For those who are not aware, I used to be a professional musician. I went both under my name (Tanya Janca, folk singer) and was in several different musical groups including Couchwrecked, who wrote the song Hottawa.

I just released another parody video and thought I would share it.

“Open Source Ain’t So Good”

Set to the music “You Know I’m No Good” by Amy Winehouse

“Open Source Ain’t So Good”

Reviewing my dependencies, and it hurt,

My rolled up sleeves, SheHacksPurple shirt

You say “what did I add to my app today?”

And sniffed out insecure log4j

‘Cause you’re my sec champ, my guy

Hand me your code and fly

By the time I scanned your dependencies

My tool lit up like a Christmas tree

I used open source

Like I knew I would

I told you It was trouble

Open Source ain’t so good

Open source is free, like a puppy

You Gotta check for insecurities

Just because the code is there for all to see

Don’t mean that it’s been tested thoroughly

Rush to run my SCA tool

It looks at me and 

says I’m such a fool

This package ain’t supported no more

I cried for us on the kitchen floor

I used open source

Like I knew I would

I told you It was trouble

Open Source ain’t so good

Sweet refactor, Dependencies upgrade

The app is like it was again

I’m testing it all, while you sit and wait

Us PenTesters, we never hesitate

Then I notice the results and it burns

My stomach drop and my guts churn

You shrug and it’s the worst

Who truly stuck the knife in first

I used open source

Like I knew I would

I told you It was trouble

Open Source ain’t so good

I cheated my app

Like I knew I would

I told you It was trouble

Yeah, Open Source ain’t so good

And here is a previous parody I released, last month.

.

Just Release It Anyway

Sung to Backstreet Boy’s “I want it that way”

“Just Release It Anyway”

Lyrics

Yeah

You are, setting fires

In my, applications

Believe when I say

I don’t want it that way

Your app, is falling apart

Security isn’t in your heart

When you say

Release it anyway

Tell me why You didn’t fix the bugs I found

Tell me why You Ignored the PenTest result

Tell me why I never wanna hear you say

Release it anyway

Am I your advisor?

Your one security hire

Yes, I know it’s too late

‘Cause you released it anyway

Tell me why You didn’t fix the bugs I found

Tell me why You Ignored the PenTest report

Tell me why I never wanna hear you say

Release it anyway

Our security program has fallen apart From the way we know it should be, yeah

No matter the software I want you to know It’s safety matters to meeeeeeeeeee

You are, setting fires

In my, applications

Believe when I say I don’t want it that way

Ain’t nothin’ but a heartache

Ain’t nothin’ but a mistake (don’t wanna hear you say)

I never wanna hear you say (oh, yeah)

Just release it anyway

Tell me why

Ain’t nothin’ but a heartache

Tell me why

Ain’t nothing but a mistake

Tell me why I never want to hear you say (never wanna hear you say)

Release it anyway

Tell me why

Ain’t nothin’ but a heartache

Ain’t nothin’ but a mistake

Tell me why I never want to hear you say (don’t want to hear you say)

Just Release it anyway

‘Cause I don’t want it that way

1 comment

  1. I had a colleague (now long retired) who used to refer to “open source” as “open sores”. Maybe you should change a few of your lyrics to “open sores” for this parody. Just sayin’, I think it would fit well here.

Leave a Reply to Kevin W. Wall Cancel reply

%d bloggers like this: