Bonum Certa Men Certa

Open-Source Software Security Initiative (OS3I) Has Nothing to Do With Open Source, It's Just a Front Group for Lobbying Purposes and an Openwashing Agenda in Mind

posted by Roy Schestowitz on Feb 01, 2024,
updated Feb 01, 2024

Woman Taking A Selfie

Shameless self-promotion, but whose exactly? We may be dealing with malicious imposters here*.

THERE is this thing called "Open-Source Software Security Initiative" (or OS3I) and their sites leans towards a very corporate/'Establishment' message. Notice the dash in "Open-Source"; that's what the openwashing crowd keeps doing. This seems to link to IST. Here is the corresponding PDF and Linux Foundation affirming the connection in its new, proprietary Web site.

According to this news report from a Microsoft-friendly site, "White House releases report on securing open-source software," yet we aren't seeing any Free software people participating. As one person asked us, "was even a single person from any FOSS community involved in the report?" Or "who is behind the Open-Source Software Security Initiative (OS3I)?"

From what we can gather, there's almost no FOSS element in the Board. There's even CIA in there (Sarah Sewall). The core team shows no familiar faces, to say the least...

Who are those people? What makes them important? Why are they relevant to what they call "Open-Source"? (Yes, with a dash!)

Board behind Open-Source Software Security Initiative

Time will tell what sort of positions they promote, but certainly those aren't FOSS people. They seem like state and corporate puppets throwing the term "open-source" around. It's connected to a group that used to be headed by a Microsoft employee.

Speaking of public policy, see this recent article and page 31 of the PDF in particular ("Federal Software License: Agencies Need to Take Action to Achieve Additional Savings").

As someone told (regarding the document), "money is wasted on proprietary licensing by the wheelbarrow; it should instead be public money, public code!" (The slogan from the FSF-EEE)

GAO’s study said, as per FedScoop, that "Microsoft held by far the largest share of vendors organized by the highest amounts paid (31.3%)" and GAO "is making 18 recommendations to nine agencies to consistently track software license usage and compare the inventories with purchased licenses," to quote the PDF from GAO's site. "Eight agencies agreed with the recommendations and one neither agreed nor disagreed."

It's time to stop bailing out Microsoft (at taxpayers' expense) and to not let Microsoft lobby the government on matters like "Open Source"; it must not represent its opposition. Microsoft should play no part in security-centric advisory panels, either. The culprit is not the expert.

_______

* Far too many imposters out there, like pushers of 'secure' boot pretending to be security experts whilst in fact working for the NSA's #1 enabler. Delusional (in this case also autistic) people making up some fictional titles or job titles (unemployed) is not illegal, but lying about one's legal credentials is akin to falsifying being a cop (in order to terrorise and blackmail people) and is legally actionable. As we shall show here in the future, the people who attempt to silence this site are guilty of all those things. This is now being deal with by the police. The real police, not delusional people on hard drugs.

Other Recent Techrights' Posts

Moving From Content Management Systems (CMSs) to Static Site Generators (SSGs) Saves You Time, Makes You a Lot More Productive
try to reduce the cost (financial and computational) of running your site
Leak: European Patent Office (EPO) is Now Attacking Amicale Clubs
corruption has become the norm and scientists are robbed of any dignity
Oracle Fraud (or Defrauding Shareholders)
"the obvious [lie] is that watts are (wasted) electricity [and] and FLOPS are computing capacity"
Explaining (in Length and Depth) the Damage Matthew Garrett Did to Linux and to GNU/Linux Users
no matter how many threats we receive
 
Gemini and Web Links 13/09/2025: MElon's Slop Grift and "Autonomous Trains"
Links for the day
Pursuing Peace Through Violence
You cannot "see" a person's mind, until the mouth opens
Can We Please Stop Celebrating Shooters?
"An important point to hammer on is that CoCs were never intended for uniform or symmetric application"
Geminispace is Growing Faster in 2025 Than It Did in 2024
What matters is that corporations haven't ruined it and LLM slop is extremely rare
Links 13/09/2025: China Punishes for 'Negative' Posts, US Police Unable to Find Shooter
Links for the day
Who's the Mystery Financier of SLAPP Against Techrights and Is That a Millionaire/Billionaire?
Whose idea was it to fund meritless lawsuits against my wife and I?
Slopwatch: Slow Slop Day
This distracts from or may take traffic away from the original articles, actually written by actual people
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 12, 2025
IRC logs for Friday, September 12, 2025
CoC Gone Wrong: Celebrating Murder OK, Complaining About the Celebration Gets You Banned
Hopefully the NixOS Foundation will have a word with (maybe replace) the moderator/s
Gemini Links 12/09/2025: Familiarity and Secondary Dominants
Links for the day
Links 12/09/2025: "Bad Reviews" as Extortion Weapon, "Free Speech At Risk in America’s Schools" According to ACLU
Links for the day
Only One Speaker Does Not Do Sharecropping for MElon (in X.com)
The man who puts principles before PR/optics
The Mind of the 'Hulk Hogan of UEFI'
in a nutshell
A Day After "UEFI 9/11": UEFI Secure Boot Bypass
In the news today (right now), as published in the past few hours
Links 12/09/2025: Slop Code as Liability, Microsoft Outlook Down for Many
Links for the day
It's Still Not to Late to Turn Off "Secure Boot"
If people reboot their PC or server today, and it relies on "Secure Boot" on Sept. 12 or later, then depending on the firmware there may be trouble ahead
Links 12/09/2025: Shira Perlmutter is Back, “Software Per Se” Patent Rejections in In re McFadden
Links for the day
Slopwatch: Linux Plagiarism, Slopfarms Still Infesting Google News, Many Images Are Fake
Google is promoting plagiarism
"This Morning Might Turn Out to be an Interesting One for System Admins Who Haven't Updated Their Devices' Secure Boot Certificate" (If They Reboot)
Who asked for this anyway?
Gemini Links 12/09/2025: Metric System, Dumping Windows, and Software Architecture is Dead
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 11, 2025
IRC logs for Thursday, September 11, 2025
Microsoft Admits the Workers Have Lost Trust (Endless Layoffs, 12-13 Rounds of Layoffs This Year), So Now It's Trotting out Its Peter Bright-Like Media Prop Jordan Novet
What they don't want people to pay attention to right now
Links 11/09/2025: Windows TCO and Russian Drones Invading Poland (EU/NATO)
Links for the day
Gemini Links 11/09/2025: xkcd, misfin, and Alhena 5.3.2
Links for the day
Repetition of Last Summer (Microsoft Breaking Dual-Boot Systems)
UEFI 9/11 is about to kick in
UEFI 'Secure Boot' Boiling Frogs (Cannot Turn Off 'Secure Boot')
"MSI laptop is locked on Secure Boot and doesn't allow me to turn it off"
UEFI 9/11 Aftermath - Part IV: The 'Hulk Hogan of UEFI' and His 'Hideout' Holiday (Retreat From Reality)
Let's keep an eye on what matters
UEFI 9/11 Aftermath - Part III: Mr. 'Secure Boot' (Shim) and His Fake 'Holiday' (Sending My Wife and I Threatening E-mails on 9/11)
despite being on holiday, according to him, he finds time to instruct lawyers to contact my wife
UEFI 9/11 Aftermath - Part II: "The SecureBoot Thing Got Out of Hand."
The next few weeks might be... interesting
UEFI 9/11 Aftermath - Part I: "I Believe This Affects Thousands of Devices... Because Multiple Devices I Checked, Whether Client or Server [...] Affected."
Most people aren't even aware that this is happening or about to happen
The UEFI 9/11 - Part X - An Outline of the Series About Microsoft Sabotaging GNU/Linux (With Ramifications to Unfold Online in Coming Weeks as People Reboot)
Today is UEFI 9/11 (9/11/2025)
Ron Wyden: Microsoft Should be Held Accountable for Security Breaches (He Has Said This for Years Already, It Never Happens)
Negative media coverage isn't a fine and it does nothing to compensate Microsoft's billions of victims
Culture of silence: Ubisoft harassment convictions, Mozilla, Sylvestre Ledru & Debian make no comment
Reprinted with permission from Daniel Pocock
Disable 'Secure Boot' (If It Lets You)
it doesn't put you in control
Links 11/09/2025: "Hey Hi" Ponzi Schemes at Oracle (Unpaid Contracts) and Cindy Cohn is Leaving the EFF
Links for the day
Longtime Red Hat Staff: Maybe Just Disable 'Secure Boot'
A refreshing take from Adam Williamson
Gemini Links 11/09/2025: Playdate Console, Dichotomy between the Real and the Digital
Links for the day
A Dozen Observations About "UEFI 9/11" Deflections
What we are expected to see, tentatively
The Microsoft AstroTurfing and Microsoft-Led Blame-Shifting Tactics Are Ahead of Us
Of course it has nothing to do with security, it's about control, i.e. them controlling everything
Celebrating Assassination is Bad Because It Legitimises Assassination of the People You Like, Too
Condoning or even celebrating political assassinations is bad optics (and taste)
The World's Richest Ponzi Scheme (Faking Value Using Net Waste)
The higher they go the harder they fall
We Could Dual-Boot Back in the 1990s, Why Has This Become So Difficult?
And prone to breakage
Being Conditioned to Accept Unreliable Computer Systems That Fail With Black Screen of Death (BSoD)
Welcome to 2025
Slopwatch: Google News is Still Promoting Many Fake Articles About "Linux", in Effect Rewarding Misinformation and Plagiarism
things continue to deteriorate
New Series: The Coup Against GNU/Linux Has Begun
today, this year in particular, we shall also focus on Secure Boot, which is sold based on a lie and tortures many computer user
New Paper on "BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses."
One might say digital "security theatre"
Links 11/09/2025: Oracle Layoffs, Drunk Pilots in Japan Airlines, US-Korea Tensions Grow
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 10, 2025
IRC logs for Wednesday, September 10, 2025