Re: Security on 11g
- From: "Niall Litchfield" <niall.litchfield@xxxxxxxxx>
- To: alever@xxxxxxxxx
- Date: Fri, 7 Sep 2007 21:11:34 +0100
Hi
I didn't especially like the report - during an interview at a
conference Alex used the word stupid to describe programming errors
made by some Oracle programmers whilst saying that the company had
made "big progress" with 11g. The reporter went with the "stupid"
story not the "Oracle security expert and critic says Oracle have made
big progress" story they could also have written on the same quote.
It is worth saying that a large percentage of the security
vulnerabilities fixed in already available CPU patches - so likely in
your installation for example - are the direct result of Alex's work
(and others like him) - check the credits. Worth remembering if
describing him as in some way subversive.
It's fair to say that I wouldn't have used the word stupid, and it's
certainly the case that i wouldn't speculate on the competence or
otherwise of a third party (like Oracle)'s programmers, but the fact
is that well motivated security consultants can do a useful job in
helping software companies improve security.
Niall
On 9/7/07, Alessandro Vercelli <alever@xxxxxxxxx> wrote:
> Hi everybody,
> while "surfing", I noticed the following:
>
> http://tinyurl.com/338fhx
>
> I'm absolutely not a security expert on oracle products, but I'm sure that
> some people uses a destructive criticism to blame instead of giving a better
> solution....
>
> Maybe this people are interested fans of a competing database.
>
> Alessandro
>
>
> ------------------------------------------------------
> Leggi GRATIS le tue mail con il telefonino i-mode™ di Wind
> http://i-mode.wind.it/
>
> --
> //www.freelists.org/webpage/oracle-l
>
>
>
--
Niall Litchfield
Oracle DBA
http://www.orawin.info
--
//www.freelists.org/webpage/oracle-l
Other related posts:
