EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

07.01.15

The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Posted in Free/Libre Software, FUD, Security at 5:39 am by Dr. Roy Schestowitz

Bugs
Image courtesy of Red Hat, demonstrating lack of correlation between severity and logos/brands

Summary: Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software

The corporate media is in the business of selling (for corporations), not informing. Advertising is the business model, as well as media ‘partnerships’ (euphemism for PR). Security firms too are in the business of selling, not informing. Misinformation often helps improve sales. We have already ranted quite a lot about media misdirection, designed to sell products or malign the competitors of those who try to sell unnecessary products. We must assume that this is happening because it has always been happening; it’s just that it got a lot more frequent now that Free/libre is more widely used.

The other day IDG published some promotion of Veracode. To quote one paragraph: “The scale of the problem is significant. Cryptographic issues are the second most common type of flaws affecting applications across all industries, according to a report this week by application security firm Veracode.”

This is not an independent security researcher; it is the Black Duck-connected Veracode (Black Duck came from Microsoft and VeraCode’s co-founder recently joined Black Duck), which overlooks security issues with proprietary software. Veracode is not an objective observer; it is trying to sell something. Sonatype too, a nasty company which we wrote about before [1, 2, 3, 4, 5, 6], rears its ugly head in the media, in an article provocatively titled “Open-Source Code Can Be More Dangerous Than Useful”.

So Sonatype has launched yet another FUD attack on Free software, using myths and rhetoric, capitalising on gullible ‘journalists’ who would print just about anything, along with clueless pasting of bugs with logos (for extra fear), no discussion about severe bugs in proprietary software, and many other issues. This article is relaying marketing from Sonatype and dramatises it even further. “It gets worse,” says the writer, “according to Sonatype: Many of the software companies that have built insecurities right into their products wouldn’t be able to tell which of their applications are affected by a known component flaw because of poor inventory practices.”

Well, proprietary software deliberately adds flaws to act as secret back doors. How about that in the discussion? The article totally omits that. The article then adds some talking points from the FOSS-hostile Symantec, another company which tries to sell its proprietary software based on perceptions of insecurity.

Thankfully, there are a couple of comments there (below the article) that highlight the issues with the article; both are titled “Not only open source…”

As Free/libre software becomes more mainstream we should expect more parasites like Sonatype to look out for fools who are willing to do their marketing, monetising trash-talk.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email
  • Slashdot

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. IRC Proceedings: Tuesday, September 22, 2020

    IRC logs for Tuesday, September 22, 2020



  2. The Latest Greenwashing Campaign by the EPO is Just 'Chinese Propaganda'

    When the EPO speaks of “innovation” and “clean energy transition” it means nothing but patents on batteries, in effect monopolies being granted in Europe (to a lot of Asian — not European — companies)



  3. Links 23/9/2020: Librem 14 Shipping in December, Linux Journal Returns, Istio 1.6.10 Released, Release Candidate 3 of LLVM 11.0

    Links for the day



  4. Welcome Back, Linux Journal!

    Linux Journal is coming back under the ownership/umbrella of Slashdot folks, who are sadly preoccupied and obsessed with Microsoft talking points and PR campaigns



  5. What the Efforts to Remove Dr. Stallman Reveal About the Agenda of Large Corporations (Looking to Absorb the Competition, Remove Freedom, Spread Proprietary Software in 'Open' Clothing)

    Richard Stallman's (RMS) positions and foresight are usually correct; at the moment we're losing access to key people whose leadership positions are essential for the independence of cornerstone projects



  6. Links 22/9/2020: Tails 4.11, Linux Lite 5.2 RC1

    Links for the day



  7. Minimalism for Maximisation of Productivity and Clutter Mitigation

    Unfortunately, GNU/Linux (especially the latter, Linux) embraces bloat and anti-features in pursuit of sales (appeasing large corporations, not users’ needs), reducing the modularity, reliability and productivity of computer systems in the name of helping “dumb” users (they keep telling us people are very dumb and those who disagree are “elitist” and “extremist” or even “neckbeards” — in effect insulting every person out there)



  8. IRC Proceedings: Monday, September 21, 2020

    IRC logs for Monday, September 21, 2020



  9. Post-Coronavirus Linux.com Became Nothing But a SPAM Site

    As per the Linux Foundation‘s very own brochure, scripted and fake ‘interviews’ are to be produced and then edited/negotiated (before publication) with the sponsor… in Linux.com as the platform. This is corruption (or marketing, one might call them de facto ads presented as fake ‘articles’).



  10. Erosion of Free Speech and Tolerance of Opposing Viewpoints in Free Software Communities

    The concept of free speech is being reinvented by oversensitive people who nowadays expand the list of exclusions/exemptions (from scope of 'permissible' speech) to politics and criticism of large and highly abusive corporations



  11. Links 21/9/2020: PlasmaShell With Vulkan, Plasma Beta Review Day, OpenMediaVault 5.5.11

    Links for the day



  12. Guest Post: The Worrying State of Political Judgement in Free Software Communities

    A look at what Mozilla has become and what that teaches us about the Web and about software



  13. Links 21/9/2020: KTechLab 0.50.0, Linux 5.9 RC6

    Links for the day



  14. IRC Proceedings: Sunday, September 20, 2020

    IRC logs for Sunday, September 20, 2020



  15. Git is Free Software, GitHub is Proprietary Trap

    More and more people all around the world understand that putting their fruit of labour in Microsoft's proprietary (but 'free') prison is misguided; the only vault they have is for human beings, not code



  16. Daniel Pocock on Codes of Conduct and Their Potential Dangers in Practice

    In Debian we’ve already witnessed several examples where Codes of Conduct, if put in the wrong hands (in the Linux Foundation it’s corporate hands), can achieve the very opposite of their intended goal and its a true shame as well as a travesty for legitimate victims of real abuse



  17. Links 20/9/2020: Flameshot Screenshot Tool 0.8, Okular Improvements and More

    Links for the day



  18. Reminder: Vice Chair of the Linux Foundation's Board is an Oracle Executive Who Used to Work for Microsoft

    The Linux Foundation issued statements to the effect of opposing Donald Trump, but its current leadership (people from companies like Oracle, Microsoft and IBM) is a strong proponent of doing as much business as possible with Trump (even in violation of international law)



  19. [Meme] How to Hijack Linux and Free Software to Make Them Proprietary and Microsoft-Controlled

    Intel keeps outsourcing almost everything (that's not proprietary with back doors, e.g. ME) to Microsoft's proprietary software prison, known as GitHub; to make matters worse, Intel now uses the Microsoft-hosted Rust to develop in Microsoft servers, along with Microsoft, code that promotes Microsoft proprietary software (e.g. Hyper-V) and non-standard 'extensions'.



  20. DDOS Attacks Against Us Lately

    (Distributed) Denial-of-service attacks or DDOS attacks have slowed down the site, but we treat that as evidence of suppression and fear (of what's to come and what was recently published), or accuracy (in reporting) rather than inaccuracy



  21. [Meme] Windows as Dead Man Walking (Patches Accelerate the Death)

    Microsoft is squeezing whatever life is left in its “burning platform” (which is already exceeded in terms of market share by Android) that has a "burning" (bricked) WSL with barely any users and plenty of critical problems



  22. We Let Them Get Away With Murder, But They Make up for It by Banning Words

    The Microsoft propaganda machines (notably ZDNet this weekend) are busy portraying Microsoft as a “good company” for censoring words, never mind the actual, meaningful, substantial actions of Microsoft, which is boosting authoritarian people who imprison even babies (for the ‘crime’ of being on the ‘wrong’ side of the border)



  23. High-Profile and Invalid (Invalidated) European Patents Harm the Presumption of Validity of European Patents

    The EPO's 'printing machine' (over-producing patent monopolies) is harming the legal certainty associated with such patents, helping nobody but deep-pocketed monopolists and law firms



  24. Epitaph for (Death of) Patent-Centric Media: Litigation Giant Bird & Bird Nowadays Doing Ads as 'Podcasts' in Think Tank Site 'Managing IP'

    Publishers don't hesitate and openly revel in taking bribes as if it's a badge of honour or importance, allowing themselves to be profoundly corrupted in pursuit of quick cash; we discuss what's happening in sites that pretend to cover patent news (but actually drive agenda of litigation giants, to the detriment of actual innovators)



  25. IRC Proceedings: Saturday, September 19, 2020

    IRC logs for Saturday, September 19, 2020



  26. Links 20/9/2020: 4MLinux 34.0 Released, September Release and EndeavourOS for ARM

    Links for the day



  27. Video: Free Communication With Free Software - Daniel Pocock - FOSSASIA Summit 2016

    The 2016 FOSSASIA talk from Daniel Pocock (Debian) about Free software alternatives to Google, Microsoft Skype and so on (Microsoft started paying Debian in 2016)



  28. [Meme] Microsoft Downtime... Now in 'Linux' (Wait a Month for Microsoft to Restore Uptime)

    Microsoft’s utter failure that is "WSL2" is bringing the failures Windows is so notorious for (loss of work, lack of security, fatal patches) to so-called ‘Linux’; the timeframe for a fix says a lot about just how much Microsoft “loves” Linux…



  29. Coming Soon: Microsoft Leaks (Which Microsoft Pressured Medium to Suppress and Promptly Unpublish)

    Microsoft is no ordinary company; exposing it is like dealing with the Mafia or some drug cartel in Mexico, but we're able to publish truths about Microsoft nonetheless (their notorious intimidation and silencing attempts have always failed against us)



  30. Dishonest Corporations -- Like Smug Politicians -- Pretend to be Something They're Not

    Corporate lies dominate the media, having been crafted by unethical marketing departments with their photo ops and hashtags


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts