Bonum Certa Men Certa
National Insecurity and Blackmail, Courtesy of Microsoft | Munich Press, Münchner Merkur, Slams the Munich-based EPO

The Shameless Campaign to Paint/Portray Free Software as Inherently Insecure, Using Brands, Logos, and Excessive, Selective Press Coverage

Bugs
Image courtesy of Red Hat, demonstrating lack of correlation between severity and logos/brands



Summary: Some more FUD from firms such as Sonatype, which hope to make money by making people scared of Free/libre software

The corporate media is in the business of selling (for corporations), not informing. Advertising is the business model, as well as media 'partnerships' (euphemism for PR). Security firms too are in the business of selling, not informing. Misinformation often helps improve sales. We have already ranted quite a lot about media misdirection, designed to sell products or malign the competitors of those who try to sell unnecessary products. We must assume that this is happening because it has always been happening; it's just that it got a lot more frequent now that Free/libre is more widely used.



The other day IDG published some promotion of Veracode. To quote one paragraph: "The scale of the problem is significant. Cryptographic issues are the second most common type of flaws affecting applications across all industries, according to a report this week by application security firm Veracode."

This is not an independent security researcher; it is the Black Duck-connected Veracode (Black Duck came from Microsoft and VeraCode's co-founder recently joined Black Duck), which overlooks security issues with proprietary software. Veracode is not an objective observer; it is trying to sell something. Sonatype too, a nasty company which we wrote about before [1, 2, 3, 4, 5, 6], rears its ugly head in the media, in an article provocatively titled "Open-Source Code Can Be More Dangerous Than Useful".

So Sonatype has launched yet another FUD attack on Free software, using myths and rhetoric, capitalising on gullible 'journalists' who would print just about anything, along with clueless pasting of bugs with logos (for extra fear), no discussion about severe bugs in proprietary software, and many other issues. This article is relaying marketing from Sonatype and dramatises it even further. "It gets worse," says the writer, "according to Sonatype: Many of the software companies that have built insecurities right into their products wouldn't be able to tell which of their applications are affected by a known component flaw because of poor inventory practices."

Well, proprietary software deliberately adds flaws to act as secret back doors. How about that in the discussion? The article totally omits that. The article then adds some talking points from the FOSS-hostile Symantec, another company which tries to sell its proprietary software based on perceptions of insecurity.

Thankfully, there are a couple of comments there (below the article) that highlight the issues with the article; both are titled "Not only open source..."

As Free/libre software becomes more mainstream we should expect more parasites like Sonatype to look out for fools who are willing to do their marketing, monetising trash-talk.
National Insecurity and Blackmail, Courtesy of Microsoft | Munich Press, Münchner Merkur, Slams the Munich-based EPO

Recent Techrights' Posts

Facebook's Debt Leaps to Over 51 Billion Dollars
A lot of this is a bubble, aside from the bubble the media irresponsibly dubs "AI"
3 Days Ago Over at Tux Machines...
GNU/Linux news
Most of This Month Will Deal With EPO Scandals
A timeline of sorts
Links 01/11/2025: Microsoft Distributes Malware Again, Radio Free Asia Shut Down by Dictator
Links for the day
 
Gemini Links 02/11/2025: "The Pragmatic Programmer", Perl New Features and Foostats
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, November 01, 2025
IRC logs for Saturday, November 01, 2025
Linux.com is Becoming Microsoft
They took a once-reputable site with a vast audience and turned it into a pile of trash
Microsoft Lunduke: People Pointing Out I'm a Bigot is a Badge of Honour
It's almost as if he openly admits being a troll and is proud of it
Oracle's Debt Continues Rising to All-Time Highs, The "Slop Bubble" is a Smokescreen for Larry Ellison
wishful-thinking bubble waiting to implode completely
News on the Web is Becoming Rare, Shallow, and Difficult to Find
To efficiently and rapidly find original and important news without underlying comprehension/understanding of the news (and its context) is a hard task
Slopwatch: Linux Journal, Serial Slopper, WebProNews, and More
getting back into the habit
The Cocaine Patent Office - Part III: European Patent Office Officials Cannot Claim False Identification
Corroborating with other sources is always desirable if possible. We shall do so later in this series.
Still Catching Up, Daily Links a Top Priority
Readers who have additional information about the EPO can send it along to us
Links 01/11/2025: "Americans Are Defaulting on Car Loans at an Alarming Rate" While Many Left to Starve (SNAP)
Links for the day
Gemini Links 01/11/2025: FIFO and Gemini Age Survey
Links for the day
Why Does German Media Protect the EPO From Accountability for Cocaine?
Can we trust such media to properly inform the public?
Links 01/11/2025: Microsoft Azure Goes Offline Again
Links for the day
November is Here, Anniversary Party This Coming Friday
Expect this site to return to its normal publication pace either by tomorrow or Monday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 31, 2025
IRC logs for Friday, October 31, 2025
Gemini Links 01/11/2025: Synergetic Disinformation and Software Maintenance
Links for the day
IRC Proceedings: Thursday, October 30, 2025
IRC logs for Thursday, October 30, 2025
IRC Proceedings: Wednesday, October 29, 2025
IRC logs for Wednesday, October 29, 2025