Bonum Certa Men Certa

The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Bugs
Image courtesy of Red Hat, demonstrating lack of correlation between severity and logos/brands



Summary: Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software

The corporate media is in the business of selling (for corporations), not informing. Advertising is the business model, as well as media 'partnerships' (euphemism for PR). Security firms too are in the business of selling, not informing. Misinformation often helps improve sales. We have already ranted quite a lot about media misdirection, designed to sell products or malign the competitors of those who try to sell unnecessary products. We must assume that this is happening because it has always been happening; it's just that it got a lot more frequent now that Free/libre is more widely used.



The other day IDG published some promotion of Veracode. To quote one paragraph: "The scale of the problem is significant. Cryptographic issues are the second most common type of flaws affecting applications across all industries, according to a report this week by application security firm Veracode."

This is not an independent security researcher; it is the Black Duck-connected Veracode (Black Duck came from Microsoft and VeraCode's co-founder recently joined Black Duck), which overlooks security issues with proprietary software. Veracode is not an objective observer; it is trying to sell something. Sonatype too, a nasty company which we wrote about before [1, 2, 3, 4, 5, 6], rears its ugly head in the media, in an article provocatively titled "Open-Source Code Can Be More Dangerous Than Useful".

So Sonatype has launched yet another FUD attack on Free software, using myths and rhetoric, capitalising on gullible 'journalists' who would print just about anything, along with clueless pasting of bugs with logos (for extra fear), no discussion about severe bugs in proprietary software, and many other issues. This article is relaying marketing from Sonatype and dramatises it even further. "It gets worse," says the writer, "according to Sonatype: Many of the software companies that have built insecurities right into their products wouldn't be able to tell which of their applications are affected by a known component flaw because of poor inventory practices."

Well, proprietary software deliberately adds flaws to act as secret back doors. How about that in the discussion? The article totally omits that. The article then adds some talking points from the FOSS-hostile Symantec, another company which tries to sell its proprietary software based on perceptions of insecurity.

Thankfully, there are a couple of comments there (below the article) that highlight the issues with the article; both are titled "Not only open source..."

As Free/libre software becomes more mainstream we should expect more parasites like Sonatype to look out for fools who are willing to do their marketing, monetising trash-talk.

Recent Techrights' Posts

In the Pacific (Mostly Islands Around Oceania) GNU/Linux Grew a Lot
Microsoft cannot compete fairly
The Sheer Absurdity of the EPO's Career System Explained by EPO Staff
"Staff representation has previously pointed this out to management, and the career system has been the reason for several industrial actions and litigation cases initiated by SUEPO."
Forget About India's and Pakistan's Nuclear Weapons and Armament Race, They Need to Abscond Windows and Microsoft (Security Swiss Cheese)
Both countries would be wise to remove Windows as soon as possible, irrespective of the local party politics
statCounter: GNU/Linux Rose From 0.2% to Over 3% in Pakistan
GNU/Linux "proper" (i.e. not ChromeOS) has the lion's share
 
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: Targeting My Old "Tweets"
This was basically an act of vandalism no better and no worse than UEFI restricted boot
Links 26/05/2024: Google 'Search' Morphing Into Disinformation Factory, Discussion of Maze of the Prison Industrial Complex
Links for the day
A Toast to Tux Machines
Food ready for the party, no photos yet...
IBM/Red Hat Failing to Meet Its WARN Obligations in NC (STATE OF NORTH CAROLINA), or Perhaps It's Constantly Delaying the Layoffs
IBM isn't named even once
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, May 25, 2024
IRC logs for Saturday, May 25, 2024
GNU/Linux in Greenland
The sharp increases for GNU/Linux started last summer
[Meme] Productivity Champ Nellie Simon: It Takes Me 3+ Weeks to Write 6 Paragraphs
Congrats to Nellie Simon!
It Took EPO Management 3+ Weeks to Respond to a Letter About an Urgent Problem (Defunding of EPO Staff)
The funny thing about it is that Nellie Simon expects examiners to work day and night (which is illegal) while she herself takes 3+ weeks to write a 1-page letter
Staff Union of the EPO (SUEPO) in The Hague Taking Action to Rectify Cuts to Families of Workers
they "are active in challenging this measure via the legal system"
Links 25/05/2024: Microsoft Adds More DRM (Screenshot Blocking), Another Microsoft Outage Takes Down Everything
Links for the day
Gemini Links 25/05/2024: "Bill Smugs" and OpenBSD Mirror Over Tor / I2P
Links for the day
Microsoft #1 in Gaming Layoffs, Laid Off Workers Receive Another Insult From Microsoft
Many of them never chose to work for Microsoft
In New Caledonia Windows is Now Below 30% (It Used to be Over 90%)
Microsoft's Windows absolutely collapsing and the measures are relatively stable
Red tape: farmer concerns eerily similar to Debian suicide cluster deaths
Reprinted with permission from Daniel Pocock
Galway street artists support social media concerns
Reprinted with permission from Daniel Pocock
Links 25/05/2024: Section 230 and Right of Publicity Violations by Microsoft (Which Attacks Performance Artists)
Links for the day
[Meme] No Microsoft
For fun!
Microsoft Windows Falls to New Lows in Poland
It may mean people delete Windows from relatively new PC
A 3-Year Campaign to Coerce/Intimidate Us Into Censorship: An Introduction
The campaign of coercion (or worse) started in 2021
The "D" in Debian Stands for Dictatorship That Extends to Censorship at DNS Level
Of course the registrar, which charged for domains until 2025, just went along with it
Cybersecurity and Infrastructure Security Agency (CISA) Getting Stacked by Microsoft
it lets Microsoft write policies
The Parasitic Nature of Microsoft Contracts
Stop feeding the beast
Gemini Links 25/05/2024: Emacs Windows 2000 Screenshots and Little Languages
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, May 24, 2024
IRC logs for Friday, May 24, 2024
Ireland Exits Microsoft's Vista 11
Microsoft can't be doing too well in Ireland because Microsoft had tons of layoffs in that country last year
A Recognition for Hard Work
Running this site is a lot of work
The Web We Lost...
Vintage War Censorship Poster...
Daniel Pocock (IND) in European Election Debate
In this segment he speaks of the effects of social control media and phones on children
[Meme] Next Target: Sub Domains
Deb.Ian.Community
In Republic of (South) Korea, as of This Month, Android Climbs to Record High of 48%
Judging by statCounter anyway
"Linux" is Second-Class Citizen at IBM
sends the wrong message to Red Hat staff and Red Hat clients
Links 24/05/2024: More Software Patents Invalidated (US), New Fights to Protect Free Speech
Links for the day
"You Touched the Wrong Lady"
What Rianne wrote more than 8 months ago
Links 24/05/2024: Layoffs at LinkedIn and Election Interference Via Social Control Media
Links for the day
Getting a 'Thank You' From Software Freedom Conservancy (SFC) Will Cost You $5,000 to $30,000 (Same as Last Year)
Right now one of their associates (SFC) tries to spend money to censor us
KDE Neon Weirdness
Reprinted with permission from Ryan Farmer
Congratulations to Sirius Open Source, Still Claiming to Employ People Who Left Half a Decade Ago (or More!)
What signal does that send to con men?
[Meme] Bluewashing
Cent OS? No more.
IRC Proceedings: Thursday, May 23, 2024
IRC logs for Thursday, May 23, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Tenfold Increase for ChromeOS+GNU/Linux in Brunei
Brunei Darussalam is a country most people don't know about and never even heard about
Coming Soon: Another Round of 'Cancel Stallman' Chorus
The series required a great deal of patience