<<< Date Index >>>     <<< Thread Index >>>

Re: Opinion: Complete failure of Oracle security response and utter neglect of their responsibility to their customers



Not that I disagree with your sentiment or what you are saying, we all know about the lacking security practices, secure development practices and decent security response by *many* vendors.

Some of these vendors critical to the infrastructure far more than Oracle.

With all due respect to your wishes and intent, a research on different vendors, showing what vendor responds to threats, after how long and how effectively plus how many security issues appear with each would have made sense to me. Showing the Good and thus flushing the Bad without dissing anyone. Pure facts. Attacking one vendor may make sense in some cases.. yes, again, attacking one vendor in public in *this* *fashion* may be long over-due, but it also seems to me to be rather.. in poor taste? Especially coming out of the blue with no past public statements.

I sympathize with your concerns and I am known to be FAR from a person who doesn't voice his opinions - and loudly, but it only makes me wonder why now, why them and why here.

Now, I am not an Oracle advocate - far from it, but your subject line says it all, and makes me look-down on your post automatically, which is a shame: "Complete failure of Oracle security response and utter neglect of their responsibility to their customers"

Complete? Failure? Utter neglect? You better have some liability coverage. Adding "opinion" there might not be good enough, right or wrong.

Thanks for your time,

        Gadi Evron.

--
My blog: http://blogs.securiteam.com/?author=6

"The third principle of sentient life is the capacity for self-sacrifice --- the conscious ability to override evolution and self-preservation for a cause, a friend, a loved one."
        -- Draal, "A Voice in the Wilderness", Babylon 5.