The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Dr. Roy Schestowitz

2015-07-01 10:39:02 UTC
Modified: 2015-07-01 10:39:02 UTC

Bugs
Image courtesy of Red Hat, demonstrating lack of correlation between severity and logos/brands

Summary: Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software

The corporate media is in the business of selling (for corporations), not informing. Advertising is the business model, as well as media 'partnerships' (euphemism for PR). Security firms too are in the business of selling, not informing. Misinformation often helps improve sales. We have already ranted quite a lot about media misdirection, designed to sell products or malign the competitors of those who try to sell unnecessary products. We must assume that this is happening because it has always been happening; it's just that it got a lot more frequent now that Free/libre is more widely used.

The other day IDG published some promotion of Veracode. To quote one paragraph: "The scale of the problem is significant. Cryptographic issues are the second most common type of flaws affecting applications across all industries, according to a report this week by application security firm Veracode."

This is not an independent security researcher; it is the Black Duck-connected Veracode (Black Duck came from Microsoft and VeraCode's co-founder recently joined Black Duck), which overlooks security issues with proprietary software. Veracode is not an objective observer; it is trying to sell something. Sonatype too, a nasty company which we wrote about before [1, 2, 3, 4, 5, 6], rears its ugly head in the media, in an article provocatively titled "Open-Source Code Can Be More Dangerous Than Useful".

So Sonatype has launched yet another FUD attack on Free software, using myths and rhetoric, capitalising on gullible 'journalists' who would print just about anything, along with clueless pasting of bugs with logos (for extra fear), no discussion about severe bugs in proprietary software, and many other issues. This article is relaying marketing from Sonatype and dramatises it even further. "It gets worse," says the writer, "according to Sonatype: Many of the software companies that have built insecurities right into their products wouldn't be able to tell which of their applications are affected by a known component flaw because of poor inventory practices."

Well, proprietary software deliberately adds flaws to act as secret back doors. How about that in the discussion? The article totally omits that. The article then adds some talking points from the FOSS-hostile Symantec, another company which tries to sell its proprietary software based on perceptions of insecurity.

Thankfully, there are a couple of comments there (below the article) that highlight the issues with the article; both are titled "Not only open source..."

As Free/libre software becomes more mainstream we should expect more parasites like Sonatype to look out for fools who are willing to do their marketing, monetising trash-talk. ⬆

Brian Fagioli's Latest "Linux" Article Appears to be Fake: Another form of plagiarism/ripoff using bots?
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting: When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
Why I Continue to Believe That at the End Software Freedom Will Win: a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Technology: rights or responsibilities? - Part X: By Dr. Andy Farnell
Saving What's Left of Decent and Independent Journalism on the Web: We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
[Meme] Microsoft's Latest Marketing Pitch: "Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations): The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella: Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did): This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries): Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas: We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs: Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors: Some media would gladly participate in a scam to make money
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them: Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024: IRC logs for Tuesday, December 17, 2024
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches: Vista 11 was a failure
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means: They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!): LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok): Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata: Links for the day
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders: Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software: It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine: Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble: some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead: We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop: This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024: IRC logs for Monday, December 16, 2024
Gemini Links 16/12/2024: Invisibles and 20 Years of GNU/Linux on the Desktop: Links for the day
Microsoft's Windows Fell From 98% to Less Than 15% (in 15 Years in Africa): Operating System Market Share Africa
Swaziland: GNU/Linux Leaps to 7.24%, Based on statCounter: Remember that Microsoft had many layoffs this year in Africa
A Birthday Wish: My birthday is a few hours away
[Meme] Definitely Not Your Role Models: Hypocrite Neckbeard Meme
Changes or Variation of Logo at the FSF as 40th Anniversary is Near (Months Away): Next year the FSF turns 40
Mobile Usage Nearly 90% in Maharlika (Philippines)?: Microsoft has become just a footnote
Push Back and Become More Vocal for LLM Abuse and Misuse to Stop: We hope that more people out there (sites too) will call out the people who saturate particular topics on the Web with machine-generated junk
The Media Failed to Hold GAFAM Accountable (and Now It Suffers From It and For It): This recognition of the problem emboldens us to carry on
Botswana: New Highs for GNU/Linux, All-Time Lows for Microsoft: No wonder Microsoft has so many layoffs in Africa this year
Links 16/12/2024: Skinnerboxes ("Smart" "Phones") and Control Social Media Blamed for Fights: Links for the day
Reminder: The Microsoft Person Who Used OpenAI for En Masse GPL Violations Told the Whistleblower to Kill Herself: The evidence (real message)
Links 16/12/2024: emacs, Drawabox, “You Should Have Your Own Website”: Links for the day
In Some Parts of the World, Like Central America and South America, Microsoft is Irrelevant on the Web: Nadella has bet the farm on a Ponzi scheme
[Meme] Microsoft is Not a Country: Reporting crimes is essential for democracy
There's Not Much Time Left for President Biden to Pardon Julian Assange and Signal to Journalists That Exposing States' Crimes or Rich People's Misbehaviour is Lawful: Apathy towards this is part of the problem
Image Fusion is Not 'AI' (LLMs Aren't Either): Such fakes can (and always could) be done by a digital artist, it's just a little more expensive and time-consuming
GNU/Linux at New Highs in Bosnia And Herzegovina: Quite a few Balkan nations show high adoption rates for GNU/Linux
From Scientists to Pigeons: The EPO Has Turned Patent Examination Into a Process Made by Computers and Improperly Trained Staff Which Doesn't Meet the Requirements of the European Patent Convention (EPC): Might as well abolish this entire system if this is the current trajectory
Razik Menidjel Will No Longer be Chief Operating Officer Operations at the EPO: What does the EPC say about slop and should it be updated to deal with trouble such as slop?
Underpaid and Inexperienced Workers Overwhelm the EPO, Granting Many Invalid Patents and Placing Pressure on Veteran Examiners: So-called "production" (giving monopolies) pressure is "compromising the quality of our products" [sic] according to a new report
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, December 15, 2024: IRC logs for Sunday, December 15, 2024

The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Recent Techrights' Posts