I usually write my blog posts in German. Due to the great effort of Mr. Klaus Brandstätter (HOB’s CEO) I decided to write a post in English. As you may have already read in the Wall Street Journal or online (http://www.hobsoft.com/news/news220414.jsp) Mr. Brandstätter is advertising his company’s products by fighting a very old war against Open Source Software.
Mr. Brandstätter put his very bad example of an advertisement in various major German newspapers, too. After launching his little shitstorm against Open Source and OpenSSL he is already getting a very bad response in the German Open Source Community. Last month only few people knew HOB or Brandstätter, now he is getting famous in way he may not want to.
We all know that Heartbleed was a very bad bug and that there were some mistakes made. But this is no reason to personally attack the developers of OpenSSL and to claim that Open Source is written by unqualified people who aren’t adults. While big companies are starting financial support for OpenSSL and other critical products, HOB is attacking OpenSSL, Open Source and its developer.
We learned so far: Klaus Brandstätter dislikes Open Source very much. But instead of using commercial products for his website, the URL https://www.hobsoft.com is powered by Open Source.
Apache/2.0.52 (Unix) mod_ssl/2.0.52 OpenSSL/0.9.7k mod_jk/1.2.6 PHP/5.2.0 Server at www.hobsoft.com Port 443
You may ask, why aren’t they using their own HOB SSL? Don’t know. Maybe OpenSSL is still much more secure than HOB SSL? Or HOB SSL is too expensive and OpenSSL is free?
And by the way, do not get confused about this stuff that Heartbleed can be used in a denial of service attack. Neither is that true under realistic circumstances nor is it the real problem of Heartbleed. But keep in mind: Someone who is turning 60 this year, learned how to program in high school, wrote a million lines of code and understands Heartbleed has to be right. ;-)