The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Dr. Roy Schestowitz

2015-07-01 10:39:02 UTC
Modified: 2015-07-01 10:39:02 UTC

Bugs
Image courtesy of Red Hat, demonstrating lack of correlation between severity and logos/brands

Summary: Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software

The corporate media is in the business of selling (for corporations), not informing. Advertising is the business model, as well as media 'partnerships' (euphemism for PR). Security firms too are in the business of selling, not informing. Misinformation often helps improve sales. We have already ranted quite a lot about media misdirection, designed to sell products or malign the competitors of those who try to sell unnecessary products. We must assume that this is happening because it has always been happening; it's just that it got a lot more frequent now that Free/libre is more widely used.

The other day IDG published some promotion of Veracode. To quote one paragraph: "The scale of the problem is significant. Cryptographic issues are the second most common type of flaws affecting applications across all industries, according to a report this week by application security firm Veracode."

This is not an independent security researcher; it is the Black Duck-connected Veracode (Black Duck came from Microsoft and VeraCode's co-founder recently joined Black Duck), which overlooks security issues with proprietary software. Veracode is not an objective observer; it is trying to sell something. Sonatype too, a nasty company which we wrote about before [1, 2, 3, 4, 5, 6], rears its ugly head in the media, in an article provocatively titled "Open-Source Code Can Be More Dangerous Than Useful".

So Sonatype has launched yet another FUD attack on Free software, using myths and rhetoric, capitalising on gullible 'journalists' who would print just about anything, along with clueless pasting of bugs with logos (for extra fear), no discussion about severe bugs in proprietary software, and many other issues. This article is relaying marketing from Sonatype and dramatises it even further. "It gets worse," says the writer, "according to Sonatype: Many of the software companies that have built insecurities right into their products wouldn't be able to tell which of their applications are affected by a known component flaw because of poor inventory practices."

Well, proprietary software deliberately adds flaws to act as secret back doors. How about that in the discussion? The article totally omits that. The article then adds some talking points from the FOSS-hostile Symantec, another company which tries to sell its proprietary software based on perceptions of insecurity.

Thankfully, there are a couple of comments there (below the article) that highlight the issues with the article; both are titled "Not only open source..."

As Free/libre software becomes more mainstream we should expect more parasites like Sonatype to look out for fools who are willing to do their marketing, monetising trash-talk. ⬆

We Are Safe in a Modern "Tech" Society, Right?: People are safer if they control their own computing
The Way Things Are Going, They May Soon Stop Saying "Web Address" and Instead Say "Chrome Address": The Web isn't built or based around open Web standards anymore. It's centered around user-agent.
Microsoft as a Golden Cage: "I was laid off by Microsoft and can't find a job. I'm weeks away from giving up my apartment and moving across the country to live with family."
Weekend Discussion About How IBM's Bluewashing of Red Hat Will Cause "Enshittification" for Users: "I worked at a software company that was acquired by IBM so I knew it was game over for RedHat the day they were acquired"
Brett Wilson LLP Getting Sued by Its Very Own Clients, a Legal Story That Has Made the Mainstream News (Law360): Law360 or Law.com are about as mainstream as one can get in that "sector" (litigation 'industry')
Lucas Nussbaum & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
The Same People Who Attacked Richard Stallman (RMS) Are Attacking Daniel Pocock to Discourage People From Listening to His Information: Pocock is being demonised for the same reasons and by the same people who attack RMS
Your Typical Anti-Richard Stallman (RMS) Cancellist: "About the RMS cancellation"
Richard Stallman (RMS) Has Announced His Talk in Rome Less Than 20 Hours in Advance (and on a Sunday): Why did he wait until the night before?
GNU Tools Cauldron Event in Portugal: Videos Now Available via Invidious: Go have a look
Slopwatch: GNU/Linux Sites That Became Slopfarms and Spamfarms: The Web is a mess and "Linux" or "Ubuntu" sites became part of the problem
Richard Stallman's Talk 25 Hours Away, Aula Magna Palazzo del Rettorato (CU001), Sapienza Università di Roma (Piazzale Aldo Moro, 5): The talk is 25 hours away and we see some QR code for it
Gemini Links 12/10/2025: Watches, the Depression of 2026, Gamboling with Odds: Links for the day
Links 12/10/2025: 'False' DMCA Claims and Slop Facing Perils Again (the Hype Wears Off): Links for the day
Microsoft Has Just Lost Privacy Case in Austria and Its Latest Moves Make a Complete Ban Seem Imperative: Microsoft is not a software company, it's a spying agency that uses software to collect data
The Register MS: Microsoft is the Security Expert, Not the Prime Culprit, So Buy More Microsoft: This front page feature is devoid of any actual substance, it's just Microsoft copypasta
Paris 'Love Nest' & Debian Outreachy: from Lycée Lakanal to ENS Cachan, Cr@ns, nepotism: Reprinted with permission from Daniel Pocock
Stefano Zacchiroli (Zack) & Debian pregnancy cluster: Reprinted with permission from Daniel Pocock
Gemini Links 12/10/2025: "Palm Computering", Further Exploration of Slide Rules, and Key Takeaways from The Well-Grounded Rubyist: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, October 11, 2025: IRC logs for Saturday, October 11, 2025
Tomorrow: Founder of the Free Software Foundation and of GNU/Linux, Richard Stallman, Speaks in Roma (Rome), Italy at 4PM: GNU/Linux is more important than ever in this dystopian world
Microsoft and Apple Are Rare Topics in Geminispace: in Geminispace it's rather safe to assume everyone is into BSD, GNU/Linux, and sometimes retro
Qualcomm and Manchester United Appear to Have Dumped Microsoft (Qualcomm Now Invests More in Linux, Apparently): It's a relief to no longer see Microsoft logos and brands on a local football club's gear (I'm not a Manchester United fan, but not a foe either)
As Guest of Honour in Rome, Founder of the Free Software Foundation to Speak ("Distinguished Lecture") After Introduction by Leonardo Querzoni: Happy hacking...
All Things Open is Proprietary: The OSI has become a front group of proprietary software openwashers, led and sponsored by proprietary giants
When Microsoft Lays Off Lots of Workers They Say It "Invests in AI" (a Lie), Now It's "Reshuffles" or "Microsoft Tightens": Microsoft "news" by bots
"I saw Richard Stallman give a talk in the mid 80s, which began my fear and loathing of software patents" and "Richard Stallman was always right.": "By betraying the legacy of our ancestors, we’ve set ourselves on a path toward self-destruction — moral, intellectual, economic, and ultimately biological."
There Were Several Waves of Microsoft Shanghai Layoffs in 2025, Western Media Continues to Turn a Blind Eye to Chinese Layoffs of an Epic Scale: Sometimes select Taiwanese news sites (published in English) or automated translations are all we have
Brett Wilson LLP Spreads Trumpism to the United Kingdom, Looking to Profit From 'Legal Colonialism' (Overriding Sovereignty): There's growing recognition of this conundrum worldwide
The Demise of Shopping in Person: In a world like this, how valued is the customer?
This Past Friday, "Nearly 700 People Came to Listen to RMS!" (Richard Stallman): "Nearly 700 people came to listen to RMS!"
Distinguished Lecture by Richard Stallman This Coming Monday in Rome: After "Free software, Crucial for Freedom in a Digital World"
Slopwatch: UbuntuPIT Churning Out Plagiarism and the Slopfarm LinuxSecurity Turns to Pseudonyms: Our hunch is, UbuntuPIT will sooner or later realise that this toxic approach is just harming UbuntuPIT and tainting the reputation of past articles
The Lawsuit by Clients of Brett Wilson LLP Against Brett Wilson LLP is Officially On, It is Progressing, The 'Experts' Pick Outside Law Firms (RPC and Mills & Reeve) to Spare Them From Litigants in Person: So it is probably quite potent
Gemini Links 11/10/2025: Nyctography, Gerrymandering, and Lurking: Links for the day
The 'Culture Wars' in Free Software Have Gone Out of Control: Social control media amplifies such utterly infantile discourse
Teaser: To Compensate for the Fact Our Clients Are Terrible Human Beings Who Strangle Women (While on Microsoft's Payroll) and We Get Paid by Mystery Parties We Bombard You and Your Wife With Almost 10 Kilograms of Legal Papers: If you can't win an argument, then drown the other side with papers?
Links 11/10/2025: World Mental Health Day 2025, Another European Legal Defeat for Microsoft 360: Links for the day
MIT Technology Review is Part-Time SPAMfarm of Billionaires and Mega-Corporations: Does MIT operate its own "b2b" SPAMfarm?
Open Source Initiative Executive Director Leaves, Replacement Sought by Monopolists, Not the Community or OSI Members: Serves to show who runs this show...
Links 11/10/2025: China-US Tensions Grow Again, "Hey Hi" More Widely Recognised as Bubble Made of Capital That Doesn't Exist: Links for the day
Now Confirmed in Western Media: Microsoft Azure Layoffs This Month: Affirmed by more sources moments ago
Peter O'Callaghan QC represented grandparents, Westernport Hotel, at Liquor Royal Commission: Reprinted with permission from Daniel Pocock
Either The Register MS Divests From FOSS Coverage or Liam Proven is on Long Holiday: Publishers perish when their audience loses trust in them
Microsoft Cancelling Another Datacentre is a Sign of Financial Trouble and Lack of Growth: The debt continues to grow
Gemini Links 11/10/2025: An Evening at the Fair and Fast Fourier Friday: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, October 10, 2025: IRC logs for Friday, October 10, 2025
Geminispace is Very Large: The word continues to spread and the number of participants grows
Another Wave of Microsoft Layoffs, This Time During National Day Holiday: This time it's China again
10 Out of 10: RMS Attracts Massive Audience in Göteborg, Sweden (All Seats Occupied, Some People Standing): a 55-second clip of his talk
Staying Happy in Times of Crackdowns on Civil Society: Optimism in this sort of "new reality" or "new normal" seems like something for the irrational person
"Nobel" Exploited Posthumously for "AI" Hype, Now They Do the Same With "Quantum": ere have been many jokes about "Nobel" for peace (often granted to pro-war people) and a fake one for "Economics" (establishment propaganda)
Slopwatch: Plagiarism and "Linux" Articles by Bots: Sites that do this won't survive; many of them rely on slop services (suppliers) that will cease to exist after the bubble bursts
Links 10/10/2025: Putin Admits Russia Downed Azerbaijan Airlines Jet, More New Heat Records: Links for the day
Noteworthy Claim That IBM is Firing a Lot of Lawyers This Week (RAs in the Legal Department): A lot of what they do is patent 'trolling' or lawyering up against their own staff (e.g. HR disputes)
Links 10/10/2025: US Judge Bars Attacks by ICE On Journalists and Protesters; “We Took The Freedom of Speech Away” Says the President: Links for the day
Slopwatch: Serial Sloppers, Google News Gifting Slopfarms, and Fake News/Plagiarism About "Linux": Google itself is a slop pusher these days
Qualcomm, the New Owner of Arduino, Blasted for Its Software Patents Tax on 'Smartphones': A lot of Qualcomm's patents are on software. We wrote about this in prior years.
XBox Layoffs Rumours, Downtime, and Criticism From XBox Co-Founder: "everyone is ditching the xbox."
Links 10/10/2025: Honoring The Legacy Of Robert Murray-Smith, Many Articles on the Hey Hi (AI) Bubble: Links for the day
Gemini Links 09/10/2025: October Gothic and Reading Middle Earth Role Playing; C and Ada: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, October 09, 2025: IRC logs for Thursday, October 09, 2025

The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Recent Techrights' Posts