ept. 12, 2001?This summer, there’s been a huge furor over shark attacks, leading to beach closings and enormous revenue losses for resorts where the attacks have taken place. The massive media coverage has probably caused nearly as much fear as the movie Jaws did some 25 years ago. Unfortunately, the level of coverage is unwarranted, as the number of shark attacks is not significantly different from the yearly average. Despite that statistic, the popularity of shark reporting continues unabated. People are afraid of sharks, and shark attack coverage sells.

Apparently, Sun’s marketing department has taken note of the public reaction to the shark attacks, and decided to pursue the same strategy to raise interest in their iPlanet Web server platform. Just over a week ago, I received a notice about an upcoming press release from Sun Microsystems that advertised a “new long-term solution for secure, reliable and scalable Active Server Pages (ASP).” Nothing wrong with that; however, the next sentence goes on to say that “Customers concerned about vulnerability to the Code Red computer virus can now continue to use ASPs without fear of infection thanks to Sun Chili!Soft ASP and iPlanet Web Server.” I was in awe. That statement manages to insult every Microsoft Web server administrator and ASP developer. After all, who isn’t concerned about vulnerability to Code Red or any other virus? Not content with a simple, possibly accidental insult, the next sentence reads:

“As you are aware, Code Red exploits a vulnerability within Microsoft’s Internet Information Web server (IIS). However, Sun Chili!Soft ASP allows customers to easily run ASP applications using iPlanet Web Server and other non-IIS Web servers. This is a cost-effective alternative for customers worried about long-term protection from Code Red and related viruses.”

Worse and worse. Not only are the authors of the press release sure that the administrators are “aware” of Code Red, but in spite of that knowledge (and the existence of a patch), they’re still worried about “long-term protection” from Code Red and related viruses. Any “aware” administrator would certainly have installed the patch?an easy fix, available for free, and well publicized by Microsoft. And of course they are afraid of “related viruses.” But reasonable people understand that all platforms have such vulnerabilities, not just Microsoft’s IIS. And reasonable people understand that moving your Web operations from one platform to another is not often as simple as copying the files to a different server.

But the press release doesn’t mention that; instead, it says “Sun Chili!Soft ASP also provides a bridge to Java technology components for developers familiar with the COM architecture.” I’m sure there are legal reasons why Sun’s providing a bridge to Java for COM developers is different from Microsoft providing a bridge to COM for Java developers, but the ethical differentiation escapes me.

The press release doesn’t include any information about the tasks involved in moving an entire Web operation to a different platform, nor does it mention either the direct costs (iPlanet and Chili!Soft ASP are not free) or the hidden costs involved in retraining, recoding and retesting. I don’t have anything against the products themselves. Chili!Soft ASP is a good product, as is iPlanet. The question is: why does Sun feel the need to appeal to people’s fears to gain customers for them? This type of misdirected campaign can only hurt Sun in the eyes of knowledgeable consumers.

Rather than appealing to rationality by providing information about better technology, the press release is aimed directly at people’s fears. Worse, in my opinion, the real target isn’t the trained server administrators, but squarely targets the fears of those who aren’t?small business owners who have a Web server, but don’t understand how such vulnerabilities occur, how patches can fix them, or that?once fixed?that specific vulnerability is gone.

I spoke to Patrick Dorsey, the iPlanet Product Marketing Manager, who told me that using iPlanet and Chili!Soft ASP “fixes” the Code Red vulnerability because iPlanet is written in Java. While true, changing your Web server is a draconian measure to fix a vulnerability that you can solve by simply downloading a patch. If Sun were truly concerned about security, they would have at least mentioned that the patch exists. In any case, Java programs are not immune to security problems (see the article “Sun says Java hole leaves some computers vulnerable” and “What Price Security?”).

I don’t have any problems with companies competing based on technology and price. But this press release attempts to capitalize on fear. That’s pandering of the worst sort. While such tactics may help sell newspapers or bring moviegoers into the theatres, they’re not appropriate for technology corporations hoping to bring new customers into the fold.

The press release might be excused due to technological ignorance on the part of the marketeers, but unfortunately, even that’s not true. Mr. Dorsey stated that, in his opinion, the reason Microsoft has more exposed security problems than other platforms is that it’s the most prevalent platform, not that it’s inherently more (or less) vulnerable than any other platform. If true, that puts Sun in the position of being able to advertise iPlanet’s security only because it has failed to capture a larger share of the market.

The bottom line is that both Microsoft and Sun are to blame for such puerile behavior. For example, a recent eWeek article discussing Microsoft’s decision to drop the Java runtime from Internet Explorer states: “For its part, the Redmond, Wash., company said it is removing Java support because the tiny programs can be used to spread viruses, an assertion for which there is little evidence.” Both companies are using the popular press to try to build emotional capital for their own technology rather than competing directly on the relative merits of that technology.

The entire situation reminds me of the Doctor in Mark Twain’s “Innocents Abroad,” who when shown the writing of Christopher Columbus, observes: “You mustn’t think you can impose on us because we are strangers. We are not fools by a good deal. If you have got any specimens of penmanship of real merit, trot them out, and if you haven’t, drive on!” So, Sun, if you’ve got some technologically sound reasons to convince us to switch to iPlanet, trot them out! Otherwise, drive on.