Bonum Certa Men Certa

Red Hat Makes an Error by Liaising With Proprietary Software Firm and Source of FUD, Supposedly for 'Security'

Don't feed black ducks

Feeding ducks
Yours truly feeding the ducks
near home earlier this year (summer)



Summary: Red Hat's cooperation with Black Duck serves to legitimise a terrible business model, wherein fear of FOSS is being accentuated and proprietary software 'solutions' are being offered

YESTERDAY we became aware of Red Hat turning to Microsoft's friend, Black Duck. It happened with little prior warning and announced with the press release calling it a "[c]ollaboration to help developers, customers and partners build and run trusted, secure applications with Red Hat container technologies" (as if these are inherently less secure than some proprietary software).



What the articles fail to mention is that Black Duck's former top manager is from Red Hat and he came back to Red Hat after his stint at this FUD firm (see the old press release titled "Black Duck Software CEO Tim Yeaton Rejoins Red Hat to Lead Newly-Formed Infrastructure Group"). Well, the doors basically revolved, twice even. Maybe that's why Red Hat came to Black Duck, legitimising what is effectively a parasite inside the FOSS world.

"What the articles fail to mention is that Black Duck's former top manager is from Red Hat and he came back to Red Hat after his stint at this FUD firm..."We have already found some puff pieces about, saying little more than the press release. One of them says that "Red Hat has collaborated with Black Duck Software to establish a secure and trusted model for containerized application delivery by providing verification that application containers are free from known vulnerabilities and include only certified content. This validation is a major step forward in enabling enterprise-ready application containers, and builds upon the strengths of each company – Red Hat’s position in container technologies and solutions, including its platform and certification strategy, and Black Duck’s position as the provider of comprehensive identification and earliest notification technologies of open source vulnerabilities."

In its marketing, Black Duck would have us believe that FOSS is terrible at security, even though proprietary software has back doors 'baked in' intentionally. NSA et al don't 'break into' Windows any more than Microsoft does; they're allowed access, by design, intent, and agenda. Days ago we showed how marketers from Black Duck had claimed that it can cost $25,000 to fix a bug in FOSS.

As of early this morning, this new relationship received press coverage from Serdar Yegulalp (writing for IDG), Sean Michael Kerner for QuinStreet and Steven J. Vaughan-Nichols for CBS. The way Vaughan-Nichols put it, "Red Hat and Black Duck want to make sure that when you run a container, it's really the container you want to run and not a rogue package."

"In many ways, Black Duck is successful as a marketing company, much like polygraph merchants (among other popular scams like homeopathy)."It sounds good on the surface, but is a proprietary dependence healthy in the long term? Based on Vaughan-Nichols, this isn't a short-term engagement. "In the long run," he explains (writing from Red Hat's town), "the companies plan to include Black Duck technologies as a component of Red Hat's container certification."

There are some lazy publications that ended up throwing the self-promotional promotional press release around. The Indian English-speaking press sort of rewrote the press release to make it look more original. Where are the sceptics? Where is the genuine reporting? All we see are puff pieces that relay claims made in a press release.

In many ways, Black Duck is successful as a marketing company, much like polygraph merchants (among other popular scams like homeopathy).

Recent Techrights' Posts

Links 14/07/2026: Plagiarism Spun as "Training", Zelensky Announces Leadership Shuffle
Links for the day
The Register MS Has Just Published "AI" Webspam That Mentions "AI" 54 Times. It Was Paid to Do This.
Who pays for all this "AI" hype or "buzz"?
Gemini Links 14/07/2026: Self-Advocacy Online; "The Internet Is Dead: How the Web Lost Its Human Soul"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 13, 2026
IRC logs for Monday, July 13, 2026
Modern Technology Harms Women More Than Men (Because the 'Tech Bros' Who Dominate STEM Have a Poor View of Women)
“Privacy protects us from abuses by those in power, even if we're doing nothing wrong at the time of surveillance.”
Internet Relay Chat Trolls Are Not Expressing Opinions, They Are Saboteurs
For the record
Links 14/07/2026: "The Freedom of Information Act Is in Serious Trouble"; Irish Datacenters Use Up Almost 25% of Total Energy
Links for the day
The Register MS: "AI" Puff Pieces for Sale, Not Journalism at All, Just "Webspam"
The Register MS isn't the sole culprit
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 12, 2026
IRC logs for Sunday, July 12, 2026
How We Do Techrights (and What's Changing Next Week)
Many former news sites no longer yield much non-meaningless news (not anymore); there's a gap to be filled
Links 12/07/2026: Palantir Unrest and Wireshark 4.6.7
Links for the day
Links 12/07/2026: New Instrument Time and PalmOS Experiences in 2026
Links for the day
Red Hat Staff Says IBM Policy Has Stigmatised Him as a Tool and a Slopper With Plagiarism Tools
IBM is killing Red Hat with slop
Freedom of Choice or Freedom Versus Choice (or When All Choices Are Incompatible With Freedom)
When some business asserts that it gives people different options, then it can rightly argue that it offers some choices, but that is not the same as freedom
Techrights IRC Turns 5 Without a “Code of Conduct”, “Code of Conduct Committee”, and All Those Bureaucratic Nightmares
18+ years if one counts our time in Freenode as well
Why U No Use AI???
Many hype waves come and go
There Are Still Slopfarms in Google News
Google is trying to participate in if not lead this pyramid scheme
The Cyber Show Explains How Slop and Promotion of Slop is About Taking Control Away From Computer Users
"On making a trustworthy machine"
Keeping Available the Site at All Times
Informal arrangements and crowdfunding keep our work available despite resistance (including from people who break the law)
What If "Era of AI" and "AI Revolution" (Fake News) Never Happened?
So how much longer before the bust (or bubble-burst)?
GNU/Linux Approaches 5% in Australia
5% by year's end?
Europe/EU is Moving Towards Independence, Fast to Adopt Free Software
More and more states (governments, public sector) in Germany are dumping Microsoft
GNU/Linux Grows at the Expense of Windows
People who want to get work done already left Windows
Tux Machines Growing as a Volunteers-Run Site
Historically the site did not have many original stories, but this changed as the audience grew and the site gained more recognition
Links 12/07/2026: European Commission Versus ‘Addictive Design’, "Google Loses Final Appeal Over $4.7 Billion EU Android Antitrust Fine"
Links for the day
GNU/Linux Market Share Increases Some More Today, statCounter Measures It at 7.3%
Will more such thresholds and records be broken?
Gemini Links 12/07/2026: Studying Languages and 2026 Old Computer Challenge (OCC)
Links for the day
EPO "Cocaine Communication Manager" - Part XIII - At the EPO, Cocaine Addicts and Their Friends Are "Protected Class"
What does that tell us about the EPO?
Increasing Output by Focusing on Originals
It's probably more important to carry on with these than it is to keep abreast of non-crucial news
Amid Strikes and Industrial Actions, Young Professionals at the European Patent Office (EPO) Kept on 'Short Leash', According to the Local Staff Committee The Hague
Issues affecting Young Professionals
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, July 11, 2026
IRC logs for Saturday, July 11, 2026