The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Dr. Roy Schestowitz

2015-07-01 10:39:02 UTC
Modified: 2015-07-01 10:39:02 UTC

Bugs
Image courtesy of Red Hat, demonstrating lack of correlation between severity and logos/brands

Summary: Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software

The corporate media is in the business of selling (for corporations), not informing. Advertising is the business model, as well as media 'partnerships' (euphemism for PR). Security firms too are in the business of selling, not informing. Misinformation often helps improve sales. We have already ranted quite a lot about media misdirection, designed to sell products or malign the competitors of those who try to sell unnecessary products. We must assume that this is happening because it has always been happening; it's just that it got a lot more frequent now that Free/libre is more widely used.

The other day IDG published some promotion of Veracode. To quote one paragraph: "The scale of the problem is significant. Cryptographic issues are the second most common type of flaws affecting applications across all industries, according to a report this week by application security firm Veracode."

This is not an independent security researcher; it is the Black Duck-connected Veracode (Black Duck came from Microsoft and VeraCode's co-founder recently joined Black Duck), which overlooks security issues with proprietary software. Veracode is not an objective observer; it is trying to sell something. Sonatype too, a nasty company which we wrote about before [1, 2, 3, 4, 5, 6], rears its ugly head in the media, in an article provocatively titled "Open-Source Code Can Be More Dangerous Than Useful".

So Sonatype has launched yet another FUD attack on Free software, using myths and rhetoric, capitalising on gullible 'journalists' who would print just about anything, along with clueless pasting of bugs with logos (for extra fear), no discussion about severe bugs in proprietary software, and many other issues. This article is relaying marketing from Sonatype and dramatises it even further. "It gets worse," says the writer, "according to Sonatype: Many of the software companies that have built insecurities right into their products wouldn't be able to tell which of their applications are affected by a known component flaw because of poor inventory practices."

Well, proprietary software deliberately adds flaws to act as secret back doors. How about that in the discussion? The article totally omits that. The article then adds some talking points from the FOSS-hostile Symantec, another company which tries to sell its proprietary software based on perceptions of insecurity.

Thankfully, there are a couple of comments there (below the article) that highlight the issues with the article; both are titled "Not only open source..."

As Free/libre software becomes more mainstream we should expect more parasites like Sonatype to look out for fools who are willing to do their marketing, monetising trash-talk. ⬆

GNU/Linux Seen as Rising to 20% in Eritrea, But That's statCounter Identifying "Unknown" as GNU/Linux: What if statCounter managed to figure out what all those "unknowns" are?
Garrett Does Not Just Try to Cover Up for Himself, He's Clearly Covering Up for His Mates From Microsoft (and Admits Third Parties Fund His Litigation, With Their Legal Bills Estimates Already Approaching $1,000,000): They have already sent us about 75 KG of legal papers. How is any judge supposed to keep up?
Richard Stallman in the United States - Part IV - Back to Switzerland: The "cancel mob" tried to "finish off" RMS 5 years ago
Dr. Richard Stallman in Ada Lovelace Lecture Series 20 Hours From Now in Lucerne School of Computer Science and Information Technology (Rotkreuz): Well-connected and affluent corporations want everything to be controlled by them, ranging from culture to words and news
Threats Issued to Daniel Pocock Having Launched the JuristGate Web Site Which Covers Financial Fraud in "Legal Insurance" Clothing: Is our world governed by laws or by rich corporations (or nations/superpowers) with well-connected lawyers/politicians?
International Women's Day: At the EPO, for Women to Become Managers They Need to Sleep With Well-connected Men and Mingle With Corrupt Men: Sunday is International Women's Day
Dr. Richard Stallman Starts His Talks in Switzerland in 8 Hours: They try to assess how many people plan to attend to ensure everyone gets a seat (without compromising the privacy/identity of those attending)
IBM Red Hat Layoffs: It's Not About "AI": "Automation" is not "AI", it's just a generic term which can describe jobs left for machines to do, sometimes computers
Microsoft Windows Used to be Identified on Over 99% of Web Requests From Benin. Now It's Around 50%.: Or a lot less
Microsoft 'Open' 'AI' Has Severe Financial Problems, Version Inflation ("GPT-5.4") is Mindless Hype and a Misleading Distraction: In practice, both users and sponsors of ChaffGPT are fleeing
The Techrights Static Site Generator (SSG) Turns 5 Next Year: It's still under active development in our Git servers
New XBox Boss (Sharma) Implicitly Confirmed XBox (the Console) is Now Dead: Vista 11 is now also known as "XBox"
Murder as a 'Joke' to GAFAM People (Sociopathy): When it comes to Microsoft and Salesforce, they profit from this mentality
Microsoft ‘Project Helix’ is Just a Tweet in MElon's "X": Some "tweet" is easy, as words are cheap
Microsofters' SLAPP Censorship - Part 4 Out of 200: Rianne’s Version of Events and Narrative: today we tell Rianne's experience
EPO Staff to 'Meet' This Coming Tuesday to Plan Industrial Actions Including Upcoming Strikes: using Microsoft spyware to organise this can be an own goal because Microsoft serves the dictators, not the union that tries to topple them
Thousands of EPO Workers Rally Against EPO Management: The staff is furious to see what became of the EPC and the EPO. This is not sustainable.
In Argentina Firefox is Measured at Only 1%, Google Chrome (Proprietary) at About 90%: And it has long been that way
IBM's March 2026 Layoffs Already Happening (to Accelerate Soon in Europe and America): We're probably seeing some of the last years of IBM and it's anything but certain that IBM can survive the coming decade
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, March 05, 2026: IRC logs for Thursday, March 05, 2026
Gemini Links 05/03/2026: Industrial Panettone, Cancel, and LLMs: Links for the day
It's Not "AI", IBM is Collapsing Due to Financial Difficulties, "All Small Country Offices Will Close": IBM is in trouble. Insiders know it.
"AI Companies" Running Out of Money, GAFAM Layoffs Are Signs of Weakness, Not "AI Efficiency" or Novelty: In the past, this term ("AI") had another meaning and connotation
Libel/Defamation Law Does Not Exist to Cover up Crimes: The projection tactics are nothing new
Myanmar/Burma: Growing Acceptance of GNU/Linux, Big Losses for Windows: GNU/Linux has come close to 5% there
Without IBM, Microsoft Would Not Have Taken Off. Both Companies Need to be 'Taken Down'.: Maybe it's time to boycott IBM as well
'Former' Red Hat Staff Upset That Techrights Covers IBM Accounting Problems: Are we touching a sensitive subject at IBM?
Ubuntu is Controlled by a Youngster From the British Army (Background in Mass Surveillance), So One Can Expect Ubuntu to Not Respect Privacy: "Canonical is aware of the legislation and is reviewing it internally with legal counsel"
IBM Hates Computer Freedom. This Means Red Hat Too is an Enemy of Software Freedom.: A summary of Fedora's position when it comes to "attestation"
IBM Union Says Many IBM Layoffs in Europe, With Netherlands and Belgium Confirmed, Allegedly Italy Soon (200 Layoffs): IBM's demise will harm Red Hat and already harms Red Hat, according to whistleblowers
Microsoft and Microsoft's 'Open' 'AI' Seeking Bailout From the Pentagon Means Brand Erosion: Microsoft and its offshoots growing more and more dependent on military ("defence"; "Department of War") budget
Another EPO Strike a Fortnight From Now, Local Staff Committee Munich (LSCMN) Shares 127-Page Document Explaining How Policies Impact EPO Staff: The Office is circling down the drain
Microsofters' SLAPP Censorship - Part 3 Out of 200: A More In-Depth Breakdown: presents the narrative in a less chronological and more logically coherent fashion
2026 Seems Like (Potentially) the Last Year of Slop Drowning News Sites: Sites that do so perish [...] It's getting hard to find slop in news sites which cover "Linux" because many gave up
Links 05/03/2026: New LexisNexis Data Breach Confirmed, "Goldman Sachs Head During Financial Crisis Says He “Smells” a Similar Crash Coming": Links for the day
"Silent Layoffs" or "Forever Layoffs" at IBM and Red Hat (After Bluewashing): Like every day (all day long) we can see people who leave IBM and say something that's based on a 'script'
Free Software Foundation (FSF) and Others Promoting String of RMS Talks, Starting Tomorrow in Lucerne School of Computer Science and Information Technology: Well done, FSF!
Links 05/03/2026: A Bet Against Substack, American Government Openly Hostile Towards Environment: Links for the day
Gemini Links 05/03/2026: Greed and Sentiments Shifting Against Slop: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 04, 2026: IRC logs for Wednesday, March 04, 2026
FSF Promoting Richard M. Stallman (RMS) Talk in Switzerland in Just Over a Day From Now: RMS may have more talks on the way
Why Slop Will Flop - Part IV - We've Seen the End of It: Some years ago they insisted blockchains would revolutionise everything
Android is Proprietary 'Linux' and It Becomes More Malicious Over Time, Google Only Delayed What It Planned All Along: Google is a proprietary software giant, GSoC is only a distraction and confusion
Links 04/03/2026: Scam Altman Causes Chatbot Sub Numbers to Plunge, "Stocks Drop as Inflation Risk Emerges": Links for the day
Why Slop Will Flop - Part III - Our Relationship With Slop (and Yours): I never - except inadvertently - "used" an LLM-based chatbot
Why Slop Will Flop - Part II - Devil in the Details: News sites or social control media sites which tolerate slop are digging their own grave
Simpler Means Faster: Do you know your bottlenecks?
Gemini Links 04/03/2026: About a Missing Symbol and "Good Manners": Links for the day
The Register MS Takes Money From Chinese Surveillance Threat to Promote a Ponzi Scheme: "Sponsored by Huawei."
Nicaragua's GNU/Linux Usage Measured at Over 8% by statCounter: Nicaragua is a poor country, but it also has rich culture
Why Slop Will Flop - Part I - Slop Fatigue Prevalent: See, sooner or later people (audiences of colleagues) find out and as soon as they find out you are slopping, they will lose interest
Microsofters' SLAPP Censorship - Part 2 Out of 200: Detailed Timeline From 2012 (Attack on Reporters That Question Restricted Boot) to 2024 (Lawsuit Against Reporter and His Wife in Another Continent): we reproduce a document produced 2 years ago to give people more context and more facts
Links 04/03/2026: "The EU moves to kill infinite scrolling" and a call to "Nationalize Amazon": Links for the day
Coming Soon: Evidence of Abuse in Our IRC Network: IRC's freedom can sometimes be its 'weakness' if not properly guarded
High GNU/Linux Adoption in Brunei Darussalam: It's worth noting (or at least noticing) that Microsoft loses ground in some of the countries where the government contracts paid the most
Media Blackout Reducing or Preventing Press Coverage of Microsoft Layoffs in 2026: Worse yet, there will be gaslighting and deceit
GNU/Linux in Laptops/Desktops Still Matters, It's Likely the Only Way to Achieve Software Freedom: Software Freedom requires all sorts of things at the "OS level"
Gemini Links 04/03/2026: The Garnet Star, The Hunt, The SYN Attacks: Links for the day
The EPO's General Consultative Committee (GCC) Discussion Illuminates How Much Worse Things Have Gotten ("on Strike and Participated in the 'Meeting'"): a videoconference - not a physical meeting - discussed EPO policies
Free Software Foundation Supports Its Founder, Advertises His Talks in Switzerland: When you suppress voices, assuming the reasons for suppression are bunk, it is always bound to backfire very badly
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, March 03, 2026: IRC logs for Tuesday, March 03, 2026

The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Recent Techrights' Posts