Another MS proxy with egg on their faces!


A company called “Fortify” (no link here – no need to help drive traffic to them) has claimed that after checking a limited number of Java program source codes, that all open source software is less secure and that going with proprietary software is better. It is indeed a clever way to generate traffic to their website in these times but for all the wrong reasons. I am very sure that they are a MS crony and are funded by M$ to do their bid. Did they even check any open sourced .Net apps for vulnerabilities? I don’t think so.

2 thoughts on “Another MS proxy with egg on their faces!

  1. Something like Coverity?
    I have not read the Java report, but it sounds similar to scanning project Coverity has been running for a while.
    http://scan.coverity.com/
    http://scan.coverity.com/rung2.html
    http://scan.coverity.com/rung1.html
    http://www.securityfocus.com/brief/380
    http://www.securityfocus.com/news/11230
    Coverity is doing automatic scanning of several major open source projects. They make the results available to the developers. Automatic tests tend to get some false positives that make projects looks worse than they might be. Automatic scans can normally provide useful information for the developers.

    1. Re: Something like Coverity?
      Personally, I would trust the coverity reports. It does a scan of a larger body of work and is more representative and accurate, imho, than what the other chaps do.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s