Bonum Certa Men Certa
Patients' Data at Risk as NHS Reinforces Its Microsoft/Accenture Stockholm Syndrome | Microsoft is Interjecting Itself Into GNU/Linux and Free Software News, Even Events and Foundations

The Unethical Business of Selling Fear of Free/Libre Software Bugs (Black Duck, Sonatype, and Symantec)

Snake oil



Summary: The spreading of fear of Free/Open Source software (FOSS) is now a growth industry, so proprietary opportunists are eager to capitalise on it, even if by distorting the truth

EARLIER THIS month some Black Duck publicity stunt fooled some journalists into promotion of Black Duck FUD. We saw that persisting until April 20th (one week ago), even in pro-FOSS sites (blogs) that did this days later. IDG made a slideshow out of it. Well, sadly, it cites Black Duck, which tries to sell proprietary software under the guise of Free software promotion.



In reality, Black Duck is not just selling fear of GPL violations -- the original 'product' which was 'sold' by this firm. It's a two-faced firm masquerading as pro-FOSS whilst attacking FOSS. Black Duck and Duck Duck Go both give a bad name to ducks. They pretend to be FOSS or at least openwash themselves (a lie) and they pretend to defend users (also a lie, they merely exploit or monetise users).

In other news, Sonatype reportedly compared FOSS to "Public Health Hazard". To quote one report: "That’s the assessment of Joshua Corman, CTO at Sonatype, who took to the stage at RSA 2015 to characterize insecure software as a kind of “cyber-asbestos,” widely deployed, inherently dangerous, and eventually carrying an astronomical cost in terms of human suffering and cost to clean up because …we just didn’t know how dangerous it was at the time when we embraced it."

So Sonatype is again on an anti-Free software binge. It is not the first time (see examples in [1, 2, 3, 4]) and it is easy to see why it is doing this. It's trying to sell its products, which are nothing to do with Free software. Sonatype's track record of FOSS FUD is expanding and may one day rival the Microsoft-connected Symantec, which continues its FUD campaign against Android, generating misleading headlines such as "One in Five Android Apps Is Malware" in this case. When people install software from Google Play, then there is virtually no risk, but don't expect Symantec to properly analyse this. Symantec sells insecurity. To quote the misleading article: "According to Symantec’s latest Internet Security Threat Report, “17 percent of all Android apps (nearly one million total) were actually malware in disguise.” In 2013, Symantec uncovered roughly 700,000 virus-laden apps."

But where are they found? Are any accessible to most Android users? No, so Symantec is defining it wrongly and framing the issue by saying that many applications' "primary purpose is to bombard you with ads." That's not malware, but they made up a new word.

Google has already responded mostly by removing apps with too many ads (that's not malware) and saying that Android "antivirus" is snake oil, as Google said before (responding to the likes of Symantec several years ago).

Android now has an industry of snake oil around it because there is a lot of market share there. The same can be said about FOSS, which is why Black Duck and Sonatype are busy badmouthing security aspects of it. They're all just looking for a quick buck; FUD and reputation damage to FOSS are "collateral damage".

Patients' Data at Risk as NHS Reinforces Its Microsoft/Accenture Stockholm Syndrome | Microsoft is Interjecting Itself Into GNU/Linux and Free Software News, Even Events and Foundations

Recent Techrights' Posts

SLAPP Censorship - Part 103 Out of 200: Telling People What They Know and Don't Know About Death Threats They Receive
patronising letters sent on behalf of the Serial Strangler from Microsoft
IBM Genies in the Bottle
for ordinary people working who at at IBM, it's not hard to see that IBM is floundering
European Patent Office (EPO) Series: The Centre (in Portugal) Falls Apart…
Luís Montenegro became embroiled in a conflict-of-interest controversy
Links 10/06/2026: More Microsoft Layoffs, Sweden to "Ban Mobile Phones in Schools"
Links for the day
 
Links 11/06/2026: Disputes Over Copyright Infringement, Failure to Meet Climate Goals, "ChatGPT Caught Recommending “Products” That Are Just Scams"
Links for the day
Gemini Links 11/06/2026: Programmable Systems and Slop "is Coming for Your Serifs"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 10, 2026
IRC logs for Wednesday, June 10, 2026
Links 11/06/2026: LF Openwashing of Slop and "Azerbaijan Bans TikTok and Other Social Media Apps in School"
Links for the day
IBM Lost About 18% of Its "Market Value" This Month
In IBM's case, a lot of the latest "pump" was Arvind's "quantum" hype/fantasy
Gemini Links 10/06/2026: Signal to Noise, Cancer, and Permacomputing
Links for the day
Communities and "Prosumers."
today's meetup will be about community
Gemini and Gopher Links 10/06/2026: Roasting, Changes, and Harms of Slop
Links for the day
Microsoft Azure Shrinking With More Mass Layoffs
"Reports suggest the layoffs will impact close to 200 out of 400 workers, who are set to cease employment at Azure on July 6"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 09, 2026
IRC logs for Tuesday, June 09, 2026
European Patent Office (EPO) Series: The Centre-Right "Social Democratic Party" in Portugal
Quite an achievement for a former Maoist radical and aspiring champion of the Portuguese proletariat to be invited to join Goldman Sachs
SLAPP Censorship - Part 102 Out of 200: Maybe One Day Whistleblowers From Brett Wilson LLP Will Tell Us What Really Happened
Maybe one day some former staff of Brett Wilson LLP will also approach us to blow the whistle
What LibreOffice and TDF Get Right About Document Formats (and What They Get Wrong)
OOXML is a phantom - it is something nobody implements, not even Microsoft!
Gemini Links 09/06/2026: "The Mist of the Lands Between", Board Game Concept
Links for the day
2026: The Year Slop Companies "Made an Exit" (Threw in the Towel Over to Wall Street)
Remember 2026 as the year two major slop companies (which we won't name) sought an IPO
Links 09/06/2026: NSO Group still cracking, "FOI tribunal throws out £14k costs claim against journalist Barnie Choudhury"
Links for the day
Links 09/06/2026: "Smartphones Broke Dating" and "EU Open Source Strategy"
Links for the day
Cannot Speak About IBM Wrongdoing or Jobs Being Sent Overseas (Lower Salaries)
IBM has long attacked the media, the whistleblowers, and even online forums
European Patent Office (EPO) Series: The CIA-Funded Centre-Left in Portugal
In the political turmoil which followed the fall of the old regime, the communists seemed to be acquiring a dominant position and there was a very real risk that Portugal could end up aligned with the Eastern Bloc if they were not stopped
This Coming Friday
Richard Stallman (RMS)
Yesterday Afternoon The Register MS Published a Fake Article That Says "AI" 31 Times Because It Got Paid to Do This
What will happen when all those loans for slop (Ponzi scheme) stop and companies' marketing budgets - which include media bribes for hype campaigns - are no more?
Extraordinary General Meeting of Staff Union of the European Patent Office Ahead of Intensifying Strikes
We will, in the meantime, run a series about EPO corruption, which is now connected to corruption in Portugal and to corruption inside the EU
Several Slopfarms That Target "Linux" Seem to Have Died
Or perished severely
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 08, 2026
IRC logs for Monday, June 08, 2026
Gemini Links 09/06/2026: Tanana River, Cassette Beasts, and Emacs
Links for the day