On CBSNews.com: Aniston: What Jolie Did Was "Uncool"
BNET Business Network:
BNET
TechRepublic
ZDNet

July 23rd, 2008

Fortify sets off FUD flood

Posted by Dana Blankenhorn @ 5:50 am

Categories: General, Applications, Development, Security, support, management

Tags: Open Source, Security, Dana Blankenhorn

Roger Thornton, CTO, FortifyI was impressed by the work Fortify did in raising concerns about the security process among open source application developers.

But did it really call for a FUD (Fear, Uncertainty, Doubt) flood, questioning the whole premise of open source? (I misidentified CTO Roger Thornton in my original story, so here is his picture.)

Just look at these headlines:

Et tu, Slashdot?

The Fortify story was a warning, aimed at application developers, about process, and about the dangers of ignoring sound security processes in developing applications, because bad guys are now targeting them.

The Fortify study did not say enterprises must avoid open source because all open source is a security risk. But that’s how lazy reporters played it.

Fortify is a security company, which aims to use its study to sell its services. Nothing wrong with that. But it does mean we have one data point from a vendor with an axe to grind. Throwing the whole movement under the bus over this is silly.

I was concerned this might happen, which is why I emphasized the warning nature of the study, in both my story and my comments. It’s a serious issue meant to be taken seriously.

But dumping open source over application security concerns is a false economy, and lazy reporters who advocate it are committing journalistic malpractice.

Dana Blankenhorn has been a business journalist for 30 years, a tech freelancer since 1983. See his full profile and disclosure of his industry affiliations.

Email Dana Blankenhorn

  • Talkback
  • Most Recent of 9 Talkback(s)
And the Windoze Jokes! There Are SO Many...!!!!!
::Wrong does not cease to be wrong
::because the majority share in it. -Tolstoy::

Stop me before I mock M$ fanboyz AGAIN!!!! They're just to belligerent, and too stupid, and too easy to make... (Read the rest)
Posted by: drprod@... Posted on: 07/24/08 You are currently: Logged In | Log out
Yup.. report's here TedKraan   | 07/23/08
I did not want to argue with the report DanaBlankenhorn  ZDNet | 07/23/08
Fortify's headline matt aslett   | 07/23/08
We're not stenographers DanaBlankenhorn  ZDNet | 07/23/08
Fortify is also to blame matt aslett   | 07/23/08
Bite Your Tongue, Dana! You Mean Engage in - Journalism?!?!? drprod@...   | 07/24/08
What did you expect? storm14k   | 07/23/08
RE: Fortify sets off FUD flood twaynesdomain   | 07/24/08
And the Windoze Jokes! There Are SO Many...!!!!! drprod@...   | 07/24/08

What do you think?

2 Trackbacks

The URI to TrackBack this entry is:
http://blogs.zdnet.com/open-source/wp-trackback.php?p=2683

  • Fortify sets off FUD flood
    The Fortify study did not say enterprises must avoid open source because all open source is a security risk. But that's how lazy reporters played it. by Dana Blankenhorn More...

    Trackback by Microsoft Windows Vista Community Forums - Vistaheads — July 23, 2008 @ 1:10 pm

  • Silicon Valley Cocktail Party Small Talk
    Whether you scan the newspaper headlines once in a while as you pass the newsstand, or multitask with NPR in your headphones, New York Times RSS feeds to your laptop and CNN Headline News ported to your mobile phone via Slingbox, ...

    Trackback by One IP Lawyer's Opinion — July 24, 2008 @ 6:43 am

advertisement

Recent Entries

Archives

Favorite Links

ZDNet Blogs

All-in-One Printers

advertisement
Click Here