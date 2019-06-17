Openwashing and FUD: A Roundup
ACEINNA Launches OpenIMU300RI – Rugged Open-Source Inertial Measurement Unit Sensor [Ed: Here's “open-source” with a dash; new example of openwashing. I’m all for "open source" if and when it’s just a synonym of/for free/libre software. Sadly, however, nowadays “opensource” or “open-source” with a dash has nothing to do with freedom and it’s mostly marketing by openwashing.]
Unifying open source and proprietary software [Ed: SAS explains how to push proprietary software while making it seem and feel "open". Stallman was right about "open source" being BS all along or becoming marketing BS or BS agenda that's mostly a distraction from free software and freedom.]
Swarm64 Improves Elastic Scalability for PostgreSQL [Ed: One must sign in to download? I smell a trap/crap.]
...free, open source extension to PostgreSQL that enables better scaling and performance for analytics (OLAP) applications. The elastic, parallel scaling extension runs on standard server hardware or servers that are accelerated by FPGA boards.
SparkFun Electronics® Releases First Open-Source, U.S.-Manufactured Embedded Systems Module [Ed: Good example of openwashing as there's nothing "open" about it]
How HackerOne open sources security--one hacker at a time [Ed: Mac Asay openwashing HackerOne even though the platform is proprietary software]
Few business executives have had as big of an impact on open source as Mårten Mickos, former CEO of MySQL and Eucalyptus and current CEO of HackerOne. While HackerOne might not look much like an open source company, that's kind of the point behind why Mickos wanted to join. No, not to escape open source, but rather to apply some of the lessons learned from his time in open source while learning some new lessons along the way. As he said in an interview, "HackerOne is doing to cybersecurity what Red Hat and MySQL did to software. It is about bringing the power of a vast community in a neatly packaged way to the tech companies and enterprises of the world."
Swimlane open-sources graphish to help SecOps Teams [Ed: Exchange is proprietary software, so this cannot be real FOSS but more like openwashing with Microsoft added for 'good measure'. There also back doors.]
While having a conversation on Twitter about Microsoft Graph API I was convinced that the traditional Exchange eDiscovery features were not available in the Microsoft Graph API. Boy was I wrong.
Hackers Can Spoof ‘Presidential Alerts’ Using Off-The-Rack Hardware And An Open-Source Software [Ed: How to make "Open Source" sound malicious just because rogue actors too can use it; they could use proprietary software instead.]
The newly acquired system by the U.S. government to send unblockable messages to U.S. citizens in times of an emergency from the President can be hacked by hackers using off-the-rack hardware and open-source software, a study revealed.
According to researchers from the University of Colorado Boulder in a study published this week, hackers can use the vulnerabilities in the LTE network in order to send bogus presidential alerts to Americans within the range of an entire 50,000-seat football stadium with little effort in order to incite panic and chaos among those who receive the fake message.
Open Source Clones Unofficially Sold on the Microsoft Store [Ed: Microsoft keeps allowing these things again and again. If it harms FOSS and tarnishes its name, then Microsoft is OK with it.]
Developers are taking free open source programs, repackaging them as Windows 10 UWP apps under different names, and then offering them on the Microsoft Store. In some cases, the developers are offering these programs as paid apps or with in-app purchases.
This is not the first time third-party developers have brought open source software to the Microsoft Store and charged for it. Last year a third-party published LibreOffice to the Microsoft Store and was charging $2.99 for it while implying the money went to supporting the Document Foundation developers, which was not the case.
Fake (Commercial) versions of Open Source applications on the Microsoft Store [Ed: Microsoft has long been happy to host anything that harms FOSS and makes it look bad. Long history to that.]
The Microsoft Store, formerly known as Windows Store, has had its fair share of application related issues in the past that ranged from copycat applications, deceiving apps and deceptive apps being published to the Store, to publishers gaming the Store system to improve sales or visibility.
I noticed for a while that third-party developers would publish open source applications on the Microsoft Store. A prime example of this is the release of Mozilla Thunderbird which is offered by a third-party developer for free.
Publication is not illegal necessarily as it depends on the license of the Open Source application. A thread on the Portable Freeware Collection forum highlights a growing issue related to open source software on the Microsoft Store.
O’Reilly Announces Speaker and Session Lineup for OSCON 2019 [Ed: Of course O’Reilly still boosts Microsoft's campaigns of entryism at OSCON (been doing it for a decade at least)]
GitHub Releases New Tools to Report Vulnerabilities [Ed: Microsoft giving itself the authority to change other people's code on GitHub in the name of "security"; Microsoft is also the NSA's foremost back doors partner. It's even worse because not only can the NSA alter code in GitHub but it also gets a list of holes before they get patched.]
Blue Star Software Announces 5-Day Training Course for Ghidra, Open Source Reverse Engineering Tool [Ed: Teaching an NSA tool]
Google Turns to Retro Cryptography to Keep Datasets Private [Ed: No, Google does not keep data private. It asks everyone to give it data and then shares that with the US military/government. This is misleading a narrative, albeit a very common one.]
Google open sources method to join datasets without gatecrashing privacy [Ed: Since when does Google care about privacy anyway? Its 'surveillance capitalism' business model is inherently antithetical to privacy.]
Google open-sources cryptographic tool to keep data sets private [Ed: Perhaps partly a publicity stunt to help Google win contracts where it gets to suck up lots of data, such as medical files around the world]
Google unveils open-source cryptography tool to protect collaborative datasets [Ed: It looks likely to be a charm offensive by Google and its military partners to suck up billions of people's medical data]
Private Join and Compute is Google's free/open source tool to allow "mulitparty computation" of encrypted data without decryption [Ed: Even BoingBoing promotes this just because it's Google]
Google open sources Private Join and Compute, a tool for sharing confidential data sets [Ed: Google releasing something called "Private" is like something called "Ethical" being released from Microsoft]
As part of its efforts to support user privacy and security, Google on Wednesday announced the open-source release of Private Join and Compute, a multi-party computation (MPC) tool designed to help organizations work together with confidential data sets.
Google Releases Open Source Cryptographic Tool [Ed: Google which sends all your data to the NSA through back doors wants you to use its encryption and reckons openwashing can help adoption.]
Google has released an open source cryptographic tool called Private Join and Compute that allows for different datasets to calculate a result, while not revealing sensitive or private information about certain parts of the equation, according to a report by Wired.
The report used the example of the relationship between school lunch and student health. In order to figure out how the two variables affect each other, the equation would need healthcare data, which is private, to be crossed with school data. Google’s service would let all of the parties compare info without the exposing of any private data.
“The net result is that we can perform this computation without exposing any individual data and only getting the aggregate result,” said Amanda Walker, director of privacy tools and infrastructure engineering at the tech giant. “The naïve way to do this would be to take two sensitive data sets, dump them into a single database and do the join and the sum, but then you’ve got everything together and at risk of a data breach.”
Open Source Software Policies – Why You Need Them And What They Should Include[Ed: Of course the lawyers spread FUD about FOSS in an effort to create complications and make themselves 'necessary']
Open Source Software Policies – Why You Need Them And What They Should Include[Ed: ...and to magnify their FUD the lawyers will post it everywhere they can...]
Open Source Software Policies – Why You Need Them And What They Should Include
Podcast: Development Agility and Open-Source Vulnerability Prioritization [Ed: Giving a platform to Microsoft partners whose business model is selling proprietary software by attacking and smearing FOSS, just like Black Duck -- they hijack FOSS voice]
On this week’s episode of the SecurityIntelligence podcast, WhiteSource Senior Director of Product Management Rami Elron joins the dynamic duo of David Moulton and Pam Cobb to crack the case of open-source vulnerabilities. With security risks on the rise, how can organizations effectively prioritize top threats and control cybersecurity complexity?
Can Your Patching Strategy Keep Up with the Demands of Open Source? [Ed: Dark Reading lets the Black Duck people (a Microsoft proxy that attacks FOSS for over a decade) spread self-promotion FUD for proprietary software.]
Facebook debuts PyRobot, an open-source framework for controlling robots
PyRobot: Facebook’s Open-Source Robotics Framework Designed To Make Controlling Bots Easy
Facebook PyRobot goes open source to speed robotics, AI research [Ed: Merely a utility of spying, not anything else. Trying to make it seem "ethical".]
Fusion Foundation Announces MainNet Launch of its Open Source Protocol to Bring Blockchain Finance to the Masses [Ed: "Open Source Protocol" (or API) classic example of openwashing]
Applitools Eyes now free for open source libraries [Ed: The art of openwashing something because it is temporarily gratis]
Applitools Launches Free Open Source Software Licensing, Partners with Open Source Apprentice Program [Ed: Just saying "Open Source" twice in the headline, but it's not FOSS]
-
Contrast Security Launches Next Generation Open Source Software Security Platform for DevOps [Ed: More openwashing nonsense; trying to make Contrast Security come across as "open" because it something it can analyse]
Hazelcast open source in-memory data grid secures $21.5 million funding, expands platform to real-time streaming data
Conceptually, caches and in-memory data grids are very close anyway: it's all about using fast memory to speed up access to data residing in slow(er) storage systems. Doing caching efficiently is a hard problem, and Luck is among the leading experts in the field. About a year ago, however, Luck stepped down from his role as Hazelcast CEO and took over the CTO role, while Kelly Herrell became CEO.
Self-driving car startup Argo AI is giving researchers free access to its HD maps [Ed: They're openwashing by conflating access to some data with "open source"]
Argo AI is releasing curated data along with high-definition maps to researchers for free, the latest company in the autonomous vehicle industry to open-source some of the information it has captured while developing and testing self-driving cars.
WATCH: The Advantages of Not Being Open Source (Part II) [Ed: In 2019 I think that openwashing volume outweighs and headlines outnumber those of real FOSS. RIP, "open source" (1998-2018). You had a good run before becoming marketing strategy for proprietary software.]
Hashgraph is an algorithm, correct. The IP for Hashgraph is privately owned. But it’s … we’re using the patent in order to solve a fundamental problem with existing networks. And the entire community of public distributed ledger technology platforms are all open source, they’re not proprietary, everything is open source. While that’s been good for innovation, it’s also created chaos in a certain way that has prevented mainstream adoption by big enterprise or even medium-sized businesses.
And it’s because everyone knows that these networks like Bitcoin are going to ultimately split into competing networks with competing cryptocurrencies and that represents risk to any business manager considering building an application on one of these public networks. So we’re using the IP of Hashgraph to bring stability to a platform that no other open source platform can achieve.
-
