Bonum Certa Men Certa
Patients' Data at Risk as NHS Reinforces Its Microsoft/Accenture Stockholm Syndrome | Microsoft is Interjecting Itself Into GNU/Linux and Free Software News, Even Events and Foundations

The Unethical Business of Selling Fear of Free/Libre Software Bugs (Black Duck, Sonatype, and Symantec)

Snake oil



Summary: The spreading of fear of Free/Open Source software (FOSS) is now a growth industry, so proprietary opportunists are eager to capitalise on it, even if by distorting the truth

EARLIER THIS month some Black Duck publicity stunt fooled some journalists into promotion of Black Duck FUD. We saw that persisting until April 20th (one week ago), even in pro-FOSS sites (blogs) that did this days later. IDG made a slideshow out of it. Well, sadly, it cites Black Duck, which tries to sell proprietary software under the guise of Free software promotion.



In reality, Black Duck is not just selling fear of GPL violations -- the original 'product' which was 'sold' by this firm. It's a two-faced firm masquerading as pro-FOSS whilst attacking FOSS. Black Duck and Duck Duck Go both give a bad name to ducks. They pretend to be FOSS or at least openwash themselves (a lie) and they pretend to defend users (also a lie, they merely exploit or monetise users).

In other news, Sonatype reportedly compared FOSS to "Public Health Hazard". To quote one report: "That’s the assessment of Joshua Corman, CTO at Sonatype, who took to the stage at RSA 2015 to characterize insecure software as a kind of “cyber-asbestos,” widely deployed, inherently dangerous, and eventually carrying an astronomical cost in terms of human suffering and cost to clean up because …we just didn’t know how dangerous it was at the time when we embraced it."

So Sonatype is again on an anti-Free software binge. It is not the first time (see examples in [1, 2, 3, 4]) and it is easy to see why it is doing this. It's trying to sell its products, which are nothing to do with Free software. Sonatype's track record of FOSS FUD is expanding and may one day rival the Microsoft-connected Symantec, which continues its FUD campaign against Android, generating misleading headlines such as "One in Five Android Apps Is Malware" in this case. When people install software from Google Play, then there is virtually no risk, but don't expect Symantec to properly analyse this. Symantec sells insecurity. To quote the misleading article: "According to Symantec’s latest Internet Security Threat Report, “17 percent of all Android apps (nearly one million total) were actually malware in disguise.” In 2013, Symantec uncovered roughly 700,000 virus-laden apps."

But where are they found? Are any accessible to most Android users? No, so Symantec is defining it wrongly and framing the issue by saying that many applications' "primary purpose is to bombard you with ads." That's not malware, but they made up a new word.

Google has already responded mostly by removing apps with too many ads (that's not malware) and saying that Android "antivirus" is snake oil, as Google said before (responding to the likes of Symantec several years ago).

Android now has an industry of snake oil around it because there is a lot of market share there. The same can be said about FOSS, which is why Black Duck and Sonatype are busy badmouthing security aspects of it. They're all just looking for a quick buck; FUD and reputation damage to FOSS are "collateral damage".

Patients' Data at Risk as NHS Reinforces Its Microsoft/Accenture Stockholm Syndrome | Microsoft is Interjecting Itself Into GNU/Linux and Free Software News, Even Events and Foundations

Recent Techrights' Posts

Hard to Find a Job After Working for Microsoft (Back Doors Giant, Bribery Hub)
It generally looks like people who chose to serve Microsoft's agenda don't end up too well
Altering Perceived Reality to Make It Seem Like Microsoft is Thriving, Not Failing
pretend XBox did not die
 
Microsoft Experiencing "Leadership Exodus"
Microsoft's current position is no better than Meta's (Facebook)
GNU/Linux Distros Should Reject "Age Verification" and Uphold Software Freedom for Users
It's not about protecting children
Slop Plunge
we can already "smell the blood" of the so-called 'AI industry'
IBM Media Puff Pieces While Layoffs Go On and On
Has the PR industry absorbed the press?
Media Says Microsoft Hiring Freezes, But There Are Already Microsoft Layoffs
They want the public to talk about Microsoft as if it's just not hiring when it is actually firing
Richard Stallman lynchings: Sruthi Chandran splitting Debian
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 26, 2026
IRC logs for Thursday, March 26, 2026
Links 26/03/2026: Tor Relay at National Taiwan Normal University, Copyright Hammers Fall
Links for the day
Gemini Links 26/03/2026: "The War of the Worlds" and "sometimes science is just the dumbest thing"
Links for the day
The World Wide Bots
The shape of the Web is so bad that bots exceed humans in some places
Links 26/03/2026: Solicitors Regulation Authority (SRA) Closes 101 Law Firms in 2 Years, "Please Compensate the Work You Appreciate"
Links for the day
Regaining Software Freedom Means Regaining Control Over Programs That Run on Our Devices
Richard Stallman will speak in Italy
Microsoft Secure Boot Removes Users' Choice
Has Greenland banned Microsoft and 'secure' boot yet?
IBM Pushes Workers Out, It Does Not Count Them as "Layoffs"
The number of IBM layoffs can be as large as tens of thousands per year
Microsoft Lost 31% Of Its Alleged "Value" in Five Months, Then It Got Downgraded
In 2026 Microsoft focuses on keeping the layoffs silent
SLAPP Censorship - Part 24 Out of 200: The Failed Effort by Brett Wilson LLP to Strike Out My Lawsuit and My Wife's Lawsuit Against Garrett (the Master Allowed Our Lawsuits to Proceed)
This is lawfare
Official New Figures Show That Solicitors Regulation Authority (SRA) Sees Rise in Dishonesty Among Law Firms Forcibly Shut Down ('Euthanised' Due to Misconduct)
It's rather if in our little country as many as 16 law firms were found to be so dishonest that they needed to be shut down
Back to Normalcy
In our datacentre at least
IBM is "Increasing Its Temporary and Part-time Headcount" While Net Headcount Falls (Despite Buying Many Companies and Their Workforce)
Headcount is a rather superficial yardstick.
Confluent Insiders: IBM Laid Off Over 800 at Confluent, Not Just 800
For the record, the layoffs at Confluent won't be over. After the bluewashing there will be "IBM RAs" impacting Confluent folks, aside from PIPs
EPO Union Decides to Continue Industrial Actions, Next Strike in Four Days
The latest strike had the highest participation rate
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 25, 2026
IRC logs for Wednesday, March 25, 2026
Microsoft's "Silent Layoffs" in Slop Clothing
"AI-powered transformation" is just a euphemism for mass layoffs
Where and How to Spot LLM Slop
Many people correctly perceive LLMs as a site's downfall, a step towards the abyss
Public Talk by Richard Stallman in Half a Day "at the Engineering and Architecture Campus of Cesena of the University of Bologna"
He'll probably attract a fairly large crowd
Gemini Links 26/03/2026: Buying a House, Stargazing, OFFLFIRSOCH 2026
Links for the day
Links 25/03/2026: Nations Return to Russian Oil and Burning Wood
Links for the day
Gemini Links 25/03/2026: Resisting Authoritarianism and Why Slop Needs to Go Away
Links for the day
Fedora Maintainer-ship Using Slop (Mistakes) Would Make Fedora Less Reliable
It won't produce reliable code or stable systems one can rely upon
IBM's "Legacy Employees" (Experienced Workers, IBM Management Dubs Them 'Dinobabies')
This notion of "legacy employees" seems like something overlapping with "expensive" (well paid) staff, even if not entirely equivalent
EPO's "Current Industrial Actions Are Likely to Intensify Further."
There is another strike in 5 days
This Morning The Register MS Published Slop Promotion With the Term "AI" 15 Times In It. The Register MS Was (As Usual) Paid to Do This
This is not a serious publisher
SLAPP Censorship - Part 23 Out of 200: We Were Right All Along (for 2 Years) About Third Party Funding and Willingness to 'Break the Bank' in Pursuit of "Revenge"
How much damage can a person do to oneself in pursuit of cover-up of legitimate technical concerns?
Gnome Foundation Inc is in Trouble
the agenda is set GAFAM and IBM rather than donors
Links 25/03/2026: Airports Further Militarised, "Slopification and Its Discontents", Microsoft 'Open' 'Hey Hi' Shutting Things Down
Links for the day
Gemini Links 25/03/2026: Blogging Fright and Absolutely Useless 'Apps' Made by Slop Machines
Links for the day
Rise in Energy Prices Will Significantly Accelerate the Death of So-called "AI Companies"
It should be noted that fake news about Microsoft OpenAI doubling workforce (mere words, not actions) can serve as a nice distraction from the death of Sora due to divestment
It's Always a Question of Trust
There's a widespread stigma of lawyers being manipulative and chronically dishonest
Solicitors Regulation Authority (SRA) Must More Carefully Investigate or Assess the Financial State of Law Firms in the UK
We'll cover this in depth in the future
GAFAM Mozilla Removes Theora Support, Now GNU Needs to Re-encode Videos
Mozilla used to mean something to Free software advocates
An Open Admission Profits Depend on Addiction
Proprietary software tends to be like this
IBM Americas President Ayman Antoun Comes to OpenText, Weeks Ahead the Mass Layoffs Begin
Is that what IBM will be good at?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, March 24, 2026
IRC logs for Tuesday, March 24, 2026