korean Military to Ban iPhone, Armenian Remembrance Day
Links for the day
Gemini Links 25/04/2024: SFTP, VoIP, Streaming, Full-Content Web Feeds, and Gemini Thoughts
Links for the day
Audiocasts/Shows: FLOSS Weekly and mintCast
the latest pair of episodes
[Meme] Arvind Krishna's Business Machines
He is harming Red Hat in a number of ways (he doesn't understand it) and Fedora users are running out of patience (many volunteers quit years ago)
[Video] Debian's Newfound Love of Censorship Has Become a Threat to the Entire Internet
SPI/Debian might end up with rotten tomatoes in the face
Joerg (Ganneff) Jaspert, Dalbergschule Fulda & Debian Death threats
Reprinted with permission from disguised.work
Amber Heard, Junior Female Developers & Debian Embezzlement
Reprinted with permission from disguised.work
[Video] IBM's Poor Results Reinforce the Idea of Mass Layoffs on the Way (Just Like at Microsoft)
it seems likely Red Hat layoffs are in the making
Ulrike Uhlig & Debian, the $200,000 woman who quit
Reprinted with permission from disguised.work
IRC Proceedings: Wednesday, April 24, 2024
IRC logs for Wednesday, April 24, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Links 24/04/2024: Layoffs and Shutdowns at Microsoft, Apple Sales in China Have Collapsed
Links for the day
Sexism processing travel reimbursement
Reprinted with permission from disguised.work
Girlfriends, Sex, Prostitution & Debian at DebConf22, Prizren, Kosovo
Reprinted with permission from disguised.work
Microsoft is Shutting Down Offices and Studios (Microsoft Layoffs Every Month This Year, Media Barely Mentions These)
Microsoft shutting down more offices (there have been layoffs every month this year)
Balkan women & Debian sexism, WeBoob leaks
Reprinted with permission from disguised.work
Martina Ferrari & Debian, DebConf room list: who sleeps with who?
Reprinted with permission from Daniel Pocock
Links 24/04/2024: Advances in TikTok Ban, Microsoft Lacks Security Incentives (It Profits From Breaches)
Links for the day
Gemini Links 24/04/2024: People Returning to Gemlogs, Stateless Workstations
Links for the day
Meike Reichle & Debian Dating
Reprinted with permission from disguised.work
Europe Won't be Safe From Russia Until the Last Windows PC is Turned Off (or Switched to BSDs and GNU/Linux)
Lives are at stake
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 23, 2024
IRC logs for Tuesday, April 23, 2024
[Meme] EPO: Breaking the Law as a Business Model
Total disregard for the EPO to sell more monopolies in Europe (to companies that are seldom European and in need of monopoly)
The EPO's Central Staff Committee (CSC) on New Ways of Working (NWoW) and “Bringing Teams Together” (BTT)
The latest publication from the Central Staff Committee (CSC)
Volunteers wanted: Unknown Suspects team
Reprinted with permission from Daniel Pocock
Debian trademark: where does the value come from?
Reprinted with permission from Daniel Pocock