12.10.22
[Meme] Linux Foundation Lecturing Us on Tolerance and Morality
Summary: The Linux Foundation is inspired by its biggest sponsors
11.01.22
Red Hat (IBM) Hyped Up a Fair Pair of Flaws That Isn’t Critical, Isn’t Actively Exploited, and Even Red Hat’s Distro Isn’t Patching Yet
Video download link | md5sum 8de27c8022d55f728a4d1c5eb55026e0
Irresponsible Misinformation About OpenSSL
Creative Commons Attribution-No Derivative Works 4.0
Summary: Fuelling Microsoft-affiliated and sometimes Microsoft-funded “news” (noise) sites, Red Hat — and to a lesser extent Fedora — exaggerated the severity of bugs a week before their details’ release (long and purposeless suspense); it’s a case of a boy who cries “wolf!” to get “likes” in Twitter and media coverage that relies on nothing but lousy (inaccurate) "tweets", where fact-checking is impeded by NDAs/embargo
A few days ago we took note of the overhyped (mostly by Red Hat) impending patch for OpenSSL. Red Hat ended up slipping/changing the release date of Fedora, adding some more to the perceived danger, contributing to the scare, resulting in a week’s worth of media misinformation like calling it "zero day" (even in headlines!). This irresponsible hype turns out to be have been outright disinformation (or at best misinformation) about the severity and it’s worth noting that Red Hat is in no hurry to patch its most important products and there are no actively-exploited aspects; in other words, it is not “0-day” and there is no immediate rush to patch (in some cases there is no patch, either).
“We perceive this to be a bit of a media blunder, taking informal “tweets” at face value and trying to compete over who produces the most scary headline/s for about a week already.”The 8 URLs from the video are listed below in a logical order. To quote [4] below “Q: The 3.0.7 release was announced as fixing a CRITICAL vulnerability, but CVE-2022-3786 and CVE-2022-3602 are both HIGH. What happened to the CRITICAL vulnerability?”
We perceive this to be a bit of a media blunder, taking informal “tweets” at face value and trying to compete over who produces the most scary headline/s for about a week already. █
Links from the video above
- OpenSSL 3.0 Series Release Notes
- Vulnerabilities list
- OpenSSL Security Advisory [01 November 2022]
- CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows
- Comments: OpenSSL Outlines Two High Severity Vulnerabilities
- OpenSSL 3.0.7 released
- OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities
- OpenSSL 3.0.7 Fixes Two High-CVEs with Buffer Overflow
10.27.22
Red Hat is Bragging, Knowing That It’s Killing People for Profit With Raytheon and Lockheed Martin (That’s Not Freedom, It’s Death)
The latest white-washing spin/slant is “Hey Hi” (like Maven)
Summary: Red Hat, which pretends to have moral high ground over the Free software community, has Red Blood on its hands; today was a reminder of that
THE “ETHICS” of wars — and of militarism in general — are relative; for instance, if another nation invades yours, then you could argue to be defending your home and family. But Raytheon and Lockheed Martin aren’t defending their homeland; they occupy and colonise for the (still most dominant) global empire.
How does Red Hat fit into this? Well, 2 days ago the video above was published and merely 8 hours ago there was another with Red Hat and Lockheed Martin. Those might seem like some friendly reconnaissance drones, but don’t be mistaken. See this keynote from 3 years ago. In Red Hat Summit 2019, Lockheed Martin bragged about war planes. Audience excited by militarism? Of course! Lots of ovations. Also see “Lockheed Martin taps Red Hat for F 22 Raptor”. Bombers, fighters, you name it…
Red Hat!
And no less than 40% of today’s Weekly Roundup from Red Hat was about Lockheed Martin [1, 2]. So Red Hat boasts about killing people with a big client, which must be pocketing a lot of money right now because of the war in Ukraine. And later on they lecture the FSF on ethics?
A few hours ago Red Hat linked to its own paid-for puff piece, which says: “The Lockheed Martin use case was about providing direct control to drones that had already been deployed but might need to have their mission altered in flight.”
Not just drones; also planes that drop very heavy bombs.
It’s not just Lockheed Martin, either.
As we noted a few years ago, Red Hat had rewarded Raytheon (special honours) and it was headed by military generals. It’s like Red Hat is an extension of the Department of War (now euphemistically known as Department of Defence or DoD). Biggest client by far?
Here’s a series of videos where Raytheon reciprocates with Red Hat endorsements [1, 2, 3, 4]. This whole thing is no laughing matter. People are dying. Women and children dismembered by bombs will certainly not be happy to know the missiles were backed by Red Hat(TM) OpenShift(R) at the back end. They will not die happily because of the openwashing.
Earlier today we posted a story about yet another large company that abandons Red Hat. In fact, Red Hat must be running out of high-profile clients and cases studies to boast/brag about. Quite a few dumped the company, seeing what IBM does to the products (formerly “projects”; there used to be an actual community), seeing how many managers leave the company, and spotting the rapid exodus of engineers. █
10.24.22
‘IT Jungle’ Still Failing to Properly Disclose That IBM Pays It to Promote IBM in About 90% of ‘Articles’ (PR Vehicle in ‘Media’ Clothing)
What follows is a pair of screenshots (the front page at the moment); with the word “IBM” highlighted in yellow; notice how little is not about IBM.
Summary: For nearly a decade already ‘IT Jungle’, which claims to be a news site, posted little except IBM promotion (puff pieces); the state of the “media” on the World Wide Web is really not good (it’s paid by the companies it is covering)
10.22.22
Next Casualty of IBM: Red Hat’s Free Software-Centric Web Sites
Video download link | md5sum 6cff5965d711c315ab61fa24c623189e
OpenSource.com Not About Open Source Anymore
Creative Commons Attribution-No Derivative Works 4.0
Summary: Red Hat’s longstanding and long-established Web sites are becoming more proprietary as they abandon their original focus and adherence to standards; worse yet, they promote proprietary stuff for Microsoft (possibly an HR issue; Red Hat tactlessly hired managers from Microsoft)
THERE is a severe problem that’s we’ve mostly covered in prior videos and in IRC. IBM has turned more and more Red Hat Web sites into “apps” that aren’t accessible. They require proprietary JavaScript. Accessibility and standards out the window. Just like that. IBM should really know better, but it probably quit caring.
In all fairness, some of these trends occasionally predated the IBM acquisition, e.g. the way Red Hat had written press releases to help Microsoft. With IBM at the wheel, however, there is drastic escalation.
“IBM has basically become somewhat of a vandal.”Put aside the Red Hat layoffs and the exodus, which are very well documented. What on Earth is IBM doing? It’s ruining Fedora like it ruined CentOS, it’s defaming the founder of GNU/Linux, it blackmails the FSF, and then takes control of GNU projects (and their copyrights) in a hostile fashion, via employees inherited from Red Hat.
IBM has basically become somewhat of a vandal.
The video above speaks of one aspect that was recently explored here in relation to IBM running Microsoft-sponsored placements in OpenSource.com (the editor is IBM staff), basically helping an anti-GPL agenda. That’s an attack on copyleft, not on copyrights, encouraging GPL violations or making GPL enforcement a lot harder. Part of a trend?
This morning they ran pseudonym's promotion of proprietary software (of Microsoft!) in OpenSource.com, so where does this end? I summarise some of these issues in the video above. █
OpenSource.com is Compromised, Leveraged to Promote Windows and Microsoft Vendor Lock-in Instead of Open Source
Recent (this month): IBM Does Not Like Open Source? OpenSource.com Has Moved From 2-3 Posts Per Day to 1 Per Day | OpenSource.com started publishing Microsoft-sponsored placements
Summary: This morning’s featured/leading article in OpenSource.com is a symptom of what the Web site OpenSource.com is becoming
10.21.22
SiliconANGLE is Selling Coverage (Fake ‘Journalism’)
These will all be omitted from Daily Links due to a very obvious conflict of interest. Later on the client (Red Hat) links to the article that it basically bought.
Summary: It says: “Neither Red Hat Inc., the main sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.” But Red Hat (IBM) is a repeat client, so it would be unwise for SiliconANGLE to produce anything but submissive puff pieces. So-called ‘journalism’ should not be a product on sale to the companies it is about. This is journalistic misconduct or an act of professional disintegrity.
10.13.22
Red Hat is Collapsing, Executives Are Fleeing, With Rushed Replacements (“Effective Immediately”, No Smooth Transition)
Days ago: The Exodus Continues: It’s Already Hard Keeping Track of So Many Managers and Executives Who Left Red Hat Under IBM’s ‘Leadership’ (in Attacking the Community) | IBM Does Not Like Open Source? OpenSource.com Has Moved From 2-3 Posts Per Day to 1 Per Day
The latest:
Summary: Red Hat is in trouble. Engineers have left in droves and management turnover has been crazy the past year or two (3 CEOs in 3 years, too); how can Red Hat operate with so many high-profile departures and loss of key engineers? This is brain drain (maybe customer attrition too).
Content is available under CC-BY-SA