Bonum Certa Men Certa

Another Microsoft Partner Markets Linux FUD Using Logo, Name, and Lies

The great power of lies and gullible journalists

Christmas lights



Summary: Microsoft's partner Alert Logic is trying to label a feature of Linux a security flaw and even makes marketing buzz for it

IF A reporter or two can be bamboozled into printing a lie (digitally distributing it), this can lend some credibility/legitimacy to the lie and then it is possible that the lie will spread and be echoed in other reports. Hence the importance of this matter.



"They are trying to change perceptions around Free software security."Several journalists have already rebutted something that I debunked some days ago when I first saw some nonsense about "Grinch" with a suitable "marketing" image. Here is one rebuttal among a few:

The Grinch flaw was reported by Stephen Cody, chief security evangelist at Alert Logic. Cody alleges that the Grinch flaw enables users on a local machine to escalate privileges. Leading Linux vendor Red Hat, however, disagrees that the Grinch issue is even a bug and instead notes in a Red Hat knowledge base article that the Grinch report "incorrectly classifies expected behavior as a security issue."

The original security researcher that reported the Grinch found that if a user logs into a Linux system as the local administrator, the user could run a certain command that would enable the user to install a package, explained Josh Bressers, lead of the Red Hat Product Security Team.

"Local administrators are trusted users," Bressers told eWEEK. "This isn't something you hand out to everybody."


We believe it was Joab Jackson (IDG) who first gave a platform to the Microsoft partner (Alert Logic) that used marketing buzz and a lie against Linux, soon to be rebutted by Red Hat. I had contacted Mr. Jackson, who later told me that he posted a follow-up (or correction).

Jackson's correction may have come too late as we saw the lie spreading to a few other news sites later on (thankfully not too many sites). Here is one example of garbage 'reporting' (FUD and lies), generated by the FUD firm with with a catchy name, sort of logo etc. (generated by a Microsoft partner we might add). Apart from Jackson's piece we saw at least 3 more such articles (which came afterwards). How many are going to post a correction? How many articles will be withdrawn? How many follow-ups will be published? Tumbleweed. Silence.

It is usually Windows that has zero-days during Christmas, not GNU or Linux. There was recently other nonsense with a name, claiming to be a flaw when it was actually some other malware (potentially developed by the Russian government) that users actually have to install (not from repositories) to be infected by. It was akin to a phishing attack, but it was widely used in the press (even in IDG, Jackson's employer) to characterise GNU/Linux as insecure.

Remember what the Microsoft-connected firm did with "Heartbleed" (the name it made up with a promotional logo). It's all about marketing and hype. They are trying to change perceptions around Free software security. What matters is what people remember, not the truth. This is all about discouraging users or buyers.

A reader has alerted us about this article from Armenia . "Note the job title of the 'softer," he said. Here is the relevant portion:

Armenia’s Minister of Defense Seyran Ohanyan received Microsoft Corporation’s Regional Director for Public Safety/National Security/Defense Robert Kosla.


Joke or real? It sounds like a joke, but they are definitely not joking. Armenia talks to the NSA's biggest partner and back doors-loving company about 'security', so seeing the job title from Microsoft is truly hilarious! Microsoft is good at insecurity and lies, not security.

"Our products just aren't engineered for security."

--Brian Valentine, Microsoft executive

Comments

Recent Techrights' Posts

Links 03/10/2024: "Hey Hi" Scandals and Copyright/Trademark Disputes
Links for the day
Invidious Seems to be Nearing 'End of Life' After Repeated Crackdowns by Google/Alphabet/YouTube
To Free software users, YouTube ought to become a "no-no"
Links 03/10/2024: Climate Issues and Tensions in East Asia
Links for the day
Like a Marketing Department of Microsoft, Canonical Sells Back Doors and Surveillance as "Confidential" and "Hey Hi" (AI)
Notice how Canonical has made no statement critical of Microsoft for years
Gemini Links 03/10/2024: Frozen Tofu and SGI O2
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 02, 2024
IRC logs for Wednesday, October 02, 2024
Links 02/10/2024: Microsoft Spying on Windows Users Grows, Microsoft's Surveillance Arm LinkedIn Used to Highlight Employment Crisis
Links for the day
Links 02/10/2024: Students Who Can’t Read Books and Dead Butt Syndrome
Links for the day
Gemini Links 02/10/2024: GNU/Linux Distros, Flat-File Databases, and How the Web ate Gopher
Links for the day
Technology: rights or responsibilities? - Part II
By Dr. Andy Farnell
A Cost-Free Bribe From Microsoft
Daniel Stenberg is not dumb, but he seems rather gullible or unprincipled
Plans for the Site's 19th Year
Like TechDirt, we expect to devote more efforts/time to covering free speech online
Network Getting Faster
Loading up the site in 0.077 seconds
The Manchester Experience
Yesterday Tux Machines served 436,897 Web hits
If Red Hat Has Mass Layoffs This Year, Nobody Will Tell You About It
We seem to have entered a strange quasi-cosmic era wherein layoffs aren't disclosed anymore and news sites don't bother to report them, either
IBM, Kyndryl, Subsidiaries (Like Red Hat) and Silent Layoffs
Kyndryl follows in IBM's footsteps with rolling layoffs likely affecting thousands
Anniversaries and New Beginnings
The world needs more transparency and far less secrecy
Links 02/10/2024: Microsoft Kills Off HoloLens, Media Discusses Assange Speech
Links for the day
Gemini Links 02/10/2024: New Car, Broadband, and Gemtexter 3.0.0
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 01, 2024
IRC logs for Tuesday, October 01, 2024
[Meme] October 1st: The Day Julian Assange 'Officially Came Back'
Assange: See you in Strasbourg in 5 years
Full Transcript of Julian Assange's Speech in Strasbourg
the full thing
The Full Talk by Julian Assange Including Questions and Answers Discussed Further (October 1st 2024, Council of Europe Committee Legal Affairs)
Wikileaks covered this talk in "tweets"
Julian Assange's First Publicly Delivered Talk Since 2019
Julian Assange's talk in France
Links 01/10/2024: Another Escalation in the Middle East, Software Patents Being Squashed
Links for the day
Microsoft's Collapse is Continuing
Microsoft is discontinuing its HoloLens headsets
Links 01/10/2024: Gavin Newsom's Tech Safety Legislation, YouTube Sued for Health Harms
Links for the day
Gemini Links 01/10/2024: ROOPHLOCH and Photos
Links for the day
Julian Assange Talk: Watch Live
2 hours from now
"IBM executives did not decide to buy Red Hat on their own, nor will they decide to sell Red Hat on their own should that time ever arise"
Since IBM bought Red Hat it merely made its products more proprietary
GNU/Linux and Android Rose to New Highs in September
StatCounter isn't the ground truth, but there's not much else in the public domain.
Links 01/10/2024: Climate Stories, Climate Change, and War in Lebanon
Links for the day
Gemini Links 01/10/2024: Separation, Validation, and Flatfile Databases
Links for the day
Blind Worship of Technology is a Misguided Fool's Errand
Andy Farnell of the Cybershow used the metaphor of "golden calf" last week
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 30, 2024
IRC logs for Monday, September 30, 2024