Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: "Paul Drake" <bdbafh@xxxxxxxxx>
- To: niall.litchfield@xxxxxxxxx
- Date: Wed, 31 May 2006 16:26:10 -0400
On 5/31/06, Niall Litchfield <niall.litchfield@xxxxxxxxx> wrote:
On 5/30/06, Mogens Nørrgaard <mln@xxxxxxxxxxxx> wrote:
> Yo Mladen,
>
> So what is this now? I'm sitting here in Anjo Kolk's living room with
> one (just one!) whisky (40 years old) and one (just one) good beer, and then
> suddenly I'm unable to drink, because I see the most bitter, twisted and old
> man in the community not being able to accept when someone else than himself
> - or me - is making a joke?
>
The quote as reported, rather than as delivered, and from people who don't
know Mary-Ann but do know the public pronouncements by both her and David
Litchfield doesn't sound like a joke. Doesn't mean it wasn't one or that she
is stupid, just that understanding humour third hand without knowing the
person doesn't work well. It also doesn't necessarily indicate bad
journalism - its a good quote after all.
As to the substance, I happen to think that both David and Mary-Ann are
right, Oracle do need to improve internally, particularly on their
response to newly discovered bugs (since bugs will always happen) and yes
they can learn from Microsoft here; equally the prevalent culture of install
everything, run everything with maximum rights, don't apply patches and lock
down after the event needs to change. Security is a two way street and from
where I stand neither we as customers "it's all Oracle's fault" nor our
suppliers "it's all the fault of one or two individuals" are very good at
it.
--
Niall Litchfield
Oracle DBA
http://www.orawin.info
This one is going to get even better: (Thanks, Pete)
-----------------------------------------------------------------------------------------------------------------------
http://www.networkworld.com/news/2006/052506-w3c-oracles-davidson-coding.html
Oracle's security chief lambastes faulty coding
By Jeremy Kirk, IDG News Service, 05/25/06
Mary Ann Davidson, chief security officer for database giant Oracle,
remembers the first time she heard her company's marketing scheme that
advertised its database products as "unbreakable."
"I think my response was 'What idiot dreamed this up?," Davidson said
Thursday at the W3C conference in Edinburgh, Scotland.
...
"We use our own dumb-ass mistakes as examples," Davidson said. "Because if
you don't do that, developers think this is an academic argument."
-----------------------------------------------------------------------------------------------------------------------
Methinks that this won't get thru all of the corporate firewalls ...
Enjoy. I hope this isn't a repost.
Paul
- References:
- Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Schultz, Charles
- RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Mercadante, Thomas F \(LABOR\)
- Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Mladen Gogala
- Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Mogens Nørrgaard
- Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Niall Litchfield
Other related posts:
- » Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- » Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
On 5/30/06, Mogens Nørrgaard <mln@xxxxxxxxxxxx> wrote:
> Yo Mladen, > > So what is this now? I'm sitting here in Anjo Kolk's living room with > one (just one!) whisky (40 years old) and one (just one) good beer, and then > suddenly I'm unable to drink, because I see the most bitter, twisted and old > man in the community not being able to accept when someone else than himself > - or me - is making a joke? >
The quote as reported, rather than as delivered, and from people who don't know Mary-Ann but do know the public pronouncements by both her and David Litchfield doesn't sound like a joke. Doesn't mean it wasn't one or that she is stupid, just that understanding humour third hand without knowing the person doesn't work well. It also doesn't necessarily indicate bad journalism - its a good quote after all.
As to the substance, I happen to think that both David and Mary-Ann are right, Oracle do need to improve internally, particularly on their response to newly discovered bugs (since bugs will always happen) and yes they can learn from Microsoft here; equally the prevalent culture of install everything, run everything with maximum rights, don't apply patches and lock down after the event needs to change. Security is a two way street and from where I stand neither we as customers "it's all Oracle's fault" nor our suppliers "it's all the fault of one or two individuals" are very good at it.
-- Niall Litchfield Oracle DBA http://www.orawin.info
- Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Schultz, Charles
- RE: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Mercadante, Thomas F \(LABOR\)
- Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Mladen Gogala
- Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Mogens Nørrgaard
- Re: Oracle's relationships with expert DBAs (and the rest of us mere mortals)
- From: Niall Litchfield