Publicado in FUD, GNU/Linux at 6:18 am por el Dr. Roy Schestowitz
Sacando a la luz el aberrante y engañoso modelo de los presentes Medios de Comunicación
Summario: Un sitio llamado Linux Insider, que mucha gente asume ser un sitio de noticias de Linux, esta RELLENO de material HÓSTIL a Linux proveniente de personas asalariadas de Microsoft
El ¨cancer¨ (en la Red) que es IDG (dominante cubridor de tecnología en muchos lenguajes y usualmente atacando a GNU/Linux mientras al mismo tiempo ACEPTANDO DINERO de Microsoft y Apple) está oficialmente a la venta por contrato, pero al mismo tiempo vemos que no sólo sus ¨periodistas¨ pero también sus otros empleados (ejemplo IDC) están produciendo propaganda hóstil a FOSS. Esto tiene que acabar. Un montón de gente todavía se queja acerca Gale Gruman (incluso en nuestros canales IRC) por sus últimos ATAQUES ENGAÑOSOS GRATITOUS contra GNU/Linux, pero el problema es mucho más amplio que esto y hemos estado escribiendo acerca de ello por cási una década.
“Linux Insider ¨Propaganda de Microsoft que ´parece´ noticias de Linux¨.”Richard Adhikari, quien por un número de años ha publicad muchas piezas anti-Linux (or anti-Android) como esta, usualmente alrededor de líneas como el tema de ¨seguridad¨, está hablando a Hilwa de Microsoft. Bueno, no es tán malo como hablar al trístemente célebre Enderle (lo que ECT hace frecuentemente, permitiéndole TIRAR BARRO A LOS COMPETIDORES DE MICROSOFT sin revelar sus lazos con Microsoft) (y también lo han hecho otros) Esta vez él ayuda a promover el marketing de Black Duck, una firma anti-FOSS que proviene de Microsoft. Para citar partes de esta pieza promocional de Adhikari, (PROMOVIENDO TEMOR A FOSS E INCREMENTAR las ventas de Black Duck):
¨Los containers han capturado la imaginación de los desarrolladores por que proveen convenientes paquetes para el desarrollo,¨ dijo Al Hilwa, un director de investigación en IDC.
¨Hemos estado esperándo una variedad de herramiéntas de desarrollo para agregar apoyo a containers, y en este contexto, tiene perfecto sentido ver líderes en scanning de código como Black Duck apoyar Docker containers,¨ dijo a LinuxInsider.
Herramientas de escáneo nos permite mayores seguras implementaciones, pero los desarrolladores todavía tienen que tomar acción, Hilwa de IDC dijo.
La tecnología de código scanning es análoga a software para scanning de virues, continuó.
¨Un repositorio de metadata para vulnerabilidades o firmas tiene que ser mantenida, y el código es scaneado basado en esto.¨ Hilwa said. ¨The role of the software para scanning es para mantener esta metadata actualizada.¨
¿Sabe Adhikari de dónde proviene Black Duck? ¿Chequeó de dónde Al Hilwa viene? Esto fué publicado en un sitio llamado Linux Insider, (A todos nuestros GNU/Linux usuarios en España y LatinoAmérica urgimos NO desperdiciar so dinero y tiempo en sus publicaciones), pero es anti-Linux huevada PROMOVIENDO A UNA FIRMA CONNECTADA A MICROSOFT, usando puntos hablantes de un ¨ANALISTA¨ conectado a Microsoft. Demuestra mucho lo MAL que están los medios de comunicacion cuyos dueños son grandes CORPORACIONES. Agradescamos que Jack Germain todavía escribe por Linux Insider y a diferencia de Adhikari él no escribe artículos atacándo a GNU/Linux. █
Send this to a friend
Demonstrating the rogue business model of much of today’s media
Summary: A site called Linux Insider, which many people may assume to be a Linux news site, is stuffed with Linux-hostile material from people who are connected to Microsoft
The ‘cancer’ (on the Web) which is IDG (dominating technology coverage in many languages and usually attacking GNU/Linux whilst accepting money from Microsoft and Apple) is officially up for sale, but in the mean time we see that not only its writers but also its other employees (e.g. in IDC) produce some FOSS-hostile propaganda. This needs to stop. A lot of people still complain about Galen Gruman (even in our IRC channels) for his latest facts-free attack on GNU/Linux, but the problem is much broader than this and we have been writing about it for almost a decade.
“This was posted in a site called Linux Insider, but it’s anti-Linux nonsense promoting a Microsoft-connected firm, using talking points from a Microsoft-connected ‘analyst’.”Richard Adhikari, who for a number of years has published many anti-Linux (or anti-Android) pieces such as this, usually along the ‘security’ theme, is now talking to Hilwa from Microsoft. Well, it’s not as bad as speaking to Enderle (which ECT does very often, allowing him to smear Microsoft’s competitors without disclosing his ties to Microsoft), but it’s still pretty bad. ECT previously spoke to him without disclosing his relationship with Microsoft (and so have others). This time he helps bolster the marketing for Black Duck, an anti-FOSS firm that came from Microsoft. To quote parts of this promotional piece from Adhikari (promoting fear of FOSS and helping Black Duck drive sales):
“Containers have caught the imagination of developers because they provide convenient bundles for deployment,” said Al Hilwa, a research program director at IDC.
“We have been expecting a variety of software development tools to add support for containers, and in this context, it makes perfect sense to see leading code-scanning players like Black Duck support Docker containers,” he told LinuxInsider.
Scanning tools do enable more secure deployments, but developers still have to take action, IDC’s Hilwa said.
Code-scanning technology is analogous to virus-scanning software, he continued.
“A repository of vulnerability metadata or signatures has to be maintained, and the code is scanned against it.” Hilwa said. “The role of the scanning software is to keep this metadata up to date.”
Does Adhikari know where Black Duck came from? Did he check where Al Hilwa came from? This was posted in a site called Linux Insider, but it’s anti-Linux nonsense promoting a Microsoft-connected firm, using talking points from a Microsoft-connected ‘analyst’. It demonstrates a lot of what’s wrong with today’s corporate media. Thankfully, Jack Germain still writes for ECT’s Linux Insider and unlike Adhikari he doesn’t just write articles that attack Linux. █
Send this to a friend
“A man never lies as much as after a hunt, during a war, and before an election.”
–Otto von Bismarck
Summary: Free/Open Source software (FOSS) is under attack again, and it’s the proprietary software lobby that’s responsible for that
EVERY now and then we see claims that Free software is very dangerous because of licensing obligations, as if proprietary software comes with no licensing obligations and potentially severe fines (if not a jail term!). We also occasionally hear about Free software being dangerous on the security side, despite proprietary software being far worse, merely hiding flaws and rarely patching them (or patching them when it’s too late). Several Web sites published this biased ‘analysis’ composed by two proprietary software ‘sales’ people (HeBS Digital’s Max Starkov and Jaan Paljasma) only a few days ago. They rely on non-technical people actually believing that there are no downsides to proprietary software. It should also be noted that, while several sites distribute this ‘article’ as though it’s an original report, it is actually more like a press release commissioned by a stakeholder. It’s not journalism and some sites fail to flag it accordingly.
In my professional capacity I have built sites using FOSS content management systems (e.g. Drupal, WordPress) for commerce, education, and more. These frameworks are so flexible and so full of modules/plug-ins that virtually everything is possible. Not even once have such sites been compromised due to security bugs (even when some existed and remained unpatched for a while).
“It should also be noted that, while several sites distribute this ‘article’ as though it’s an original report, it is actually more like a press release commissioned by a stakeholder.”Speaking of proprietary software salespeople, the Microsoft-connected Black Duck is at it again. “The study’s findings also highlighted a number of other specific ways the adoption of appropriate internal controls has not kept pace with the increasing use of open source software, leaving many organizations exposed to significant potential risks,” wrote a lawyers’ site, based on this self-promotional press release from Black Duck.
“As highlighted in the Information Week blog DARKReading,” the lawyers’ site said, actually referring to a press release, not a blog. We shall guess that it takes more than average levels of intelligence to distinguish blog posts from press releases. We can also safely assume that Black Duck hasn’t changed its ways. It’s a de facto FUD firm which uses scare tactics for sales of its proprietary software (with software patents on it).
Send this to a friend
Another Black Duck in the making? Security FUD from a firm established by champions of back doors.
Summary: Another company whose business model is monetising (and thus often enhancing) fear, uncertainty and doubt (FUD) over Free/Open Source software (FOSS) and this one too comes from Microsoft
THIS trend has grown rather tiresome. Every now and then we see Microsoft’s tentacles reaching out for areas in FOSS where there is an opportunity to badmouth FOSS. They turn Microsoft’s anti-FOSS rhetoric into their business model. They institutionalise it.
“Another Microsoft guy creates a company that says Free software is not secure and needs some proprietary software ‘medicine’.”Based on a new press release in its various forms/variations [1, 2, 3], we may have yet another OpenLogic or Black Duck in our hands. Another Microsoft guy creates a company that says Free software is not secure and needs some proprietary software ‘medicine’.
SourceClear is not even known (we never heard of it, it seemingly came out of nowhere), it’s a very young firm, and immediately it receives a lot of money and even promotional coverage from the News Corp.-owned Wall Street Journal, which is a Microsoft-friendly publication. The first sentence provides the background one needs to be aware of:
Mark Curphey worked to stamp out software bugs for about a decade as head of the security tools team at Microsoft Corp. and in several other jobs before he realized that the problem was getting worse instead of better.
To quote Gordon B-P: ‘”Worked at MS bugs for a decade” – didn’t do a very good job there then. What makes him think he’ll be able to “secure” OSS?’
Jordan Novet, who is a promoter of Microsoft as we noted the other day, covered this as well, using bug branding such as "Heartbleed", coined by a company which is strongly connected to Microsoft. “It turns out that lots of other [FOSS] libraries have exactly the same issues but have not been reported,” Novet quotes Curphey, whom he describes as “previously a former principal group program manager inside Microsoft’s developer division. [...] SourceClear started in Seattle in 2013…”
“SourceClear started in Seattle in 2013…”
–Jordan NovetWith OpenLogic, Black Duck, Codenomicon and various other Microsoft-connected (often created by Microsoft people and/or managed by Microsoft people) firms that badmouth FOSS we sure expect SourceClear to be no exception. They serve to distract from the built-in and intentional insecurities of proprietary software such as Windows, including quite famously Vista 10 where back doors are an understatement because everything is recorded and broadcast (total remote surveillance), even without a breach or an access through the back doors.
Microsoft cannot produce secure code because ‘national security’, i.e. many back doors, are a design goal. It helps Microsoft establish a ‘special relationship’ with the state and in fact it just got a contract from a highly notorious company, Taser .
Here we are in 2013 onwards — a time when simple bugs in FOSS (a defect affecting one line or two) get all the limelight and receive names, logos etc. whereas Microsoft’s critical zero-day flaws hardly make the headlines. There are many high-impact headlines that make a huge deal of fuss every time a security bug is found in Android (again, just in recent years). We suppose it’s part of a PR campaign in which Microsoft and its partners evidently participate. They are often the ones who come up with the names, logos, and much of the accompanying negative publicity. █
Related/contextual items from the news:
Microsoft has joined forces with Taser to combine the Azure cloud platform with law enforcement management tools.
In order to ensure Taser maintains a monopoly on police body cameras, the corporation acquired contracts with police departments all across the nation for the purchase of body cameras through dubious ties to certain chiefs of police.
Send this to a friend
Don’t feed black ducks
Yours truly feeding the ducks
near home earlier this year (summer)
Summary: Red Hat’s cooperation with Black Duck serves to legitimise a terrible business model, wherein fear of FOSS is being accentuated and proprietary software ‘solutions’ are being offered
YESTERDAY we became aware of Red Hat turning to Microsoft’s friend, Black Duck. It happened with little prior warning and announced with the press release calling it a “[c]ollaboration to help developers, customers and partners build and run trusted, secure applications with Red Hat container technologies” (as if these are inherently less secure than some proprietary software).
What the articles fail to mention is that Black Duck’s former top manager is from Red Hat and he came back to Red Hat after his stint at this FUD firm (see the old press release titled “Black Duck Software CEO Tim Yeaton Rejoins Red Hat to Lead Newly-Formed Infrastructure Group”). Well, the doors basically revolved, twice even. Maybe that’s why Red Hat came to Black Duck, legitimising what is effectively a parasite inside the FOSS world.
“What the articles fail to mention is that Black Duck’s former top manager is from Red Hat and he came back to Red Hat after his stint at this FUD firm…”We have already found some puff pieces about, saying little more than the press release. One of them says that “Red Hat has collaborated with Black Duck Software to establish a secure and trusted model for containerized application delivery by providing verification that application containers are free from known vulnerabilities and include only certified content. This validation is a major step forward in enabling enterprise-ready application containers, and builds upon the strengths of each company – Red Hat’s position in container technologies and solutions, including its platform and certification strategy, and Black Duck’s position as the provider of comprehensive identification and earliest notification technologies of open source vulnerabilities.”
In its marketing, Black Duck would have us believe that FOSS is terrible at security, even though proprietary software has back doors ‘baked in’ intentionally. NSA et al don’t ‘break into’ Windows any more than Microsoft does; they’re allowed access, by design, intent, and agenda. Days ago we showed how marketers from Black Duck had claimed that it can cost $25,000 to fix a bug in FOSS.
As of early this morning, this new relationship received press coverage from Serdar Yegulalp (writing for IDG), Sean Michael Kerner for QuinStreet and Steven J. Vaughan-Nichols for CBS. The way Vaughan-Nichols put it, “Red Hat and Black Duck want to make sure that when you run a container, it’s really the container you want to run and not a rogue package.”
“In many ways, Black Duck is successful as a marketing company, much like polygraph merchants (among other popular scams like homeopathy).”It sounds good on the surface, but is a proprietary dependence healthy in the long term? Based on Vaughan-Nichols, this isn’t a short-term engagement. “In the long run,” he explains (writing from Red Hat’s town), “the companies plan to include Black Duck technologies as a component of Red Hat’s container certification.”
There are some lazy publications that ended up throwing the self-promotional promotional press release around. The Indian English-speaking press sort of rewrote the press release to make it look more original. Where are the sceptics? Where is the genuine reporting? All we see are puff pieces that relay claims made in a press release.
In many ways, Black Duck is successful as a marketing company, much like polygraph merchants (among other popular scams like homeopathy). █
Send this to a friend
Fear, uncertainty, and doubt (FUD) sure is a powerful seller
Summary: The latest FUD campaign and the latest channel/distribution deal from Black Duck, a fake ‘friend’ of Free/Open Source software (FOSS)
THE Microsoft-connected (in many ways) firm Black Duck continues trying to monetise fear of FOSS — a fear that it is itself inflaming if not creating in the first place.
Based on this new article, Black Duck’s Kevin Bland, sporting a fancy job title for what is essentially a non-technical marketing role, makes some tall tales. He really wants companies to buy Black Duck’s proprietary software (with software patents on it).
“Kevin Bland,” says the article, “director of channels and alliances at Black Duck, said that developers often used existing code to speed up the process of bringing an app to fruition and there could be vulnerabilities incorporated into the fresh application.”
Right, and that never happens when people reuse proprietary software… never. Never ever! Bland’s bland spiel continues: “If you wait until launch then it can cost $25,000 per problem to remedy it but if you identify vulnerabilities during the development stage it is about $25 per vulnerability” (wow, no data to back this up, just a magical factor of 1000:1).
Making up the facts as they go along, eh? Here is the marketing announcement about it and something related to that. To quote: “Kilpatrick was speaking as it was announced that Wick Hill has been appointed value added distributor for Black Duck Software in the UK and the DACH (Germany, Austria and Switzerland) region. Black Duck is a US-based worldwide vendor, whose industry-leading products secure and manage Open Source Software, eliminating the pain related to security vulnerabilities, compliance, and operational risk. The company is partnering with Wick Hill as part of its drive to grow sales and expand its reach in the EMEA region.”
“f Wick Hill wants to expand, it probably ought to stay out of the snake oil business.”So that’s what it’s all about, sales of proprietary software. Wick Hill is desperate to expand to EMEA based on the latest news and press releases [1, 2, 3, 4], with mergers and acquisitions reportedly likely.
If Wick Hill wants to expand, it probably ought to stay out of the snake oil business. Even companies that are close to Microsoft (Xamarin for sure) have publicly dismissed Black Duck’s products as useless. What might Wick Hill attempt to distribute next? Polygraphs, which are based on pseudo-science and are a fraud which only misleading marketing can sell? █
Send this to a friend
A FUD mill, just like many national newspapers
Summary: Having spent nearly a decade promoting the fear of Free software licensing, Black Duck now does the same regarding Free software security
Black Duck, the company that virtually came from Microsoft (or a Microsoft veteran), is badmouthing security of Free/libre software again, obviously in order to sell its proprietary software but perhaps to also help proprietary software companies (like Microsoft).
“Black Duck is not part of the Free/Open Source software community but a parasite within it.”Black Duck’s CEO, according to CRN, “spoke on a panel at the MassTLC Security Conference this week, said open-source components are frequently and easily breached.
““If you want to know how to exploit open-source [projects], just go to YouTube and you’ll see how to do it. It’s that easy,” he said.”
Unlike proprietary software? Are there no YouTube videos about how to exploit or take advantage of holes in proprietary software? Nonsense. Over the years I came across quite a few, including nearly a dozen about Novell’s proprietary software (while researching Novell back in the days). The same can be said about the licensing FUD that comes out of Black Duck. Why won’t they ever speak of the BSA with its devastating effects that can sometimes bankrupt a business? Black Duck is not part of the Free/Open Source software community but a parasite within it. █
Send this to a friend
This is what Microsoft staff distributes to attendees in FOSS events:
Photo credit: Neil McAllister
Summary: Microsoft’s relentless attacks on GNU/Linux and Free software in general (even if it runs on Windows) are so evident that claims of ‘love’ remain laughable at best (if not infuriating)
MICROSOFT JUST CANNOT HELP itself. It’s like a scorpion riding a tortoise over a river. It keeps attacking GNU/Linux while claiming that it “loves Linux”. The truth is, Microsoft loathes Linux with a deep passion, but it doesn’t want to show this because it needs to infiltrate Linux events such as LinuxCon. It’s a strategy of entryism. It’s really ugly.
Imagine Microsoft having Linux folks as its keynote guests/speakers in its developers’ events, preaching passionately in favour of Free software (GPL for instance). Microsoft keeps infiltrating every single Linux event that matters. Microsoft is paying for it and it knows that it’s annoying people who pay a lot of money to attend (or whose employers are sponsors). Microsoft runs many developers’ events. Imagine Linux ‘infiltrating’ these. That would be entryism in reverse. But FOSS doesn’t play dirty. We leave the crimes and the unethical deeds to Microsoft.
Several days ago someone wrote to point out that Microsoft speaks nonsense and spread FUD again. To quote:
The giant from Redmond must be desperate since it has to use a controversial story from a relatively small Italian city to combat open source software, as in the mean time many larger deployments also in Italy are happy with LibreOffice and the numbers produced by Provincia di Perugia prove the opposite of the Microsoft-publication.
As Robert Pogson put it: “Why do they keep spreading it? Every time they get caught lying they destroy their own credibility amongst their loyal followers, if there are any left…”
Microsoft and its goons recently spread some more lies about Munich, using media partners which took the words of just two people and made that seem like the whole of Munich was upset with GNU/Linux. “Most people don’t really realize that they have Linux and they do not really care,” wrote Mr. Heath yesterday . He was the first person who wrote a story about this in English, foreseeing and properly preparing for Microsoft’s FUD attacks (Microsoft advocacy sites soon took the story out of context to lie about Munich).
Susan Linton, writing her daily column, said that “everyone reading of this knew that couldn’t be entirely right and today Heath reported, “the bulk of users have not taken issue with the move.” He quoted Munich IT developer, Jan-Marek Glogowski, at DebConf15 saying, “Most people don’t really realize that they have Linux and they do not really care, they want to do their stuff.” That’s not to say there aren’t issues and growing pains, primarily keeping up with hardware support with LTS Ubuntu-base, but plans are to keep forging ahead. Robert Pogson linked to the actual video from DebConf15.”
So basically we have just Microsoft FUD going on. Here is a new article that is just more utter lies, maybe ‘prepared’ propaganda from Microsoft (misleading, inaccurate) . They have totally made up the ‘facts’ to sell people the illusion that GNU/Linux is a failure. It’s that same old tired Munich lobbying from Microsoft Germany. As Pogson noted:
Lately, in the news, we read that agitators are still pushing to roll back GNU/Linux desktops.
They really are just “agitators”; there are only 2 of them at the moment, but they are joined by Microsoft spinners who have access to newspapers and/or news sites. “Munich councillors want to return to proprietary software,” wrote Gijs Hillenius in the European press, but we are speaking about just “two councillors [who] have not yet responded to emails seeking their position on interoperability” (if they know what it is at all, as they’re non-technical). Maybe they need to ask Microsoft Germany.
This headline, “Munich Officials Who Dumped Windows For Linux Want Microsoft’s OS Back” , is also a lie because it’s not the same officials, there’s no change of mind, there are just 2 dissenting voices.
This latest round of anti-GNU/Linux FUD is not something that we are unfamiliar with. We wrote dozens of in-depth articles about this. Munich is a large-scale migration and as we showed in previous years, Microsoft usually orchestrates this FUD behind the scenes. Sometimes some information leaks out to the media, showing Microsoft’s role in it (occasionally through proxies like HP). All we have here is a PR exercise, not news. █
Related/contextual items from the news:
In spite of complaints from a couple of councillors about the Limux OS, the city council said the bulk of users have not taken issue with the move.
“Most people don’t really realize that they have Linux and they do not really care,” said Jan-Marek Glogowski, a developer in the IT team at the City of Munich told the DebConf Debian developers meeting earlier this month.
Whatever the case, the city of Munich will have to wait it out for another year at least. According to The Inquirer, a review and subsequent response into the future IT policy will not take place until the end of 2016.
Send this to a friend
« Previous entries Next Page » Next Page »