Bonum Certa Men Certa

Security FUD Against Free Software Resurfaces, Using Promotional Branding From a Microsoft-Linked Firm, So Red Hat Finally Responds

Bugs
Image courtesy of Red Hat



Summary: Old news is 'new' again, as Microsoft-friendly media decides to keep knocking hard on the reputation of Free software, using words rather than substance

A YEAR ago there was a curious (first of its kind for Free/Open Source software) "branding" of a 2-year-old FOSS bug by a Microsoft-linked firm that did not even find the bug. An engineer from Google had found it and sought to responsibly disclose it so as to patch it properly before the Microsoft-linked opportunists blew off the lid and called it "Heartbleed", set up a Web site to 'celebrate' the bug, and even made a professionally-prepared logo for it. This whole "Heartbleed" nonsense -- however serious it may have been for a day -- was blown out of all proportions in the media and tarnished the name of Free software because it was so 'successfully' marketed, even to non-technical people. It was a branding 'success' which many firms would later attempt to emulate, though never with the same degree of 'success' (where success means bamboozling the public, especially non-technical decision-making people).

"Microsoft must be laughing quite hard seeing all that media manipulation.""Dear journalists," I said earlier today in social media (Diapora), "bugs don't have birthdays. Stop finding excuses to bring "Heartbleed" BS (MS name for old bug) to headlines." I spoke to one author about it and challenged him for floating these "Heartbleed" logos and brands yet again. To us it seems quite evident that Microsoft keeps attacking Free software and GNU/Linux like no time before; it's just more subtle and hidden in more sophisticated ways. The person who heads the incognito firm that's known only for the "Heartbleed" brand (they control the brand) came from Microsoft (he was head of security there) and also from the FBI, whose stance on encryption is widely known by now; they actively seek to break security of software, so knowing about the 2-year-old OpenSSL bug would make sense. Some reputable media reports said that the NSA had known about this bug for about a year before it was known to the public and the NSA cooperates with the FBI on breaking software security, sharing personal (illegally intercepted) data, etc.

Anyway, the same publication (as above) also floated the "Heartbleed" nonsense in another article today. Would they do just about anything to keep it in headlines? Even a year later? They are now citing some firm called Venafi (never heard of it before), which basically relies on misleading misuse of statistics. It's FUD from a company that tries to make money from perceived dangers and accentuates these dangers in an effort to acquire clients. What kind of 'journalism' is this? incidentally, Black Duck is now joining the list of such parasitic companies, with new hires and multiple press releases, so clearly it's a growth area and the Microsoft link is easy to see. It is FUD season again this spring as more publications now float this whole nonsense. This is hardly journalism, it's just throwback.

Thankfully enough, Red Hat demonstrates what "branding" of FOSS bugs practically means, even using the image above. There is no correlation between the naming of bugs and their severity, but press coverage sure loves a good brand. This is an important (albeit belated) response from Red Hat to "branding" of a FOSS bug by Microsoft-linked firms like the one behind "Heartbleed".

"It’s been almost a year since the OpenSSL Heartbleed vulnerability," says Red Hat, "a flaw which started a trend of the branded vulnerability, changing the way security vulnerabilities affecting open-source software are being reported and perceived. Vulnerabilities are found and fixed all the time, and just because a vulnerability gets a name and a fancy logo doesn’t mean it is of real risk to users."

Well, Microsoft folks sure squeezed everything they could from this bug, seeking to discredit not just OpenSSL but the whole development process of Free software (due to just one small bug, or a few lines of code). And Microsoft still pretends that it is warming up to Open Source? Who are these frauds kidding?

There's a lot of companies which continue to use platforms with back doors, such as Windows, but the Wintel-oriented media would rather we just obsess over this one bug from one year ago (which was patched as soon as it became publicly-known).

We are rather disappointed to see a decent journalist like Sean Michael Kerner, along with colleagues at eWEEK, swallowing the bait and serving to promote the misleading claims to advertise this company that controls the "Heartbleed" brand, among other opportunists (like fish swimming around a shark for some leftovers). Microsoft must be laughing quite hard seeing all that media manipulation.

Recent Techrights' Posts

Censorship as Signal of Opportunity for Reform
It remains sad and ironic that Wikileaks outsourced so much of its official communications to Twitter (now X)
The World Wide Web Has Been Rotting for Years (Quality, Accuracy, and Depth Consistently Decreasing)
In the past people said that the Web had both "good" and "bad" and that the good outweighed the bad
Comoros: Windows Plunges to Record Low of About 6% in Country of a Million People (in 2010 Windows Was 100%)
Many of these people earn a few dollars a day; they don't care for Microsoft's "Hey Hi PC" hype
The Mail (MX) Server Survey for July 2024 Shows Microsoft Collapsing to Only 689 Servers or 0.17% of the Whole (It Used to be About 25%)
Microsoft became so insignificant and the most astounding thing is how the media deliberate ignores it or refuses to cover it
Windows Down From 98.5% to 22.9% in Hungary
Android is up because more people buy smaller mobile devices than laptops
Backlash and Negative Press After Microsoft Tells Diversity, Equity, and Inclusion (DEI) People to DIE
Follow-up stories
Microsoft Windows in Algeria: From 100% to Less Than 15%
Notice that not too long ago Windows was measured at 100%. Now? Not even 15%.
Microsoft Windows "Market Share" in New Zealand Plunges to 25%
Android rising
SUSE Goes Aryan: You May Not Use the Germanic Brand Anymore (It's Monopolised by the Corporation)
Worse than grammar Nazis
Gratis But Not Free as in Freedom: How Let's Encrypt is Dying in Geminispace
Let's Encrypt is somewhat of a dying breed where the misguided CA model is shunned
Bing Was at 2.6% in Russia When LLM Hype Started. Now It's Down to 0.8% (for 3 Months in a Row Already)
The sharp fall of Bing may mean that exiting the Russian market won't matter to anybody
 
Links 17/07/2024: School Budget Meltdown and Modern Cars as Tracking Nightmares
Links for the day
This Should Certainly be Illegal, But the Person Who Helped Microsoft Do This is Still Attacking the Critics of It
perhaps time for an "I told you so post"
[Meme] A Computer With an Extra Key on the Keyboard Isn't Everyone's Priority
(so your telling me meme)
Africa as an Important Reminder That Eradicating Microsoft Doesn't Go Far Enough
Ideally, if our top goal is bigger than "get rid of Microsoft", we need to teach people to choose and use devices that obey them, not GAFAM
Billions of Computers Run Linux and Many Use Debian (or a Derivative of It)
many devices never get updated or even communicate with the Net, so exhaustive tallies are infeasible
[Meme] Microsoft is Firing
Don't worry, Microsoft will have some new vapourware coming soon
More DEI (or Similar) Layoffs on the Way, According to Microsoft Team Leader
What happened shortly before Independence Day wasn't the end of it, apparently
[Meme] Many Volunteers Now Realise the "Open" in "OpenSUSE" or "openSUSE" Was Labour-Mining
Back to coding, packaging and testing, slaves
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 16, 2024
IRC logs for Tuesday, July 16, 2024
[Meme] Ein Factory
A choice between "masters" (or "master race") is a false choice that results in mass exploitation and ultimately eradication (when there's little left to exploit)
Links 17/07/2024: Open Source Initiative Lies and Dark Net Thoughts
Links for the day
Media Distorting Truth to Promote Ignorance
online media is rapidly collapsing
Android Rises to New Highs of Almost 80% in Cameroon
How many dozens of nations will see Windows at under 10% this coming winter?
Links 16/07/2024: TikTok Ban in Europe and Yandex Split
Links for the day
Gemini Links 16/07/2024: On Packrafting and on Trump Shot
Links for the day
[Meme] Firefox Users Who Think They Know Better Than Mozilla
Enjoy Firebook
Firefox Used to Have About Half the Market in Switzerland, But It Doesn't Stand a Chance Anymore (Chrome Surging This Summer)
Mozilla has managed to alienate some of the biggest fans of Firefox
Microsoft's Biggest Losses Are in Europe This Summer
Microsoft's ability to milk a relatively rich Europe is fast diminishing
How to Make Software Suck and Discriminate Against People at the Same Time
ageism glorified
[Meme] Microsoft Seems to be Failing to Comply With WARN Act (by Refusing to Announce Mass Layoffs as They Happen)
since when does Microsoft obey the law anyway?
Microsoft Layoffs Are Still Too Frequent to Keep Abreast of and Properly (or Exhaustively) Classify
The "HR" department knows what's happening, but whistleblowers from there are rare
Bahamas Joined the "5% Windows" Club
statCounter only traces back about 1 in 20 Web requests to Windows
Links 16/07/2024: Salesforce Layoffs and Microsoft's DMARC Fail
Links for the day
Antenna Abuse and Gemini Abuse (Self-hosting Perils)
Perhaps all this junk is a sign of Gemini growing up
Possibly Worse Than Bribes: US Politicians and Lawmakers Who Are Microsoft Shareholders
They will keep bailing out Microsoft to bail themselves out
The Software Freedom Conservancy Folks Don't Even Believe in Free Speech and They Act As Imposters (Also in the Trademark Arena/Sense)
Software Freedom Conservancy was already establishing a reputation for itself as a G(I)AFAM censor/gatekeeper
Djibouti Enters the Windows "10% Club" (Windows Was 99% in 2010)
In Africa in general Microsoft lost control
GNU/Linux Share Doubled in the United States of America (USA) in the Past 12 Months
Or so says statCounter
Even in North Korea (Democratic People's Republic Of Korea) Google Said to Dominate, Microsoft Around 1%
Google at 93.26%
[Meme] The Red Bait (Embrace... Extinguish)
They set centos on fire, then offer a (de facto) proprietary substitute for a fee
Shooting the Messenger to Spite the Message
segment of a Noam Chomsky talk
[Video] Boston Area Assange Defense (Yesterday)
It was published only hours ago
Guinea: Windows Down From 99.3% to 2.7% 'Market Share'
Guinea is not a small country
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 15, 2024
IRC logs for Monday, July 15, 2024
What's Meant by "Antenna Abuse" (Gemini)
syndication is not a monopoly in Gemini and if one doesn't condone political censorship, then one can create one's own syndication service/capsule
Microsoft Layoffs and Entire Unit Termination: Diversity, Equity, and Inclusion
What an announcement to make just before Independence Day
Links 16/07/2024: Old Computer Challenge and One Page Dungeon Contest
Links for the day
Microsoft Falls Further and Closer Towards 10% (Windows "Market Share") in Kuwait
more countries entering the "single-digit Windows" (under 10%) club
Gemini Links 15/07/2024: Antenna's Pro-Hamas Bias Revisited and Old Computer Challenge
Links for the day
[Video] Julian Assange, Over One Decade Ago, Cautioning About What the Internet Had Truly Become
video is not new
Homage to Malta
Malta is probably easy for Microsoft to bribe
IRC at 16
Logging has been used for us and against us
In Malta, Android/Linux Has Overtaken Microsoft Windows (According to statCounter)
statCounter milestone?
Links 15/07/2024: China’s Economic Problems, Boeing Under Fire
Links for the day
500 Days' Uptime Very Soon
Good luck doing that with Windows...
Windows Falls Below 20% in Tunisia
A month ago we wrote about GNU/Linux in Tunisia
Links 15/07/2024: Google Wants Wiz and Why "Sports Ruin Everything"
Links for the day
Gemini Links 15/07/2024: Old Computer Challenge and Sending Files via NNCP
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 14, 2024
IRC logs for Sunday, July 14, 2024