[News] Oracle Code = Swiss Cheese (No Eyeballs on Code)

Home	Messages Index

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index

[News] Oracle Code = Swiss Cheese (No Eyeballs on Code)

Subject: [News] Oracle Code = Swiss Cheese (No Eyeballs on Code)
From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
Date: Tue, 05 Dec 2006 08:13:31 +0000
Newsgroups: comp.os.linux.advocacy
Organization: schestowitz.com / Netscape
Reply-to: newsgroups@xxxxxxxxxxxxxxx
User-agent: KNode/0.7.2

Oracle Responds To Information Security Critics

,----[ Quote ]
| "We acknowledge all of the vulnerabilities at the time of the issuance
| of the appropriate fix and we credit security researchers for any
| vulnerability they discovered in the Critical Patch Update
| documentation," he said. "However, we do not credit security
| researchers who disclose the existence of vulnerabilities before
| a fix is available. We consider such practices, including disclosing
| zero-day exploits, to be irresponsible as they can result in
| needlessly exposing customers to risk of attack." 
`----

http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20061204OracleRespondsToInformationSecurityCritics.html
http://tinyurl.com/ykml9f

That ought to abolish the myths which say Open Source databases are not
secure. They are merely more exposed to review, which gets flaws immediately
fixed.

Related:

The Week of Oracle Database Bugs

,----[ Quote ]
| Based on the great idea of H D Moore  "Month of Browser Bugs" and LMH
| "Month of Kernel Bugs", we are proud to announce that we are starting
| on December the "Week of Oracle Database Bugs" (WoODB).
|
| What is the WoODB about?
|
| An Oracle Database 0day will be released every day for a week
| on December.
`----

http://www.argeniss.com/woodb.html 


Software vulnerabilities higher than last year already

,----[ Quote ]
| The number of new software security vulnerabilities identified by
| security experts, hackers and others during the first eight months
| of this year has already exceeded the total recorded for all of 2005,
| according to Internet Security Systems.
`----

http://www.linuxworld.com.au/index.php?id=116770232&rid=-50

>From the article, it's apparent that Microsoft suffers from many security
holes. Linux is barely even there (probably some local DDOS issues).

January:  Oracle (89); Microsoft (12); BEA Systems (12); IBM Lotus (11); ...

February: Microsoft (29); Linux kernel (14); Mozilla (12); IBM (11); myBB (9)

March:    Microsoft (18); Linux kernel (14); Mac OS X (14); Mantis (6) ...

April:    Oracle (36); Ethereal (27); Mozilla (26); Microsoft (20); Apple (9)

May:      Apple (32); Microsoft (13); BEA (11); Linux kernel (10); IBM (9)

June:     Microsoft (27); Mozilla (13); Cisco (10); Particle Soft (9); ...

July:     Oracle (65); Microsoft (55); Mozilla (14); Cisco (9); OpenCMS (9)

August:   Microsoft (32); Informix (16); Mac OS (16); IBM (8); JetBox CMS (8)

Follow-Ups:
- Re: [News] Oracle Code = Swiss Cheese (No Eyeballs on Code)
  - From: BearItAll

[Date Prev]	[Date Next]	[Thread Prev]	[Thread Next]

Author Index	Date Index	Thread Index