Summary: Black Duck ups the ante on Free software-hostile messages, embeds FUD in the media almost instantaneously

THERE IS an attack on Free software going on, but it's shrewdly disguised as 'concern' for Free software. We are led to believe that not proprietary software with back doors is the problem but Free software that may have bugs, especially bugs that users don't bother to patch despite having the ability (or freedom) to do so. It's free.

The other day we wrote about Black Duck entering the security FUD market, targeting Free software, as one ought to expect (it had already done the compliance FUD, neglecting to mention EULA-related issues in proprietary software). To repeat some facts for the uninitiated, Black Duck was started as an anti-GPL company, by its very own admission. Very shortly after hiring a parasite, whose company exploits security fears, Black Duck's scope of FUD expands further and there's an effort in the media to advertise this.

"Taft, who often promotes Microsoft PR, doesn't mind covering something that seemingly relates to Free software if it makes Free software look bad."Darryl K. Taft, a booster of Microsoft, already helps this anti-GPL company (Black Duck) by doing this Microsoft-esque advertising at this very moment. Taft, who often promotes Microsoft PR, doesn't mind covering something that seemingly relates to Free software if it makes Free software look bad. No wonder Black Duck came from Microsoft. Other Microsoft boosting sites like TechFlash promoted this nonsense and spread it to media with broader reach. Watch how they wrongly describe Black Duck: "Burlington-based open-source software firm Black Duck software is making big bets on helping to make open-source software more secure for companies"

Black Duck is most definitely not "open-source software firm", it is an anti-Open Source software firm whose products are proprietary, with software patents that relate to them. This is the kind of openwashing that has become so common when it comes to proxies of Microsoft (Microsoft works together with Black Duck, it's not just that Black Duck came from Microsoft).

Black Duck, as we noted the other day, had hired a key person from Veracode, whose output is mostly FUD even today. Right now it promotes itself in CBS and other networks by saying some nonsense about a nonsense buzzword ("Internet of Things") that means nothing in particular. To quote the CBS tabloid: "In a new report released by enterprise security firm Veracode, researchers discovered during testing of common, household IoT devices that security is not up to scratch -- paving the way for exploits, data theft, robbery and potentially even stalking."

That is just some embedded marketing for a FUD firm, one whose co-founder is now inside Black Duck.

Truth be told, Black Duck is trying to diversify or re-brand itself 'pro-security' as it did 'pro-compliance', but actually, what it really is about should be FUD. It uses fear, spreads existing fear to sell, creates more fear to sell, and overall it makes Free software look bad.

IDG is another large network that helped Black Duck advertise itself the other day. The headline is misleading because it says "Black Duck's mission: To seek out insecure open source code in the enterprise".

No, Black Duck's mission is to sell its proprietary software by telling the press, enterprises etc. that Free software is not secure and needs some 'medicine' (Black Duck's proprietary snake oil).

Here are the press releases from Black Duck [1, 2]. Clearly enough there is a media manipulation campaign going on and some journalists -- other than Microsoft boosters disguised as 'journalists' -- have already fallen for it. ⬆