Bonum Certa Men Certa

Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Skulls



Summary: Parasites that take advantage of public panic and lack of comprehension are occupying paper space, as usual

LAST WEEK we wrote about the overblown threat called/dubbed "GHOST" (all capital letters) by the company seeking to make money from it despite being only the third to discover it and knowing it was not much of a big deal. We have not yet heard about any major exploit, which pretty much can be said about the OpenSSL bug as well (this one too was discovered by two entities before a Microsoft-connected firm irresponsibly publicised it, giving it a name and a logo to sell its own services and spread FOSS-hostile FUD for many months to come). What unifies the GLibC and OpenSSL bugs is that they got "brand recognition" very quickly. It was like a marketing campaign rather than a non-alarmist discussion about security -- something that non-technical/technically-illiterate journalists would surely fail at.



"As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame."Days ago we saw the most FOSS-hostile IDG Web site becoming a platform of Black Duck, a Microsoft-connected firm that sells proprietary software by spreading and accentuating fear of FOSS. The article at hand uses bugs with "branding" to spook FOSS users while Black Duck, paying to publish this self-promotional press release on the same day, is still pretending to be an authority in FOSS.

The bugs with "branding" were also exploited by Veracode in this article (on the same day) and as Eric Lorenzo pointed out: "If businesses don't update legacy software, often they will will have bugs fixed in later versions! Shock!"

"I wonder what percentage of businesses are using obsolete Windows without updates," he added.

As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame. It not only sports back doors but is also badly designed and won't patch known critical holes. It is basically designed to be not secure.

When it comes to reporting on computer security, the corporate press has almost zero legitimacy. All it knows is brands and it is eager to promote corporate partners that piggyback those brands (like "heartbleed") or stories (Anthem, Sony, etc.), claiming to be experts and offering remedies other than patches which were already issued and are free to apply by all.

Recent Techrights' Posts

By Buying Twitter, MElon and Cheeto Now Control EU Politicians, Even at the Highest Levels
"the top level politicians make the egregious mistake of trying to treat Xitter as if it were a communications medium"
How to 'Sell' Software Freedom to People
In my experience, it helps when one speaks about control, not freedom, including confidentiality
The "Cool Kids" Are Already Using GNU/Linux, Microsoft is Just Cheating
The future and the present are Linux
IBM Going International (and India)
It's Monday and a national holiday
Microsoft Lunduke Belongs in 4Chan
Assuming Microsoft Lunduke is aware of the full context, he is now trolling not one but two decent organisations
 
LLM Slop is Now Filling the Web With Pure Fiction/Fabrication/Misinformation About Linux
The timing of this lie/fiction is curious because Torvalds is being brigaded for defending C
FUDZilla Has Turned Into LLM Slop and Machine-Generated FUD (New York Times Has Also Just Admitted Moving in That Direction)
Failing news sites, instead of calling it quits with some remaining dignity, are handing control over to LLM slop (pretending to still be active)
The Washington Post (Jeff Bezos) Dies in Darkness
spread it on
Gemini Links 18/02/2025: Downloading Gemini Files with Emacs and Elpher, Gopher on Devuan
Links for the day
Richard Stallman Confirms His Next Talk, "Free/Libre Software and Freedom in the Digital Society" (Next Monday in Free University of Bozen-Bolzano)
He could already advertise this more than a week ago
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, February 17, 2025
IRC logs for Monday, February 17, 2025
IBM's Chronic Neglect Won't Save Anything and It Might Even Get IBM Sued
The problem is likely a lack of manpower, not deliberate shoddiness
Gemini Links 17/02/2025: Ideal OS, AuraRepo Alpha, and Simple Code
Links for the day
Links 17/02/2025: War on Dissent and Bloggers, Nationalism a Growing Theme
Links for the day
GeekWire: Microsoft Bribes Us While We Cover Microsoft Affairs (Spin Doctoring), Hence We Are "Independent"
What good is a "journalist" sponsored by the very same company he or she writes about?
The Attacks on LinuxQuestions.org
Going to Clownflare only worsens the problem
The GNU Manifesto Turns 40 Next Month
The guardian of Free software (definition, licences, philosophy, hosting and so on) has managed to endure and persevere for 40 years. Very few others can say the same.
In Europe and in India Richard Stallman Need Not Duck Anymore, People Trying to Cancel His Talk Have No Sway
the last time a talk by Dr. Stallman got canceled was about a year ago
Back From a Short Break
We can now resume and try to stick to the usual pace
Links 17/02/2025: LLMs Failing and Patreon Support Becoming a Burden to Bloggers
Links for the day
Links 17/02/2025: Blogroll Conundrum; Research, Scientists Under Siege
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, February 16, 2025
IRC logs for Sunday, February 16, 2025
Links 16/02/2025: Nostalgia for Physical Media and the US Government Actively Promotes Pro-Kremlin Politicians in the EU
Links for the day
Gemini Links 16/02/2025:Life, Cynicism, and languages
Links for the day
Links 16/02/2025: Oligarchs "Collect Your Data and Control Your World", Global Temperatures Shoot Up
Links for the day
Promoting Microsoft Windows With LLM Slop
What is the policy at BetaNews regarding LLM slop?
Alex Oliva, the Potential 'Successor' of RMS, Has a New Web Site
More freedom for Alex Oliva
Links 16/02/2025: "Microsoft Is Laying Off Employees" and Internal Dissent Brewing at Facebook Over Regime Complicity
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, February 15, 2025
IRC logs for Saturday, February 15, 2025